cannot acess a site, that I acess normaly day by day, browser hijack or other thing, the site show down for my but is up online
cannot acess a site
- Thread starter cometa8899
- Start date
- Status
- Nov 5, 2019
- 1,431
Hello, Welcome to MalwareTips.
I'm nasdaq and will be helping you.
If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===
Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.
Run FRST and click Fix only once and wait.
The Computer will restart when the fix is completed.
It will create a log (Fixlog.txt) please post it to your reply.
===
Please post the Fixlog.txt and let me know what problem persists.
I'm nasdaq and will be helping you.
If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===
Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.
Run FRST and click Fix only once and wait.
The Computer will restart when the fix is completed.
It will create a log (Fixlog.txt) please post it to your reply.
===
Please post the Fixlog.txt and let me know what problem persists.
Hi before i post here I run malwarebites in the trial version and the found 11 itens is in upload file in case you want to see
fixlog
Fix result of Farbar Recovery Scan Tool (x64) Version: 22.03.2024
Ran by Jack (22-03-2024 09:33:22) Run:2
Running from C:\Users\Jack\Downloads
Loaded Profiles: Jack
Boot Mode: Normal
==============================================
fixlist content:
*****************
start:
Comment: For your security a new restore point will be created.
CreateRestorePoint:
Comment: We need to close all processes to complete the fix.
CloseProcesses:
Comment: Items from the FRST.TXT log that will be removed from the Registry.
HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\Run: [Keybase.Keybase.GUI] => C:\Users\Jack\AppData\Local\Keybase\Gui\Keybase.exe (No File)
HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\Run: [TeraBoxWeb] => "C:\Users\Jack\AppData\Roaming\TeraBox\TeraBoxWebService.exe" (No File)
Edge Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-22]
Edge HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [dpadflhmiohjfhhaehelneimpllfbpcg] - C:\Users\Jack\AppData\Roaming\TeraBox\terabox_ext_chrome.crx <not found>
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-23]
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-22]
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 31\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-03-19]
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 38\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-22]
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 47\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-22]
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 58\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-03-16]
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 62\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-22]
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 65\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-23]
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 68\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-22]
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 69\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-23]
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-22]
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 71\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-26]
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 72\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-26]
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 73\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-03-13]
CHR HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dpadflhmiohjfhhaehelneimpllfbpcg] - C:\Users\Jack\AppData\Roaming\TeraBox\terabox_ext_chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [dpadflhmiohjfhhaehelneimpllfbpcg] - C:\Users\Jack\AppData\Roaming\TeraBox\terabox_ext_chrome.crx <not found>
BRA Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-03-05]
S2 GoogleUpdaterInternalService124.0.6359.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
S2 GoogleUpdaterService124.0.6359.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
S3 TeraBoxUtility; C:\Users\Jack\AppData\Roaming\TeraBox\YunUtilityService.exe [X]
2024-02-22 15:59 - 2024-02-22 15:59 - 089699232 _____ (Flextech) C:\Users\Jack\Downloads\TeraBox_sl_b_1.28.0.3.exe
2024-02-22 16:02 - 2023-08-10 17:20 - 000000915 _____ C:\Users\Jack\Desktop\TeraBox.lnk
Comment: Items from the Addition.txt log that will be removed.
