<i>and renaming the folder where extensions are stored—none of them worked.</i><p>Then where is it actually installed? Unless it's doing something really rootkit-y (unlikely given that AFAIK Chrome's extensions are just JS), monitoring file accesses would probably be sufficient to determine where it is and how to remove it. Unfortunately, I think this researcher just didn't really try hard enough...<p><i>Removing the extension proved so difficult that he ultimately advised users to run the free version of Malwarebytes and let it automatically remove the add-on.</i><p>...of course, what better than to sneak in an advert for their product!<p><i>As Malwarebytes explained in late 2016, the forced install trick uses JavaScript to provide a dialog box that says visitors must install the extension before they can leave the page. Clicking cancel or closing the tab produces an unending series of variations on that message.</i><p>IMHO this is a sign that JS running on a page has been given too much power (and the reason I only let JS run on a whitelist.)<p>The other thing I find slightly off is that there's been plenty of mention of how Chrome's extension API is nowhere near as powerful as what the old Firefox extensions could do, and it's a more walled garden, yet things like this are still reported.
Is it not possible to right click the extension in chrome://apps or the button in the toolbar and select "Remove from Chrome..."?<p>I previously had Stayfocusd and I blocked myself from uninstalling the extension (as a test) by blocking chrome://extensions, but then found a loophole using the method above.<p>Edit: Confirmed. What this article talks about is a total non-issue. All extensions can be removed by right-clicking their toolbar button (btw they HAVE to have a button) and selecting "Remove from Chrome."
I am not sure if a 'pro' version of Windows is required, but I've found adding a 'Deny: Everyone' to NTFS permissions on required files comes in handy in situations like this.
Not to defend Google, but I am sure there are alot of false malicious reports for many apps.<p>From competitors, trolls, and just random idiots...<p>I wonder if they flag it for review after X reports in Y time frame.<p>I wouldn't expect immediate action, but 19 days is a bit much.<p>it does look pretty bad towards the end, that you can specify any site as the extensions website to make it look more official.<p>What I don't understand is if they started chrome in another mode passing the executable arguments that should have disabled said extensions, how was it still redirecting the extensions management page?
Breathless reporting about impossibilities should be reconsidered.<p>It’s not impossible to uninstall chrome and re-install it under a different path, and create an alternate OS user account on the same laptop or desktop, and log into that to effectively reset Chrome to its default state in a non-disruptive manner.<p>The unfortunate fact, however is that most people simply won’t do that because it’s too inconvenient, or users of a particular machine have been subjugated by system administrator overlords, as part of an organizational policy, and lack admin privileges to migrate to a fresh user account in part or in whole.<p>People also often tend to use the admin account unhygienically. Which is not actually much of a sin, as long as you enter into those activities with the mindset of anticipating a full reinstall at the operating system level.<p>...which of course won’t even kill the firmware implants that advanced persistent threats have dropped into your peripherals, via intel extensions commissioned by the NSA.