chchang
/
hugo_backup
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'b5bd9cff15'
${ noResults }
hugo_backup/themes/public/article/e7-ad-86-e8-a8-98-winxp-e9-.../index.html

562 lines
18 KiB
Raw Blame History Escape

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

<!doctype html>
<html class="no-js" lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="author" content="Lednerb">
<meta name="description" content="Bilberry Premium Theme for Hugo.">
<meta name="keywords" content="blog,personal,responsive,search,font awesome,pages,posts,multilingual,highlight.js,syntax highlighting,premium,shortcuts">
<meta name="generator" content="Hugo 0.50" />
<title> [筆記] WinXP 電腦 IE首頁 被dh440.com &amp; http://web.sogou.com/?12141 綁架、劫持的處理方法 | My cool new Blog</title>
<meta name="description" content="[筆記] WinXP 電腦 IE首頁 被dh440.com &amp; http://web.sogou.com/?12141 綁架、劫持的處理方法 - Bilberry Premium Theme for Hugo.">
<meta itemprop="name" content="[筆記] WinXP 電腦 IE首頁 被dh440.com &amp; http://web.sogou.com/?12141 綁架、劫持的處理方法">
<meta itemprop="description" content="[筆記] WinXP 電腦 IE首頁 被dh440.com &amp; http://web.sogou.com/?12141 綁架、劫持的處理方法 - Bilberry Premium Theme for Hugo.">
<meta property="og:title" content="[筆記] WinXP 電腦 IE首頁 被dh440.com &amp; http://web.sogou.com/?12141 綁架、劫持的處理方法">
<meta property="og:description" content="[筆記] WinXP 電腦 IE首頁 被dh440.com &amp; http://web.sogou.com/?12141 綁架、劫持的處理方法 - Bilberry Premium Theme for Hugo.">
<meta property="og:image" content="https://www.gravatar.com/avatar/88188b6cc451928eba90e8400bc68086?size=200">
<meta property="og:url" content="https://h.cowbay.org/article/e7-ad-86-e8-a8-98-winxp-e9-9b-bb-e8-85-a6-ie-e9-a6-96-e9-a0-81-e8-a2-abdh440-com-httpweb-sogou-com12141-e7-b6-81-e6-9e-b6-e3-80-81-e5-8a-ab-e6-8c-81-e7-9a-84-e8-99-95-e7-90-86-e6-96-b9/">
<meta property="og:site_name" content="My cool new Blog">
<meta property="og:type" content="article">
<link rel="icon" type="image/png" href="https://h.cowbay.org/favicon-32x32.png" sizes="32x32">
<link rel="icon" type="image/png" href="https://h.cowbay.org/favicon-16x16.png" sizes="16x16">
<link rel="stylesheet" href="https://h.cowbay.org/sass/combined.min.717098cb5503581e75f12e486a847ca410bf8367d4d8713f4c37affc868c5a1d.css">
</head>
<body class="bilberry-hugo-theme">
<nav>
<div class="container">
<ul class="topnav">
<li><a href="/page/about-bilberry/">About Bilberry</a></li>
<li><a href="https://github.com/Lednerb/bilberry-hugo-theme" target="_blank">Github</a></li>
</ul>
<div id="search-box" class="search">
<i class="fa fa-search"></i>
<input id="search" type="text" placeholder="Search ...">
</div>
</div>
</nav>
<header>
<div class="container">
<div class="logo">
<a href="/" class="logo">
<img src="https://www.gravatar.com/avatar/88188b6cc451928eba90e8400bc68086?d=mm&size=200" alt="">
<span class="overlay"><i class="fa fa-home"></i></span>
</a>
</div>
<div class="titles">
<h3 class="title"><a href="/">My cool new Blog</a></h3>
<span class="subtitle">Hello World! This is the most epic subtitle ever.</span>
</div>
<div class="languages">
<a href="/en" class="active">en</a>
<a href="/de">de</a>
</div>
<div class="toggler">
<i class="fa fa-bars" aria-hidden="true"></i>
</div>
</div>
</header>
<div class="main container">
<div class="article-wrapper u-cf single">
