hi Cuyler, thank you so much for your reply, i really appreciate the advice and help.
for this malware extension, the extensions permissions only consisted of "site access", which was set to "allow this extension to read and change all your data on websites you visit" set to "on all sites". there were no other permission settings for this extension. i took a screen shot before removing it. allow in incognito and allow access to file URLs was turned off.
changing passwords i can deal with, but the most important question i have is: would it be possible for this extension to have seen what was on my MacOS clipboard, any text that i had copied to it, and have gotten that? or if i copied a file in MacOS, then pasted it/or didn't paste it, would this extension have been able to get that file? right now that is my most important concern. do you know the answer to that question?
there was no "history" or "cookies" setting in permissions. i read that extensions are in a sandbox, so my question is, based on the settings i had, would this extension have been able to:
1] access my username/passwords for any website that i logged into? either typing the username/password in manually OR chrome autofilling the username/password, which has the password *** censored. could it see the censored version from autofill? or when you go into settings in chrome and view your passwords?
2] access any information that i would have typed into forms or anywhere else in the web browser (address bar/url entry).
3] see what sites i visited: my history or the current site i am on
4] access cookies (i'm not sure what http only cookies are?). as i said there was no cookies setting in permissions.
5] access the shell or filesystem on MacOS or access any data outside of the chrome application.
6] access any data in other chrome extensions.
7] access what was on the MacOS clipboard (text or a file) and see that data and get it.
currently the extensions i am using are AdBlock, disable HTML5 autoplay, DuckDuckGo Privacy Essentials, Ghostery, GoFullPage screen capture, Google Docs Offline, Google Mail Checker, MetaMask, Privacy Badger, and uBlock Origin. do you have any suggestions about which would be unsafe?
now i'm wondering if that malware extension would have been able to see into MetaMask, as when you put in your seed phrase after installation it opens a browser window called chrome-extension://...home.html#restorevault, where you enter your recovery phrase and create a password for the extension. do you have any idea about this?
once again, i sincerely thank you for your time and help. almost every issue i can deal with, but if it had access to my MacOS clipboard and any text on it, or files i was copying/pasting in the filesystem, that would just be a disaster.