可选。whiteclick是Malwarebytes的必威平台APP检测名称潜在无用程序(PUP)显示广告。
可选。whititeclick在Windows任务栏中创建一个搜索栏。
可选。whititeclick通常是作为包.
必威平台APPMalwarebytes保护用户免受pup . optional . whititeclick通过使用实时保护。
必威平台APP恶意软件可以检测和删除pup . optional . whititeclick,无需进一步的用户交互。
Ma必威平台APPlwarebytes的删除日志如下所示:
必威平台APPMalwarebytes www.Malwarebytes.com-日志详细信息-扫描日期:7/10/18扫描时间:下午6:54日志文件:e13da69c-8461-11e8-bc63-00ffdcc6fdfc.json管理员:是-软件信息-版本:3.5.1.2522组件版本:1.0.374更新包版本:1.0.5855许可证:高级-系统信息-操作系统:Windows 7 Service Pack 1 CPU:x64文件系统:NTFS用户:{computername}\{username}-扫描摘要-扫描类型:威胁扫描发起人:手动结果:扫描完成的对象:检测到251293个威胁:隔离65个威胁:65时间:3分钟,30秒-扫描选项-内存:启用启动:启用文件系统:启用存档:启用根工具包:启用启发式:启用PUP:检测PUM:检测-扫描详细信息-进程:0(未检测到恶意项目)模块:0(未检测到恶意项目)注册表项:1 PUP.Optional.WhiteClick,HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{D66F6F24-652D-4405-A0D3-C568F825FE66},隔离,[5080],[538662],1.0.5855注册表值:1 PUP.Optional.WhiteClick,HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{D66F6F6F24-652D-4405-A0D3-C568F825FE66},显示名称,隔离,[5080],[538662],1.0.5855注册表数据:0(未检测到恶意项目)数据流:0(未检测到恶意项目)文件夹:10 PUP.Optional.WhiteClick,C:\Users\{username}\AppData\Local\WhiteClick\System Images,隔离,[5080],[538656],1.0.5855 PUP.Optional.WhiteClick,C:\Users\{username}\AppData\Local\WhiteClick\Images,隔离,[5080],[538656],1.0.5855 PUP.Optional.WhiteClick,C:\Users\{username}\AppData\Local\WhiteClick\Tabs\0,隔离[5080],[538656],1.0.5855 PUP.Optional.WhiteClick,C:\Users\{username}\AppData\Local\WhiteClick\Tabs\1,隔离[5080],[538656],1.0.5855 PUP.Optional.WhiteClick,C:\Users\{username}\AppData\Local\WhiteClick\Tabs\Tabs\2,隔离[5080],[538656],1.0.5855 PUP.Optional.WhiteClick,C:\Users\{username}\AppData\Local\WhiteClick\Tabs\3,隔离,[5080],[538656],1.0.5855 PUP.Optional.WhiteClick,C:\Users\{username}\AppData\Local\WhiteClick\Tabs\4,隔离,[5080],[538656],1.0.5855 PUP.Optional.WhiteClick,C:\Users\{username}\AppData\Local\WhiteClick\Tabs\Tabs\5,隔离,[5080],[538656],1.0.5855 PUP.Optional.WhiteClick,C:\Users\{username}\AppData\Local\WhiteClick\Tabs,隔离,[5080],[538656],1.0.5855 PUP.Optional.WhiteClick,C:\Users\{username}\AppData\Local\WhiteClick,隔离,[5080],[538656],1.0.5855文件:53 PUP.Optional.WhiteClick,C:\Users\{username}\APPDATA\LOCAL\WHITECLICK\ACTIVE-SEARCH.ICO,隔离,[5080],[538656],1.0.5855 PUP.Optional.WHITECLICK,C:\Users\{username}\APPDATA\LOCAL\WHITECLICK\Images\afisha.mail.ru.png,隔离,[5080],[538656],1.0.5855 PUP.Optional.WHITECLICK,C:\Users\{username}\APPDATA\LOCAL\WHITECLICK\Images\ali.getoneclick.ru.png,隔离,[5080],[538656],1.0.5855 PUP.Optional.WhiteClick,C:\Users\{username}\AppData\Local\WhiteClick\Images\auto.mail.ru.png,隔离,[5080],[538656],1.0.5855 PUP.Optional.WhiteClick,C:\Users\{username}\AppData\Local\WhiteClick\Images\aw.my.com.png,隔离,[5080],[538656],1.0.5855 PUP.Optional.WhiteClick,C:\username}\AppData\Local\WhiteClick\Images\bing.com.png,隔离,[5080],[538656],1.0.5855 PUP.Optional.WhiteClick,C:\Users\{username}\AppData\Local\WhiteClick\Images\e.mail.ru.png,隔离,[5080],[538656],1.0.5855 PUP.Optional.WhiteClick,C:\Users\{username}\AppData\Local\WhiteClick\Images\facebook.com.png,隔离,[5080],[538656],1.0.5855 PUP.Optional.WhiteClick,C:\Users\{username}\AppData\Local\WhiteClick\Images\horo.mail.ru.png,隔离,[5080],[538656],1.0.5855 