chrome被hao123主页绑架的解决

最新推荐文章于 2023-03-05 15:55:56 发布
最新推荐文章于 2023-03-05 15:55:56 发布
阅读量6.7k 收藏 1
点赞数
分类专栏: 奇技 文章标签: chrome 广告 主页绑架
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/python2014/article/details/60865463
版权

有些东西,本身也许不讨厌,但是你强迫我,那就非解决不可。


比如,hao123,用什么东西后台修改chrome的快捷方式,将hao123的主页作为启动参数来绑定,这样修改chrome本身的设定无效。

查到百度的各种方案都无效,问了下谷歌,只扫到一个答案,非常简洁,用 AdwCleaner可除。

果然,附带清了很多广告。


附上我的清除记录……等下,把QQ也整个删除了?QQ,你到底干什么了?

# AdwCleaner v6.044 - Logfile created 08/03/2017 at 07:57:22
# Updated on 28/02/2017 by Malwarebytes
# Database : 2017-03-07.1 [Server]
# Operating System : Windows 10 Pro  (X64)
# Username : mikde - SURFACE
# Running from : C:\Users\mikde\Downloads\AdwCleaner.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support






***** [ Services ] *****


[-] Service deleted: QPCore
[-] Service deleted: QDAntiDrv




***** [ Folders ] *****


[-] Folder deleted: C:\Users\mikde\AppData\Local\PackageAware
[-] Folder deleted: C:\Users\mikde\AppData\Local\SysassistByHotWheel
[-] Folder deleted: C:\Users\mikde\AppData\Local\hao123
[-] Folder deleted: C:\Users\mikde\AppData\Local\Kuaizip
[-] Folder deleted: C:\Users\mikde\AppData\Local\Tencent
[-] Folder deleted: C:\Users\mikde\AppData\LocalLow\Tencent
[-] Folder deleted: C:\Users\mikde\AppData\Roaming\IQIYI Video
[-] Folder deleted: C:\Users\mikde\AppData\Roaming\Kuaizip
[-] Folder deleted: C:\Users\mikde\AppData\Roaming\Tencent
[-] Folder deleted: C:\Users\mikde\AppData\Roaming\Softlink
[-] Folder deleted: C:\Users\mikde\AppData\Roaming\YouKu
[-] Folder deleted: C:\Users\mikde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
[-] Folder deleted: C:\Users\mikde\AppData\Local\VirtualStore\Program Files (x86)\Tencent
[-] Folder deleted: C:\ProgramData\Tencent
[#] Folder deleted on reboot: C:\ProgramData\Application Data\Tencent
[-] Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\腾讯软件
[-] Folder deleted: C:\Users\Public\Documents\Rising
[-] Folder deleted: C:\Users\Public\Documents\Tencent
[-] Folder deleted: C:\Program Files (x86)\Tencent
[-] Folder deleted: C:\Program Files (x86)\YouKu
[-] Folder deleted: C:\Program Files (x86)\Common Files\Tencent
[-] Folder deleted: c:\Temp\Tencent
[-] Folder deleted: C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\Tencent
[-] Folder deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pnaiinchjaonopoejhknmgjingcnaloc
[-] Folder deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mjpieolhcmajmolkhbbeljknkcdcmffk




