首頁 繪圖設計 工作閒聊 比賽活動 美術討論 標籤 圖片
Chrome error Hijack "www.chromenotice.com" & "adnxs.com"




Type(Type) 2015/6/3 14:01

Google Chrome error page Hijacked by Malware "www.chromenotice.com" and "adnxs.com"

Adware Found: 2015 May ~ JuneAdware Cleanup Status: Not resolved yet.

ChromeNotice-Malware/Adware Reproduce Scenario:

(1) URL keyin "About:config" (or something make you see Chrome error page)(2) The Adware Hijack you to "www.chromenotice.com/error.html(DO NOT FOLLOW)" (3) The page force then shows "adnxs.com(DO NOT FOLLOW)" ADs(4) Tried the following procedures, no luck:@ Chrome Reset Settings => Looks futile.@ ADWCleaner.com 2015/May => Can't detect or remove it (ver 4.2.06)@ AVG 2015 2015/Jun => Can't detect or remove it (ver 2015/06/03)@ Microsoft MRT 2014/May => Can't detect or remove it (ver 205/05/13)@ Spybot Search & Destroy => Can't detect or remove it (ver 2.2)@ Uninstall Chrome to fix this issue ===> YES. it works. as long as you've done above actions and found all clean.




Your "view page source" in Chrome will too be hijacked by this ADware/Malware!The adware redirect page will be looks like this,chromenotice.com/error.html within an iframe.代碼:
<html i18n-values="dir:textdirection;lang:language" dir="ltr" lang="en"><head></head><body id="t" i18n-values=".style.fontFamily:fontfamily;.style.fontSize:fontsize" jstcache="0" class="neterror" style="font-family: 'Segoe UI', Tahoma, sans-serif; font-size: 75%; height: 100%; width: 100%; margin: 0px; text-align: center; overflow: hidden;"><iframe frameborder="no" border="0" marginwidth="0" marginheight="0" scrolling="no" src="http://www.chromenotice.com/error.html?data={"h1":"This webpage is not available","msg":"The webpage at <strong jscontent=\"failedUrl\"></strong> might be temporarily down or it may have moved permanently to a new web address.","url":"chrome://config/","li":[],"source_data":{"details":"Details","errorCode":"ERR_INVALID_URL","fontfamily":"'Segoe UI', Tahoma, sans-serif","fontsize":"75%","heading":"This webpage is not available","hideDetails":"Hide details","iconClass":"icon-generic","language":"en","suggestions":[],"summary":{"failedUrl":"chrome://config/","hostName":"config","msg":"The webpage at <strong jscontent=\"failedUrl\"></strong> might be temporarily down or it may have moved permanently to a new web address.","productName":"Google Chrome"},"textdirection":"ltr","title":"chrome://config/ is not available"},"country":"tw"}" width="1920" height="739"></iframe></body></html>