PUP.Optional.WhiteClick,C:\Users\{username}\AppData\Local\WhiteClick\Images\instagram.com.png,隔离,[5080],[538656],1.0.5855 PUP.Optional.WhiteClick,C:\username}\AppData\Local\WhiteClick\Images\linkedin.com.png,隔离,[5080],[538656],1.0.5855 PUP.Optional.WhiteClick,C:\Users\{username}\AppData\Local\WhiteClick\Images\mail.ru.png,隔离,[5080],[538656],1.0.5855 PUP.Optional.WhiteClick,C:\Users\{username}\AppData\Local\WhiteClick\Images\vk.com.png,隔离,[5080],[538656],1.0.5855 PUP.Optional.WhiteClick,C:\Users\{username}\AppData\Local\WhiteClick\Images\warface.com.png,隔离,[5080],[538656],1.0.5855 PUP.Optional.WhiteClick,C:\Users\{username}\AppData\Local\WhiteClick\Images\warface.ru.png,隔离,[5080],[538656],1.0.5855 PUP.Optional.WhiteClick,C:\Users\{username}\AppData\Local\WhiteClick\Images\warthunder.com.png,隔离,[5080],[538656],1.0.5855 PUP.Optional.WhiteClick,C:\Users\{username}\AppData\Local\WhiteClick\Images\warthunder.ru.png,隔离,[5080],[538656],1.0.5855 PUP.Optional.WhiteClick,C:\Users\{username}\AppData\Local\WhiteClick\Images\worldoftanks.com.png,隔离,[5080],[538656],1.0.5855 PUP.Optional.WhiteClick,C:\Users\{username}\AppData\Local\WhiteClick\Images\worldoftanks.ru.png,隔离,[5080][538656],1.0.5855 PUP.Optional.WhiteClick, C:\Users\{username}\AppData\Local\WhiteClick\Images\worldofwarships.com.png, Quarantined, [5080], [538656],1.0.5855 PUP.Optional.WhiteClick, C:\Users\{username}\AppData\Local\WhiteClick\Images\worldofwarships.ru.png, Quarantined, [5080], [538656],1.0.5855 PUP.Optional.WhiteClick, C:\Users\{username}\AppData\Local\WhiteClick\Images\wot.getoneclick.ru.png, Quarantined, [5080], [538656],1.0.5855 PUP.Optional.WhiteClick, C:\Users\{username}\AppData\Local\WhiteClick\Images\wows.getoneclick.ru.png, Quarantined, [5080], [538656],1.0.5855 PUP.Optional.WhiteClick, C:\Users\{username}\AppData\Local\WhiteClick\Images\wtr.getoneclick.ru.png, Quarantined, [5080], [538656],1.0.5855 PUP.Optional.WhiteClick, C:\Users\{username}\AppData\Local\WhiteClick\Images\youtube.com.png, Quarantined, [5080], [538656],1.0.5855 PUP.Optional.WhiteClick, C:\Users\{username}\AppData\Local\WhiteClick\Images\my.mail.ru.png, Quarantined, [5080], [538656],1.0.5855 PUP.Optional.WhiteClick, C:\Users\{username}\AppData\Local\WhiteClick\Images\news.mail.ru.png, Quarantined, [5080], [538656],1.0.5855 PUP.Optional.WhiteClick, C:\Users\{username}\AppData\Local\WhiteClick\Images\ok.ru.png, Quarantined, [5080], [538656],1.0.5855 PUP.Optional.WhiteClick, C:\Users\{username}\AppData\Local\WhiteClick\Images\otvet.mail.ru.png, Quarantined, [5080], [538656],1.0.5855 PUP.Optional.WhiteClick, C:\Users\{username}\AppData\Local\WhiteClick\Images\pogoda.mail.ru.png, Quarantined, [5080], [538656],1.0.5855 PUP.Optional.WhiteClick, C:\Users\{username}\AppData\Local\WhiteClick\Images\rev.mail.ru.png, Quarantined, [5080], [538656],1.0.5855 PUP.Optional.WhiteClick, C:\Users\{username}\AppData\Local\WhiteClick\Images\ru.aliexpress.com.png, Quarantined, [5080], [538656],1.0.5855 PUP.Optional.WhiteClick, C:\Users\{username}\AppData\Local\WhiteClick\Images\sport.mail.ru.png, Quarantined, [5080], [538656],1.0.5855 