別名:

TrojanDownloader:Win32/Dontovo.A, TrojanDownloader:Win32/Matcash.O, Trojan:Win32/Alureon.BK (Microsoft); [3.nsis]:Generic Dropper!qo (McAfee); Trojan.ADH (Symantec); ARC:NSIS, ARC:[data0002]:Inno, ARC:[data0002/data0020]:CHM, ARC:[data0003]:NSIS, [data0003/data0002] (Kaspersky); Trojan.Crypt.Mepz.a (v), Trojan-Downloader.Win32.Matcash.O (v), Trojan.Win32.Alureon.bk (v) (Sunbelt); Trojan.Dropper.TDR (FSecure)

 プラットフォーム:

Windows 2000, Windows, XP, Windows Server 2003

 危険度:
 ダメージ度:
 感染力:
 感染確認数:

  • マルウェアタイプ:
    トロイの木馬型

  • 破壊活動の有無:
    なし

  • 暗号化:
     

  • 感染報告の有無 :
    はい

  概要

マルウェアは、他のマルウェアに作成されるか、悪意あるWebサイトからユーザが誤ってダウンロードすることによりコンピュータに侵入します。

  詳細

ファイルサイズ 8,022,514 bytes
タイプ EXE
メモリ常駐 なし
発見日 2011年11月23日

侵入方法

マルウェアは、他のマルウェアに作成されるか、悪意あるWebサイトからユーザが誤ってダウンロードすることによりコンピュータに侵入します。

インストール

マルウェアは、以下のフォルダを作成します。

  • %System Root%\DOCUME~1
  • %System Root%\DOCUME~1\ADMINI~1
  • %User Profile%\LOCALS~1
  • %User Temp%\nsc2.tmp
  • %User Temp%\is-KI48U.tmp
  • %User Temp%\is-J8M0P.tmp
  • %User Temp%\is-J8M0P.tmp\_isetup
  • %Program Files%\2BrightSparks
  • %Program Files%\2BrightSparks\SyncBackSE
  • %Application Data%\2BrightSparks
  • %Application Data%\2BrightSparks\SyncBack
  • %Program Files%\2BrightSparks\SyncBackSE\locale
  • %Program Files%\2BrightSparks\SyncBackSE\locale\CA
  • %Program Files%\2BrightSparks\SyncBackSE\locale\CA\LC_MESSAGES
  • %Program Files%\2BrightSparks\SyncBackSE\locale\DE
  • %Program Files%\2BrightSparks\SyncBackSE\locale\DE\LC_MESSAGES
  • %Program Files%\2BrightSparks\SyncBackSE\locale\ES
  • %Program Files%\2BrightSparks\SyncBackSE\locale\ES\LC_MESSAGES
  • %Program Files%\2BrightSparks\SyncBackSE\locale\FR
  • %Program Files%\2BrightSparks\SyncBackSE\locale\FR\LC_MESSAGES
  • %Program Files%\2BrightSparks\SyncBackSE\locale\IT
  • %Program Files%\2BrightSparks\SyncBackSE\locale\IT\LC_MESSAGES
  • %Program Files%\2BrightSparks\SyncBackSE\locale\NL
  • %Program Files%\2BrightSparks\SyncBackSE\locale\NL\LC_MESSAGES
  • %Program Files%\2BrightSparks\SyncBackSE\locale\PL
  • %Program Files%\2BrightSparks\SyncBackSE\locale\PL\LC_MESSAGES
  • %Program Files%\2BrightSparks\SyncBackSE\locale\PT_BR
  • %Program Files%\2BrightSparks\SyncBackSE\locale\PT_BR\LC_MESSAGES
  • %Program Files%\2BrightSparks\SyncBackSE\locale\ZH
  • %Program Files%\2BrightSparks\SyncBackSE\locale\ZH\LC_MESSAGES
  • %Program Files%\2BrightSparks\SyncBackSE\locale\ZH_HK
  • %Program Files%\2BrightSparks\SyncBackSE\locale\ZH_HK\LC_MESSAGES
  • %Program Files%\2BrightSparks\SyncBackSE\locale\HU
  • %Program Files%\2BrightSparks\SyncBackSE\locale\HU\LC_MESSAGES
  • %Program Files%\2BrightSparks\SyncBackSE\locale\CS
  • %Program Files%\2BrightSparks\SyncBackSE\locale\CS\LC_MESSAGES
  • %Program Files%\2BrightSparks\SyncBackSE\locale\NB
  • %Program Files%\2BrightSparks\SyncBackSE\locale\NB\LC_MESSAGES
  • %Program Files%\2BrightSparks\SyncBackSE\locale\SV
  • %Program Files%\2BrightSparks\SyncBackSE\locale\SV\LC_MESSAGES
  • %Program Files%\2BrightSparks\SyncBackSE\locale\JA
  • %Program Files%\2BrightSparks\SyncBackSE\locale\JA\LC_MESSAGES
  • %Start Menu%\Programs\2BrightSparks
  • %Start Menu%\Programs\2BrightSparks\SyncBackSE

