Default Extension, google chrome keeps coming back..

[ComputerRepairTech]

Normally this is part of a virus or rootkit but I can find nothing remaining in the system. One thing different about this case is that customer won't let me uninstall AVG.

Reluctantly...I ran combofix and having difficulty reconnecting with the customer. Customer stats IE is now blank, no address bar or tabs.

Still working on it. Any ideas?

They can open google chrome but when trying to download a file said something about permissions.

Edit: im back in, but had to go with safe mode with networking, ill figure this out eventually just wanted to see if you guys has run into this one.

Edit2: great..i clicked uninstall combofix in d7 and it runs combofix instead and now im disconnected again.

Edit3: the default extension keeps coming back even in safe mode

 

[Xander]

Have you tried ADWcleaner? (It will reboot you)

 

[ComputerRepairTech]

nope, ill give that a try next

 

[ComputerRepairTech]

i uninstalled google chrome, cleared out the appdata\local google directory and reinstalled chrome and its not coming back anymore. I wonder how it kept coming back ill have to keep digging.

edit: wasnt able to determine method.

Edit2: customer called me back hours later and said IE was blank again and that avast detected a virus and did a boot scan...I see the boot scan...virus logs are empty. Nothing is getting picked up.

 

[sapikest]

have you tried malwarebytes and spybot? also you might give it a shot with superanti spyware, ask customer to drop off to you it gets frustrating with all the restart

 

[bertie40]

When chrome was installed, did you delete the user profile ? Reset it ?
Maybe a residual leftover from that.

 

[ComputerRepairTech]

The only thing i found on this system was a stupid eicar test file I forgot I had made to test avg because avg was badly broken.

I have no idea what blanks out her IE i told her to call me when it happens again...I wonder if her internet just went or something temporarily.