<a class="bubble" href="/article/e7-ad-86-e8-a8-98-winxp-e9-9b-bb-e8-85-a6-ie-e9-a6-96-e9-a0-81-e8-a2-abdh440-com-httpweb-sogou-com12141-e7-b6-81-e6-9e-b6-e3-80-81-e5-8a-ab-e6-8c-81-e7-9a-84-e8-99-95-e7-90-86-e6-96-b9/">
<i class="fa fa-fw fa-pencil"></i>
</a>
<article class="default article">
<div class="content">
<h3><a href="/article/e7-ad-86-e8-a8-98-winxp-e9-9b-bb-e8-85-a6-ie-e9-a6-96-e9-a0-81-e8-a2-abdh440-com-httpweb-sogou-com12141-e7-b6-81-e6-9e-b6-e3-80-81-e5-8a-ab-e6-8c-81-e7-9a-84-e8-99-95-e7-90-86-e6-96-b9/">[筆記] WinXP 電腦 IE首頁 被dh440.com &amp; http://web.sogou.com/?12141 綁架、劫持的處理方法</a></h3>
<div class="meta">
<span class="date moment">2017-01-11</span>
<span class="categories">
<a href="/categories/%E5%B7%A5%E4%BD%9C%E7%AD%86%E8%A8%98">工作筆記</a>
</span>
</div>
<p>工作上的需求要幫業務弄一台XP的PC出來</p>
<p>手邊已經沒有什麼XP的安裝片了於是上網下載了一個</p>
<p>系統家園Ghost XP SP3 繁體中文純淨版</p>
<p>媽咧個B咧純淨個屁喔</p>
<p>裡面裝了一堆亂七八糟有的沒的軟體,不過這些軟體好處理,就移除掉就好了</p>
<p>但是呢IE首頁一直被綁架著很不爽</p>
<p>開啟IE後會先讀取 dh440.com 然後會轉址到  <a href="http://web.sogou.com/?12141">http://web.sogou.com/?12141</a></p>
<p>這東西非常頑固不管是手動清registry 、改IE設定、甚至重設IE都沒用</p>
<p>以往碰到的狀況頂多就是重設IE就好這次頭大了。</p>
<p>好,想說以毒攻毒吧!先下個 360安全衛士不管是掃描、掃毒、主頁保護都跑過了還是沒用</p>
<p>又換個QQ電腦管家也是一樣全功能都執行一遍也是解決不了。</p>
<p>又下載了 adwcleaner portable 來試試看,雖說有掃到東西,但是首頁被綁架的情況依然沒有成功處理</p>
<p>最後又試了 malwarebyte 才總算把這個dh440.com 轉址 web.sogou.com 的首頁綁架解決!</p>
<p>因為用dh440.com 當關鍵字去GOOGLE其實找不到什麼有用的幫助</p>
<p>就順便記錄一下,希望能幫到其他人!</p>
<p>&nbsp;</p>
<p>malwarebyte 最後掃出來的LOG是這樣</p>
<p>我猜是那個2345explorer的問題
&gt; Malwarebytes
&gt;
&gt; www.malwarebytes.com
&gt;
&gt;
&gt; -Log Details-
&gt;
&gt; Scan Date: 2017/1/11
&gt;
&gt; Scan Time: 上午 10:44:27
&gt;
&gt; Logfile:
&gt;
&gt; Administrator: Yes
&gt;
&gt;
&gt; -Software Information-
&gt;
&gt; Version: 3.0.5.1299
&gt;
&gt; Components Version: 1.0.43
&gt;
&gt; Update Package Version: 1.0.974
&gt;
&gt; License: Trial
&gt;
&gt;
&gt; -System Information-
&gt;
&gt; OS: Windows XP Service Pack 3
&gt;
&gt; CPU: x86
&gt;
&gt; File System: NTFS
&gt;
&gt; User: QKIEYVGMWMKCQVW\Administrator
&gt;
&gt;
&gt; -Scan Summary-
&gt;
&gt; Scan Type: Threat Scan
&gt;
&gt; Result: Completed
&gt;
&gt; Objects Scanned: 218347
&gt;
&gt; Time Elapsed: 7 min, 8 sec
&gt;
&gt;
&gt; -Scan Options-
&gt;
&gt; Memory: Enabled
&gt;
&gt; Startup: Enabled
&gt;
&gt; Filesystem: Enabled
&gt;
&gt; Archives: Enabled
&gt;
&gt; Rootkits: Enabled
&gt;
&gt; Heuristics: Enabled
&gt;
&gt; PUP: Enabled
&gt;
&gt; PUM: Enabled
&gt;
&gt;
&gt; -Scan Details-
&gt;
&gt; Process: 0
&gt;
&gt; (No malicious items detected)
&gt;
&gt;
&gt; Module: 0
&gt;
&gt; (No malicious items detected)
&gt;
&gt;
&gt; Registry Key: 0
&gt;
&gt; (No malicious items detected)
&gt;
&gt;
&gt; Registry Value: 9
&gt;
&gt; PUM.Optional.DisableShowSearch, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED|START_SHOWSEARCH, No Action By User, [19230], [293317],1.0.974
&gt;
&gt; PUM.Optional.DisableShowHelp, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED|START_SHOWHELP, No Action By User, [19226], [293313],1.0.974
&gt;
&gt; PUM.Optional.NoSMHelp, HKU\S-1-5-21-839522115-1532298954-1801674531-500\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|NOSMHELP, No Action By User, [19245], [293358],1.0.974
&gt;
