放大镜

PUP.Optional.MapsVoyage

简短的个人介绍

mapsvoyage是Malwarebytes针对特定必威平台APP浏览器劫机者的检测名称,目标是Chrome、Firefox、Safari、Edge和IE。

症状

根据受影响的浏览器,用户可能会看到这些扩展:

PUP.Optional.MapsVoyage铬

PUP.Optional.MapsVoyage铬

PUP.Optional.MapsVoyage火狐

PUP.Optional.MapsVoyage火狐

PUP.Optional.MapsVoyage Internet Explorer

PUP.Optional.MapsVoyage Internet Explorer

或已安装程序和功能列表中的此条目:

PUP.Optional.MapsVoyage安装

PUP.Optional.MapsVoyage安装

感染类型及来源

mapsvoyage是一系列支持广告软件的浏览器扩展,承诺提供旅游信息和地图。

PUP.Optional.MapsVoyage网站

PUP.Optional.MapsVoyage网站

由于大量的广告和重定向,mapsvoyage通常是用户自己安装的。

之后

mapsvoyage可能会降低微软浏览器的安全设置,所以如果你安装了他们的扩展,最好检查一下你的隐私设置。

保护

必威平台APPMalwarebytes通过使用实时保护保护用户免受PUP.Optional.MapsVoyage的侵害。

块PUP.Optional.MapsVoyage

必威平台APP伪块PUP.Optional.MapsVoyage

它屏蔽了他们的广告服务器:

块cmptch.com

必威平台APP伪blockscmptch.com

修复

必威平台APP恶意软件可以检测和删除PUP.Optional.MapsVoyage,无需用户进一步交互。

  1. 下载伪必威平台APP你的桌面。
  2. 双击MBSetup.exe然后按照提示安装程序。
  3. 当你的必威平台APP伪的窗户安装完成后,程序打开到欢迎Malwarebytes屏幕。必威平台APP
  4. 点击开始按钮。
  5. 点击扫描开始威胁扫描
  6. 点击检疫移除发现的威胁。
  7. 如果提示完成删除过程,请重新启动系统。

必威平台APP伪删除日志

Ma必威平台APPlwarebytes的删除日志如下所示:

