放大镜

PUP.Optional.PCOptimizerPro

短简历

PUP.Optional.PCOptimizerPro是Mal必威平台APPwarebytes针对Windows系统的系统优化器的检测名称,由XportSoft Technologies发布。

gui pup.optional.pcoptimizerpro.

gui pup.optional.pcoptimizerpro.

症状

在受影响的系统上,用户可以在他们的安装程序和功能列表中注意到此条目:

PUP.Optional.PCOptimizerPro安装

已安装PUP.Optional.PCOptimizerPro

以及一系列与以下任务类似的计划任务:

pup.optional.pcoptimizerPro计划任务

计划任务PUP.Optional.PCOptimizerPro

他们的桌面上的这些图标,在他们的任务栏中,他们的startmenu和他们的右键单击菜单:

PUP.Optional.PCOptimizerPro图标

PUP.Optional.PCOptimizerPro图标

感染的类型和来源

PUP.Optional.PCOptimizerPro识别受影响系统上的“问题”,并承诺将使用付费版本删除这些问题。

修复PUP.Optional.PCOptimizerPro

PUP.Optional.PCOptimizerPro仅付费版本修复

pcoptimizerpro是用户在广告攻势下安装的。

保护

必威平台APPMalwareBytes通过使用实时保护保护来自PUP.Optional.pcoptimizerPro的用户。

块PUP.Optional.PCOptimizerPro

必威平台APPmalwarebytes块pup.optional.pcoptimizerpro.

通过阻止他们的域名:

阻止pcoptimizerpro.com.

必威平台APPMalwarebytes阻止pcoptimizerpro.com

修复

必威平台APPMalwarebytes可以检测并删除PUP.Optional.PCOptimizerPro,而无需进一步的用户交互。

  1. 下载伪必威平台APP到您的桌面。
  2. 双击mbsetup.exe.并按照提示安装程序。
  3. 当你的必威平台APP用于Windows的Malwarebytes安装完成后,程序将打开欢迎使用Malwarebytes屏幕。必威平台APP
  4. 点击开始按钮
  5. 点击扫描开张威胁扫描
  6. 点击隔离删除找到的威胁。
  7. 如果出现提示完成删除过程,重新启动系统。

必威平台APPMalwarebytes删除日志

删除必威平台APP的Malwarebytes日志将类似于此图片:

