I'm running windows 7 and use Firefox for my browser.
After recently downloading one of either Malwarebytes, Spybot, Adwcleaner or hitman pro believe it or not, AVG somehow hijacked my browser. Whenever opening a new tab, AVG SEARCH appears. learned later that when you download things from on trusted sites they may inbed this PUP.
I tried looking online for a solution. The common involved resetting firefox browser, then running Hitman Pro, AdwCleaner, then running Malwarebytes etc. And, after all of that AVG SEARCH was still there.
Here's how I got rid of it finally after a couple of days:
Reset Firefox browser by:
1) Hit button top right of browser that looking like 3 horizontal lines
2) Hit question mark at bottom of next screen (help button)
3) select trouble shooting information
4)refresh firefox select
Restart Computer in Safe Mode.
1)I'm running a lenovo, so after restart there is an initial bios boot, and just after it finishes and windows is about to start hit function key F8 repeatedly. With whatever appears, choose "safe mode" only, not command prompt or the other option.
2)Once windows starts up, start windows explorer.
3)search for AVG
4)I found hundreds of AVG temp folders and file folders and I don't have avg security on my computer. I deleted all of them. In APPDATA I had a folder for AVG and this is a must delete. Be careful because after searching for avg you will have some file names that may be avgbtost or something like it with avg and a bunch of characters. You must be certain it is an AVG security item before deleting it. and these were typically all in folders saying "AVG Toolbar" or "AVG Security" or "AVG tools". I deleted them all. if you're not sure google the name.
Go to the START menu and enter REGEDIT into the command line:
(Playing with the registry can be dangerous) so you better be careful and sure you want to delete whatever you are deleting)
I believe AVG developed some program that is reinstalling at the root level even after it's removed so this is why I believe you have to go into the registry.
Do a search for avg.
I just about deleted everything with AVG in it. Sometimes when you are not sure, right click the item and select modify. if I saw anything that said avg secure or avg security I deleted it.
In one attempt at deleting items in the registry under HKEY_LOCAL_MACHINE/SOFTWARE/WOW6432Node/Windows/CurrentVersion/InternetSettings/Zonemap/Domains , they would reappear when I went back to the registry to look for it after I deleted it. I tried this several times and found the solution. In this situation you have to go into the permission (right click) and dissallow the ability for Special Permissons control from the Creator Owner. Only when I did this, did it stop reappearing in the registry.
When I started my computer, after 3 days of trying to rid myself of this, everything was fine.
I may not have followed protocal in posting this, but hopefully it helps someone.
Warning. Messing around in the registry can be dangerous, don't delete it if you are not sure. If there is a file name your not sure of, google it to see if it is indeed from AVG, for instance I had a file name avgtbx64 or something like it that I wasn't sure of and it was in the system drivers and created by AVG. i left it alone with the intent of going back to delete it if secure search still persisted.
Edited by hamluis, 13 March 2015 - 06:45 PM.
Moved from MRL to Am I Infected - Hamluis.