CustomCLSID: HKU\S-1-5-21-3678229789-2673764803-1741663152-1001_Classes\CLSID\{679F137C-3162-45da-BE3C-2F9C3D093F64}\Shell\Open\Command -> C:\Users\Jack\AppData\Roaming\TeraBox\TeraBox.exe -diskopen
CustomCLSID: HKU\S-1-5-21-3678229789-2673764803-1741663152-1001_Classes\CLSID\{679F137C-3162-45da-BE3C-2F9C3D093F64} -> [TeraBox] => C:\Users\Jack\AppData\Roaming\TeraBox\
ShellIconOverlayIdentifiers: [ .WorkspaceExt0] -> {C568C78A-652C-425B-8E6B-FFA73043302D} => -> No File
ShellIconOverlayIdentifiers: [ .WorkspaceExt1] -> {2A6FE247-5DA3-4732-9626-77820518FD77} => -> No File
ShellIconOverlayIdentifiers: [ .WorkspaceExt2] -> {FF895810-293B-464A-93F2-82D11E07EEC8} => -> No File
ContextMenuHandlers1: [YunShellExt] -> {6D85624F-305A-491d-8848-C1927AA0D790} => C:\Users\Jack\AppData\Roaming\TeraBox\YunShellExt64.dll -> No File
ContextMenuHandlers4: [YunShellExt] -> {6D85624F-305A-491d-8848-C1927AA0D790} => C:\Users\Jack\AppData\Roaming\TeraBox\YunShellExt64.dll -> No File
AlternateDataStreams: C:\ProgramData:iSpring Solutions [128]
AlternateDataStreams: C:\Users\All Users:iSpring Solutions [128]
AlternateDataStreams: C:\ProgramData\Application Data:iSpring Solutions [128]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 64-bit.lnk:AB2E8888A0 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller 64-bit.lnk:F81525EFBA [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk:93337121EE [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk:1FA7E99ECA [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects 2023.lnk:348C7DE18C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Animate 2023.lnk:7A3B09A8B9 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition 2023.lnk:778EB4E778 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge 2023.lnk:4E1D8CA03D [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Character Animator 2023.lnk:9BB623C8A3 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Dimension.lnk:5E8D08BF30 [3442]
AlternateDataStreams: C:\Users\Jack\Application Data:iSpring Solutions [128]
AlternateDataStreams: C:\Users\Jack\AppData\Roaming:iSpring Solutions [128]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
FirewallRules: [TCP Query User{B60CBA8B-38A6-4628-A8FD-F486FD4413A3}C:\users\jack\appdata\roaming\terabox\teraboxrender.exe] => (Allow) C:\users\jack\appdata\roaming\terabox\teraboxrender.exe => No File
FirewallRules: [UDP Query User{3944FC7B-88DF-4724-9CCD-EF3029F1BE14}C:\users\jack\appdata\roaming\terabox\teraboxrender.exe] => (Allow) C:\users\jack\appdata\roaming\terabox\teraboxrender.exe => No File
FirewallRules: [{C2C30F2B-8FFC-422F-B233-B33A4971D12C}] => (Block) C:\Program Files\Adobe\Adobe Photoshop 2023 () <==== ATTENTION [zero byte File/Folder]
FirewallRules: [{6C1148FB-27BF-4B55-8055-0C5A4BD40E75}] => (Block) C:\Program Files\Adobe\Adobe Photoshop 2023 () <==== ATTENTION [zero byte File/Folder]
FirewallRules: [{376DC71F-A7B1-4D96-ACC1-E9ACF04113BB}] => (Block) C:\Program Files\Adobe\Adobe Illustrator 2023\Support Files\Contents\Windows () <==== ATTENTION [zero byte File/Folder]
FirewallRules: [{5E2A397C-3730-47B0-B87B-49EA125C12F0}] => (Block) C:\Program Files\Adobe\Adobe Illustrator 2023\Support Files\Contents\Windows () <==== ATTENTION [zero byte File/Folder]
FirewallRules: [{427906A4-E475-428A-83C3-D7E4A81B1DFC}] => (Block) C:\Program Files\Adobe\Adobe After Effects 2023\Support Files () <==== ATTENTION [zero byte File/Folder]
FirewallRules: [{0A55556E-5676-474A-A6AF-C87AD29AD603}] => (Block) C:\Program Files\Adobe\Adobe After Effects 2023\Support Files () <==== ATTENTION [zero byte File/Folder]
FirewallRules: [{DD98B522-96FE-4747-8316-710450D86B34}] => (Block) C:\Program Files\Adobe\Adobe Premiere Pro 2023 () <==== ATTENTION [zero byte File/Folder]
FirewallRules: [{02260E54-730A-4DEE-B8BD-B292453FB45B}] => (Block) C:\Program Files\Adobe\Adobe Premiere Pro 2023 () <==== ATTENTION [zero byte File/Folder]
Comment: Files/Folders that will be deleted.
C:\Users\Jack\AppData\Roaming\TeraBox
C:\Users\Jack\Downloads\TeraBox_sl_b_1.28.0.3.exe
C:\Users\Jack\Desktop\TeraBox.lnk
Comment: Windows defender will reset to the original default.