***** [ Files ] *****


[-] File deleted: C:\Users\mikde\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\UC浏览器.lnk
[-] File deleted: C:\WINDOWS\SysNative\drivers\KuaiZipDrive.sys
[-] File deleted: C:\WINDOWS\SysWOW64\kz.exe
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxps_ke.qq.com_0.localstorage
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxps_ke.qq.com_0.localstorage-journal
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxps_kuaibao.qq.com_0.localstorage
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxps_kuaibao.qq.com_0.localstorage-journal
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxps_mail.qq.com_0.localstorage
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxps_mail.qq.com_0.localstorage-journal
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxps_www.hao123.com_0.localstorage
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxps_www.hao123.com_0.localstorage-journal
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxps_xui.ptlogin2.qq.com_0.localstorage
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxps_xui.ptlogin2.qq.com_0.localstorage-journal
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_cn.qzs.qq.com_0.localstorage
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_cn.qzs.qq.com_0.localstorage-journal
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_cnc.qzs.qq.com_0.localstorage
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_cnc.qzs.qq.com_0.localstorage-journal
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_coral.qq.com_0.localstorage
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_coral.qq.com_0.localstorage-journal
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_db.house.qq.com_0.localstorage
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_db.house.qq.com_0.localstorage-journal
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_finance.qq.com_0.localstorage
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_finance.qq.com_0.localstorage-journal
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_jn.house.qq.com_0.localstorage
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_jn.house.qq.com_0.localstorage-journal
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_mail.qq.com_0.localstorage
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_mail.qq.com_0.localstorage-journal
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_mp.weixin.qq.com_0.localstorage
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_mp.weixin.qq.com_0.localstorage-journal
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_news.qq.com_0.localstorage
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_news.qq.com_0.localstorage-journal
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_rc.qzone.qq.com_0.localstorage
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_rc.qzone.qq.com_0.localstorage-journal
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_sports.qq.com_0.localstorage
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_sports.qq.com_0.localstorage-journal
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_tech.qq.com_0.localstorage
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_tech.qq.com_0.localstorage-journal
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_user.qzone.qq.com_0.localstorage
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_user.qzone.qq.com_0.localstorage-journal
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_v.qq.com_0.localstorage
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_v.qq.com_0.localstorage-journal
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_www.120ask.com_0.localstorage
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_www.120ask.com_0.localstorage-journal
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_www.bookask.com_0.localstorage
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_www.bookask.com_0.localstorage-journal
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_www.hao123.com_0.localstorage
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_www.hao123.com_0.localstorage-journal
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_www.ithao123.cn_0.localstorage
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_www.ithao123.cn_0.localstorage-journal
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_www.qq.com_0.localstorage
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_www.qq.com_0.localstorage-journal
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_xui.ptlogin2.qq.com_0.localstorage
[-] File deleted: C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_xui.ptlogin2.qq.com_0.localstorage-journal




***** [ DLL ] *****






***** [ WMI ] *****






***** [ Shortcuts ] *****


[-] Shortcut disinfected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[-] Shortcut disinfected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[-] Shortcut disinfected: C:\Users\mikde\Desktop\chrome.lnk
[-] Shortcut disinfected: C:\Users\mikde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[-] Shortcut disinfected: C:\Users\mikde\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[-] Shortcut disinfected: C:\Users\mikde\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[-] Shortcut disinfected: C:\Users\mikde\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\chrom.lnk
[-] Shortcut disinfected: C:\Users\mikde\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\UC浏览器 (2).lnk
[!] Shortcut not deleted: C:\Users\mikde\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\UC浏览器.lnk