(註:%System Root%フォルダは、標準設定では "C:" です。また、オペレーティングシステムが存在する場所です。. %User Profile% フォルダは、Windows 2000、XP および Server 2003 の場合、通常、"C:\Documents and Settings\<ユーザ名>"、Windows Vista および 7 の場合、"C:\Users\<ユーザ名>" です。. %User Temp%フォルダはWindowsの種類とインストール時の設定などにより異なります。標準設定では、Windows 2000、XP および Server 2003 の場合、"C:\Documents and Settings\<ユーザー名>\Local Settings\Temp"、Windows Vista および 7 の場合、"C:\Users\<ユーザ名>\AppData\Local\Temp" です。. %Program Files%フォルダは、Windows 2000、Server 2003、XP (32ビット)、通常 Vista (32ビット) および 7 (32ビット) の場合、通常 "C:\Program Files"、Windows XP (64ビット)、Vista (64ビット) および 7 (64ビット) の場合、通常 "C:\Program Files (x86)" です。. %Application Data%フォルダは、Windows 2000、XP および Server 2003 の場合、通常 "C:\Documents and Settings\<ユーザ名>\Local Settings\Application Data"、Windows Vista および 7 の場合、"C:\Users\<ユーザ名>\AppData\Roaming" です。. %Start Menu%フォルダは、Windows 2000、XP および Server 2003 の場合、通常、"C:\Windows\Start Menu" または "C:\Documents and Settings\<ユーザ名>\Start Menu"、Windows Vista および 7 の場合、"C:\Users\<ユーザ名>\AppData\Roaming\Microsoft\Windows\Start Menu" です。)

他のシステム変更

マルウェアは、以下のファイルを削除します。

  • %User Temp%\nsi1.tmp
  • %User Temp%\nsc2.tmp
  • %Start Menu%\Programs\2BrightSparks\SyncBackSE\SyncBackSE.pif
  • %Start Menu%\Programs\2BrightSparks\SyncBackSE\SyncBackSE.url
  • %Start Menu%\Programs\2BrightSparks\SyncBackSE\Help.pif
  • %Start Menu%\Programs\2BrightSparks\SyncBackSE\Help.url
  • %Start Menu%\Programs\2BrightSparks\SyncBackSE\Mailing List.pif
  • %Start Menu%\Programs\2BrightSparks\SyncBackSE\Mailing List.url
  • %Start Menu%\Programs\2BrightSparks\SyncBackSE\Online Forums.pif
  • %Start Menu%\Programs\2BrightSparks\SyncBackSE\Online Forums.url
  • %Start Menu%\Programs\2BrightSparks\SyncBackSE\Uninstall SyncBackSE.pif
  • %Start Menu%\Programs\2BrightSparks\SyncBackSE\Uninstall SyncBackSE.url
  • %Desktop%\SyncBackSE.pif
  • %Desktop%\SyncBackSE.url

(註:%User Temp%フォルダはWindowsの種類とインストール時の設定などにより異なります。標準設定では、Windows 2000、XP および Server 2003 の場合、"C:\Documents and Settings\<ユーザー名>\Local Settings\Temp"、Windows Vista および 7 の場合、"C:\Users\<ユーザ名>\AppData\Local\Temp" です。. %Start Menu%フォルダは、Windows 2000、XP および Server 2003 の場合、通常、"C:\Windows\Start Menu" または "C:\Documents and Settings\<ユーザ名>\Start Menu"、Windows Vista および 7 の場合、"C:\Users\<ユーザ名>\AppData\Roaming\Microsoft\Windows\Start Menu" です。. %Desktop%フォルダは、Windows 2000、XP および Server 2003 の場合、通常 "C:\Documents and Settings\<ユーザ名>\デスクトップ"、Windows Vista および 7 の場合、"C:\Users\<ユーザ名>\デスクトップ" です。)

マルウェアは、以下のレジストリキーを追加します。

HKEY_LOCAL_MACHINE\Software\Microsoft\
Windows\Help

HKEY_LOCAL_MACHINE\Software\2BrightSparks\
SyncBackSE

HKEY_CURRENT_USER\Software\2BrightSparks\
SyncBackSE

HKEY_CLASSES_ROOT\XceedSoftware.XceedZip.5

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
XceedSoftware.XceedZip.5\CLSID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
XceedSoftware.XceedZip.5\Insertable

HKEY_CLASSES_ROOT\XceedSoftware.XceedZip

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
XceedSoftware.XceedZip\CLSID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
XceedSoftware.XceedZip\CurVer

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}\ProgID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}\VersionIndependentProgID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}\Programmable

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}\InprocServer32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}\Control

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}\Insertable

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}\ToolboxBitmap32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}\MiscStatus

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}\MiscStatus\
1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}\Version

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}\Verb

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}\Verb\
1

HKEY_CLASSES_ROOT\XceedSoftware.XceedCompression.5

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
XceedSoftware.XceedCompression.5\CLSID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
XceedSoftware.XceedCompression.5\Insertable

HKEY_CLASSES_ROOT\XceedSoftware.XceedCompression

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
XceedSoftware.XceedCompression\CLSID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
XceedSoftware.XceedCompression\CurVer

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}\ProgID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}\VersionIndependentProgID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}\Programmable

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}\InprocServer32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}\Control

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}\Insertable

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}\ToolboxBitmap32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}\MiscStatus

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}\MiscStatus\
1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}\Version

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}\Verb

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}\Verb\
1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372}\5.3

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372}\5.3\
FLAGS

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372}\5.3\
0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372}\5.3\
0\win32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372}\5.3\
HELPDIR

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{6CC24AD7-458C-45E6-B63C-8CC268A61EF7}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{6CC24AD7-458C-45E6-B63C-8CC268A61EF7}\ProxyStubClsid

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{6CC24AD7-458C-45E6-B63C-8CC268A61EF7}\ProxyStubClsid32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{6CC24AD7-458C-45E6-B63C-8CC268A61EF7}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{DB79768F-40E0-11D2-9BD5-0060082AE372}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{DB79768F-40E0-11D2-9BD5-0060082AE372}\ProxyStubClsid

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{DB79768F-40E0-11D2-9BD5-0060082AE372}\ProxyStubClsid32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{DB79768F-40E0-11D2-9BD5-0060082AE372}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{A0CECD40-EB84-11D2-A5CD-00105A9C91C6}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{A0CECD40-EB84-11D2-A5CD-00105A9C91C6}\ProxyStubClsid