必威平台APPMalwarebytes www.malwarebytes.com -log详细信息 - 扫描日期:5/30/18扫描时间:10:34 AM日志文件:54D13CAD-63E4-11E8-BF52-080027235D76.JSON管理员:是-Software信息 - 版本:3.3。1.2183组件版本:1.0.262更新包版本:1.0.5302许可证:Premium -System信息 -  OS:Windows 7 Service Pack 1 CPU:X64文件系统:NTFS用户:{ComputerName} \ {username} \ {username} -scan摘要 - 扫描类型:威胁扫描结果:已完成的对象扫描:检测到240721威胁:61威胁隔离:61次经过时间:2分钟,42秒-Scan选项 - 内存:启用启动启动:启用的文件系统:启用rootkits:启用启发性:启用的Heakit:检测pum:detect-scan详细信息 - 进程:1 pup.optional.pcoptimizerpro,c:\ program files \ pc优化程序pro \ pcoptimizerpro.exe,隔离,[1261],[392397],1.0.5302模块:2 pup.optional.pcoptimizerpro,c:\ program files \ pc优化程序pro \ pcoptproctxmenu.dll,隔离,[1261],[333184],1.0.5302 pup.optional.pcoptimizerpro,c:\程序文件\ PC Optimizer Pro \ PCOptimizerPro.exe,隔离[1261],[392397],1.0.5302注册表项:23 pup.optional.pcoptimizerpro,hklm \ software \ microsoft \ windows nt \ currentversion \ schedule \ taskcache\ Tree \ PC Optimizer Pro64扫描,隔离[1261],[325246],1.0.5302 pup.optional.pcoptimizerpro,hklm \ software \ microsoft \ windows nt \ currentversion \ schedule \ taskcache \ tasks \ {40c0e937-e245-4e4d-afa0-adf8a091ab63},隔离[1261],[325246],1.0.5302 pup.optional.pcoptimizerpro,hklm \ software \ microsoft \ windows nt \ currentversion \ schedule \ taskcache \ plain \ {40c0e937-e245-4e4d-afa0-adf8a091ab63}隔离[1261],[325246],1.0.5302 pup.optional.pcoptimizerpro,hklm \ software \ microsoft \ windows nt \ currentversion \ schedule \ taskcache \ tree \ pc优化程序pro64启动,隔离,[1261][325246],1.0.5302 pup.optional.pcoptimizerpro,hklm \ software \ microsoft \ windows nt \ currentversion \ schedule \ taskcache \ tasks \ {c5b23c4d-31c2-446e-b432-247fdd101532},隔离,[1261],[325246],1.0.5302小狗。可选.pcoptimizerpro,hklm \ software \ microsoft \ windows nt \ currentversion \ schedule \ taskcache \ locon \ {c5b23c4d-31c2-47fdd101532},被隔离,[1261],[325246],1.0.5302 pup.optional。PCOptimizerPro,HKLM \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Schedule \ TaskCache \ Tree \ PC Optimizer Pro空闲,隔离,[260291],1.0.5302 pup.optional.pcoptimizerPro,HKLM \ Software \ Microsoft \ Windowsnt \ currentversion \ schedule \ taskcache \ tasks \ {b74b0b8f-207e-4606-a368-eb857b144dc9}隔离[1261],[260291],1.0.5302 pup.optional.pcoptimizerpro,hklm \ software \ microsoft \ windows nt \CurrentVersion \ Schedule \ TaskCache \ PlainCache \ Plain \ {B74B0B8F-207E-4606-A368-EB857B144DC9}隔离[1261],[260291],1.0.5302 pup.optional.pcoptimizerPro,HKLM \ Software \ Microsoft \ Windows NT \ CurrentVersion \SCHEDULE\TASKCACHE\TREE\PC Optimizer Pro Updates, Quarantined, [1261], [260291],1.0.5302 PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D564F511-6242-41BA-975D-6AD0875B8DF0}, Quarantined, [1261], [260291],1.0.5302 PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{D564F511-6242-41BA-975D-6AD0875B8DF0}, Quarantined, [1261], [260291],1.0.5302 PUP.Optional.PCOptimizerPro, HKCU\SOFTWARE\PC OPTIMIZER PRO, Quarantined, [1261], [260294],1.0.5302 PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\PC OPTIMIZER PRO, Quarantined, [1261], [260298],1.0.5302 PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\PC Optimizer Pro, Quarantined, [1261], [333185],1.0.5302 PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\CLASSES\INTERFACE\{12AB121E-44C6-488B-8773-B0AE25E662E1}, Quarantined, [1261], [333184],1.0.5302 PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{12AB121E-44C6-488B-8773-B0AE25E662E1}, Quarantined, [1261], [333184],1.0.5302 PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{12AB121E-44C6-488B-8773-B0AE25E662E1}, Quarantined, [1261], [333184],1.0.5302 PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\CLASSES\TYPELIB\{003B9C22-6FE0-4BCA-A73F-9AA99B9BBDAA}, Quarantined, [1261], [333184],1.0.5302 PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{003B9C22-6FE0-4BCA-A73F-9AA99B9BBDAA}, Quarantined, [1261], [333184],1.0.5302 PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\CLASSES\CLSID\{203ABD21-41F1-4F1B-BAE3-D6A89A90D239}, Quarantined, [1261], [333184],1.0.5302 PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\CLASSES\CLSID\{203ABD21-41F1-4F1B-BAE3-D6A89A90D239}\InprocServer32, Quarantined, [1261], [333184],1.0.5302 PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{003B9C22-6FE0-4BCA-A73F-9AA99B9BBDAA}, Quarantined, [1261], [333184],1.0.5302 Registry Value: 12 PUP.Optional.PCOptimizerPro, HKCU\SOFTWARE\PC OPTIMIZER PRO|ISAINS, Quarantined, [1261], [260294],1.0.5302 PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\COMPATIBILITYADAPTER\SIGNATURES|PC OPTIMIZER PRO64 STARTUPS.JOB, Quarantined, [1261], [411376],1.0.5302 PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\COMPATIBILITYADAPTER\SIGNATURES|PC OPTIMIZER PRO64 STARTUPS.JOB.FP, Quarantined, [1261], [411376],1.0.5302 PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\COMPATIBILITYADAPTER\SIGNATURES|PC OPTIMIZER PRO UPDATES.JOB, Quarantined, [1261], [411376],1.0.5302 PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\COMPATIBILITYADAPTER\SIGNATURES|PC OPTIMIZER PRO UPDATES.JOB.FP, Quarantined, [1261], [411376],1.0.5302 PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\COMPATIBILITYADAPTER\SIGNATURES|PC OPTIMIZER PRO IDLE.JOB, Quarantined, [1261], [411376],1.0.5302 PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\COMPATIBILITYADAPTER\SIGNATURES|PC OPTIMIZER PRO IDLE.JOB.FP, Quarantined, [1261], [411376],1.0.5302 PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\COMPATIBILITYADAPTER\SIGNATURES|PC OPTIMIZER PRO64 SCAN.JOB, Quarantined, [1261], [411376],1.0.5302 PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\COMPATIBILITYADAPTER\SIGNATURES|PC OPTIMIZER PRO64 SCAN.JOB.FP, Quarantined, [1261], [411376],1.0.5302 PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\PC OPTIMIZER PRO|PUBLISHER, Quarantined, [1261], [260298],1.0.5302 PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{40C0E937-E245-4E4D-AFA0-ADF8A091AB63}|PATH, Quarantined, [1261], [325241],1.0.5302 PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C5B23C4D-31C2-446E-B432-247FDD101532}|PATH, Quarantined, [1261], [325241],1.0.5302 Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 3 PUP.Optional.PCOptimizerPro, C:\ProgramData\PC Optimizer Pro\LOGS, Quarantined, [1261], [182300],1.0.5302 PUP.Optional.PCOptimizerPro, C:\PROGRAMDATA\PC OPTIMIZER PRO, Quarantined, [1261], [182300],1.0.5302 PUP.Optional.PCOptimizerPro, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\PC OPTIMIZER PRO, Quarantined, [1261], [182301],1.0.5302 File: 20 PUP.Optional.PCOptimizerPro, C:\USERS\PUBLIC\DESKTOP\PC OPTIMIZER PRO.LNK, Quarantined, [1261], [260289],1.0.5302 PUP.Optional.PCOptimizerPro, C:\USERS\{username}\APPDATA\ROAMING\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\PC OPTIMIZER PRO.LNK, Quarantined, [1261], [260312],1.0.5302 PUP.Optional.PCOptimizerPro, C:\WINDOWS\SYSTEM32\TASKS\PC Optimizer Pro64 Scan, Quarantined, [1261], [325246],1.0.5302 PUP.Optional.PCOptimizerPro, C:\WINDOWS\SYSTEM32\TASKS\PC Optimizer Pro64 startups, Quarantined, [1261], [325246],1.0.5302 PUP.Optional.PCOptimizerPro, C:\WINDOWS\SYSTEM32\TASKS\PC Optimizer Pro Idle, Quarantined, [1261], [260291],1.0.5302 PUP.Optional.PCOptimizerPro, C:\WINDOWS\SYSTEM32\TASKS\PC Optimizer Pro Updates, Quarantined, [1261], [260291],1.0.5302 PUP.Optional.PCOptimizerPro, C:\WINDOWS\TASKS\PC Optimizer Pro64 Scan.job, Quarantined, [1261], [325247],1.0.5302 PUP.Optional.PCOptimizerPro, C:\WINDOWS\TASKS\PC Optimizer Pro64 startups.job, Quarantined, [1261], [325247],1.0.5302 PUP.Optional.PCOptimizerPro, C:\WINDOWS\TASKS\PC Optimizer Pro Idle.job, Quarantined, [1261], [260292],1.0.5302 PUP.Optional.PCOptimizerPro, C:\WINDOWS\TASKS\PC Optimizer Pro Updates.job, Quarantined, [1261], [260292],1.0.5302 PUP.Optional.PCOptimizerPro, C:\ProgramData\PC Optimizer Pro\LOGS\REG_LOGS_05_30_2018_10_26_41_AM.log, Quarantined, [1261], [182300],1.0.5302 PUP.Optional.PCOptimizerPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Optimizer Pro\Live Support.url, Quarantined, [1261], [182301],1.0.5302 PUP.Optional.PCOptimizerPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Optimizer Pro\PC Optimizer Pro.lnk, Quarantined, [1261], [182301],1.0.5302 PUP.Optional.PCOptimizerPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Optimizer Pro\Uninstallation Guide.url, Quarantined, [1261], [182301],1.0.5302 PUP.Optional.PCOptimizerPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Optimizer Pro\Visit Website.url, Quarantined, [1261], [182301],1.0.5302 PUP.Optional.PCOptimizerPro, C:\PROGRAM FILES\PC OPTIMIZER PRO\PCOPTPROCTXMENU.DLL, Quarantined, [1261], [333184],1.0.5302 PUP.Optional.PCOptimizerPro, C:\PROGRAM FILES\PC OPTIMIZER PRO\PCOPTIMIZERPRO.EXE, Quarantined, [1261], [392397],1.0.5302 PUP.Optional.PCOptimizerPro, C:\USERS\{username}\DESKTOP\PCOPTIMIZERPROINSTALLER.EXE, Quarantined, [1261], [392397],1.0.5302 PUP.Optional.PCOptimizerPro, C:\PROGRAM FILES\PC OPTIMIZER PRO\PCOPTPROTRAYS.EXE, Quarantined, [1261], [115333],1.0.5302 PUP.Optional.PCOptimizerPro, C:\PROGRAM FILES\PC OPTIMIZER PRO\UNINST.EXE, Quarantined, [1261], [392397],1.0.5302 Physical Sector: 0 (No malicious items detected) (end)