***** [ Scheduled Tasks ] *****






***** [ Registry ] *****


[-] Key deleted: HKU\S-1-5-21-2394173474-310465021-4167403336-1001\Software\Classes\Tencent
[#] Key deleted on reboot: HKCU\Software\Classes\Tencent
[-] Key deleted: HKLM\SOFTWARE\Classes\Baidu.BaiduMusic.9
[-] Key deleted: HKLM\SOFTWARE\Classes\baidumusic
[-] Key deleted: HKLM\SOFTWARE\Classes\BaiduYunGuanjia.torrent
[-] Key deleted: HKLM\SOFTWARE\Classes\metnsd
[-] Key deleted: HKLM\SOFTWARE\Classes\QZipShell.ContextMenuExt
[-] Key deleted: HKLM\SOFTWARE\Classes\QZipShell.ContextMenuExt.1
[-] Key deleted: HKLM\SOFTWARE\Classes\QZipShell.DragDropMenu
[-] Key deleted: HKLM\SOFTWARE\Classes\QZipShell.DragDropMenu.1
[-] Key deleted: HKLM\SOFTWARE\Classes\QZipShell.KYDropHandler
[-] Key deleted: HKLM\SOFTWARE\Classes\QZipShell.KYDropHandler.1
[-] Key deleted: HKLM\SOFTWARE\Classes\QZipShell.KzShlobj
[-] Key deleted: HKLM\SOFTWARE\Classes\QZipShell.KzShlobj.1
[-] Key deleted: HKLM\SOFTWARE\Classes\QZipShell.PropertyExt
[-] Key deleted: HKLM\SOFTWARE\Classes\QZipShell.PropertyExt.1
[-] Key deleted: HKLM\SOFTWARE\Classes\Tencent
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Tencent
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Baidu.BaiduMusic.9
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\baidumusic
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\BaiduYunGuanjia.torrent
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\metnsd
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\QZipShell.ContextMenuExt
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\QZipShell.ContextMenuExt.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\QZipShell.DragDropMenu
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\QZipShell.DragDropMenu.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\QZipShell.KYDropHandler
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\QZipShell.KYDropHandler.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\QZipShell.KzShlobj
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\QZipShell.KzShlobj.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\QZipShell.PropertyExt
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\QZipShell.PropertyExt.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Tencent
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{9CC34070-3A38-4C7A-89CB-EF8177EF07A1}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{004B0726-A010-4ABF-8556-FCDB7F1FCA1E}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{B9E49847-9822-4139-BC55-7173ED1ADA11}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{AE3D5C7A-413F-4CDB-9331-0E1894637310}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{6B3732AA-F6D4-4F16-9E22-49EDC52C9514}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{B9E49847-9822-4139-BC55-7173ED1ADA11}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{86C4C3BA-4EA4-4CF8-98B9-6B07B477B835}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5E6A8DA1-5731-465B-B036-B9E16EF26CAC}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{004B0726-A010-4ABF-8556-FCDB7F1FCA1E}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE3D5C7A-413F-4CDB-9331-0E1894637310}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FB4F6285-4C32-49F2-950F-A5998F9CEC6C}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{004B0726-A010-4ABF-8556-FCDB7F1FCA1E}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5E6A8DA1-5731-465B-B036-B9E16EF26CAC}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE3D5C7A-413F-4CDB-9331-0E1894637310}
[-] Key deleted: HKU\S-1-5-21-2394173474-310465021-4167403336-1001\Software\SNDA
[-] Key deleted: HKU\S-1-5-21-2394173474-310465021-4167403336-1001\Software\KuaiZipSFX
[-] Key deleted: HKU\S-1-5-21-2394173474-310465021-4167403336-1001\Software\Thunder Network
[-] Key deleted: HKU\S-1-5-21-2394173474-310465021-4167403336-1001\Software\AppDataLow\Thunder Network
[#] Key deleted on reboot: HKCU\Software\SNDA
[#] Key deleted on reboot: HKCU\Software\KuaiZipSFX
[#] Key deleted on reboot: HKCU\Software\Thunder Network