StartRegedit:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender]
"DisableAntiSpyware"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection]
"DisableBehaviorMonitoring"="=-
"DisableOnAccessProtection"=-
"DisableScanOnRealtimeEnable"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService]
"Start"=dword:00000003
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc]
"Start"=dword:00000002
EndRegedit:
Comment: Resetting of services and maintenance.
Comment: TCP/IP Reset
CMD: netsh int ip reset
CMD: ipconfig /flushDNS
Comment: To rebuild the performance counter library values.
CMD: "%WINDIR%\SYSTEM32\lodctr.exe /R"
CMD: "%WINDIR%\SysWOW64\lodctr.exe /R"
CMD: "C:\Windows\SYSTEM32\lodctr.exe /R"
CMD: "C:\Windows\SysWOW64\lodctr.exe /R"
Comment: Use Farbar routine to delete temp files
C:\Windows\Temp\*.*
C:\WINDOWS\system32\*.tmp
C:\WINDOWS\syswow64\*.tmp
C:\Program Files (x86)\Temp\*.tmp
Comment: The system will restart.
Reboot:
End:
*****************
Restore point was successfully created.
Processes closed successfully.
"HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Keybase.Keybase.GUI" => removed successfully
"HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\Software\Microsoft\Windows\CurrentVersion\Run\\TeraBoxWeb" => removed successfully
Edge Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-22] => Error: No automatic fix found for this entry.
HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\SOFTWARE\Microsoft\Edge\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg => removed successfully
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-23] => Error: No automatic fix found for this entry.
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-22] => Error: No automatic fix found for this entry.
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 31\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-03-19] => Error: No automatic fix found for this entry.
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 38\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-22] => Error: No automatic fix found for this entry.
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 47\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-22] => Error: No automatic fix found for this entry.
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 58\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-03-16] => Error: No automatic fix found for this entry.
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 62\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-22] => Error: No automatic fix found for this entry.
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 65\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-23] => Error: No automatic fix found for this entry.
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 68\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-22] => Error: No automatic fix found for this entry.
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 69\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-23] => Error: No automatic fix found for this entry.
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-22] => Error: No automatic fix found for this entry.
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 71\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-26] => Error: No automatic fix found for this entry.
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 72\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-26] => Error: No automatic fix found for this entry.
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 73\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-03-13] => Error: No automatic fix found for this entry.
HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\SOFTWARE\Google\Chrome\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg => removed successfully
BRA Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-03-05] => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\GoogleUpdaterInternalService124.0.6359.0 => removed successfully
GoogleUpdaterInternalService124.0.6359.0 => service removed successfully
HKLM\System\CurrentControlSet\Services\GoogleUpdaterService124.0.6359.0 => removed successfully
GoogleUpdaterService124.0.6359.0 => service removed successfully
HKLM\System\CurrentControlSet\Services\TeraBoxUtility => removed successfully
TeraBoxUtility => service removed successfully
C:\Users\Jack\Downloads\TeraBox_sl_b_1.28.0.3.exe => moved successfully
C:\Users\Jack\Desktop\TeraBox.lnk => moved successfully
HKU\S-1-5-21-3678229789-2673764803-1741663152-1001_Classes\CLSID\{679F137C-3162-45da-BE3C-2F9C3D093F64} => removed successfully
HKU\S-1-5-21-3678229789-2673764803-1741663152-1001_Classes\CLSID\{679F137C-3162-45da-BE3C-2F9C3D093F64} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ .WorkspaceExt0 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ .WorkspaceExt1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ .WorkspaceExt2 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\YunShellExt => removed successfully
HKLM\Software\Classes\CLSID\{6D85624F-305A-491d-8848-C1927AA0D790} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\YunShellExt => removed successfully
C:\ProgramData => ":iSpring Solutions" ADS removed successfully
"C:\Users\All Users" => ":iSpring Solutions" ADS not found.
"C:\ProgramData\Application Data" => ":iSpring Solutions" ADS not found.