&gt; PUM.Optional.DisabledSecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|ANTIVIRUSDISABLENOTIFY, No Action By User, [19218], [293294],1.0.974
&gt;
&gt; PUM.Optional.DisabledSecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|FIREWALLDISABLENOTIFY, No Action By User, [19218], [293295],1.0.974
&gt;
&gt; PUM.Optional.DisabledSecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|UPDATESDISABLENOTIFY, No Action By User, [19218], [293296],1.0.974
&gt;
&gt; PUM.Optional.DisableShowSearch, HKU\S-1-5-21-839522115-1532298954-1801674531-500\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED|START_SHOWSEARCH, No Action By User, [19230], [293317],1.0.974
&gt;
&gt; PUM.Optional.DisableShowHelp, HKU\S-1-5-21-839522115-1532298954-1801674531-500\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED|START_SHOWHELP, No Action By User, [19226], [293313],1.0.974
&gt;
&gt; PUM.Optional.NoSMHelp, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|NOSMHELP, No Action By User, [19245], [293358],1.0.974
&gt;
&gt;
&gt; Data Stream: 0
&gt;
&gt; (No malicious items detected)
&gt;
&gt;
&gt; Folder: 3
&gt;
&gt; PUP.Optional.Elex, C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\2345Explorer\User Data\Default, No Action By User, [15], [308620],1.0.974
&gt;
&gt; PUP.Optional.Elex, C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\2345Explorer\User Data, No Action By User, [15], [308620],1.0.974
&gt;
&gt; PUP.Optional.Elex, C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\2345Explorer, No Action By User, [15], [308620],1.0.974
&gt;
&gt;
&gt; File: 2
&gt;
&gt; PUP.Optional.Elex, C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\2345Explorer\User Data\Default\Bookmarks, No Action By User, [15], [308620],1.0.974
&gt;
&gt; PUP.Optional.Elex, C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\2345Explorer\User Data\Default\page_file.dat, No Action By User, [15], [308620],1.0.974
&gt;
&gt;
&gt; Physical Sector: 0
&gt;
&gt; (No malicious items detected)</p>
</div>
<div class="footer no-tags">
</div>
</article>
</div>
<div id="disqus_thread"></div>
<script type="application/javascript">
var disqus_config = function () {
};
(function() {
if (["localhost", "127.0.0.1"].indexOf(window.location.hostname) != -1) {
document.getElementById('disqus_thread').innerHTML = 'Disqus comments not available by default when the website is previewed locally.';
return;
}
var d = document, s = d.createElement('script'); s.async = true;
s.src = '//' + "bilberry-hugo-theme" + '.disqus.com/embed.js';
s.setAttribute('data-timestamp', +new Date());
(d.head || d.body).appendChild(s);
})();
</script>
<noscript>Please enable JavaScript to view the <a href="https://disqus.com/?ref_noscript">comments powered by Disqus.</a></noscript>
<a href="https://disqus.com" class="dsq-brlink">comments powered by <span class="logo-disqus">Disqus</span></a>
</div>
<footer>
<div class="container">
<div class="recent-posts">
<strong>Latest posts</strong>
<ul>
<li>
<a href="/article/google-550-5-7-1-sloution/">寄信給google被退信 錯誤 550-5.7.1的解法</a>
</li>
<li>
<a href="/article/netdata-linux-system-performance-monitor-dashboard/">Netdata Linux System Performance Monitor Dashboard</a>
</li>
<li>
<a href="/article/linux-performance-monitor-dashboard-netdata-md/">Linux 底下極其詳細的System performace Monitor Dashboard - Netdata</a>