必威平台APPMalwarebytes www.malwarebytes.com -log详细信息 - 扫描日期:5/17/18扫描时间:8:51 AM日志文件:B949F408-599E-11E8-8BA0-080027235D76.JSON管理员:是-Software信息 - 版本:3.3。1.2183组件版本:1.0.262更新包版本:1.0.5142许可证:Premium -System信息 -  OS:Windows 7 Service Pack 1 CPU:X64文件系统:NTFS用户:{ComputerName} \ {username} \ {username} -scan摘要 - 扫描类型威胁扫描结果:已完成的对象扫描:检测到239646威胁:56威胁隔离:56次经过时间:3分钟,24秒-Scan选项 - 内存:启用的FileSystem:启用rocives:启用了启发性:启用的启发性:启用了PUP:检测pum:检测-scan详细信息 - 处理:0(未检测到恶意物品)模块:0(未检测到恶意物品)注册表项:4 pup.optionm.mapsvoyage,hkcu \ software \ microsoft \ windows \ currentversion \ uninstall \ mapsvyage,隔离,[2523],[445348],1.0.5142 pup.optional.mapsvoyage,HKLM \ Software \ Wow6432Node \ Microsoft \ indowsS \ CurrentVersion \ Explorer \浏览器帮助器对象\ {D5E9DCD8-0BB0-45BC-8D94-2FE0AD4E8EA0}隔离[2523],[522547],1.0.5142 pup.optionm.mapsvoyage,HKCU \ Software \ Microsoft \ Windows \ CurrentVersion\ ext \ settings \ {d5e9dcd8-0bb0-45bc-8d94-2fe0ad4e8ea0},隔离[2523],[522547],1.0.5142 pup.optionm.optionm.paptionm.papsvoyage,HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Ext \ stats{D5E9DCD8-0BB0-45BC-8D94-2FE0AD4E8A0}隔离[2523],[522547],1.0.5142注册表值:0(无恶意物品检测到)注册表数据:0(未检测到恶意物品)数据流:0(没有检测到恶意物品)文件夹:13 pup.optional.mapsvoyage,c:\ users \ {username} \ appdata \ local \ mapsvoyage,隔离,[2523],[445345],1.0.5142 pup.optionmmapsvoyage,c:\ Users \ {username} \ appdata \ lockdata \ google \ chrome \ user data \ default \ local扩展设置\ fniehcchkcalbclcpfleakjkhjdbmcem,隔离,[2523],[522541],1.0.5142 pup.optionm.mapsvoyage,C:\用户\{username} \ appdata \ local \ google \ chrome \ user data \ default \扩展离子\ fniehcchkcalbclcpfleakjkhjdbmcem \ 157.4716.1096.31_0 \ javascript,隔离[2523],[522541],1.0.5142 pup.optionmm.optionm.mapsvoyage,c:\用户\ {username} \ appdata \ local \ google \ chrome \用户数据\默认\ extensions \ fniehcchkcalbclcpfleakjkhjdbmcem \ 157.4716.1096.31_0 \ _metadata,隔离[2523],[522541],1.0.5142 pup.optionm.optionm.mapsvoyage,C:\ Users \ {username} \ appdata \ local \ google \ chrome \ user Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0\icons, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0\core, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0\html, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0\main, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0\css, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0\lib, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0\js, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\USERS\{username}\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\FNIEHCCHKCALBCLCPFLEAKJKHJDBMCEM, Quarantined, [2523], [522541],1.0.5142 File: 39 PUP.Optional.MapsVoyage, C:\USERS\{username}\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\{profile}.default\EXTENSIONS\{008DB332-FEB7-447C-8359-829C2E5FC374}.XPI, Quarantined, [2523], [522543],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\MapsVoyage\masvoe.dll, Quarantined, [2523], [445345],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\MapsVoyage\masvoe.exe, Quarantined, [2523], [445345],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\MapsVoyage\unmasvoe.exe, Quarantined, [2523], [445345],1.0.5142 PUP.Optional.MapsVoyage, C:\USERS\{username}\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\USERS\{username}\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fniehcchkcalbclcpfleakjkhjdbmcem\000003.log, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fniehcchkcalbclcpfleakjkhjdbmcem\CURRENT, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fniehcchkcalbclcpfleakjkhjdbmcem\LOCK, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fniehcchkcalbclcpfleakjkhjdbmcem\LOG, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fniehcchkcalbclcpfleakjkhjdbmcem\MANIFEST-000001, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\USERS\{username}\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\FNIEHCCHKCALBCLCPFLEAKJKHJDBMCEM\157.4716.1096.31_0\MANIFEST.JSON, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0\core\abolishQueue.js, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0\css\backcomp.css, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0\css\style.css, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0\html\background.html, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0\icons\128.png, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0\icons\16.png, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0\icons\19.png, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0\icons\32.png, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0\icons\38.png, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0\icons\48.png, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0\icons\64.png, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0\javascript\throwbackPower.js, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0\js\vast.js, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0\lib\require.js, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0\main\buildTimeout.js, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0\main\buildTimeoutA.js, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0\main\buildTimeoutB.js, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0\main\buildTimeoutC.js, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0\main\includeAccountant.js, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0\main\moveQuery.js, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0\main\viewTheme.js, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0\_metadata\computed_hashes.json, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0\_metadata\verified_contents.json, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0\acclaimStore.js, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0\accumulateText.js, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\fniehcchkcalbclcpfleakjkhjdbmcem\157.4716.1096.31_0\settleAcceptor.js, Quarantined, [2523], [522541],1.0.5142 PUP.Optional.MapsVoyage, C:\USERS\{username}\DESKTOP\MAPSVOYAGE.EXE, Quarantined, [2523], [445344],1.0.5142 Physical Sector: 0 (No malicious items detected) (end)

跟踪/国际石油公司

您可能会在FRST日志中看到这些条目:

BHO-x32: MapsVoyage - > {D5E9DCD8-0BB0-45BC-8D94-2FE0AD4E8EA0} - > C:\Users\ {username} \ AppData \当地\ MapsVoyage \ masvoe.dll [2017-07-31] (MapsVoyage) FF扩展:没有名字——C:\Users\ {username} \ AppData \漫游\ Mozilla Firefox \ Profiles \ \{概要}.default \扩展\ {008 db332 feb7 - 447 c - 8359 - 829 - c2e5fc374} . xpi[2018-05-16]空空的扩展:(由MapsVoyage广告)——C:\Users\ {username} \ AppData \当地\默认谷歌\ Chrome用户数据\ \ \ \ fniehcchkcalbclcpfleakjkhjdbmcem扩展[2018-05-16]空空的扩展:(MapsVoyage广告)——C:\Users\ {username} \ AppData \当地\默认谷歌\ Chrome用户数据\ \ \ \ pjpjefgijnjlhgegceegmpecklonpdjp扩展[2018-05-12]空空的扩展:(c:\ \ users\ {username}\AppData\Local\谷歌\Chrome\用户数据\默认\扩展\hohgmhnldfionknlilmdfobfheikniin [2018-02-04]

添加一个排斥

如果用户希望保留该程序并在以后的扫描中排除它,他们可以将该程序添加到排除列表中。以下是如何做到这一点。

  • 打开Win必威平台APPdows恶意软件。
  • 单击检测的历史
  • 单击允许列表
  • 将项添加到允许列表,点击添加
  • 选择排除类型允许一个文件或文件夹并使用选择一个文件夹按钮以选择要保留的软件的主文件夹。
  • 对属于该软件的任何辅助文件或文件夹重复此操作。

相关的威胁

相关的博客内容

恶意游戏扩展:一个孩子的游戏感染

如何删除广告软件从您的电脑

选择你的语言