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{A0CECD40-EB84-11D2-A5CD-00105A9C91C6}\ProxyStubClsid32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{A0CECD40-EB84-11D2-A5CD-00105A9C91C6}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{31C2DDD0-B692-11D4-BFE3-0060082AE372}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{31C2DDD0-B692-11D4-BFE3-0060082AE372}\ProxyStubClsid

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{31C2DDD0-B692-11D4-BFE3-0060082AE372}\ProxyStubClsid32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{31C2DDD0-B692-11D4-BFE3-0060082AE372}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{CC6FD600-EE1D-11D4-801A-0060082AE372}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{CC6FD600-EE1D-11D4-801A-0060082AE372}\ProxyStubClsid

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{CC6FD600-EE1D-11D4-801A-0060082AE372}\ProxyStubClsid32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{CC6FD600-EE1D-11D4-801A-0060082AE372}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{07189400-00F2-11D5-802D-0060082AE372}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{07189400-00F2-11D5-802D-0060082AE372}\ProxyStubClsid

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{07189400-00F2-11D5-802D-0060082AE372}\ProxyStubClsid32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{07189400-00F2-11D5-802D-0060082AE372}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{BAA1401E-3F5F-47A4-870B-431D602D2488}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{BAA1401E-3F5F-47A4-870B-431D602D2488}\ProxyStubClsid

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{BAA1401E-3F5F-47A4-870B-431D602D2488}\ProxyStubClsid32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{BAA1401E-3F5F-47A4-870B-431D602D2488}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{7B78FDFA-2139-4FDC-9D81-4D4B9EF79271}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{7B78FDFA-2139-4FDC-9D81-4D4B9EF79271}\ProxyStubClsid

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{7B78FDFA-2139-4FDC-9D81-4D4B9EF79271}\ProxyStubClsid32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{7B78FDFA-2139-4FDC-9D81-4D4B9EF79271}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{6991A191-8F4D-41CB-BFEA-5F5ED909FBD5}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{6991A191-8F4D-41CB-BFEA-5F5ED909FBD5}\ProxyStubClsid

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{6991A191-8F4D-41CB-BFEA-5F5ED909FBD5}\ProxyStubClsid32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{6991A191-8F4D-41CB-BFEA-5F5ED909FBD5}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{AAC4831F-8C1F-434E-9F80-7F1B5B0036E0}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{AAC4831F-8C1F-434E-9F80-7F1B5B0036E0}\ProxyStubClsid

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{AAC4831F-8C1F-434E-9F80-7F1B5B0036E0}\ProxyStubClsid32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{AAC4831F-8C1F-434E-9F80-7F1B5B0036E0}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{31C2DDD1-B692-11D4-BFE3-0060082AE372}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{31C2DDD1-B692-11D4-BFE3-0060082AE372}\ProxyStubClsid

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{31C2DDD1-B692-11D4-BFE3-0060082AE372}\ProxyStubClsid32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{31C2DDD1-B692-11D4-BFE3-0060082AE372}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{31C2DDD2-B692-11D4-BFE3-0060082AE372}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{31C2DDD2-B692-11D4-BFE3-0060082AE372}\ProxyStubClsid

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{31C2DDD2-B692-11D4-BFE3-0060082AE372}\ProxyStubClsid32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{31C2DDD2-B692-11D4-BFE3-0060082AE372}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{DB797691-40E0-11D2-9BD5-0060082AE372}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{DB797691-40E0-11D2-9BD5-0060082AE372}\ProxyStubClsid

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{DB797691-40E0-11D2-9BD5-0060082AE372}\ProxyStubClsid32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{DB797691-40E0-11D2-9BD5-0060082AE372}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{77243A10-00F3-11D5-802D-0060082AE372}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{77243A10-00F3-11D5-802D-0060082AE372}\ProxyStubClsid

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{77243A10-00F3-11D5-802D-0060082AE372}\ProxyStubClsid32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{77243A10-00F3-11D5-802D-0060082AE372}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{4C836511-BB70-11D2-A5A7-00105A9C91C6}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{4C836511-BB70-11D2-A5A7-00105A9C91C6}\ProxyStubClsid

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{4C836511-BB70-11D2-A5A7-00105A9C91C6}\ProxyStubClsid32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{4C836511-BB70-11D2-A5A7-00105A9C91C6}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{05D56700-EB90-11D2-A5CD-00105A9C91C6}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{05D56700-EB90-11D2-A5CD-00105A9C91C6}\ProxyStubClsid

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{05D56700-EB90-11D2-A5CD-00105A9C91C6}\ProxyStubClsid32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{05D56700-EB90-11D2-A5CD-00105A9C91C6}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{99C11080-CD22-11D4-BFFA-0060082AE372}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{99C11080-CD22-11D4-BFFA-0060082AE372}\ProxyStubClsid

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{99C11080-CD22-11D4-BFFA-0060082AE372}\ProxyStubClsid32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{99C11080-CD22-11D4-BFFA-0060082AE372}\TypeLib

マルウェアは、以下のレジストリ値を追加します。

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\Help
SyncbackSE.chm = "%Program Files%\2BrightSparks\SyncBackSE"

HKEY_LOCAL_MACHINE\SOFTWARE\2BrightSparks\
SyncBackSE
InstalledPath = "%Program Files%\2BrightSparks\SyncBackSE"

HKEY_CURRENT_USER\Software\2BrightSparks\
SyncBackSE
Language = "en"

HKEY_LOCAL_MACHINE\SOFTWARE\2BrightSparks\
SyncBackSE
Language = "en"

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}\InprocServer32
ThreadingModel = "Both"

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}\InprocServer32
ThreadingModel = "Both"