C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini => ":B1DA6C571C" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 64-bit.lnk => ":AB2E8888A0" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller 64-bit.lnk => ":F81525EFBA" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk => ":93337121EE" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk => ":1FA7E99ECA" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects 2023.lnk => ":348C7DE18C" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Animate 2023.lnk => ":7A3B09A8B9" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition 2023.lnk => ":778EB4E778" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge 2023.lnk => ":4E1D8CA03D" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Character Animator 2023.lnk => ":9BB623C8A3" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Dimension.lnk => ":5E8D08BF30" ADS removed successfully
C:\Users\Jack\Application Data => ":iSpring Solutions" ADS removed successfully
"C:\Users\Jack\AppData\Roaming" => ":iSpring Solutions" ADS not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B60CBA8B-38A6-4628-A8FD-F486FD4413A3}C:\users\jack\appdata\roaming\terabox\teraboxrender.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3944FC7B-88DF-4724-9CCD-EF3029F1BE14}C:\users\jack\appdata\roaming\terabox\teraboxrender.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C2C30F2B-8FFC-422F-B233-B33A4971D12C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6C1148FB-27BF-4B55-8055-0C5A4BD40E75}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{376DC71F-A7B1-4D96-ACC1-E9ACF04113BB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5E2A397C-3730-47B0-B87B-49EA125C12F0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{427906A4-E475-428A-83C3-D7E4A81B1DFC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0A55556E-5676-474A-A6AF-C87AD29AD603}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DD98B522-96FE-4747-8316-710450D86B34}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{02260E54-730A-4DEE-B8BD-B292453FB45B}" => removed successfully
"C:\Users\Jack\AppData\Roaming\TeraBox" => not found
"C:\Users\Jack\Downloads\TeraBox_sl_b_1.28.0.3.exe" => not found
"C:\Users\Jack\Desktop\TeraBox.lnk" => not found
Registry ====> The operation completed successfully.
========= netsh int ip reset =========
Resetting Compartment Forwarding, OK!
Resetting Compartment, OK!
Resetting Control Protocol, OK!
Resetting Echo Sequence Request, OK!
Resetting Global, OK!
Resetting Interface, OK!
Resetting Anycast Address, OK!
Resetting Multicast Address, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Potential, OK!
Resetting Prefix Policy, OK!
Resetting Proxy Neighbor, OK!
Resetting Route, OK!
Resetting Site Prefix, OK!
Resetting Subinterface, OK!
Resetting Wakeup Pattern, OK!
Resetting Resolve Neighbor, OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , failed.
Access is denied.
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.
========= End of CMD: =========
========= ipconfig /flushDNS =========
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========= End of CMD: =========
========= "%WINDIR%\SYSTEM32\lodctr.exe /R" =========
Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========
========= "%WINDIR%\SysWOW64\lodctr.exe /R" =========
Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========
========= "C:\Windows\SYSTEM32\lodctr.exe /R" =========
Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========
========= "C:\Windows\SysWOW64\lodctr.exe /R" =========
Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========
=========== "C:\Windows\Temp\*.*" ==========
C:\Windows\Temp\chrome_installer.log => moved successfully
C:\Windows\Temp\chromium_installer.log => moved successfully
C:\Windows\Temp\FXSAPIDebugLogFile.txt => moved successfully
C:\Windows\Temp\FXSTIFFDebugLogFile.txt => moved successfully
C:\Windows\Temp\mbamiservice.log => moved successfully
C:\Windows\Temp\MBAMSERVICE.LOG => moved successfully
C:\Windows\Temp\mb_errors999.log => moved successfully
C:\Windows\Temp\MpCmdRun.log => moved successfully
C:\Windows\Temp\MpSigStub.log => moved successfully
C:\Windows\Temp\msedge_installer.log => moved successfully
C:\Windows\Temp\TS_39EC.tmp => moved successfully
C:\Windows\Temp\TS_5D92.tmp => moved successfully
C:\Windows\Temp\WER-37062-0.sysdata.xml => moved successfully
========= End -> "C:\Windows\Temp\*.*" ========
=========== "C:\WINDOWS\system32\*.tmp" ==========
not found
========= End -> "C:\WINDOWS\system32\*.tmp" ========
=========== "C:\WINDOWS\syswow64\*.tmp" ==========
not found
========= End -> "C:\WINDOWS\syswow64\*.tmp" ========
=========== "C:\Program Files (x86)\Temp\*.tmp" ==========
not found
========= End -> "C:\Program Files (x86)\Temp\*.tmp" ========
The system needed a reboot.
