PUP.Optional.WinZipDiskTools
简短的个人介绍
PUP.Optional.WinZipDiskTools是Mal必威平台APPwarebytes针对Corel公司发布的一个名为WinZip disk Tools的磁盘优化器的检测名称。
GUI WinZip磁盘工具
症状
用户在安装过程中可能会看到这个警告:
这些计划任务在他们的任务调度:
在他们的已安装程序和功能列表中:
他们可能会在行动中看到这个警告:
感染的类型和来源
磁盘优化器被认为是一个“系统优化器”。这些所谓的“系统优化者”有时会故意使用假阳性来说服用户他们的系统存在问题。然后他们试图卖给你他们的软件,声称它会消除这些问题。
保护
必威平台APPMalwarebytes不积极保护用户安装WinZip磁盘工具。
补救措施
必威平台APPMalwarebytes可以检测并删除PUP.Optional.WinZipDriverUpdater,而无需进一步的用户交互。
- 请下载Malware必威平台APPbytes你的桌面。
- 双击MBSetup.exe然后按照提示安装程序。
- 当你的必威平台APP用于Windows的Malwarebytes安装完成后,程序打开到欢迎Malwarebytes屏幕。必威平台APP
- 点击开始按钮
- 点击扫描开张威胁扫描.
- 点击隔离移除发现的威胁。
- 如果提示完成删除过程,请重新启动系统。
必威平台APPMalwarebytes删除日志
Ma必威平台APPlwarebytes的删除日志如下所示:
恶意软件bytes www.malwarebytes.com -Log Details- Scan Date: 12/22/20 Scan Time: 9:21 AM Log File: acdab16c-442e-11eb-8f31-080027235d76.json -Software Information- Version: 4.3.0.98 Components Version: 1.0.1130 Update Package Version: 1.0.34609 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: {computername}\{username} -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 232607 Threats Detected: 30 Threats Quarantined: 30 Time Elapsed: 3 min, 14 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 2 PUP.Optional.WinZipDiskTools, C:\PROGRAM FILES (X86)\WINZIP DISK TOOLS\WZDTHELPER.DLL, Quarantined, 16772, 888187, , , , , F47456DC3D423DA9238140B9630DF4BB, 84A114AE4844C422C70F6C9032D49A8ACFFE0017D9EB158FE4B488784F251BC4 PUP.Optional.WinZipDiskTools, C:\PROGRAM FILES (X86)\WINZIP DISK TOOLS\ASORES.DLL, Quarantined, 16772, 888187, , , , , EB09F9F39D430199573357EED2AB8DC1, 610D6F179A2F0B12FEBEE8E4B6EAFA689B9D6271AED51A882A20B491818EE4D0 Registry Key: 10 PUP.Optional.WinZipDiskTools, HKCU\SOFTWARE\NICO MAK COMPUTING\WinZip Disk Tools, Quarantined, 16772, 888410, 1.0.34609, , ame, , , PUP.Optional.WinZipDiskTools, HKLM\SOFTWARE\WOW6432NODE\NICO MAK COMPUTING\WinZip Disk Tools, Quarantined, 16772, 888184, 1.0.34609, , ame, , , PUP.Optional.WinZipDiskTools, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\wzdtDiskOptimizer, Quarantined, 16772, 888185, 1.0.34609, , ame, , , PUP.Optional.WinZipDiskTools, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{98BF4032-C5AB-48EE-B14C-8B20FC1703FE}_IS1, Quarantined, 16772, 888183, 1.0.34609, , ame, , , PUP.Optional.WinZipDiskTools, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\wzdt_notifier_executor, Quarantined, 16772, 888180, , , , , , PUP.Optional.WinZipDiskTools, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{01D654FB-B515-4525-ACC7-6A41AD0E5440}, Quarantined, 16772, 888180, , , , , , PUP.Optional.WinZipDiskTools, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{01D654FB-B515-4525-ACC7-6A41AD0E5440}, Quarantined, 16772, 888180, , , , , , PUP.Optional.WinZipDiskTools, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\WinZip Disk