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{6CC24AD7-458C-45E6-B63C-8CC268A61EF7}\TypeLib
Version = "5.3"

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{DB79768F-40E0-11D2-9BD5-0060082AE372}\TypeLib
Version = "5.3"

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{A0CECD40-EB84-11D2-A5CD-00105A9C91C6}\TypeLib
Version = "5.3"

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{31C2DDD0-B692-11D4-BFE3-0060082AE372}\TypeLib
Version = "5.3"

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{CC6FD600-EE1D-11D4-801A-0060082AE372}\TypeLib
Version = "5.3"

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{07189400-00F2-11D5-802D-0060082AE372}\TypeLib
Version = "5.3"

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{BAA1401E-3F5F-47A4-870B-431D602D2488}\TypeLib
Version = "5.3"

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{7B78FDFA-2139-4FDC-9D81-4D4B9EF79271}\TypeLib
Version = "5.3"

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{6991A191-8F4D-41CB-BFEA-5F5ED909FBD5}\TypeLib
Version = "5.3"

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{AAC4831F-8C1F-434E-9F80-7F1B5B0036E0}\TypeLib
Version = "5.3"

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{31C2DDD1-B692-11D4-BFE3-0060082AE372}\TypeLib
Version = "5.3"

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{31C2DDD2-B692-11D4-BFE3-0060082AE372}\TypeLib
Version = "5.3"

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{DB797691-40E0-11D2-9BD5-0060082AE372}\TypeLib
Version = "5.3"

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{77243A10-00F3-11D5-802D-0060082AE372}\TypeLib
Version = "5.3"

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{4C836511-BB70-11D2-A5A7-00105A9C91C6}\TypeLib
Version = "5.3"

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{05D56700-EB90-11D2-A5CD-00105A9C91C6}\TypeLib
Version = "5.3"

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{99C11080-CD22-11D4-BFFA-0060082AE372}\TypeLib
Version = "5.3"

作成活動

マルウェアは、以下のファイルを作成します。

  • %User Temp%\nsc2.tmp\SyncBackSE_Setup.exe
  • %User Temp%\nsc2.tmp\binded.exe
  • %User Temp%\is-KI48U.tmp\SyncBackSE_Setup.tmp
  • %User Temp%\is-J8M0P.tmp\_isetup\_RegDLL.tmp
  • %User Temp%\is-J8M0P.tmp\_isetup\_shfoldr.dll
  • %User Temp%\is-J8M0P.tmp\Update3to4.exe
  • %User Temp%\is-J8M0P.tmp\Upgrading.htm
  • %User Temp%\is-J8M0P.tmp\upgrade-v3-v4-1.gif
  • %User Temp%\is-J8M0P.tmp\upgrade-v3-v4-2.gif
  • %User Temp%\is-J8M0P.tmp\upgrade-v3-v4-3.jpg
  • %User Temp%\is-J8M0P.tmp\issi_splash.bmp
  • %Program Files%\2BrightSparks\SyncBackSE\unins000.dat
  • %Program Files%\2BrightSparks\SyncBackSE\is-1GMBC.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-M5D6J.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-VQHDT.tmp
  • %Application Data%\2BrightSparks\SyncBack\is-1F8EL.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-2ICVM.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-N12N2.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-DFIN6.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-H4RG5.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-PFB65.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-25KIH.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-64I7I.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-EBO51.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-7ALTK.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-CPJIP.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-QBRVP.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-4OIH2.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-Q79OP.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-OM6LH.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-JPAKI.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-VR7S0.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-CKGUC.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-76OSI.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-1VDEM.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-HGSHI.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-47P96.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-997DJ.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-OHEAS.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-EEQ1G.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-TJA7U.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-FVFIC.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-FQNPS.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-NMCVJ.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\CA\LC_MESSAGES\is-Q9QTD.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\CA\LC_MESSAGES\is-91SON.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\DE\LC_MESSAGES\is-1QR0F.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\DE\LC_MESSAGES\is-H233I.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\DE\LC_MESSAGES\is-EV80A.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\ES\LC_MESSAGES\is-R2MI9.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\ES\LC_MESSAGES\is-4MLND.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\ES\LC_MESSAGES\is-BR996.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\FR\LC_MESSAGES\is-MM9RE.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\FR\LC_MESSAGES\is-SIEKT.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\FR\LC_MESSAGES\is-CEOBD.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\IT\LC_MESSAGES\is-L99G7.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\IT\LC_MESSAGES\is-PBADG.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\IT\LC_MESSAGES\is-9LEQ8.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\NL\LC_MESSAGES\is-5ABT8.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\NL\LC_MESSAGES\is-098SC.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\NL\LC_MESSAGES\is-QBR99.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\PL\LC_MESSAGES\is-3Q705.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\PL\LC_MESSAGES\is-07O1L.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\PT_BR\LC_MESSAGES\is-9V5LD.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\PT_BR\LC_MESSAGES\is-DBBLH.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\PT_BR\LC_MESSAGES\is-F0R89.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\ZH\LC_MESSAGES\is-J191C.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\ZH\LC_MESSAGES\is-0FL73.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\ZH_HK\LC_MESSAGES\is-M4UCU.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\HU\LC_MESSAGES\is-83HOE.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\HU\LC_MESSAGES\is-LNLP6.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\CS\LC_MESSAGES\is-RJ216.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\CS\LC_MESSAGES\is-1PVUB.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\NB\LC_MESSAGES\is-NG0QC.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\NB\LC_MESSAGES\is-EH5PR.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\SV\LC_MESSAGES\is-UH9ND.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\SV\LC_MESSAGES\is-DTSCE.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\SV\LC_MESSAGES\is-C1SRQ.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\JA\LC_MESSAGES\is-5TN82.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\JA\LC_MESSAGES\is-2MR1G.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\JA\LC_MESSAGES\is-RULDV.tmp
  • %Start Menu%\Programs\2BrightSparks\SyncBackSE\SyncBackSE.lnk
  • %Start Menu%\Programs\2BrightSparks\SyncBackSE\Help.lnk
  • %Start Menu%\Programs\2BrightSparks\SyncBackSE\Mailing List.lnk
  • %Start Menu%\Programs\2BrightSparks\SyncBackSE\Online Forums.lnk
  • %Start Menu%\Programs\2BrightSparks\SyncBackSE\Uninstall SyncBackSE.lnk
  • %Desktop%\SyncBackSE.lnk

