Browser redirecting, anti virus being turned , no internet

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Nexus_, Dec 26, 2014.

  1. Nexus_

    Nexus_ Staff Sergeant

    Had a friend come over for a couple of days and mentioned his pc computer wasn't working great and if i could take a look at it and fix it.

    Well first thing i notice is that the browser is being redirected to something called ''taplika''.com

    Then i noticed and some things were changed in the browser settings as well as some things in the registry.

    So i ran some scans both on safe and normal mode and the first set of scans found a decent amount of things.

    I proceded to remove and quarantine and then ran like 3 additional scans on safe mode until everything came clean.I even searched for the folders in the registry and deleted the ones that i saw were relating to the weird toolbar and other random installers.

    Also in msconfig, i see 2 programs that have no info being enabled upon the computer starting. It has no info on the program is just has a blank file icon and says ''program''. I disabled both of these on start up but they seem to turn on someones on their own again. Since i did all the scans i disabled and disconnected from internet. I did however connect to the net again after all the scans came clear only to still see the browsers redirecting to taplika
     

    Attached Files:

    Nexus_, Dec 26, 2014
    #1
  2. Nexus_

    Nexus_ Staff Sergeant

    Here are some of the roguekiller log

    I couldn't get the superantispyware log as it said i didn't have any stored however i did manage to take a screenshot of the things it quarantined which it found in the scan
     

    Attached Files:

    Nexus_, Dec 26, 2014
    #2
  3. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    If you want us to check your system for malware, please follow these instructions:

    READ & RUN ME FIRST. Malware Removal Guide

    In the meantime, rerun RogueKiller and fix these items:
    Code:
    ¤¤¤ Registry Entries : 9 ¤¤¤[
 [TASK][SUSP PATH] WSE_Taplika.job : C:\Users\rflores2\AppData\Roaming\WSE_Taplika\UpdateProc\UpdateTask.exe /Check [-] -> FOUND
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (hxxp=127.0.0.1:49277;hxxps=127.0.0.1:49277) -> FOUND
[PROXY IE] HKCU\[...]\Internet Settings : ProxyEnable (1) -> FOUND
    When you return, attach the requested logs along with a new RogueKiller log.
     
    TimW, Dec 26, 2014
    #3

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds