悪代官様、お世話になります。IEとChrome両ブラウザーを開くとsweet-pageになる問題に直面し、本年1月20日付「【注意喚起!】 ブラウザハイジャッカー!〖Sweet-page.com〗について」というブログに習いJunkware Removal Tool、AdwCleaner、Malwarebytes Anti-Malwareによるスキャン、ブラウザのリセット及び再設定を実施。功を奏したか、ブラウザーを開いてもsweet-pageは出なくなりました。ところがコントロールパネルのプログラムのアンインストール項目を見ると依然sweet-page Browser newtab extension なるものが居座っており、選択&アンインストールしようとしても出来ません。Junkware Removal Tool、AdwCleaner、Malwarebytes Anti-Malwareによるスキャンでももう何も見つかりません。どうすればこれを完全削除、駆除できるか、アドバイス願えたらたいへん有り難く存じます。
尚、問題の発端は、想像ですが、exact audio copyなるフリーアプリとlame、そして恐らくその際どちらかに同梱されていたと思われる Optimizer Proを不注意でダウンロードした際に感染したのではないかと思います。3ついずれも今はアンインストール済みです。
以下、上記ブログのご指導に従い、Hijackthis及びCCleaner - Portableを用いて採取したログを貼り付けさせていただきます。
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:49:03, on 2014/02/20
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16798)
Boot mode: Normal
Running processes:
C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMEJP\IMJPCMNT.EXE
C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.exe
C:\Users\sysam\AppData\Local\SOURCENEXT\SSS3\3.08.01\Statistics.exe
C:\Users\sysam\AppData\Local\SOURCENEXT\SSS3\3.08.01\Message.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\sysam\Desktop\HijackThis.exe
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll
O4 - HKLM\..\Run: [Sourcenext.SSS.Launcher] "C:\Program Files (x86)\SOURCENEXT\ソースネクスト アップデート3\Launcher.exe" UpdateTool.exe
O4 - HKLM\..\Run: [IME JPN 2007 Migration] C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMEJP\IMJPKLMG.EXE /Preload
O4 - HKLM\..\Run: [PWMTRV] rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Lenovo Doze Mode Service (DozeSvc) - Lenovo. - C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
O23 - Service: Power Manager Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cisco EnergyWise Enabler (PwmEWSvc) - Lenovo Group Limited - C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: オン スクリーン表示 (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7104 bytes
《以下はCCleaner - Portable採取ログです》
Access Help Lenovo 2014/02/09 3.00
Adobe Flash Player 12 ActiveX Adobe Systems Incorporated 2014/02/08 6.00 MB 12.0.0.44
Adobe Reader XI (11.0.06) - Japanese Adobe Systems Incorporated 2014/02/12 147 MB 11.0.06
AmaRecTV Live 2014/02/14
Apple Application Support Apple Inc. 2014/02/11 93.2 MB 3.0
Apple Mobile Device Support Apple Inc. 2014/02/11 22.7 MB 7.1.0.32
Apple Software Update Apple Inc. 2014/02/11 2.38 MB 2.1.3.127
Becky! Ver.2 RimArts 2014/02/04
Bonjour Apple Inc. 2014/02/11 2.00 MB 3.0.0.10
Conexant 20585 SmartAudio HD Conexant 2014/02/09 4.95.48.50
Craving Explorer Version 1.5.5 T-Craft 2014/02/07 15.3 MB 1.5.5.0
EPSONプリンタドライバ・ユーティリティ SEIKO EPSON Corporation 2014/02/04
Google Chrome Google Inc. 2014/02/05 32.0.1700.107
Intel(R) Network Connections Drivers Intel 2014/02/04 916 KB 0.0
Intel(R) Processor Graphics Intel Corporation 2013/12/19 8.15.10.2622
iTunes Apple Inc. 2014/02/11 216 MB 11.1.4.62
Lenovo Patch Utility Lenovo Group Limited 2013/06/12 1.33 MB 1.3.1.1
Lenovo Patch Utility 64 bit Lenovo Group Limited 2013/06/12 1.35 MB 1.3.1.1
Lenovo Power Management Driver 2014/02/07 1.67.04.04
Lenovo System Interface Driver 2014/02/04 1.05
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 2014/02/07 38.8 MB 4.0.30319
Microsoft .NET Framework 4 Client Profile Language Pack - 日本語 Microsoft Corporation 2014/02/07 2.93 MB 4.0.30319
Microsoft Office File Validation Add-In Microsoft Corporation 2014/02/10 7.95 MB 14.0.5130.5003
Microsoft Office Personal 2007 Microsoft Corporation 2014/02/06 12.0.6612.1000
Microsoft Silverlight Microsoft Corporation 2014/02/09 50.6 MB 5.1.20913.0
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2014/02/06 620 KB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2014/02/07 788 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2014/02/08 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2014/02/07 596 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2014/02/08 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 2014/02/17 13.7 MB 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Corporation 2014/02/17 9.76 MB 10.0.30319
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 2014/02/07 1.27 MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 2014/02/07 1.33 MB 4.20.9876.0
NETDUETTO β Yamaha Corporation 2014/02/14 3.31 MB 1.2.0
Norton Internet Security Symantec Corporation 2014/02/04 21.1.0.18
RealPlayer RealNetworks 2014/02/07 91.7 MB 16.0.3
SuperTagEditor 2014/02/07
sweet-page Browser newtab extension sweet-page 2014/02/19
Synaptics Pointing Device Driver Synaptics Incorporated 2013/06/12 46.4 MB 16.2.17.3
ThinkPad FullScreen Magnifier 2014/02/04 2.40
WinRAR 5.01 (64ビット) win.rar GmbH 2014/02/04 5.01.0
♪超録 - パソコン長時間録音機 フリーウェア版 2014/02/07
いきなりPDF 7 SOURCENEXT 2014/02/06 1.0.1
オン スクリーン表示 2014/02/04 6.67.10
ソースネクスト アップデート 3.0 SOURCENEXT 2014/02/04 10.0 MB 8.00.0000
ラベル屋さんHOME 2014/02/05
省電力マネージャー Lenovo Group Limited 2014/02/07 6.64.2
以上、なにとぞよろしくお願いいたします。
SY.Sam 2014/02/20
sweet pageの居座り
- sy.sam
- 2014/02/20 (Thu) 14:47:19