Removing Taplika from IE

[SylverrFoxx]

Can anyone help me with Taplika removal on Windows 10? I run Iobit Malware Fighter Pro and Advanced Systemcare Ultimate and have had no issues until now. I had recently upgraded to Windows 10 and a few days later , I was hit with the Taplika virus. I ran full scans with both programs and deleted what was shown. I Installed the Pro trial for Avast as well and it found around 20 entries for it and deleted them all, but it still persists. All of these scans were done in Safe Mode as well as a normal boot.

This virus prevents IMW from running it's scan, it gets stuck on initializing. I also get a message from windows saying it is turned off, when it isn't. It also stalls the install for any new AV programs, such as Adaware. It stops the install from even happening. uTorrent also stalls for me now and won't connect to any peers. This just started right after I found the virus the first time.

I tried deleting every entry in the registry with Taplika in it, but it just keeps readding them back. It's affecting many different parts of my PC now. It disabled all of my chrome addons and installed random shopping plugins. I managed to delete them, but my extensions are still broken. A chrome reinstall does nothing. I can't even install new apps or extensions, I get a network error now. I deleted all traces of Taplika from Chrome, but the issue still persists.

I don't use Internet Explorer, ever. But it seems to be my main issue. All of the registry entries point to IE. I removed every trace of it besides the search. The option to remove in IE is greyed out and can't be selected.

Are there any programs that can find and delete Taplika? I know all of the "Taplika Removal Tools" and such are all bogus. I'm not stupid enough to trust random downloads from seedy blogs on google. So I turn to the professionals haha. I used to use ComboFix in a situation like this, but alas, it does not work on Windows 10. Any help is much appreciated here.

 

[SylverrFoxx]

My HijackThis log is as follows:

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 5:08:48 PM, on 8/22/2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)

FIREFOX: 40.0.2 (x86 en-US)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Linksys AE6000\WPS_Mon.exe
C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\Monitor.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASCTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
C:\WINDOWS\SysWOW64\DllHost.exe
C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\Installer\setup.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\BrowserCleaner.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Justin\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http/taplika.com/?f=1&a=tpl_otbrw1_15_11&cd=2XzuyEtN2Y1L1Qzu0AyEtC0FyBtB0F0E0CzyzzyEzytAtD0EtN0D0Tzu0StCtCyCzztN1L2XzutAtFzztFtAtFtCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StDzyyEyC0CzyyD0AtGzy0AtCtDtG0B0CtAtDtGzyyC0EyDtGyCzy0BtA0C0AtA0FtAyD0AtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByDtAtC0Dzy0FtAtGzztCyCtDtGyEtBzzyEtGzytCtAyCtGyEzy0CzzzztDyE0D0AzyyDyE2QtN1B2Z1V1T1S1NzuyCtDyD&cr=43520048&ir=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Advanced SystemCare Ultimate] "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Justin\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: CurseClientStartup.ccip
O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O4 - Global Startup: NETGEAR A6210 Genie.lnk = C:\Program Files (x86)\NETGEAR\A6210\A6210.EXE
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O15 - Trusted IP range: http/10.0.0.1
O15 - ESC Trusted IP range: http/10.0.0.1
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Alienware Fusion Service (AlienFusionService) - Alienware - C:\Program Files\Alienware\Command Center\AlienFusionService.exe
O23 - Service: AlienFXWindowsService - Alienware - C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe
O23 - Service: AdvancedSystemCareAntivirus (ASCAntivirusSrv) - IOBit - C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ascavsvc.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: @%ProgramFiles%\Windows Identity Foundation\v3.5\c2wtsres.dll,-1000 (c2wts) - Unknown owner - C:\Program Files (x86)\Windows Identity Foundation\v3.5\c2wtshost.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Alienware Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GalaxyClientService - GOG.com - C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: ioloEnergyBooster - iolo technologies, LLC - C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MSI_ODD_Service - Micro-Star Int'l Co., Ltd. - c:\Program Files (x86)\MSI\ODD Monitor\ODD_Monitor.exe
O23 - Service: NetgearSwitchUSB - Unknown owner - C:\Program Files (x86)\NETGEAR\A6210\NetgearSwitchUSB.exe
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: Razer Overlay Subsystem Emergency Service (RzOvlMon) - Razer, Inc. - C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\AlienRespawn\SftService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Dell SupportAssist Agent (SupportAssistAgent) - Dell Inc. - C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Unsigned Themes (UnsignedThemes) - The Within Network, LLC - C:\WINDOWS\unsignedthemes.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13486 bytes


I've deleted those 3 registry items multiple times now with no luck. Everything else looks ok to me, but who knows.

 

[itmoba]

This guide should help walk you through the steps needed to uninstall Taplika: http/www.techsguide.com/remove-taplika-com-ie-google-chrome-mozilla-firefox/

If you're unsuccessful in removing Taplika, feel free to apprise me/us of the situation.

 

[SylverrFoxx]

No luck, tried manually and with the programs, it's still there.

 

[itmoba]

Have you tried using a live-CD distribution to do the cleaning? I recommend Avira System Rescue; it can be downloaded from here: http/www.avira.com/en/download/product/avira-rescue-system