[#] Key deleted on reboot: HKCU\Software\AppDataLow\Thunder Network
[-] Key deleted: HKLM\SOFTWARE\Thunder Network
[#] Key deleted on reboot: [x64] HKCU\Software\SNDA
[#] Key deleted on reboot: [x64] HKCU\Software\KuaiZipSFX
[#] Key deleted on reboot: [x64] HKCU\Software\Thunder Network
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Thunder Network
[-] Data restored: HKU\S-1-5-21-2394173474-310465021-4167403336-1001\Software\Microsoft\Internet Explorer\Main [Start Page] 
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] 
[-] Data restored: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] 
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] 
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\duba.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\hotnews.duba.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\qq.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\adm.funshion.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\duba.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\funshion.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\mp.weixin.qq.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\qq.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\qzs.qq.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.duba.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\xui.ptlogin2.qq.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\adm.funshion.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\duba.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\funshion.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\mp.weixin.qq.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\qq.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\qzs.qq.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.duba.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\xui.ptlogin2.qq.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\duba.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\hotnews.duba.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\qq.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\adm.funshion.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\duba.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\funshion.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\mp.weixin.qq.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\qq.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\qzs.qq.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.duba.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\xui.ptlogin2.qq.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\adm.funshion.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\duba.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\funshion.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\mp.weixin.qq.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\qq.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\qzs.qq.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.duba.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\xui.ptlogin2.qq.com
[-] Value deleted: HKU\S-1-5-21-2394173474-310465021-4167403336-1001\Software\Microsoft\Windows\CurrentVersion\Run [Wechat]
[-] Value deleted: HKU\S-1-5-21-2394173474-310465021-4167403336-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Wechat]
[#] Value deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Wechat]
[#] Value deleted on reboot: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Wechat]
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [QyBrowser.exe]
[-] Key deleted: HKLM\SOFTWARE\MozillaPlugins\@qq.com/TXSSO
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [AndroidServer.exe]
[#] Value deleted on reboot: HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION [QyBrowser.exe]
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\QZipShell.DLL
[-] Key deleted: HKCU\Software\MozillaPlugins\@1.qq.com/npqqwebgame
[-] Key deleted: HKLM\SOFTWARE\MozillaPlugins\@qq.com/npqscall
[-] Key deleted: HKLM\SOFTWARE\MozillaPlugins\@qq.com/QQPhotoDrawEx
[-] Key deleted: HKLM\SOFTWARE\MozillaPlugins\@qq.com/QzoneMusic