==== End of Fixlog 09:33:47 ====
fixlog
Fix result of Farbar Recovery Scan Tool (x64) Version: 22.03.2024
Ran by Jack (22-03-2024 09:33:22) Run:2
Running from C:\Users\Jack\Downloads
Loaded Profiles: Jack
Boot Mode: Normal
==============================================
fixlist content:
*****************
start:
Comment: For your security a new restore point will be created.
CreateRestorePoint:
Comment: We need to close all processes to complete the fix.
CloseProcesses:
Comment: Items from the FRST.TXT log that will be removed from the Registry.
HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\Run: [Keybase.Keybase.GUI] => C:\Users\Jack\AppData\Local\Keybase\Gui\Keybase.exe (No File)
HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\Run: [TeraBoxWeb] => "C:\Users\Jack\AppData\Roaming\TeraBox\TeraBoxWebService.exe" (No File)
Edge Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-22]
Edge HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [dpadflhmiohjfhhaehelneimpllfbpcg] - C:\Users\Jack\AppData\Roaming\TeraBox\terabox_ext_chrome.crx <not found>
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-23]
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-22]
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 31\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-03-19]
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 38\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-22]
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 47\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-22]
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 58\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-03-16]
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 62\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-22]
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 65\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-23]
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 68\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-22]
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 69\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-23]
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-22]
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 71\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-26]
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 72\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-26]
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 73\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-03-13]
CHR HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dpadflhmiohjfhhaehelneimpllfbpcg] - C:\Users\Jack\AppData\Roaming\TeraBox\terabox_ext_chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [dpadflhmiohjfhhaehelneimpllfbpcg] - C:\Users\Jack\AppData\Roaming\TeraBox\terabox_ext_chrome.crx <not found>
BRA Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-03-05]
S2 GoogleUpdaterInternalService124.0.6359.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
S2 GoogleUpdaterService124.0.6359.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
S3 TeraBoxUtility; C:\Users\Jack\AppData\Roaming\TeraBox\YunUtilityService.exe [X]
2024-02-22 15:59 - 2024-02-22 15:59 - 089699232 _____ (Flextech) C:\Users\Jack\Downloads\TeraBox_sl_b_1.28.0.3.exe
2024-02-22 16:02 - 2023-08-10 17:20 - 000000915 _____ C:\Users\Jack\Desktop\TeraBox.lnk
Comment: Items from the Addition.txt log that will be removed.
CustomCLSID: HKU\S-1-5-21-3678229789-2673764803-1741663152-1001_Classes\CLSID\{679F137C-3162-45da-BE3C-2F9C3D093F64}\Shell\Open\Command -> C:\Users\Jack\AppData\Roaming\TeraBox\TeraBox.exe -diskopen
CustomCLSID: HKU\S-1-5-21-3678229789-2673764803-1741663152-1001_Classes\CLSID\{679F137C-3162-45da-BE3C-2F9C3D093F64} -> [TeraBox] => C:\Users\Jack\AppData\Roaming\TeraBox\
ShellIconOverlayIdentifiers: [ .WorkspaceExt0] -> {C568C78A-652C-425B-8E6B-FFA73043302D} => -> No File
ShellIconOverlayIdentifiers: [ .WorkspaceExt1] -> {2A6FE247-5DA3-4732-9626-77820518FD77} => -> No File
ShellIconOverlayIdentifiers: [ .WorkspaceExt2] -> {FF895810-293B-464A-93F2-82D11E07EEC8} => -> No File
ContextMenuHandlers1: [YunShellExt] -> {6D85624F-305A-491d-8848-C1927AA0D790} => C:\Users\Jack\AppData\Roaming\TeraBox\YunShellExt64.dll -> No File