"zhangxiaoyang@337.com" is too owner of delta-homes.com

代碼:
The email zhangxiaoyang@337.com is related to these domains :1.  337.com2.  337box.com3.  4-zip.com4.  browser-hijacker.com5.  brpokerjoy.com6.  cuponkit.com7.  delta-homes.com8.  dosearches.com9.  elexddt.com10.  lightningnewtab.com11.  lollygame.com12.  nationzoom.com13.  novobaixar.com14.  omiga-plus.com15.  omniboxes.com16.  oursearching.com17.  p1games.com18.  po114.org19.  trustedwebportal.com20.  v9.com21.  very911.com22.  webssearches.com23.  win-tricks.com24.  xingcloud.com25.  yacvpn.comWhois Server Version 2.0Domain names in the .com and .net domains can now be registeredwith many different competing registrars. Go to http://www.internic.netfor detailed information.   Domain Name: CHROMENOTICE.COM   Registrar: GODADDY.COM, LLC   Sponsoring Registrar IANA ID: 146   Whois Server: whois.godaddy.com   Referral URL: http://registrar.godaddy.com   Name Server: PDNS05.DOMAINCONTROL.COM   Name Server: PDNS06.DOMAINCONTROL.COM   Status: clientDeleteProhibited http://www.icann.org/epp#clientDeleteProhibited   Status: clientRenewProhibited http://www.icann.org/epp#clientRenewProhibited   Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited   Status: clientUpdateProhibited http://www.icann.org/epp#clientUpdateProhibited   Updated Date: 14-apr-2015   Creation Date: 14-apr-2015   Expiration Date: 14-apr-2016>>> Last update of whois database: Wed, 03 Jun 2015 06:29:10 GMT <<<NOTICE: The expiration date displayed in this record is the date theregistrar's sponsorship of the domain name registration in the registry iscurrently set to expire. This date does not necessarily reflect the expirationdate of the domain name registrant's agreement with the sponsoringregistrar.  Users may consult the sponsoring registrar's Whois database toview the registrar's reported date of expiration for this registration.TERMS OF USE: You are not authorized to access or query our Whoisdatabase through the use of electronic processes that are high-volume andautomated except as reasonably necessary to register domain names ormodify existing registrations; the Data in VeriSign Global RegistryServices' ("VeriSign") Whois database is provided by VeriSign forinformation purposes only, and to assist persons in obtaining informationabout or related to a domain name registration record. VeriSign does notguarantee its accuracy. By submitting a Whois query, you agree to abideby the following terms of use: You agree that you may use this Data onlyfor lawful purposes and that under no circumstances will you use this Datato: (1) allow, enable, or otherwise support the transmission of massunsolicited, commercial advertising or solicitations via e-mail, telephone,or facsimile; or (2) enable high volume, automated, electronic processesthat apply to VeriSign (or its computer systems). The compilation,repackaging, dissemination or other use of this Data is expresslyprohibited without the prior written consent of VeriSign. You agree not touse electronic processes that are automated and high-volume to access orquery the Whois database except as reasonably necessary to registerdomain names or modify existing registrations. VeriSign reserves the rightto restrict your access to the Whois database in its sole discretion to ensureoperational stability.  VeriSign may restrict or terminate your access to theWhois database for failure to abide by these terms of use. VeriSignreserves the right to modify these terms at any time.The Registry database contains ONLY .COM, .NET, .EDU domains andRegistrars.For more information on Whois status codes, please visithttps://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en.Domain Name: CHROMENOTICE.COMRegistry Domain ID: 1919575232_DOMAIN_COM-VRSNRegistrar WHOIS Server: whois.godaddy.comRegistrar URL: http://www.godaddy.comUpdate Date: 2015-04-14T01:33:33ZCreation Date: 2015-04-14T01:33:33ZRegistrar Registration Expiration Date: 2016-04-14T01:33:33ZRegistrar: GoDaddy.com, LLCRegistrar IANA ID: 146Registrar Abuse Contact Email: abuse@godaddy.comRegistrar Abuse Contact Phone: +1.4806242505Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibitedDomain Status: clientUpdateProhibited http://www.icann.org/epp#clientUpdateProhibitedDomain Status: clientRenewProhibited http://www.icann.org/epp#clientRenewProhibitedDomain Status: clientDeleteProhibited http://www.icann.org/epp#clientDeleteProhibitedRegistry Registrant ID:Registrant Name: xianlin xieRegistrant Organization:Registrant Street: UNIT 04 hongkong, hongkong 999077 Hong KongRegistrant City: hongkongRegistrant State/Province: hongkongRegistrant Postal Code: 999077Registrant Country: Hong KongRegistrant Phone: +852.18610012110Registrant Phone Ext:Registrant Fax:Registrant Fax Ext:Registrant Email: zhangxiaoyang@337.comRegistry Admin ID:Admin Name: xianlin xieAdmin Organization:Admin Street: UNIT 04 hongkong, hongkong 999077 Hong KongAdmin City: hongkongAdmin State/Province: hongkongAdmin Postal Code: 999077Admin Country: Hong KongAdmin Phone: +852.18610012110Admin Phone Ext:Admin Fax:Admin Fax Ext:Admin Email: zhangxiaoyang@337.comRegistry Tech ID:Tech Name: xianlin xieTech Organization:Tech Street: UNIT 04 hongkong, hongkong 999077 Hong KongTech City: hongkongTech State/Province: hongkongTech Postal Code: 999077Tech Country: Hong KongTech Phone: +852.18610012110Tech Phone Ext:Tech Fax:Tech Fax Ext:Tech Email: zhangxiaoyang@337.comName Server: PDNS05.DOMAINCONTROL.COMName Server: PDNS06.DOMAINCONTROL.COMDNSSEC: unsignedURL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/

More details about chromenotice.com

代碼:
GET / HTTP/1.1Host: www . chromenotice . comAccept: */*Server ngx_openresty is not blacklistedServer: ngx_openrestyDate: Mon, 01 Jun 2015 04:56:56 GMT


(2,933 views)
[更多討論] 討論區 Windows, Linux, Perl, PHP, C/C++, Driver, Web 理論、應用、硬體、軟體


"Chrome error Hijack "www.chromenotice.com" & "adnxs.com"" 傳統頁面(電腦版)

首頁 繪圖設計 工作閒聊 比賽活動 美術討論 標籤 圖片
傳統桌面版
© Vovo2000.com Mobile Version 小哈手機版 2019