Situation: Dell Inspiron 15 running Windows 10 Home 1903, using Chrome 79.0.3495.117. This is my wife's laptop, and she mainly uses it for online shopping and looking at Youtube videos.
Last week, she ordered something online to be shipped via Fedex. We got a voice mail at home saying that the delivery was signature required, and leaving a tracking number. Since there is no one home during the day, it was impossible for us to be there to sign for it. So she went online with the tracking number, to change the delivery options so that it could be left without a signature.
Somehow, she got directed (maybe via a sponsored link in a Google search) to Easypackagetracker.net. Apparently they tricked her into downloading something -- I don't know what, because I was not around at the time. Now her computer continuously displays an easypackagetracker.org ad pop-up in the lower right corner of the screen. It cannot be closed or move, and it appears over the top of everything else, including the tray menu. It seems to download a new one every half hour or so, and it issues a notification tone every time it does it.
When I run a Malware bytes scan, it finds nothing. Programs and Features does not reveal anything suspicious, nor does the Chrome extension list (the only thing installed, other than Google extensions, is Adblock Plus). Running a scan sometimes makes the ad pop-up go away, but it returns in a half hour or so. Stopping Chrome has no effect. When a new ad pops up, Malwarebytes says it blocked access to easypackagetracker.org, but the malware seems to be able to access it anyway, since it keeps popping up new ads.
Any ideas of what I am looking at? The browser isn't doing search redirects or anything like that, and there are no unexpected toolbars, so it doesn't look like a typical browser hijack.