ContextMenuHandlers4: [YunShellExt] -> {6D85624F-305A-491d-8848-C1927AA0D790} => C:\Users\Jack\AppData\Roaming\TeraBox\YunShellExt64.dll -> No File
AlternateDataStreams: C:\ProgramData:iSpring Solutions [128]
AlternateDataStreams: C:\Users\All Users:iSpring Solutions [128]
AlternateDataStreams: C:\ProgramData\Application Data:iSpring Solutions [128]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 64-bit.lnk:AB2E8888A0 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller 64-bit.lnk:F81525EFBA [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk:93337121EE [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk:1FA7E99ECA [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects 2023.lnk:348C7DE18C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Animate 2023.lnk:7A3B09A8B9 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition 2023.lnk:778EB4E778 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge 2023.lnk:4E1D8CA03D [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Character Animator 2023.lnk:9BB623C8A3 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Dimension.lnk:5E8D08BF30 [3442]
AlternateDataStreams: C:\Users\Jack\Application Data:iSpring Solutions [128]
AlternateDataStreams: C:\Users\Jack\AppData\Roaming:iSpring Solutions [128]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
FirewallRules: [TCP Query User{B60CBA8B-38A6-4628-A8FD-F486FD4413A3}C:\users\jack\appdata\roaming\terabox\teraboxrender.exe] => (Allow) C:\users\jack\appdata\roaming\terabox\teraboxrender.exe => No File
FirewallRules: [UDP Query User{3944FC7B-88DF-4724-9CCD-EF3029F1BE14}C:\users\jack\appdata\roaming\terabox\teraboxrender.exe] => (Allow) C:\users\jack\appdata\roaming\terabox\teraboxrender.exe => No File
FirewallRules: [{C2C30F2B-8FFC-422F-B233-B33A4971D12C}] => (Block) C:\Program Files\Adobe\Adobe Photoshop 2023 () <==== ATTENTION [zero byte File/Folder]
FirewallRules: [{6C1148FB-27BF-4B55-8055-0C5A4BD40E75}] => (Block) C:\Program Files\Adobe\Adobe Photoshop 2023 () <==== ATTENTION [zero byte File/Folder]
FirewallRules: [{376DC71F-A7B1-4D96-ACC1-E9ACF04113BB}] => (Block) C:\Program Files\Adobe\Adobe Illustrator 2023\Support Files\Contents\Windows () <==== ATTENTION [zero byte File/Folder]
FirewallRules: [{5E2A397C-3730-47B0-B87B-49EA125C12F0}] => (Block) C:\Program Files\Adobe\Adobe Illustrator 2023\Support Files\Contents\Windows () <==== ATTENTION [zero byte File/Folder]
FirewallRules: [{427906A4-E475-428A-83C3-D7E4A81B1DFC}] => (Block) C:\Program Files\Adobe\Adobe After Effects 2023\Support Files () <==== ATTENTION [zero byte File/Folder]
FirewallRules: [{0A55556E-5676-474A-A6AF-C87AD29AD603}] => (Block) C:\Program Files\Adobe\Adobe After Effects 2023\Support Files () <==== ATTENTION [zero byte File/Folder]
FirewallRules: [{DD98B522-96FE-4747-8316-710450D86B34}] => (Block) C:\Program Files\Adobe\Adobe Premiere Pro 2023 () <==== ATTENTION [zero byte File/Folder]
FirewallRules: [{02260E54-730A-4DEE-B8BD-B292453FB45B}] => (Block) C:\Program Files\Adobe\Adobe Premiere Pro 2023 () <==== ATTENTION [zero byte File/Folder]
Comment: Files/Folders that will be deleted.
C:\Users\Jack\AppData\Roaming\TeraBox
C:\Users\Jack\Downloads\TeraBox_sl_b_1.28.0.3.exe
C:\Users\Jack\Desktop\TeraBox.lnk
Comment: Windows defender will reset to the original default.
StartRegedit:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender]
"DisableAntiSpyware"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection]
"DisableBehaviorMonitoring"="=-
"DisableOnAccessProtection"=-
"DisableScanOnRealtimeEnable"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService]
"Start"=dword:00000003
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc]
"Start"=dword:00000002
EndRegedit:
Comment: Resetting of services and maintenance.
Comment: TCP/IP Reset
CMD: netsh int ip reset
CMD: ipconfig /flushDNS
Comment: To rebuild the performance counter library values.
CMD: "%WINDIR%\SYSTEM32\lodctr.exe /R"
CMD: "%WINDIR%\SysWOW64\lodctr.exe /R"
CMD: "C:\Windows\SYSTEM32\lodctr.exe /R"
CMD: "C:\Windows\SysWOW64\lodctr.exe /R"
Comment: Use Farbar routine to delete temp files
C:\Windows\Temp\*.*
C:\WINDOWS\system32\*.tmp
C:\WINDOWS\syswow64\*.tmp
C:\Program Files (x86)\Temp\*.tmp
Comment: The system will restart.