(註:%User Temp%フォルダはWindowsの種類とインストール時の設定などにより異なります。標準設定では、Windows 2000、XP および Server 2003 の場合、"C:\Documents and Settings\<ユーザー名>\Local Settings\Temp"、Windows Vista および 7 の場合、"C:\Users\<ユーザ名>\AppData\Local\Temp" です。. %Program Files%フォルダは、Windows 2000、Server 2003、XP (32ビット)、通常 Vista (32ビット) および 7 (32ビット) の場合、通常 "C:\Program Files"、Windows XP (64ビット)、Vista (64ビット) および 7 (64ビット) の場合、通常 "C:\Program Files (x86)" です。. %Application Data%フォルダは、Windows 2000、XP および Server 2003 の場合、通常 "C:\Documents and Settings\<ユーザ名>\Local Settings\Application Data"、Windows Vista および 7 の場合、"C:\Users\<ユーザ名>\AppData\Roaming" です。. %Start Menu%フォルダは、Windows 2000、XP および Server 2003 の場合、通常、"C:\Windows\Start Menu" または "C:\Documents and Settings\<ユーザ名>\Start Menu"、Windows Vista および 7 の場合、"C:\Users\<ユーザ名>\AppData\Roaming\Microsoft\Windows\Start Menu" です。. %Desktop%フォルダは、Windows 2000、XP および Server 2003 の場合、通常 "C:\Documents and Settings\<ユーザ名>\デスクトップ"、Windows Vista および 7 の場合、"C:\Users\<ユーザ名>\デスクトップ" です。)

このウイルス情報は、自動解析システムにより作成されました。

  対応方法

対応検索エンジン: 9.200

手順 1

Windows XP、Windows Vista および Windows 7 のユーザは、コンピュータからマルウェアもしくはアドウェア等を完全に削除するために、ウイルス検索の実行前には必ず「システムの復元」を無効にしてください。

手順 2

このレジストリキーを削除します。

[ 詳細 ]

警告:レジストリはWindowsの構成情報が格納されているデータベースであり、レジストリの編集内容に問題があると、システムが正常に動作しなくなる場合があります。
レジストリの編集はお客様の責任で行っていただくようお願いいたします。弊社ではレジストリの編集による如何なる問題に対しても補償いたしかねます。
レジストリの編集前にこちらをご参照ください。

