|
[win7]Chrome問題
最近 Chrome 不知怎的打開之後在最後分頁會硬性出現 Globobo http://kingtale3.inspsearch.com/search 搜尋引擎
點掉後重新開啟仍然出現 類似被綁架之類的 是否可教小的如何使用 CCleaner 解決問題或有其他對症下藥的方法 謝謝^^ |
瀏覽器綁架 ... 可以視同惡意軟體、電腦病毒等相似狀況 ...
1.看看瀏覽器的「擴充元件、搜尋引擎」管理有沒有類似的東西,如本次問題的 Globo SOSO 或 Kingtale Technology 之類的類似字樣或是圖示。  如:http://blog.xuite.net/yh96301/blog/3...hrome小字典 Chrome搜尋引擎設定、管理擴充功能- Chrome說明 2.先到「控制台\程式集\程式和功能」找看看有沒有類似的軟體組件,如本次問題的Globo SOSO 或 Kingtale Technology 之類的類似字樣或是圖示。 3.使用各種防毒(掃毒)軟體、惡意程式檢測工具、惡意廣告軟體移除工具等,進行掃描檢測。 4.以「煩請系統中毒要求協助或是解毒或是系統不穩的版友注意」,貼出系統 LOGO 讓版友檢視找問題。 |
引用:
網址內填入 : chrome://settings/ 然後按一下 Enter 按鍵, 網頁往下拉,點一下顯示進階設定, 如下圖所示點一下重新設定,然後關閉 Chrome ,再度開啟就可以了。  |
使用 擴充功能 TJDict 1.10.1 翻譯成中文
:on_83: |
回覆: getter大
不過問題還未解決
在設定那裏面的搜尋引擎設定裡點掉v9.com 重新開機後仍然出現那個搜尋網站:on_84: 謝謝^^ 附hijack報告供大大參考: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at PM 05:45:18, on 104104/1/29 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17496) Boot mode: Normal Running processes: C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe C:\Users\user\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe C:\Users\user\AppData\Roaming\Search Protection\SP.exe C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\CyberLink\Shared files\brs.exe C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\hppusg.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\PROGRA~2\COMMON~1\MICROS~1\IME12\SHARED\imecfmui.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe D:\Downloads\Exe\HijackThis.exe F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Browser Extensions - {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} - C:\Users\user\AppData\Roaming\BrowserExtensions\Coupons.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Microsoft 帳戶登入協助程式 - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe O4 - HKLM\..\Run: [HPUsageTracking] C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\hppusg.exe "C:\Program Files (x86)\Hewlett-Packard\HP UT\" O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" O4 - HKLM\..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe" O4 - HKCU\..\Run: [SkyDrive] "C:\Users\user\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Search Protection] "C:\Users\user\AppData\Roaming\Search Protection\SP.EXE" /autostart O4 - HKCU\..\Run: [Browser Extensions] "C:\Users\user\AppData\Roaming\BrowserExtensions\BEHelper.exe" O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O4 - Startup: OneNote 2007 畫面剪輯器及啟動器.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: 寬頻連線 2 - 捷徑.lnk = ? O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: 傳送至 OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: 傳送至 OneNote(E) - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://web.r530.com O15 - ESC Trusted Zone: http://*.update.microsoft.com O16 - DPF: {8E1D16E3-37B1-48B8-862E-9D646FC0C8FF} (TFBWebATM Control) - https://ebank.taipeifubon.com.tw/iba.../TFBWebATM.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{816CCFDC-3EAA-4621-B8C0-717C571C849C}: NameServer = 61.31.233.1 61.31.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{816CCFDC-3EAA-4621-B8C0-717C571C849C}: NameServer = 61.31.233.1 61.31.1.1 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~1.DLL O23 - Service: ABBYY PDF Transformer+ - Licensing Service (ABBYY.Licensing.PDFTransformer.Classic.4.0) - ABBYY Production LLC - C:\Program Files (x86)\ABBYY PDF Transformer+\NetworkLicenseServer.exe O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google更新 服務 (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google更新 服務 (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: YAC Service (iSafeService) - Elex do Brasil Participacoes Ltda - C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WinZiper service (winzipersvc) - Taiwan Shui Mu Chih Ching Technology Limited. - C:\Program Files (x86)\WinZipper\winzipersvc.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13824 bytes |
先嘗試看看將瀏覽器「重置看看」,不行在進行以下方式
Google 搜尋:globososo 移除 How to Remove Globososo.com form IE/FireFox/Google Chrome? (Hijacker Removal Guide) How to Remove Globososo.com form IE/FireFox/Google Chrome? (Google 翻譯過的) Google 搜尋:移除 kingtale3.inspsearch.com Remove Kingtale3.inspsearch.com virus (Removal Guide) Remove Kingtale3.inspsearch.com virus (Google 翻譯過的) 上述網頁中有提到 ... 多半是安裝一些免費的軟件(視頻錄製軟體/播放軟體,下載軟體或 PDF 文件的建立軟體) 表示已經捆綁到其安裝這個瀏覽器劫持後。即使移除你從你的計算機上卸載 VPlay,Web瀏覽器的默認設置將無法 恢復。 這意味著,你必須從你喜歡的網頁瀏覽器中手動刪除相關的綁架主頁。 根據經驗,這類的捆綁的方式有 1.透過登錄檔進行修改。 2.透過瀏覽器的開啟「捷徑」修改。 3.直接修改瀏覽器的相關設定。 4.使用背景程式修改。有些會出現在瀏覽器的「擴充套件」或是在「新增移除程式 (程式和功能)」中有類似的項目。 也有些會把程式註冊到「服務」上面,有些事採取類似病毒程式的作法。 上述 4種方式中,現在幾乎都是第 4種居多數,因為對不少人來說,要處理這種的還挺棘手的。 ------------------------------------------------------------------------------------------------------------ 先前提到的四個步驟 ... 前兩項可以算是顛倒的 ... 之前的說的 1 2 3 4 是基本 ... 如過瀏覽器的首頁綁架,是因為某個程式在作用的話 ... 因該是要先把該程式移除掉,再到瀏覽器內做相關設定才對。 某些狀況是可以檢查一下,開啟瀏覽器的「捷徑」內容,看看有沒有被寫入某個網址,有的話把該網址刪掉理論上也會恢復。 迪西的電腦裡沒有 Search Protection、BrowserExtensions、SupTab 只能說很可疑 ... 看看別人怎麼看 ... C:\Users\user\AppData\Roaming\Search Protection\SP.exe C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe O2 - BHO: Browser Extensions - {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} - C:\Users\user\AppData\Roaming\BrowserExtensions\Coupons.dll O4 - HKCU\..\Run: [Search Protection] "C:\Users\user\AppData\Roaming\Search Protection\SP.EXE" /autostart O4 - HKCU\..\Run: [Browser Extensions] "C:\Users\user\AppData\Roaming\BrowserExtensions\BEHelper.exe" O20 - AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~1.DLL O23 - Service: YAC Service (iSafeService) - Elex do Brasil Participacoes Ltda - C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe |
| 所有時間均為台北時間。現在的時間是 08:53 PM。 |
Powered by vBulletin® 版本 3.6.8
版權所有 ©2000 - 2024, Jelsoft Enterprises Ltd.
『服務條款』
* 有問題不知道該怎麼解決嗎?請聯絡本站的系統管理員 *