claude解决edge页面劫持

Edge 浏览器已设置启动时恢复之前的页面。但忘记从几时开始,启动时总是会打开一个本地的页面,如 http://localhost:56583/,端口号每次都不同,最终都跳转到百度:https://www.baidu.com/?tn=15007414_8_dg,且带着一个奇怪的 ?tn= 参数,怀疑是有什么狗屄软件收了钱,在打广告。

之前在前 agent 时代,试过自己解决,如 1,但无果。

with Claude Code

今在本地命令行开 Claude Code 诊断,结论如下:

复制代码
---
Root Cause: Lenovo PCManager's BrowserPro.dll

Not a third-party malware --- it's Lenovo pre-installed bloatware earning
affiliate revenue from Baidu.

How it works (confirmed from binary analysis)

1. BrowserPro.dll (C:\Program Files (x86)\Lenovo\PCManager\5.0.30.7052\Mod
ules\ActiveProtection\apps\BrowserPro\) is loaded into explorer.exe as a
COM shell extension at login
2. It calls Windows' HTTP.sys kernel driver (HttpCreateRequestQueue,
HttpAddUrlToUrlGroup) to register a listener on a random localhost port ---
which is why the port changes every time
3. It calls ShellExecuteExW to force-open that localhost:{random port} URL
in your default browser (Edge)
4. The page it serves is exactly: <head><meta name='referrer'
content='no-referrer'/><script>location='https://discovery.lenovo.com.cn/h
ome/ilive/v1/c1'</script></head>
5. Lenovo's iLive server then forwards you to baidu.com/?tn=15007414_8_dg
--- where tn=15007414_8_dg is Lenovo's Baidu affiliate tracking ID. Lenovo
gets paid per visit.

The no-referrer tag is intentional to hide the affiliate chain.

---
How to stop it

Option 1 --- Cleanest: Uninstall Lenovo PCManager
▎ Search "Apps" → find Lenovo PC Manager → Uninstall

Option 2 --- Disable via PCManager settings (if you want to keep it)
▎ Open Lenovo PC Manager → Security/Protection → look for "Browser
Protection" or "Active Protection" and disable it

Option 3 --- Block the service manually
# In PowerShell as Administrator:
sc stop LenovoPcManagerService
sc config LenovoPcManagerService start= disabled
sc stop LISFService
sc config LISFService start= disabled

Note: The registry key
  HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LenovoDisabled suggests
  someone previously tried to disable Lenovo startup items on this machine,
  but PCManager still runs as a service. After disabling, kill the
  explorer.exe process or restart to clear the current HTTP.sys
  registration.

This is the same class of behavior as Lenovo's 2015 Superfish scandal ---
affiliate revenue harvesting bundled into pre-installed software. It's
technically "legal" in their terms, but deceptive and harmful.

电脑是联想小新 Air 14+ ARH7,有个联想电脑管家,应该就是 Claude 说的 Lenovo PCManager。

Solution

跟 Claude 建议,卸载联想电脑管家。

测试:关掉 Edge 浏览器,再重开,能正常恢复之前页面,而不会打开那个 localhost 页面。

References

  1. 【浏览器】百度主页被"?tn=88093251_hao_pg"劫持解决方案
相关推荐
艾莉丝努力练剑8 分钟前
【AI面试】AI八股文
人工智能·ai·面试·langchain·八股文
星释43 分钟前
鸿蒙智能体开发实战:26.Skill 与插件协同开发
microsoft·华为·ai·harmonyos·鸿蒙·智能体
星释1 小时前
鸿蒙智能体开发实战:32.鸿蒙壁纸大师 - API认证与会话管理
华为·ai·harmonyos·智能体
头茬韭菜2 小时前
双架构演进与NDJSON远程协议——Agent突破本地边界
ai·架构
Gary Studio2 小时前
嵌入式大模型边缘部署(MTK方向)
ai·大模型·mtk·边缘部署
星释2 小时前
鸿蒙智能体开发实战:31.鸿蒙壁纸大师 - 环境搭建与基础配置
算法·华为·ai·harmonyos·鸿蒙
JouYY2 小时前
聊一下复杂 Agent 架构的性能优化设计
性能优化·llm·agent
土星云SaturnCloud2 小时前
边缘计算在储气库调峰智能管控中的应用:架构设计与技术解析
服务器·人工智能·ai·边缘计算
wangruofeng3 小时前
一个 5KB 的 skill 文件,三个月砍下 9 万 star,省掉 65% 的 AI 输出 token
aigc·agent·ai编程
曦尧3 小时前
Bun:面向 JavaScript/TypeScript 的全能超高速一体化工具链
ai·自动化