If you’re facing issues removing an extension in Google Chrome or Microsoft Edge, it might be due to a Trojan malware infection.

On August 6, Reason Labs, a cybersecurity firm, reported a new malware campaign that has impacted more than 300,000 users across Chrome and Edge. This campaign uses a multi-stage attack, initially stemming from malicious advertising (malvertising). These deceptive ads lead users to fake download pages for popular software like Roblox FPS Unlocker, YouTube, VLC media player, Steam, and KeePass. When users click ‘Download’ on these sites, they unwittingly install a Trojan—a malware disguised as legitimate software.

^{The Trojan’s Capabilities and Risks}

Once installed, this Trojan malware can:

• Install additional malicious extensions on Chrome and Edge.
• Block browser updates.
• Increase vulnerability to future attacks.
• Steal personal and private data.

Reason Labs has informed Google and Microsoft about this issue, and both companies are taking steps to address it.

^{How to Detect and Remove the Malware}

Identifying Infected Devices:

1. Check Installed Extensions: Review your installed extensions in Chrome and Edge. Look for any you did not install, such as “Micro Search” or “yglSearch” in Chrome, or “Simple New Tab” in Edge, which could indicate infection.
2. Persistence Mechanisms: The malware uses mechanisms to reinstall itself even after deletion. Therefore, removing the extension alone is not enough.

Steps for Complete Removal:

• Remove Scheduled Tasks: Delete any scheduled tasks related to the malware.
• Edit Registry Keys: Remove associated registry keys.
• Delete Malware Files: Ensure all malware files are removed from your system.

Reason Labs provides detailed instructions for each step of the removal process. If you are not comfortable with editing your computer’s Registry Editor, it’s advisable to seek help from a knowledgeable friend or professional.

By following these steps, you can eliminate the Trojan malware and secure your device for a safer browsing experience.