Last night, after I had settled down after work and was watching a stream to unwind, there was a power outage in my neighborhood. No huge deal - It lasted 30 minutes, and my UPS allowed me to shut down my computer gracefully beforehand.

But when I powered the desktop back on, I noticed something strange.

A program I had never seen before was running. Something called BingChatInstaller.exe

VirusTotal gave a clean bill to this executable - But something was weird about the results. While zero engines detected it as malicious, the community score was terribly negative, and comments were calling it malware.

That struck me as strange, becusse this executable was signed by Microsoft. But on the other hand, I hadn't updated windows recently, and the update history didn't show anything new being installed, either. So whatever this was, how'd it get there suddenly? It sure wasn't there when I booted earlier in the evening.

So I did a bit of digging, and I found out what it was. It took a lot of effort - Most everything I could initially find about BingChatInstaller.exe was related to the conversation "What the hell is this, and is it malware?", rather than a deep explanation.

Eventually I did find an answer - Both BingChatInstaller.exe and an associated BCILauncher.exe are programs silently installed by Microsoft without your knowledge or approval, in order to deploy a Chrome Extension without your consent.

And what does the extension do?

It forces a popup in Chrome that tries to bilk you to use Bing as your default search engine.

Oh yeah, and it's pushing Chat GPT at the same time.

Fuck off, Microsoft. This is my computer, and your bullshit is why I haven't moved to Windows 11. In fact, this makes me want to ensure my next OS is Linux.

As an epilogue, it's easy enough to delete these files and kill the startup call that launches them. But if you advertising approach involves a technique that most people are discussing in the context of "Is this malware?", you fucked up.