PUP.Optional.WhiteClick, C:\Users\{username}\AppData\Local\WhiteClick\Images\twitter.com.png, Quarantined, [5080], [538656],1.0.5855 PUP.Optional.WhiteClick, C:\Users\{username}\AppData\Local\WhiteClick\System Images\add_tab.png, Quarantined, [5080], [538656],1.0.5855 PUP.Optional.WhiteClick, C:\Users\{username}\AppData\Local\WhiteClick\System Images\loupe.png, Quarantined, [5080], [538656],1.0.5855 PUP.Optional.WhiteClick, C:\Users\{username}\AppData\Local\WhiteClick\System Images\question_mark.png, Quarantined, [5080], [538656],1.0.5855 PUP.Optional.WhiteClick, C:\Users\{username}\AppData\Local\WhiteClick\System Images\right-arrow.png, Quarantined, [5080], [538656],1.0.5855 PUP.Optional.WhiteClick, C:\Users\{username}\AppData\Local\WhiteClick\Tabs\0\Settings.ini, Quarantined, [5080], [538656],1.0.5855 PUP.Optional.WhiteClick, C:\Users\{username}\AppData\Local\WhiteClick\Tabs\1\Settings.ini, Quarantined, [5080], [538656],1.0.5855 PUP.Optional.WhiteClick, C:\Users\{username}\AppData\Local\WhiteClick\Tabs\2\Settings.ini, Quarantined, [5080], [538656],1.0.5855 PUP.Optional.WhiteClick, C:\Users\{username}\AppData\Local\WhiteClick\Tabs\3\Settings.ini, Quarantined, [5080], [538656],1.0.5855 PUP.Optional.WhiteClick, C:\Users\{username}\AppData\Local\WhiteClick\Tabs\4\Settings.ini, Quarantined, [5080], [538656],1.0.5855 PUP.Optional.WhiteClick, C:\Users\{username}\AppData\Local\WhiteClick\Tabs\5\Settings.ini, Quarantined, [5080], [538656],1.0.5855 PUP.Optional.WhiteClick, C:\Users\{username}\AppData\Local\WhiteClick\License.rtf, Quarantined, [5080], [538656],1.0.5855 PUP.Optional.WhiteClick, C:\Users\{username}\AppData\Local\WhiteClick\Newtonsoft.Json.dll, Quarantined, [5080], [538656],1.0.5855 PUP.Optional.WhiteClick, C:\Users\{username}\AppData\Local\WhiteClick\Start.exe, Quarantined, [5080], [538656],1.0.5855 PUP.Optional.WhiteClick, C:\Users\{username}\AppData\Local\WhiteClick\System.Net.Http.dll, Quarantined, [5080], [538656],1.0.5855 PUP.Optional.WhiteClick, C:\Users\{username}\AppData\Local\WhiteClick\WebClient.dll, Quarantined, [5080], [538656],1.0.5855 PUP.Optional.WhiteClick, C:\Users\{username}\AppData\Local\WhiteClick\WhiteClick.dll, Quarantined, [5080], [538656],1.0.5855 PUP.Optional.WhiteClick, C:\Users\{username}\AppData\Local\WhiteClick\WhiteClick.InstallState, Quarantined, [5080], [538656],1.0.5855 PUP.Optional.WhiteClick, C:\USERS\{username}\DESKTOP\WHITECLICK.EXE, Quarantined, [5080], [538670],1.0.5855 PUP.Optional.WhiteClick, C:\WINDOWS\INSTALLER\AFB537.MSI, Quarantined, [5080], [538669],1.0.5855 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end)
如果用户希望保留该程序并在以后的扫描中排除它,他们可以将该程序添加到排除列表中。以下是如何做到这一点。
如果您希望允许程序连接到Internet,例如获取更新,还需要添加类型的排除允许应用程序连接到互联网并使用浏览按钮以选择您希望授予访问权限的文件。
您可能会在FRST日志中看到这些条目:
\ user \{username}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Start (Active).lnk [2018-07-10]快捷方式主要输出从开始(主动).lnk - > C:\Users\ {username} \ AppData \漫游微软\ \安装\ {d66f6f24 - 652 d - 4405 - a0d3 c568f825fe66} \ _64A90423D4124B9A5633D3.exe () C:\Users\ {username} \ AppData \当地\ WhiteClick WhiteClick (HKLM-x32 \…\ {d66f6f24 - 652 d - 4405 - a0d3 c568f825fe66})(版本:1.0.2,AITI LODZHYK, TOV)
选择你的语言