首頁 繪圖設計 工作閒聊 比賽活動 美術討論 標籤 圖片
Chrome error Hijack "www.chromenotice.com" & "adnxs.com"
Chrome error Hijack "www.chromenotice.com" & "adnxs.com"


Type(Type) 2015/6/3 14:01

Google Chrome error page Hijacked by Malware "www.chromenotice.com"

and "adnxs.com"



Adware Found: 2015 May ~ June

Adware Cleanup Status: Not resolved yet.


ChromeNotice-Malware/Adware Reproduce Scenario:



(1) URL keyin "About:config" (or something make you see Chrome error page)

(2) The Adware Hijack you to "www.chromenotice.com/error.html(DO NOT FOLLOW)"

(3) The page force then shows "adnxs.com(DO NOT FOLLOW)" ADs

(4) Tried the following procedures, no luck:

@ Chrome Reset Settings => Looks futile.

@ ADWCleaner.com 2015/May => Can't detect or remove it (ver 4.2.06)

@ AVG 2015 2015/Jun => Can't detect or remove it (ver 2015/06/03)

@ Microsoft MRT 2014/May => Can't detect or remove it (ver 205/05/13)

@ Spybot Search & Destroy => Can't detect or remove it (ver 2.2)


@ Uninstall Chrome to fix this issue

===> YES. it works. as long as you've done above actions and found all clean.





Your "view page source" in Chrome will too be hijacked by this ADware/Malware!

The adware redirect page will be looks like this,
chromenotice.com/error.html within an iframe.
代碼:

<html i18n-values="dir:textdirection;lang:language" dir="ltr" lang="en">
<head></head>
<body id="t" i18n-values=".style.fontFamily:fontfamily;.style.fontSize:fontsize"
jstcache="0" class="neterror" style="font-family: 'Segoe UI', Tahoma, sans-serif;
font-size: 75%; height: 100%; width: 100%; margin: 0px; text-align: center; overflow: hidden;">
<iframe frameborder="no" border="0" marginwidth="0" marginheight="0" scrolling="no" src="http://www.chromenotice.com/error.html?data={"h1":"This webpage is not available","msg":"The webpage at <strong jscontent=\"failedUrl\"></strong> might be temporarily down or it may have moved permanently to a new web address.","url":"chrome://config/","li":[],"source_data":{"details":"Details","errorCode":"ERR_INVALID_URL","fontfamily":"'Segoe UI', Tahoma, sans-serif","fontsize":"75%","heading":"This webpage is not available","hideDetails":"Hide details","iconClass":"icon-generic","language":"en","suggestions":[],"summary":{"failedUrl":"chrome://config/","hostName":"config","msg":"The webpage at <strong jscontent=\"failedUrl\"></strong> might be temporarily down or it may have moved permanently to a new web address.","productName":"Google Chrome"},"textdirection":"ltr","title":"chrome://config/ is not available"},"country":"tw"}" width="1920" height="739"></iframe></body></html>




"zhangxiaoyang@337.com" is too owner of delta-homes.com



代碼:

The email zhangxiaoyang@337.com is related to these domains :

1.  337.com
2.  337box.com
3.  4-zip.com
4.  browser-hijacker.com
5.  brpokerjoy.com
6.  cuponkit.com
7.  delta-homes.com
8.  dosearches.com
9.  elexddt.com
10.  lightningnewtab.com
11.  lollygame.com
12.  nationzoom.com
13.  novobaixar.com
14.  omiga-plus.com
15.  omniboxes.com
16.  oursearching.com
17.  p1games.com
18.  po114.org
19.  trustedwebportal.com
20.  v9.com
21.  very911.com
22.  webssearches.com
23.  win-tricks.com
24.  xingcloud.com
25.  yacvpn.com


Whois Server Version 2.0

Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.

   Domain Name: CHROMENOTICE.COM
   Registrar: GODADDY.COM, LLC
   Sponsoring Registrar IANA ID: 146
   Whois Server: whois.godaddy.com
   Referral URL: http://registrar.godaddy.com
   Name Server: PDNS05.DOMAINCONTROL.COM
   Name Server: PDNS06.DOMAINCONTROL.COM
   Status: clientDeleteProhibited http://www.icann.org/epp#clientDeleteProhibited
   Status: clientRenewProhibited http://www.icann.org/epp#clientRenewProhibited
   Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
   Status: clientUpdateProhibited http://www.icann.org/epp#clientUpdateProhibited
   Updated Date: 14-apr-2015
   Creation Date: 14-apr-2015
   Expiration Date: 14-apr-2016

>>> Last update of whois database: Wed, 03 Jun 2015 06:29:10 GMT <<<

NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar.  Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.

TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability.  VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.

The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.

For more information on Whois status codes, please visit
https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en.
Domain Name: CHROMENOTICE.COM
Registry Domain ID: 1919575232_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: http://www.godaddy.com
Update Date: 2015-04-14T01:33:33Z
Creation Date: 2015-04-14T01:33:33Z
Registrar Registration Expiration Date: 2016-04-14T01:33:33Z
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Email: abuse@godaddy.com
Registrar Abuse Contact Phone: +1.4806242505
Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
Domain Status: clientUpdateProhibited http://www.icann.org/epp#clientUpdateProhibited
Domain Status: clientRenewProhibited http://www.icann.org/epp#clientRenewProhibited
Domain Status: clientDeleteProhibited http://www.icann.org/epp#clientDeleteProhibited
Registry Registrant ID:
Registrant Name: xianlin xie
Registrant Organization:
Registrant Street: UNIT 04 hongkong, hongkong 999077 Hong Kong
Registrant City: hongkong
Registrant State/Province: hongkong
Registrant Postal Code: 999077
Registrant Country: Hong Kong
Registrant Phone: +852.18610012110
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: zhangxiaoyang@337.com
Registry Admin ID:
Admin Name: xianlin xie
Admin Organization:
Admin Street: UNIT 04 hongkong, hongkong 999077 Hong Kong
Admin City: hongkong
Admin State/Province: hongkong
Admin Postal Code: 999077
Admin Country: Hong Kong
Admin Phone: +852.18610012110
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email: zhangxiaoyang@337.com
Registry Tech ID:
Tech Name: xianlin xie
Tech Organization:
Tech Street: UNIT 04 hongkong, hongkong 999077 Hong Kong
Tech City: hongkong
Tech State/Province: hongkong
Tech Postal Code: 999077
Tech Country: Hong Kong
Tech Phone: +852.18610012110
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email: zhangxiaoyang@337.com
Name Server: PDNS05.DOMAINCONTROL.COM
Name Server: PDNS06.DOMAINCONTROL.COM
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/




More details about chromenotice.com


代碼:

GET / HTTP/1.1
Host: www . chromenotice . com
Accept: */*
Server ngx_openresty is not blacklisted
Server: ngx_openresty
Date: Mon, 01 Jun 2015 04:56:56 GMT

(8,340 views)
[更多討論] 討論區 Windows, Linux, Perl, PHP, C/C++, Driver, Web 理論、應用、硬體、軟體

"Chrome error Hijack "www.chromenotice.com" & "adnxs.com"" 傳統頁面(電腦版)

首頁 繪圖設計 工作閒聊 比賽活動 美術討論 標籤 圖片
傳統桌面版 [ 登入/註冊 ]
© Vovo2000.com Mobile Version 小哈手機版 2024