添加一个排斥

如果用户希望保留此程序并在将来的扫描中排除它,他们可以将该程序添加到排除列表中。下面是如何做到这一点。

  • 打开Win必威平台APPdows恶意软件。
  • 点击检测的历史
  • 点击允许列表
  • 将项目添加到允许列表点击添加
  • 选择排除类型允许文件或文件夹并使用选择一个文件夹按钮以选择要保留的软件的主文件夹。
  • 对属于该软件的任何辅助文件或文件夹重复此操作。

如果要允许程序连接到Internet,例如获取更新,还需要添加类型排除允许应用程序连接到互联网并使用浏览按钮选择要授予访问权限的文件。

追踪/ IOC

您可以在FRST日志中看到这些条目:

(Xportsoft Technologies)C:\Program Files\PC Optimizer Pro\PCOptimizerPro.exe C:\Windows\System32\Tasks\PC Optimizer Pro更新C:\Windows\System32\Tasks\PC Optimizer Pro64扫描C:\Windows\System32\Tasks\PC Optimizer Pro空闲C:\Windows\System32\Tasks\PC Optimizer Pro64启动C:\Users\Public\Desktop\PC Optimizer Pro.lnk C:\Windows\Tasks\PCOptimizer Pro Updates.job C:\Windows\Tasks\PC Optimizer Pro Idle.job C:\Windows\Tasks\PC Optimizer Pro64 startups.job C:\Windows\Tasks\PC Optimizer Pro64 Scan.job C:\ProgramData\PC Optimizer Pro C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Optimizer Pro C:\Program Files\PC Optimizer Pro PC Optimizer Pro(HKLM\…\PC Optimizer Pro)(版本:8.1.1.3-Xportsoft Technologies)<===注意任务:{40C0E937-E245-4E4D-AFA0-ADF8A091AB63}-System32\Tasks\PC Optimizer Pro64 Scan=>C:\Program Files\PC Optimizer Pro\StartApps.exe[2018-05-14](Xportsoft Technologies)<===注意任务:{B74B0B8F-207E-4606-A368-EB7B144DC9}-System32\Tasks\PC Optimizer Pro Idle=>C:\ProgramFiles\PC Optimizer Pro\StartApps.exe[2018-05-14](Xportsoft Technologies)<===注意任务:{C5B23C4D-31C2-446E-B432-247FDD101532}-System32\Tasks\PC Optimizer Pro64 startups=>C:\Program Files\PC Optimizer Pro\StartApps.exe[2018-05-14](Xportsoft Technologies)<==注意任务:{D564F511-6242-41BA-975D-6AD0875B8DF0}-System32\Tasks\PC Optimizer Pro Updates=>C:\Program Files\PC Optimizer Pro\StartApps.exe[2018-05-14](Xportsoft Technologies)<====注意任务:C:\Windows\Tasks\PC Optimizer Pro Idle.job=>C:\Program Files\PC Optimizer Pro\StartApps.exe<===注意任务:C:\Windows\Tasks\PC Optimizer Pro Updates.job=>C:\Program Files\PC OptimizerPro\StartApps.exe<===注意任务:C:\Windows\Tasks\PC Optimizer Pro64 Scan.job=>C:\Program Files\PC Optimizer Pro\StartApps.exe<===注意任务:C:\Windows\Tasks\PC Optimizer Pro64 startups.job=>C:\Program Files\PC Optimizer Pro\StartApps.exe<===注意

相关博客内容

注册表清洁剂:数字蛇油

必威平台APPMalwarebytes在幼崽上变得更加强硬

如何避免可能不需要的程序

选择您的语言