While the second workaround will not completely remove the virus, it will stop the malware from reinstalling the extension for now. there may be other folders in your appdata local called things like “Chrome_tools” Nuke em too.Īnother user suggested deleting the Chrome_pref file and creating a text file and changing the file and extension to the same name.
Terminate the entire tree and relaunch chrome, the properties extension will be temporarily gone, From there open your Filesįind a folder in their called “Bloom” Nuke that. If you have the properties malware thing active you’ll find a bunch of chrome tabs in a tree with both CMD and Powershell.
I use an interesting bit of software called “Processhacker” which I am not promoting or suggesting you use (wink).
The first workaround requires users to download and install ProcessHacker, a software similar to Windows Task Manager.Īfter opening ProcessHacker, try force terminating the tree of Chrome tabs and relaunch the browser, remove the ‘Properties’ extension and delete the associated files from local app data folder. Thankfully, we came across a couple of workarounds that might help those infected by the Chrome Properties extension malware. I found that the virus is a chrome extension called Properties and has a folder called “chrome_pref” in my appdata>local. This has made my chrome basically unusable. The virus only affects my chrome browser that i know of and basically all it does is redirect my searches to Bing and also randomly restarts my chrome browser very often. So yesterday i randomly got a virus, i didnt click on any sus links or anything and upon researching this virus i found that a couple of people also got this virus in the past few days. Along with that it seems to creat a file in my Appdata>Local folder named Chrome_settings with its contents being a Javascript file named background, a JSON file named manifest and a PNG file named properties. Once i open chrome i only have a few short seconds before the restart to go to the extentions tab before it completely blocks me from opening that. Click/tap to enlarge image ( Source)įor the past few days my google chrome has been closing itself and reopening, and in doing so it has been adding a random properties extention to it and changing search engines to Bing. You can see in the image below what the Google Chrome Properties extension malware looks like. Some say security extensions like MalwareBytes and adblockers are also disabled by the virus. Many have tried deleting the Chrome_pref file in the local app data folder and removing the Properties extension causing the problem but the malware seems to be reinstalling itself regardless. Apart from this, the malware redirects search requests to Bing.
While it is still unclear how it is infecting machines, it could be related to the ChromeLoader malware that uses Powershell to inject itself into the browser.Īccording to Chrome users, the Properties extension malware is causing the browser to crash every few seconds and is creating a Chrome_pref file in the Windows local app data folder. Users say the virus is limited to Chrome and affects certain functionalities ( 1, 2, 3). Unfortunately, some Chrome users seem to be affected by a malicious browser extension called ‘Properties’. However, the browser is far from perfect with users reporting security exploits every now and then. According to Statcounter, Chrome had a browser share of somewhere around 65% in April of 2022.ĭeveloped by Google, it uses the Blink engine and is the main component of the company’s Chrome OS. Google Chrome is the most popular and widely used browser on the planet. Original story (published on May 31, 2022) follows: New updates are being added at the bottom of this story…….