Reboot:
End:
*****************
Restore point was successfully created.
Processes closed successfully.
"HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Keybase.Keybase.GUI" => removed successfully
"HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\Software\Microsoft\Windows\CurrentVersion\Run\\TeraBoxWeb" => removed successfully
Edge Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-22] => Error: No automatic fix found for this entry.
HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\SOFTWARE\Microsoft\Edge\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg => removed successfully
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-23] => Error: No automatic fix found for this entry.
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-22] => Error: No automatic fix found for this entry.
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 31\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-03-19] => Error: No automatic fix found for this entry.
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 38\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-22] => Error: No automatic fix found for this entry.
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 47\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-22] => Error: No automatic fix found for this entry.
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 58\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-03-16] => Error: No automatic fix found for this entry.
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 62\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-22] => Error: No automatic fix found for this entry.
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 65\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-23] => Error: No automatic fix found for this entry.
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 68\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-22] => Error: No automatic fix found for this entry.
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 69\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-23] => Error: No automatic fix found for this entry.
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-22] => Error: No automatic fix found for this entry.
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 71\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-26] => Error: No automatic fix found for this entry.
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 72\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-02-26] => Error: No automatic fix found for this entry.
CHR Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 73\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-03-13] => Error: No automatic fix found for this entry.
HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\SOFTWARE\Google\Chrome\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg => removed successfully
BRA Extension: (TeraBox Download Assistant) - C:\Users\Jack\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-03-05] => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\GoogleUpdaterInternalService124.0.6359.0 => removed successfully
GoogleUpdaterInternalService124.0.6359.0 => service removed successfully
HKLM\System\CurrentControlSet\Services\GoogleUpdaterService124.0.6359.0 => removed successfully
GoogleUpdaterService124.0.6359.0 => service removed successfully
HKLM\System\CurrentControlSet\Services\TeraBoxUtility => removed successfully
TeraBoxUtility => service removed successfully
C:\Users\Jack\Downloads\TeraBox_sl_b_1.28.0.3.exe => moved successfully
C:\Users\Jack\Desktop\TeraBox.lnk => moved successfully
HKU\S-1-5-21-3678229789-2673764803-1741663152-1001_Classes\CLSID\{679F137C-3162-45da-BE3C-2F9C3D093F64} => removed successfully
HKU\S-1-5-21-3678229789-2673764803-1741663152-1001_Classes\CLSID\{679F137C-3162-45da-BE3C-2F9C3D093F64} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ .WorkspaceExt0 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ .WorkspaceExt1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ .WorkspaceExt2 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\YunShellExt => removed successfully
HKLM\Software\Classes\CLSID\{6D85624F-305A-491d-8848-C1927AA0D790} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\YunShellExt => removed successfully
C:\ProgramData => ":iSpring Solutions" ADS removed successfully
"C:\Users\All Users" => ":iSpring Solutions" ADS not found.
"C:\ProgramData\Application Data" => ":iSpring Solutions" ADS not found.
C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini => ":B1DA6C571C" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 64-bit.lnk => ":AB2E8888A0" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller 64-bit.lnk => ":F81525EFBA" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk => ":93337121EE" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk => ":1FA7E99ECA" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects 2023.lnk => ":348C7DE18C" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Animate 2023.lnk => ":7A3B09A8B9" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition 2023.lnk => ":778EB4E778" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge 2023.lnk => ":4E1D8CA03D" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Character Animator 2023.lnk => ":9BB623C8A3" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Dimension.lnk => ":5E8D08BF30" ADS removed successfully
C:\Users\Jack\Application Data => ":iSpring Solutions" ADS removed successfully
"C:\Users\Jack\AppData\Roaming" => ":iSpring Solutions" ADS not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B60CBA8B-38A6-4628-A8FD-F486FD4413A3}C:\users\jack\appdata\roaming\terabox\teraboxrender.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3944FC7B-88DF-4724-9CCD-EF3029F1BE14}C:\users\jack\appdata\roaming\terabox\teraboxrender.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C2C30F2B-8FFC-422F-B233-B33A4971D12C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6C1148FB-27BF-4B55-8055-0C5A4BD40E75}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{376DC71F-A7B1-4D96-ACC1-E9ACF04113BB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5E2A397C-3730-47B0-B87B-49EA125C12F0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{427906A4-E475-428A-83C3-D7E4A81B1DFC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0A55556E-5676-474A-A6AF-C87AD29AD603}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DD98B522-96FE-4747-8316-710450D86B34}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{02260E54-730A-4DEE-B8BD-B292453FB45B}" => removed successfully
"C:\Users\Jack\AppData\Roaming\TeraBox" => not found
"C:\Users\Jack\Downloads\TeraBox_sl_b_1.28.0.3.exe" => not found
"C:\Users\Jack\Desktop\TeraBox.lnk" => not found
Registry ====> The operation completed successfully.