  • In HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
    • Help
  • In HKEY_LOCAL_MACHINE\Software\2BrightSparks
    • SyncBackSE
  • In HKEY_CURRENT_USER\Software\2BrightSparks
    • SyncBackSE
  • In HKEY_CLASSES_ROOT
    • XceedSoftware.XceedZip.5
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XceedSoftware.XceedZip.5
    • CLSID
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XceedSoftware.XceedZip.5
    • Insertable
  • In HKEY_CLASSES_ROOT
    • XceedSoftware.XceedZip
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XceedSoftware.XceedZip
    • CLSID
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XceedSoftware.XceedZip
    • CurVer
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID
    • {DB797690-40E0-11D2-9BD5-0060082AE372}
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
    • ProgID
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
    • VersionIndependentProgID
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
    • Programmable
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
    • InprocServer32
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
    • Control
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
    • Insertable
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
    • ToolboxBitmap32
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
    • MiscStatus
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}\MiscStatus
    • 1
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
    • TypeLib
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
    • Version
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
    • Verb
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}\Verb
    • 1
  • In HKEY_CLASSES_ROOT
    • XceedSoftware.XceedCompression.5
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XceedSoftware.XceedCompression.5
    • CLSID
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XceedSoftware.XceedCompression.5
    • Insertable
  • In HKEY_CLASSES_ROOT
    • XceedSoftware.XceedCompression
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XceedSoftware.XceedCompression
    • CLSID
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XceedSoftware.XceedCompression
    • CurVer
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID
    • {4C836512-BB70-11D2-A5A7-00105A9C91C6}
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
    • ProgID
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
    • VersionIndependentProgID
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
    • Programmable
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
    • InprocServer32
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
    • Control
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
    • Insertable
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
    • ToolboxBitmap32
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
    • MiscStatus
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}\MiscStatus
    • 1
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
    • TypeLib
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
    • Version
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
    • Verb
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}\Verb
    • 1
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib
    • {DB797681-40E0-11D2-9BD5-0060082AE372}
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372}
    • 5.3
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372}\5.3
    • FLAGS
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372}\5.3
    • 0
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372}\5.3\0
    • win32
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372}\5.3
    • HELPDIR
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface
    • {6CC24AD7-458C-45E6-B63C-8CC268A61EF7}
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6CC24AD7-458C-45E6-B63C-8CC268A61EF7}
    • ProxyStubClsid
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6CC24AD7-458C-45E6-B63C-8CC268A61EF7}
    • ProxyStubClsid32
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6CC24AD7-458C-45E6-B63C-8CC268A61EF7}
    • TypeLib
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface
    • {DB79768F-40E0-11D2-9BD5-0060082AE372}
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DB79768F-40E0-11D2-9BD5-0060082AE372}
    • ProxyStubClsid
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DB79768F-40E0-11D2-9BD5-0060082AE372}
    • ProxyStubClsid32
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DB79768F-40E0-11D2-9BD5-0060082AE372}
    • TypeLib
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface
    • {A0CECD40-EB84-11D2-A5CD-00105A9C91C6}
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A0CECD40-EB84-11D2-A5CD-00105A9C91C6}
    • ProxyStubClsid
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A0CECD40-EB84-11D2-A5CD-00105A9C91C6}
    • ProxyStubClsid32
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A0CECD40-EB84-11D2-A5CD-00105A9C91C6}
    • TypeLib
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface
    • {31C2DDD0-B692-11D4-BFE3-0060082AE372}
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{31C2DDD0-B692-11D4-BFE3-0060082AE372}
    • ProxyStubClsid
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{31C2DDD0-B692-11D4-BFE3-0060082AE372}
    • ProxyStubClsid32
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{31C2DDD0-B692-11D4-BFE3-0060082AE372}
    • TypeLib
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface
    • {CC6FD600-EE1D-11D4-801A-0060082AE372}
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CC6FD600-EE1D-11D4-801A-0060082AE372}
    • ProxyStubClsid
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CC6FD600-EE1D-11D4-801A-0060082AE372}
    • ProxyStubClsid32
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CC6FD600-EE1D-11D4-801A-0060082AE372}
    • TypeLib
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface
    • {07189400-00F2-11D5-802D-0060082AE372}
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{07189400-00F2-11D5-802D-0060082AE372}
    • ProxyStubClsid
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{07189400-00F2-11D5-802D-0060082AE372}
    • ProxyStubClsid32
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{07189400-00F2-11D5-802D-0060082AE372}
    • TypeLib
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface
    • {BAA1401E-3F5F-47A4-870B-431D602D2488}
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BAA1401E-3F5F-47A4-870B-431D602D2488}
    • ProxyStubClsid
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BAA1401E-3F5F-47A4-870B-431D602D2488}
    • ProxyStubClsid32
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BAA1401E-3F5F-47A4-870B-431D602D2488}
    • TypeLib
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface
    • {7B78FDFA-2139-4FDC-9D81-4D4B9EF79271}
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7B78FDFA-2139-4FDC-9D81-4D4B9EF79271}
    • ProxyStubClsid
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7B78FDFA-2139-4FDC-9D81-4D4B9EF79271}
    • ProxyStubClsid32
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7B78FDFA-2139-4FDC-9D81-4D4B9EF79271}
    • TypeLib
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface
    • {6991A191-8F4D-41CB-BFEA-5F5ED909FBD5}
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6991A191-8F4D-41CB-BFEA-5F5ED909FBD5}
    • ProxyStubClsid
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6991A191-8F4D-41CB-BFEA-5F5ED909FBD5}
    • ProxyStubClsid32
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6991A191-8F4D-41CB-BFEA-5F5ED909FBD5}
    • TypeLib
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface
    • {AAC4831F-8C1F-434E-9F80-7F1B5B0036E0}
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AAC4831F-8C1F-434E-9F80-7F1B5B0036E0}
    • ProxyStubClsid
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AAC4831F-8C1F-434E-9F80-7F1B5B0036E0}
    • ProxyStubClsid32
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AAC4831F-8C1F-434E-9F80-7F1B5B0036E0}
    • TypeLib
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface
    • {31C2DDD1-B692-11D4-BFE3-0060082AE372}
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{31C2DDD1-B692-11D4-BFE3-0060082AE372}
    • ProxyStubClsid
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{31C2DDD1-B692-11D4-BFE3-0060082AE372}
    • ProxyStubClsid32
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{31C2DDD1-B692-11D4-BFE3-0060082AE372}
    • TypeLib
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface
    • {31C2DDD2-B692-11D4-BFE3-0060082AE372}
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{31C2DDD2-B692-11D4-BFE3-0060082AE372}
    • ProxyStubClsid
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{31C2DDD2-B692-11D4-BFE3-0060082AE372}
    • ProxyStubClsid32
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{31C2DDD2-B692-11D4-BFE3-0060082AE372}
    • TypeLib
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface
    • {DB797691-40E0-11D2-9BD5-0060082AE372}
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DB797691-40E0-11D2-9BD5-0060082AE372}
    • ProxyStubClsid
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DB797691-40E0-11D2-9BD5-0060082AE372}
    • ProxyStubClsid32
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DB797691-40E0-11D2-9BD5-0060082AE372}
    • TypeLib
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface
    • {77243A10-00F3-11D5-802D-0060082AE372}
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{77243A10-00F3-11D5-802D-0060082AE372}
    • ProxyStubClsid
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{77243A10-00F3-11D5-802D-0060082AE372}
    • ProxyStubClsid32
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{77243A10-00F3-11D5-802D-0060082AE372}
    • TypeLib
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface
    • {4C836511-BB70-11D2-A5A7-00105A9C91C6}
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4C836511-BB70-11D2-A5A7-00105A9C91C6}
    • ProxyStubClsid
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4C836511-BB70-11D2-A5A7-00105A9C91C6}
    • ProxyStubClsid32
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4C836511-BB70-11D2-A5A7-00105A9C91C6}
    • TypeLib
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface
    • {05D56700-EB90-11D2-A5CD-00105A9C91C6}
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{05D56700-EB90-11D2-A5CD-00105A9C91C6}
    • ProxyStubClsid
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{05D56700-EB90-11D2-A5CD-00105A9C91C6}
    • ProxyStubClsid32
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{05D56700-EB90-11D2-A5CD-00105A9C91C6}
    • TypeLib
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface
    • {99C11080-CD22-11D4-BFFA-0060082AE372}
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{99C11080-CD22-11D4-BFFA-0060082AE372}
    • ProxyStubClsid
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{99C11080-CD22-11D4-BFFA-0060082AE372}
    • ProxyStubClsid32
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{99C11080-CD22-11D4-BFFA-0060082AE372}
    • TypeLib

