Trojan.ForcedExtension.ChrPRST
ThreatDown is now the name of the Malwarebytes line of business products. References to Malwarebytes below reflect the amazing technology used to first identify the threat.
Short bio
Trojan.ForcedExtension.ChrPRST is Malwarebytes’ detection name for a Chrome extension called Cookies On-Off.
Type of infection
Trojan.ForcedExtension.ChrPRST was forced upon visitors of certain compromised sites. The extension is protected against removal by a Chrome policy.
Malicious behavior
Trojan.ForcedExtension.ChrPRST shows advertisements in new tabs and pop-unders each time the user opens a new tab or visits a new site. Some of these advertisements will lead to additional PUPsand malware.
Protection
Trojan.ForcedExtension.ChrPRST is a “removal only” detection. Malwarebytes protects against Trojan.ForcedExtension.ChrPRST by blocking the sites that push this extension.
Business remediation
How to remove Trojan.ForcedExtension.ChrPRST with the Malwarebytes Nebula console
You can use the Malwarebytes Anti-Malware Nebula console to scan endpoints.
Nebula endpoint tasks menu
Choose the Scan + Quarantine option. Afterwards you can check the Detections pageto see which threats were found.
Home remediation
Malwarebytes can detect and remove Trojan.ForcedExtension.ChrPRST without further user interaction.