========= netsh int ip reset =========
Resetting Compartment Forwarding, OK!
Resetting Compartment, OK!
Resetting Control Protocol, OK!
Resetting Echo Sequence Request, OK!
Resetting Global, OK!
Resetting Interface, OK!
Resetting Anycast Address, OK!
Resetting Multicast Address, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Potential, OK!
Resetting Prefix Policy, OK!
Resetting Proxy Neighbor, OK!
Resetting Route, OK!
Resetting Site Prefix, OK!
Resetting Subinterface, OK!
Resetting Wakeup Pattern, OK!
Resetting Resolve Neighbor, OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , failed.
Access is denied.
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.
========= End of CMD: =========
========= ipconfig /flushDNS =========
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========= End of CMD: =========
========= "%WINDIR%\SYSTEM32\lodctr.exe /R" =========
Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========
========= "%WINDIR%\SysWOW64\lodctr.exe /R" =========
Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========
========= "C:\Windows\SYSTEM32\lodctr.exe /R" =========
Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========
========= "C:\Windows\SysWOW64\lodctr.exe /R" =========
Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========
=========== "C:\Windows\Temp\*.*" ==========
C:\Windows\Temp\chrome_installer.log => moved successfully
C:\Windows\Temp\chromium_installer.log => moved successfully
C:\Windows\Temp\FXSAPIDebugLogFile.txt => moved successfully
C:\Windows\Temp\FXSTIFFDebugLogFile.txt => moved successfully
C:\Windows\Temp\mbamiservice.log => moved successfully
C:\Windows\Temp\MBAMSERVICE.LOG => moved successfully
C:\Windows\Temp\mb_errors999.log => moved successfully
C:\Windows\Temp\MpCmdRun.log => moved successfully
C:\Windows\Temp\MpSigStub.log => moved successfully
C:\Windows\Temp\msedge_installer.log => moved successfully
C:\Windows\Temp\TS_39EC.tmp => moved successfully
C:\Windows\Temp\TS_5D92.tmp => moved successfully
C:\Windows\Temp\WER-37062-0.sysdata.xml => moved successfully
========= End -> "C:\Windows\Temp\*.*" ========
=========== "C:\WINDOWS\system32\*.tmp" ==========
not found
========= End -> "C:\WINDOWS\system32\*.tmp" ========
=========== "C:\WINDOWS\syswow64\*.tmp" ==========
not found
========= End -> "C:\WINDOWS\syswow64\*.tmp" ========
=========== "C:\Program Files (x86)\Temp\*.tmp" ==========
not found
========= End -> "C:\Program Files (x86)\Temp\*.tmp" ========
The system needed a reboot.
==== End of Fixlog 09:33:47 ====
- Nov 5, 2019
- 1,431
Hi,
the fixlog looks good. Is your problem solved?
As for the item quarantined by Malwarebytes they may still be in the Quarantined folder. Not doiing anything bad.
How to Delete quarantined files. Now or later, your call.
support.malwarebytes.com
Follow the directives on the page to delete all the files.
Stay safe.
the fixlog looks good. Is your problem solved?
As for the item quarantined by Malwarebytes they may still be in the Quarantined folder. Not doiing anything bad.
How to Delete quarantined files. Now or later, your call.
Restore or delete quarantined items in Malwarebytes for Windows
When Malwarebytes for Windows executes on-demand scans, scheduled scans, and Real-Time Protection events, some files may be categorized as threats. These files get removed from the disk location wh...
Follow the directives on the page to delete all the files.
Stay safe.
- Status
Similar threads
