高手幫助看看, 這些是否木馬程式

kwanami

剛剛用 malwarebytes 掃瞄出來的
似乎和 Systweak RegClean Pro , Advanced System Protector 等程式有關
不過這些程式已經刪除了(之前是不小心安裝了的)


Folders: 13
Adware.InstallBrain, C:\ProgramData\IBUpdaterService, No Action By User, [ea00b9c27209ab8b2a35bf015fa46e92],
PUP.Optional.SpeedAnalysis3.A, C:\Users\Owner\AppData\Roaming\SpeedAnalysis3, [5a90dd9e9cdf73c34da141aee41fd729],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector, [8763fd7e22596acc23a151412ad8b947],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\2.1.1000.12150,  [8763fd7e22596acc23a151412ad8b947],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\signatures, [8763fd7e22596acc23a151412ad8b947],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates,, [8763fd7e22596acc23a151412ad8b947],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Owner\AppData\Roaming\Systweak\Advanced System Protector, [9a501f5c4338b0869d27a3ef0ef4a957],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Owner\AppData\Roaming\Systweak\Advanced System Protector\2.1.1000.12150,[9a501f5c4338b0869d27a3ef0ef4a957],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Owner\AppData\Roaming\Systweak\Advanced System Protector\Backup,[9a501f5c4338b0869d27a3ef0ef4a957],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Owner\AppData\Roaming\Systweak\Advanced System Protector\Logs, [9a501f5c4338b0869d27a3ef0ef4a957],
PUP.Optional.RegCleanerPro.A, C:\Users\Owner\AppData\Roaming\Systweak\RegClean Pro, [7773760545367bbb69fbccc78082748c],
PUP.Optional.RegCleanerPro.A, C:\Users\Owner\AppData\Roaming\Systweak\RegClean Pro\Version 6.1, [7773760545367bbb69fbccc78082748c],
PUP.Optional.RegCleanerPro.A, C:\Users\Owner\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups,  [7773760545367bbb69fbccc78082748c],


Files: 28
Adware.InstallBrain, C:\ProgramData\IBUpdaterService\repository.xml,  [ea00b9c27209ab8b2a35bf015fa46e92],
PUP.Optional.SpeedAnalysis3.A, C:\Users\Owner\AppData\Roaming\SpeedAnalysis3\speedanalysis03.crx,  [5a90dd9e9cdf73c34da141aee41fd729],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\AddonSafelist,  [8763fd7e22596acc23a151412ad8b947],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\log.xslt, , [8763fd7e22596acc23a151412ad8b947],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\signatures\completedatabase.db, [8763fd7e22596acc23a151412ad8b947],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\signatures\Cookies.bin, [8763fd7e22596acc23a151412ad8b947],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\signatures\DigSign.bin, [8763fd7e22596acc23a151412ad8b947],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\signatures\FilePaths.bin, [8763fd7e22596acc23a151412ad8b947],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\signatures\FileSignature.bin,[8763fd7e22596acc23a151412ad8b947],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\signatures\Folders.bin, [8763fd7e22596acc23a151412ad8b947],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\signatures\Md5.bin, [8763fd7e22596acc23a151412ad8b947],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\signatures\Registry.bin, [8763fd7e22596acc23a151412ad8b947],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\signatures\SetupSign.bin, N[8763fd7e22596acc23a151412ad8b947],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\signatures\StrSetupSign.bin, [8763fd7e22596acc23a151412ad8b947],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1545mupdate.zip,[8763fd7e22596acc23a151412ad8b947],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1545update.zip, [8763fd7e22596acc23a151412ad8b947],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1546update.zip,  [8763fd7e22596acc23a151412ad8b947],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1547update.zip,
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\914completedatabase.zip,  [8763fd7e22596acc23a151412ad8b947],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Owner\AppData\Roaming\Systweak\Advanced System Protector\ASPStartupManagerErrorLog.txt, [9a501f5c4338b0869d27a3ef0ef4a957],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Owner\AppData\Roaming\Systweak\Advanced System Protector\QDetail.db, [9a501f5c4338b0869d27a3ef0ef4a957],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Owner\AppData\Roaming\Systweak\Advanced System Protector\Settings.db, [9a501f5c4338b0869d27a3ef0ef4a957],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Owner\AppData\Roaming\Systweak\Advanced System Protector\2.1.1000.12150\ASPLog.txt, [9a501f5c4338b0869d27a3ef0ef4a957],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Owner\AppData\Roaming\Systweak\Advanced System Protector\Logs\log_20-10-13_01-49-46.xml, [9a501f5c4338b0869d27a3ef0ef4a957],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Owner\AppData\Roaming\Systweak\Advanced System Protector\Logs\SMLog.xml, N [9a501f5c4338b0869d27a3ef0ef4a957],
PUP.Optional.RegCleanerPro.A, C:\Users\Owner\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_10-20-2013.log, [7773760545367bbb69fbccc78082748c],
PUP.Optional.RegCleanerPro.A, C:\Users\Owner\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_10-21-2013.log, [7773760545367bbb69fbccc78082748c],
PUP.Optional.RegCleanerPro.A, C:\Users\Owner\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\traditionalcn_rcp_zh-tw.dat,[7773760545367bbb69fbccc78082748c],
PUP.Optional.RegCleanerPro.A, C:\Users\Owner\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rmx, [7773760545367bbb69fbccc78082748c],
PUP.Optional.RegCleanerPro.A, C:\Users\Owner\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rxb, [7773760545367bbb69fbccc78082748c],

謝謝  

黑鹰99

Systweak RegClean Pro , Advanced System Protector 这两个东西是不是在论坛软件区下载的？

kwanami

黑鹰99 发表于 2014-6-27 11:30
Systweak RegClean Pro , Advanced System Protector 这两个东西是不是在论坛软件区下载的？

不是啊 ! 是安裝其他程式時, 被綑綁安裝的....
我剛才再刪除了這些程式的殘留資料夾後
再掃瞄一次, 只剩下這4個疑似木馬檔案

Folders: 2

Adware.InstallBrain, C:\ProgramData\IBUpdaterService,  [6e7c8deefb80fd399ecd5967fd06bf41],

PUP.Optional.SpeedAnalysis3.A, C:\Users\Owner\AppData\Roaming\SpeedAnalysis3,  [bb2fb7c40c6ff24426d4a6490ff46898],

Files: 2

Adware.InstallBrain, C:\ProgramData\IBUpdaterService\repository.xml,  [6e7c8deefb80fd399ecd5967fd06bf41],

PUP.Optional.SpeedAnalysis3.A, C:\Users\Owner\AppData\Roaming\SpeedAnalysis3\speedanalysis03.crx, , [bb2fb7c40c6ff24426d4a6490ff46898],

黑鹰99

kwanami 发表于 2014-6-27 14:29
不是啊 ! 是安裝其他程式時, 被綑綁安裝的....
我剛才再刪除了這些程式的殘留資料夾後
再掃瞄一次, 只 ...

那就继续删除呗！什么软件这么厉害，捆绑那么多玩意？

kwanami

全部隔離了
Malwarebytes 確實不錯
留下備用