In this guide, we will show you a nifty workaround that might help you permanently delete/remove the Google Chrome ‘Properties’ malware extension. The browser from the Silicon Valley giant hardly needs an introduction or two of any sort. Beholding all the required features and its deep integration into the Google ecosystem are just some of the reasons why it has been the go-to choice for many users.
With that said, the browser seems to be having quite a rough time in dealing with security issues. Recently, it was bugged with the Chromeloader and Kristinaful malware, and now another one has already made its way. As of now, various users have voiced their concern that the browser has been infected with the Properties Malware extension. Here are all the malicious activities that it tends to perform-
Google Chrome ‘Properties’ Malware Extension: What It Does
- This malware crashes the browser every couple of minutes.
- It creates a Chrome_pref or Chrome_settings folder in the Appdata > Local directory. The contents are a Javascript file named background, a JSON file named manifest, and a PNG file named properties.
- Apart from this, the malware redirects all the search requests to Bing.
- What’s even more intriguing is the fact that it even blocks the Malwarebytes and adblockers extensions.
- After every couple of minutes, it will perform a check in the Chrome_settings folder and check if all the three files [background, manifest, and properties] are present or not. If it is not there, then it will create them right away.
- There’s no point in manually deleting the Chrome_pref file or the extension, or removing the extension from the browser, as it will reinstall itself and re-create the Chrome_pref file.
- What is even more interesting is the fact that it creates these folders/files having a time stamp of 4 hours in the future. For example, if it is 1 PM currently, then the folders and files that it creates will have a time of 5 PM. So it tends to buy a buffer period of 4 hours beforehand!
All in all, the creators of this malicious extension have definitely put in some effort and a lot of brain-time seems to be involved as well. But they ended up leaving one loophole and that is what we will be exploiting right now. So without any further ado, let’s get started with the steps to permanently delete/remove the Google Chrome ‘Properties’ malware extension.
Google Chrome ‘Properties’ Malware Extension: How to Remove/Delete It
As mentioned before, the malware checks if all the three files are present in the Chrome_settings folded or not. If it is not there, then it will create them straightaway. So deleting is not an option. What you could instead do is create three new files having the same names that the Chrome_settings folder has and then replace it with them.
Since the malware only performs a name check and not the content check, it will not verify what’s inside the files that you have created but would only see that all the three files with the required names are present in that directory and hence it wouldn’t create new ones. On that note, let’s put this tweak to the test and check out the results.
- Create a new text file on your desktop, open it and select File > Save As.
- Then change the Save as type to All Files. Then name the file background.js and hit Save.
- Again, create a new text file and this time, name it manifest.json and hit Save.
- After that, pick up any random image PNG file and rename it to properties.
- Now bring up the File Explorer via Windows+E shortcut keys.
- Then head over to the below location [replace UserName accordingly]
C:\Users\UserName\AppData\Local
- Then go to the Chrome_pref or Chrome_settings folder [whichever is present in your case].
- Now copy all those three files from your desktop [background.js, manifest.json, and properties.png] and paste them into this directory.
- It will ask whether you wish to replace them with the existing files, reply YES.
[NOTE: The below steps 10 to 15 might not be applicable for every users]
- Once that is done, bring up the Task Manager via Ctrl+Shift+Esc shortcut keys.
- Then go to the Startup tab and you should find a program named Bloom [make sure Chrome is open].
- Right-click on it and select Open File Location. Then delete it from its directory.
Reference Image - Likewise, go to the below location and delete the Bloom file from there as well [if present].
C:\Users\UserName\AppData\Local
- Inside that folder, you would also see the chrome_configurations folder.
- Go there and you should find the Properties Extension, delete it right away.
- Now bring up Windows Security from the Start Menu.
- Then go to Virus and Threat Protection > Scan Options and select Full Scan.
- Now click on Scan Now and wait for the process to complete [it will take time].
- Once done, it will bring up all the files that were infected with this extension, make sure to quarantine/remove them right away.
That’s it. These were the steps to delete/remove the Google Chrome ‘Properties’ malware extension. While this malware is present for [at least] the past three months, but as far as the official stance on this matter is concerned, the developers are yet to acknowledge this issue, let alone give out any ETA for the rollout of a fix. As and when any of these two things happen, we will update this guide accordingly. In the meantime, the aforementioned workarounds are your best bet.
