Edge MSN 劫持

This topic created in 849 days ago, the information mentioned may be changed or developed.

今天突然发现打开 Edge 启动页会自动跳转 https://ntp.msn.cn/edge/ntp
发现每次开机启动了本地服务 localhost:端口随机然后 edge 启动时访问该服务
该服务与 System 进程有关，该进程又与 10 号更新的 C:\Windows\System32\ntoskrnl.exe 有关
目前没有找到修改 MSN 启动页的方法，如果是微软更新导致的，和流氓软件又有什么区别

Edge

msn

启动

localhost

10 replies • 2024-02-01 08:56:46 +08:00

gentrydeng

Jan 13, 2024

https://www.imaegoo.com/2022/set-edge-new-tab-url/

Corco

Jan 13, 2024

@gentrydeng 感谢，我试一下

Qusic

Jan 13, 2024 via iPhone

也可以装个插件更傻瓜点 https://chromewebstore.google.com/detail/new-tab-redirect/icpgjfneehieebagbmdbhnlpiopdcmna

Corco

Jan 14, 2024

目前权宜之计就是用联想电脑管家把起始页强行锁成 duckduckgo

Zho

Jan 21, 2024

我也今天遇到了，微软真流氓

Zho

Jan 21, 2024

感觉是联想电脑管家的 bug ，启动时 edge 打开的 localhost:随机端口会被 redirect 到联想电脑管家里锁定的网页，就算关闭锁定也会启动本地的服务，锁定时扫描端口如下：
PORT STATE SERVICE VERSION

54769/tcp open http Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)

|_http-server-header: Microsoft-HTTPAPI/2.0

|_http-title: Did not follow redirect to https://discovery.lenovo.com.cn/home/lenovo/v1/c3

| http-methods:

|_ Supported Methods: GET HEAD POST OPTIONS

Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port

Device type: general purpose

Running: Microsoft Windows 10

OS CPE: cpe:/o:microsoft:windows_10:1607

OS details: Microsoft Windows 10 1607

Uptime guess: 0.009 days (since Sun Jan 21 14:29:56 2024)

Network Distance: 0 hops

TCP Sequence Prediction: Difficulty=260 (Good luck!)

IP ID Sequence Generation: Incremental

Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows

WAHSUN

Jan 26, 2024

微软的确流氓,我一直用 Ecosia 做为默认搜索引擎,现在 Edge 强制劫持到 bing.com 了,害德我只能用 DuckDuckGO.

yeyuanxinyi

Jan 30, 2024

初步感觉是联想电脑管家引起的，我试着卸载了联想电脑管家就恢复正常，现在初步解决就是锁定或者卸载联想电脑管家

zhaomma

Jan 31, 2024

看到个办法，把快捷方式目标中 msedge.exe 改成 msedge_proxy.exe 就不会被防护发现跳转了。

Corco

Feb 1, 2024

@zhaomma 感谢，方法有效