Tools, Quarantined, 16772, 888180, , , , , , PUP.Optional.WinZipDiskTools, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3A7CB461-F267-4644-ADC5-B8DE530D406E}, Quarantined, 16772, 888180, , , , , , PUP.Optional.WinZipDiskTools, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{3A7CB461-F267-4644-ADC5-B8DE530D406E}, Quarantined, 16772, 888180, , , , , , Registry Value: 1 PUP.Optional.WinZipDiskTools, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{98BF4032-C5AB-48EE-B14C-8B20FC1703FE}_IS1|DISPLAYNAME, Quarantined, 16772, 888183, 1.0.34609, , ame, , , Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 5 PUP.Optional.WinZipDiskTools, C:\PROGRAM FILES (X86)\WINZIP DISK TOOLS, Quarantined, 16772, 888174, 1.0.34609, , ame, , , PUP.Optional.WinZipDiskTools, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\WINZIP DISK TOOLS, Quarantined, 16772, 888175, 1.0.34609, , ame, , , PUP.Optional.WinZipDiskTools, C:\PROGRAMDATA\WINZIP\WZDT, Quarantined, 16772, 888177, 1.0.34609, , ame, , , PUP.Optional.WinZipDiskTools, C:\USERS\{username}\APPDATA\ROAMING\WINZIP\WZDT, Quarantined, 16772, 888177, 1.0.34609, , ame, , , PUP.Optional.WinZipDiskTools, C:\USERS\{username}\APPDATA\ROAMING\WZDT, Quarantined, 16772, 888179, 1.0.34609, , ame, , , File: 12 PUP.Optional.WinZipDiskTools, C:\USERS\PUBLIC\DESKTOP\WINZIP DISK TOOLS.LNK, Quarantined, 16772, 888176, 1.0.34609, , ame, , 4B534F2FC7EBF3A77BE31190197AFA84, 4D898FC70346F4D79577FB266800535FABDFD337B3EDBADF8E34D45ACEB85399 PUP.Optional.WinZipDiskTools, C:\PROGRAM FILES (X86)\WINZIP DISK TOOLS\WZDTDEFRAGSRV64.EXE, Quarantined, 16772, 888185, , , , , B761B7BBB915310FFDBF841EEC308B16, 879BD9EA55E0D97C805B359133F428A006269D4AD4AE620F63AD2DC51A303116 PUP.Optional.WinZipDiskTools, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Disk Tools\Uninstall WinZip Disk Tools.lnk, Quarantined, 16772, 888175, , , , , 50DAB1B044BE5A26FA03A284AFA40749, 82292B4E6F87B861C316F48F5A6330757A33D4A617520C1A36E79F598CD25788 PUP.Optional.WinZipDiskTools, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Disk Tools\WinZip Disk Tools.lnk, Quarantined, 16772, 888175, , , , , 3C8F65698BE0CE1E2E7016522543FABC, 16CBDC585AC73F8B7C3AC6AAD6A080F979BE3C4CBD9F7B4E89FD9CB2FC1B585E PUP.Optional.WinZipDiskTools, C:\USERS\{username}\APPDATA\ROAMING\WZDT\LCI.LCI, Quarantined, 16772, 888179, 1.0.34609, , ame, , 595DFB849F4065D05E2D58E9451C9BEA, 950B4CA7552AE2506738D2B711EDAADF0FCEDA21CF7B012B197D3540031C3EF4 PUP.Optional.WinZipDiskTools, C:\Users\{username}\AppData\Roaming\WZDT\uid.txt, Quarantined, 16772, 888179, , , , , CA7059C8E93DD36CF1DACDDB4E7474DB, 77026F864DBDDA13BC6074DF71C37BCD3947AF6896F4FC6AFCB1B3064776305B PUP.Optional.WinZipDiskTools, C:\PROGRAM FILES (X86)\WINZIP DISK TOOLS\WZDTHELPER.DLL, Quarantined, 16772, 888187, 