手順 3

このレジストリ値を削除します。

[ 詳細 ]

警告:レジストリはWindowsの構成情報が格納されているデータベースであり、レジストリの編集内容に問題があると、システムが正常に動作しなくなる場合があります。
レジストリの編集はお客様の責任で行っていただくようお願いいたします。弊社ではレジストリの編集による如何なる問題に対しても補償いたしかねます。
レジストリの編集前にこちらをご参照ください。

  • In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Help
    • SyncbackSE.chm="%Program Files%\2BrightSparks\SyncBackSE"
  • In HKEY_LOCAL_MACHINE\SOFTWARE\2BrightSparks\SyncBackSE
    • InstalledPath="%Program Files%\2BrightSparks\SyncBackSE"
  • In HKEY_CURRENT_USER\Software\2BrightSparks\SyncBackSE
    • Language="en"
  • In HKEY_LOCAL_MACHINE\SOFTWARE\2BrightSparks\SyncBackSE
    • Language="en"
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}\InprocServer32
    • ThreadingModel="Both"
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}\InprocServer32
    • ThreadingModel="Both"
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6CC24AD7-458C-45E6-B63C-8CC268A61EF7}\TypeLib
    • Version="5.3"
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DB79768F-40E0-11D2-9BD5-0060082AE372}\TypeLib
    • Version="5.3"
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A0CECD40-EB84-11D2-A5CD-00105A9C91C6}\TypeLib
    • Version="5.3"
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{31C2DDD0-B692-11D4-BFE3-0060082AE372}\TypeLib
    • Version="5.3"
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CC6FD600-EE1D-11D4-801A-0060082AE372}\TypeLib
    • Version="5.3"
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{07189400-00F2-11D5-802D-0060082AE372}\TypeLib
    • Version="5.3"
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BAA1401E-3F5F-47A4-870B-431D602D2488}\TypeLib
    • Version="5.3"
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7B78FDFA-2139-4FDC-9D81-4D4B9EF79271}\TypeLib
    • Version="5.3"
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6991A191-8F4D-41CB-BFEA-5F5ED909FBD5}\TypeLib
    • Version="5.3"
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AAC4831F-8C1F-434E-9F80-7F1B5B0036E0}\TypeLib
    • Version="5.3"
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{31C2DDD1-B692-11D4-BFE3-0060082AE372}\TypeLib
    • Version="5.3"
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{31C2DDD2-B692-11D4-BFE3-0060082AE372}\TypeLib
    • Version="5.3"
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DB797691-40E0-11D2-9BD5-0060082AE372}\TypeLib
    • Version="5.3"
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{77243A10-00F3-11D5-802D-0060082AE372}\TypeLib
    • Version="5.3"
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4C836511-BB70-11D2-A5A7-00105A9C91C6}\TypeLib
    • Version="5.3"
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{05D56700-EB90-11D2-A5CD-00105A9C91C6}\TypeLib
    • Version="5.3"
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{99C11080-CD22-11D4-BFFA-0060082AE372}\TypeLib
    • Version="5.3"

手順 4

以下のフォルダを検索し削除します。

[ 詳細 ]
フォルダが隠しフォルダ属性に設定されている場合があります。[詳細設定オプション]をクリックし、[隠しファイルとフォルダの検索]のチェックボックスをオンにし、検索結果に隠しファイルとフォルダが含まれるようにしてください。
  • %System Root%\DOCUME~1
  • %System Root%\DOCUME~1\ADMINI~1
  • %User Profile%\LOCALS~1
  • %User Temp%\nsc2.tmp
  • %User Temp%\is-KI48U.tmp
  • %User Temp%\is-J8M0P.tmp
  • %User Temp%\is-J8M0P.tmp\_isetup
  • %Program Files%\2BrightSparks
  • %Program Files%\2BrightSparks\SyncBackSE
  • %Application Data%\2BrightSparks
  • %Application Data%\2BrightSparks\SyncBack
  • %Program Files%\2BrightSparks\SyncBackSE\locale
  • %Program Files%\2BrightSparks\SyncBackSE\locale\CA
  • %Program Files%\2BrightSparks\SyncBackSE\locale\CA\LC_MESSAGES
  • %Program Files%\2BrightSparks\SyncBackSE\locale\DE
  • %Program Files%\2BrightSparks\SyncBackSE\locale\DE\LC_MESSAGES
  • %Program Files%\2BrightSparks\SyncBackSE\locale\ES
  • %Program Files%\2BrightSparks\SyncBackSE\locale\ES\LC_MESSAGES
  • %Program Files%\2BrightSparks\SyncBackSE\locale\FR
  • %Program Files%\2BrightSparks\SyncBackSE\locale\FR\LC_MESSAGES
  • %Program Files%\2BrightSparks\SyncBackSE\locale\IT
  • %Program Files%\2BrightSparks\SyncBackSE\locale\IT\LC_MESSAGES
  • %Program Files%\2BrightSparks\SyncBackSE\locale\NL
  • %Program Files%\2BrightSparks\SyncBackSE\locale\NL\LC_MESSAGES
  • %Program Files%\2BrightSparks\SyncBackSE\locale\PL
  • %Program Files%\2BrightSparks\SyncBackSE\locale\PL\LC_MESSAGES
  • %Program Files%\2BrightSparks\SyncBackSE\locale\PT_BR
  • %Program Files%\2BrightSparks\SyncBackSE\locale\PT_BR\LC_MESSAGES
  • %Program Files%\2BrightSparks\SyncBackSE\locale\ZH
  • %Program Files%\2BrightSparks\SyncBackSE\locale\ZH\LC_MESSAGES
  • %Program Files%\2BrightSparks\SyncBackSE\locale\ZH_HK
  • %Program Files%\2BrightSparks\SyncBackSE\locale\ZH_HK\LC_MESSAGES
  • %Program Files%\2BrightSparks\SyncBackSE\locale\HU
  • %Program Files%\2BrightSparks\SyncBackSE\locale\HU\LC_MESSAGES
  • %Program Files%\2BrightSparks\SyncBackSE\locale\CS
  • %Program Files%\2BrightSparks\SyncBackSE\locale\CS\LC_MESSAGES
  • %Program Files%\2BrightSparks\SyncBackSE\locale\NB
  • %Program Files%\2BrightSparks\SyncBackSE\locale\NB\LC_MESSAGES
  • %Program Files%\2BrightSparks\SyncBackSE\locale\SV
  • %Program Files%\2BrightSparks\SyncBackSE\locale\SV\LC_MESSAGES
  • %Program Files%\2BrightSparks\SyncBackSE\locale\JA
  • %Program Files%\2BrightSparks\SyncBackSE\locale\JA\LC_MESSAGES
  • %Start Menu%\Programs\2BrightSparks
  • %Start Menu%\Programs\2BrightSparks\SyncBackSE

