efinal/gist:96a561d24fa9254711c9d66bbd0fa52d

## gistfile1.txt
浏览器被劫持到http://hao.169x.cn/?v=108
index page of your browser has been changed to hao.169x.cn

here is the solution：

1, delete scheduled tasks related to your OEM Hacker. like KMS10 AND KMSSERVER. delete them. (just in the root folder of scheduled tasks)
将任务计划程序中的和激活程序相关的删除。可能在根目录下面，也可能在OEM目录或者其他目录下面。比如KMS10以及KMSSERVER

2，download WMI tools (seems microsoft doesn't provider it any more, you can google it or download here)
下载wmi tools。微软的官方网站好像不再提供下载了。你可以goolge自行搜索，也可以在这里下载

3，follow the instructions here: http://blog.sina.com.cn/s/blog_8be14f360102vyrc.html
basically the steps would be:
a, open wmi event viewer with administrator priviledges
b, connect to root/CIMV2
c, delete vbscriptkids related items in consumers/filters/timers
根据上述链接里的描述删除对应的程序

4, delete all links added to your browser shortcuts (right click -> view properties -> delete the link right behind your browser path)
follow the link here: http://blog.sina.com.cn/s/blog_8be14f360102vyrc.html
根据上述的链接的描述删除对应的快捷方式
	浏览器被劫持到http://hao.169x.cn/?v=108
	index page of your browser has been changed to hao.169x.cn

	here is the solution：

	1, delete scheduled tasks related to your OEM Hacker. like KMS10 AND KMSSERVER. delete them. (just in the root folder of scheduled tasks)
	将任务计划程序中的和激活程序相关的删除。可能在根目录下面，也可能在OEM目录或者其他目录下面。比如KMS10以及KMSSERVER

	2，download WMI tools (seems microsoft doesn't provider it any more, you can google it or download here)
	下载wmi tools。微软的官方网站好像不再提供下载了。你可以goolge自行搜索，也可以在这里下载

	3，follow the instructions here: http://blog.sina.com.cn/s/blog_8be14f360102vyrc.html
	basically the steps would be:
	a, open wmi event viewer with administrator priviledges
	b, connect to root/CIMV2
	c, delete vbscriptkids related items in consumers/filters/timers
	根据上述链接里的描述删除对应的程序

	4, delete all links added to your browser shortcuts (right click -> view properties -> delete the link right behind your browser path)
	follow the link here: http://blog.sina.com.cn/s/blog_8be14f360102vyrc.html
	根据上述的链接的描述删除对应的快捷方式