***** [ Web browsers ] *****


[-] Firefox preferences cleaned: "extensions.cpmanager@mozillaonline.com.qvod_hao123_ts" -  17221
[-] [C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1] [extension] Deleted: mjpieolhcmajmolkhbbeljknkcdcmffk
[-] [C:\Users\mikde\AppData\Local\Google\Chrome\User Data\Profile 1] [extension] Deleted: pnaiinchjaonopoejhknmgjingcnaloc




*************************


:: "Tracing" keys deleted
:: Winsock settings cleared


*************************


C:\AdwCleaner\AdwCleaner[C0].txt - [24829 Bytes] - [08/03/2017 07:57:22]
C:\AdwCleaner\AdwCleaner[S0].txt - [24099 Bytes] - [08/03/2017 07:49:01]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [24977 Bytes] ##########

如何一招永久删除hao123流氓网页挟持
奔跑的小牛
03-22 24万+
五步快速搞定主页被非法篡改!
Win10 Edge浏览器主页Hao123劫持的解决方法
最新发布
mmoo_python的博客
12-15 5450
Edge浏览器主页Hao123劫持是一个比较常见的问题,但是通过手动修改主页设置和在注册表中修复的方法,我们可以轻松解决这个问题。当然,为了避免类似问题的再次发生,我们还需要注意保护好自己的系统安全,不要轻易点击不明链接或下载不明文件,定期更新系统和软件补丁,以及使用可靠的杀毒软件来保护自己的电脑安全。希望这篇文章能够帮助到遇到类似问题的用户,让他们能够顺利恢复Edge浏览器的主页设置。
浏览器被hao123.com劫持解决办法
01-19
点击谷歌、火狐、百度、IE11等浏览器,全部自动打开流氓网站hao123.com,说明浏览器已被hao123.com劫持,请看解决办法。
打开谷歌浏览器弹出hao123(俗称被绑架)(SB-hao123
weixin_43337571的博客
01-13 5769
1.打开google浏览器在地址栏输入:chrome://version 2. 右键谷歌浏览器的快捷方式,打开谷歌浏览器的属性窗口,找到目标里面hao123的网址,直接改为你想启动时打开的网址(不加也行),我的就没加! 3.删除固定在任务栏上和开始屏幕的快捷方式,重新右键exe固定到开始屏幕和任务栏,再通过这个新的快捷方式打开,就一切正常了! ...
如何体面的解决浏览器首页被hao123绑架
Fanzongshen的博客
06-09 1944
今天回到家一如既往的打开了杂七杂八的软件,就在这时候我的桌面刷新了一下,然后我的浏览器首页就默默的被hao123绑架了,原本我以为是360浏览器的原因,后来我下载了谷歌浏览器发现也是一样的,此时我发现事情并不是这么简单!接下来就是长达5个小时的斗争! 1.注册表入手 1.使用组合键(win键+r)打开运行窗口,输入regedit命令, 2.在打开的注册表编辑器窗口中依次展开HKEY_CURRENT_USER/Software/Microsoft/Internet Explorer再单击Main项 3.把
hao123劫持浏览器主页
https://github.com/Mac-Zhu
04-21 570
不管这个事情是不是百度做的,hao123是百度的 所以百度我丢你** 现在使用很多手段包括修改浏览器名称等都不彻底,唯有使用360的系统急救箱 扫描后发现是驱动病毒 待整个流程走完,点开浏览器恢复到干净清爽的 https://123.sogou.com/ 世界舒服了。。。 ...
【Git 教程系列第 17 篇】解决 TortoiseGit 文件夹和文件状态图标不显示问题
“Allen Su”的博客
09-29 5727
解决 TortoiseGit 文件夹和文件状态图标不显示问题
Chrome谷歌浏览器首页被改为Hao123导航怎么办|附各类解决方法【转】-附件资源
03-05
Chrome谷歌浏览器首页被改为Hao123导航怎么办|附各类解决方法【转】-附件资源
hao123主页劫持清除工具
04-10
清除chrome、ie等浏览器的主页劫持,异常链接。清除使用频率过低的垃圾文件夹。
HTTP 500 错误-没有在限定的时间内用 DCOM 注册
ξσ Dicky's Blog σξ
01-22 4055
转自:http://blog.yesky.com/Blog/simao/archive/2005/01/13/64411.html    这几天公司的本本上的IIS出问题了,总是打不开Asp页面,而Html页面却能正常显示~重装了IIS也不管用,无奈之下,在网上搜索解决的办法,终于找到了,照上上面的方法总算把问题解决了:)一、发生缘由: 由用户方面报告故障,说是该站点上所有的ASP页面均不能访
还原被劫持的浏览器还原被劫持的浏览器
05-26