</li>
<li>
<a href="/article/syntax-test/">Syntax Test</a>
</li>
<li>
<a href="/article/psql-create-role-and-assign-priviledges/">psql create role and assign priviledges</a>
</li>
<li>
<a href="/article/study-url/">Study URL</a>
</li>
<li>
<a href="/article/rsync-time-backup/">[筆記] Linux 底下好用的備份工具 rsync-time-backup</a>
</li>
</ul>
</div>
<div class="categories">
<a href="/categories/"><strong>Categories</strong></a>
<ul>
<li>
<a href="/categories/%E6%9C%AA%E5%88%86%E9%A1%9E">未分類 (86)</a>
</li>
<li>
<a href="/categories/%E5%B7%A5%E4%BD%9C%E7%AD%86%E8%A8%98">工作筆記 (68)</a>
</li>
<li>
<a href="/categories/%E5%85%B6%E4%BB%96">其他 (46)</a>
</li>
<li>
<a href="/categories/%E7%AD%86%E8%A8%98">筆記 (30)</a>
</li>
<li>
<a href="/categories/%E5%89%AA%E5%A0%B1">剪報 (18)</a>
</li>
<li>
<a href="/categories/starting">Starting (5)</a>
</li>
<li>
<a href="/categories/blog">Blog (4)</a>
</li>
</ul>
</div>
<div class="right">
<div class="external-profiles">
<strong>Social media</strong>
<a href="https://twitter.com/TheRealLednerb" target="_blank"><i class="fa fa-twitter-adblock-proof"></i></a>
<a href="https://github.com/Lednerb" target="_blank"><i class="fa fa-github"></i></a>
</div>
<div class="languages">
<strong>Other languages</strong>
<a href="/en" class="active">en</a>
<a href="/de">de</a>
</div>
</div>
</div>
</footer>
<div class="credits">
<div class="container">
<div class="copyright">
<a href="https://github.com/Lednerb" target="_blank">
&copy;
2017
by Lednerb
</a>
</div>
<div class="author">
<a href="https://github.com/Lednerb/bilberry-hugo-theme" target="_blank">Bilberry Hugo Theme</a>
</div>
</div>
</div>
<script type="text/javascript" src="https://h.cowbay.org/js/externalDependencies.39c47e10e241eae2947b3fe21809c572.js" integrity="md5-OcR&#43;EOJB6uKUez/iGAnFcg=="></script>
<script type="text/javascript" src="https://h.cowbay.org/js/theme.ff50ae6dc1bfc220b23bf69dbb41b54e.js" integrity="md5-/1CubcG/wiCyO/adu0G1Tg=="></script>
<script>
$(".moment").each(function() {
$(this).text(
moment( $(this).text() )
.locale( "en" )
.format('LL')
);
});
$(".footnote-return sup").html("");
</script>
<script>
var client = algoliasearch("Y2C4RWMPXW", "50ea7f8c41c0ad233926e0be2b769ed1");
var index = client.initIndex("default-content");
$('#search').autocomplete({ hint: false, autoselect: true, debug: false },
[
{
source: $.fn.autocomplete.sources.hits(index, { hitsPerPage: 5, filters: 'language: en' }),
displayKey: function(suggestion) {
return suggestion.title || suggestion.author
},
templates: {
suggestion: function(suggestion) {
return "<span class='entry " + suggestion.type + "'>"
+ "<span class='title'>" + suggestion.title + "</span>"
+ "<span class='fa fa-fw " + suggestion.iconClass + "'></span>"
+ "</span>"
;
},
empty: function() {
return "<span class='empty'>Nothing found.</span>"
},
footer: function() {
return '<div class="branding">Powered by <img src="https:\/\/h.cowbay.org\/dist\/algolia-logo-light.svg" /></div>'
}
},
}
])
.on('autocomplete:selected', function(event, suggestion, dataset) {
window.location = (suggestion.url);
})
.keypress(function (event, suggestion) {
if (event.which == 13) {
window.location = (suggestion.url);
}
});
</script>
</body>
</html>
Reference in new issue View Git Blame Copy Permalink