1.0.34609, , ame, , F47456DC3D423DA9238140B9630DF4BB, 84A114AE4844C422C70F6C9032D49A8ACFFE0017D9EB158FE4B488784F251BC4 PUP.Optional.WinZipDiskTools, C:\PROGRAM FILES (X86)\WINZIP DISK TOOLS\ASORES.DLL, Quarantined, 16772, 888187, 1.0.34609, , ame, , EB09F9F39D430199573357EED2AB8DC1, 610D6F179A2F0B12FEBEE8E4B6EAFA689B9D6271AED51A882A20B491818EE4D0 PUP.Optional.WinZipDiskTools, C:\WINDOWS\SYSTEM32\TASKS\wzdt_notifier_executor, Quarantined, 16772, 888180, 1.0.34609, , ame, , C57C4C29C77AD10E13EB42334CAA06B3, EC55498E25FB35251AA91A035CFFDA5802036B2FC3FC936A2545B81955688CC5 PUP.Optional.WinZipDiskTools, C:\WINDOWS\SYSTEM32\TASKS\WinZip Disk Tools, Quarantined, 16772, 888180, 1.0.34609, , ame, , 7849263AF7B870CBF0689A32B9365881, 8256804D52005D9739F9EDED51F980A160BB16D3C946D62CED4ED496EC166C6A PUP.Optional.WinZipDiskTools, C:\DOWNLOADS\WZDT1.EXE, Quarantined, 16772, 888187, 1.0.34609, , ame, , 52FBF47B94482AFF4BFE1992B86512E6, 75712ED4252554268C12766DC55BA415F459BFD54F477F6DA9EB15236982E074 PUP.Optional.WinZipDiskTools, C:\USERS\{username}\DESKTOP\WZDT1.EXE, Quarantined, 16772, 888187, 1.0.34609, , ame, , 52FBF47B94482AFF4BFE1992B86512E6, 75712ED4252554268C12766DC55BA415F459BFD54F477F6DA9EB15236982E074 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end)
添加排除项
如果用户希望保留此程序并在将来的扫描中排除它,他们可以将该程序添加到排除列表中。下面是如何做到这一点。
- 打开Win必威平台APPdows的Malwarebytes。
- 点击检测历史
- 点击允许列表
- 将项添加到允许列表,点击添加.
- 选择排除类型允许一个文件或文件夹并使用选择一个文件夹按钮选择要保留的软件的主文件夹。
- 对属于该软件的任何辅助文件或文件夹重复此操作。
如果您希望允许程序连接到Internet,例如获取更新,还需要添加类型的排除允许应用程序连接到互联网并使用浏览按钮以选择您希望授予访问权限的文件。
跟踪/国际石油公司
您可以在FRST日志中看到这些条目:
(Corel Corporation->WinZip Computing,S.L.(WinZip Computing))C:\Program Files(x86)\WinZip Disk Tools\wzDisk Tools.exe任务:{01D654FB-B515-4525-ACC7-6A41AD0E5440}-System32\Tasks\wzdt_notifier_executor=>C:\Program Files(x86)\WinZip Disk Tools\notifier.exe[1911216 2020-11-26](Corel Corporation->Corel Corporation)任务:{3A7CB461-F267-4644-ADC5-B8DE530D406E}-System32\Tasks\WinZip Disk Tools=>C:\Program Files(x86)\WinZip Disk Tools\wzdisk Tools.exe[2611632 2020-11-26](Corel Corporation->WinZip Computing,S.L.(WinZip Computing))S2 wzdtisk优化器;C:\Program Files(x86)\WinZip Disk Tools\wzdtDefragSrv64.exe[3152020-11-26](Corel Corporation->WinZip Computing,S.L.(WinZip Computing))C:\Windows\system32\Tasks\wzdt\U notifier\U executor C:\Windows\system32\Tasks\WinZip Disk Tools C:\Users\Public\Desktop\WinZip Disk Tools.lnk C:\ProgramData\Desktop\WinZip Disk Tools.lnk C:\Users\{username}\AppData\Roaming\wzdt C:\Users\{username}\AppData\Roaming\WinZip C:\ProgramData\WinZip C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Disk Tools C:\Program Files(x86)\WinZip Disk Tools(WinZip International LLC)C:\Users\{username}\Desktop\wzdt1.exe WinZip Disk Tools(HKLM-x32\…{98BF4032-C5AB-48ee-B14C-8B20FC1703FE}is1)(版本:1.0.100.18371-Corel Corporation)