还原被劫持的浏览器。 以下 6 个提示可帮助还原您的浏览器设置: 1 - 停止级联弹出窗口 如果您的屏幕上出现了看似无穷无尽的弹出窗口,则可能需要首先停止泛滥势头。 为此,在 Microsoft Windows XP 或 Windows 2000 中使用 Internet Explorer 时: 1. 按 Ctrl+Alt+Del,单击“任务管理器”,然后单击“进程”选项卡。 2. 单击 IEXPLORE.EXE,然后单击“结束进程”按钮。 这样做将关闭 Internet Explorer 的所有实例。 然后,您可以重新打开该程序,继续照常浏览。 要帮助预防潜在攻击,您还应该启用弹出窗口阻止程序。 在 Internet Explorer 中启用弹出窗口阻止程序: 1.在“工具”菜单上,单击“Internet 选项”,然后单击“隐私”选项卡。 2.在“弹出窗口阻止程序”框中,选择“阻止弹出窗口”复选框。 单击“确定”。 如果您仍然遇到被劫持的 Web 浏览器带来的其他影响,请尝试以下步骤: 2 - 安装防御性软件,如上述“防止浏览器劫持”部分中提到的各种软件。 您可以通过下载、安装并运行这些程序来识别和删除许多浏览器劫持程序。 3 - 运行 恶意软件删除工具。此工具可捕获某些(但并非所有)类型的劫持软件。 4 - 手动还原您的设置。 如果您正在使用 Internet Explorer 且主页已被更改,则通常可以自己将其重置。 1.在“工具”菜单上,单击“Internet 选项”,然后单击“常规”选项卡。 2.在“主页”框中,将所需网址键入到“地址”栏中,或单击“使用默认页”按钮恢复原来的出厂设置。 3.单击“确定”。 5 - 通过“添加/删除”功能删除有害程序 如果您准备尝试某些高级删除方法,Microsoft 帮助和支持文章欺骗性软件可能会使计算机出现莫名其妙的问题提供了您可以执行的附加步骤,包括如何使用“添加/删除”功能、内置程序删除工具以及 Windows Explorer 中的程序查找工具。 6 - 完成这些步骤后,请清空回收站,特别是在删除了有害的程序时。 然后重新启动系统。
超经典hao123网址代码ASP.NET
08-01
超经典hao123网址代码ASP.NET 以前的版本,献给大家分享 超经典hao123网址代码ASP.NET 以前的版本,献给大家分享
浏览器被2345劫持 打开本地页面显示2345首页
黑_桃_K的博客
05-13 2176
如题:作为一个开发人员,浏览器被劫持是很令人烦恼的一件事,打开本地页面啥的,直接给我来个这个,老恼火了,可恶的2345 。 注:本文受一位资深老哥启发而创。 网上很多方法,大体都是借助第三方或者 改 重命名 浏览器等,我想说这样的方法治标不治本。还是承认他的存在。只不过在他串改你的浏览器之后,你又重新改造了一下。 方法:修改注册表 1.打开注册表 win键 + R 调出 运行 ...
IE、Chrome浏览器主页hao123或360篡改简单有效解决办法
热门推荐
Destiny_Demo的博客
04-09 6万+
主页被篡改实在让人头疼,改注册表,该组策略,统统无效,找到病因才是关键,请往下看! 打开谷歌浏览器,在地址栏中输入chrome://version,在命令行中可以看到这个路径即为浏览器打开时默认访问的路径,如图,默认途径已经被修改为360导航页面的路径,我们需要用修改前的路径替换掉它就可以了。 开始菜单中找到Chrome浏览器,右击-->属性 -->打开文件位置
浅谈 HTML5 的 DOM Storage 机制
wanghao_happy的专栏
11-27 797
摘要:在开发 Web 应用时,开发者有时需要在本地存储数据。当前浏览器支持 cookie 存储,但其大小有 4KB 的限制。这对于一些 Ajax 应用来说是不够的。更多的存储空间需要浏览器本身或是插件的支持,如 Google Gears 和 Flash。不过开发人员需要通过检测当前浏览器所支持的插件类型来使用对应的接口。 HTML5 中新引入了 DOM Storage 机制,通过使用键值对在客户端
DOM 存储(DOM Storage)简介
party
11-23 3369
DOM 存储 API提供了一种以安全的方式在客户端永久保存数据的方法:sessionStorage 和 localStorage。这些对象是HTML 5规范的一部分,在Internet Explorer 8初次引入,Firefox 2.0也支持此对象。以前的IE版本,要在客户端保存数据,有两种方法,Cookie和userData行为。DOM 存储为浏览器离线工作打下了基础。 DOM 存储与HTT...
谷歌浏览器被hao123网页(或其他网页)劫持了,怎么办?(已解决
qq_44231797的博客
03-05 3万+
关于谷歌浏览器chromehao123、2345、360等主页劫持和捆绑的解决方法
第三十五天:XSS跨站&反射&存储&DOM&盲打&劫持
m0_51322401的博客
02-05 467
指攻击者利用网站程序对用户输入过滤不足,输入可以显示在页面上对其他用户造成影响的HTML代码,从而盗取用户资料、利用用户身份进行某种动作或者对访问者进行病毒侵害的一种攻击方式。通过在用户端注入恶意的可执行脚本,若服务器对用户的输入不进行处理或处理不严,则浏览器就会直接执行用户注入的脚本。窃取用户cookies资料,从而获取用户隐私信息,或利用用户身份对网站执行操作;劫持用户(浏览器)会话,从而执行任意操作,例如非法转账、发表日志、邮件等;XSS跨站-攻击项目&XSS平台&Beef-XSS。
评论 2
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值