手順 5

以下のファイルを検索し削除します。

[ 詳細 ]
コンポーネントファイルが隠しファイル属性の場合があります。[詳細設定オプション]をクリックし、[隠しファイルとフォルダの検索]のチェックボックスをオンにし、検索結果に隠しファイルとフォルダが含まれるようにしてください。
  • %User Temp%\nsc2.tmp\SyncBackSE_Setup.exe
  • %User Temp%\nsc2.tmp\binded.exe
  • %User Temp%\is-KI48U.tmp\SyncBackSE_Setup.tmp
  • %User Temp%\is-J8M0P.tmp\_isetup\_RegDLL.tmp
  • %User Temp%\is-J8M0P.tmp\_isetup\_shfoldr.dll
  • %User Temp%\is-J8M0P.tmp\Update3to4.exe
  • %User Temp%\is-J8M0P.tmp\Upgrading.htm
  • %User Temp%\is-J8M0P.tmp\upgrade-v3-v4-1.gif
  • %User Temp%\is-J8M0P.tmp\upgrade-v3-v4-2.gif
  • %User Temp%\is-J8M0P.tmp\upgrade-v3-v4-3.jpg
  • %User Temp%\is-J8M0P.tmp\issi_splash.bmp
  • %Program Files%\2BrightSparks\SyncBackSE\unins000.dat
  • %Program Files%\2BrightSparks\SyncBackSE\is-1GMBC.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-M5D6J.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-VQHDT.tmp
  • %Application Data%\2BrightSparks\SyncBack\is-1F8EL.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-2ICVM.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-N12N2.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-DFIN6.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-H4RG5.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-PFB65.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-25KIH.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-64I7I.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-EBO51.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-7ALTK.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-CPJIP.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-QBRVP.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-4OIH2.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-Q79OP.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-OM6LH.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-JPAKI.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-VR7S0.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-CKGUC.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-76OSI.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-1VDEM.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-HGSHI.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-47P96.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-997DJ.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-OHEAS.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-EEQ1G.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-TJA7U.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-FVFIC.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-FQNPS.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\is-NMCVJ.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\CA\LC_MESSAGES\is-Q9QTD.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\CA\LC_MESSAGES\is-91SON.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\DE\LC_MESSAGES\is-1QR0F.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\DE\LC_MESSAGES\is-H233I.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\DE\LC_MESSAGES\is-EV80A.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\ES\LC_MESSAGES\is-R2MI9.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\ES\LC_MESSAGES\is-4MLND.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\ES\LC_MESSAGES\is-BR996.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\FR\LC_MESSAGES\is-MM9RE.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\FR\LC_MESSAGES\is-SIEKT.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\FR\LC_MESSAGES\is-CEOBD.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\IT\LC_MESSAGES\is-L99G7.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\IT\LC_MESSAGES\is-PBADG.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\IT\LC_MESSAGES\is-9LEQ8.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\NL\LC_MESSAGES\is-5ABT8.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\NL\LC_MESSAGES\is-098SC.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\NL\LC_MESSAGES\is-QBR99.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\PL\LC_MESSAGES\is-3Q705.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\PL\LC_MESSAGES\is-07O1L.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\PT_BR\LC_MESSAGES\is-9V5LD.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\PT_BR\LC_MESSAGES\is-DBBLH.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\PT_BR\LC_MESSAGES\is-F0R89.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\ZH\LC_MESSAGES\is-J191C.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\ZH\LC_MESSAGES\is-0FL73.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\ZH_HK\LC_MESSAGES\is-M4UCU.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\HU\LC_MESSAGES\is-83HOE.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\HU\LC_MESSAGES\is-LNLP6.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\CS\LC_MESSAGES\is-RJ216.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\CS\LC_MESSAGES\is-1PVUB.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\NB\LC_MESSAGES\is-NG0QC.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\NB\LC_MESSAGES\is-EH5PR.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\SV\LC_MESSAGES\is-UH9ND.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\SV\LC_MESSAGES\is-DTSCE.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\SV\LC_MESSAGES\is-C1SRQ.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\JA\LC_MESSAGES\is-5TN82.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\JA\LC_MESSAGES\is-2MR1G.tmp
  • %Program Files%\2BrightSparks\SyncBackSE\locale\JA\LC_MESSAGES\is-RULDV.tmp
  • %Start Menu%\Programs\2BrightSparks\SyncBackSE\SyncBackSE.lnk
  • %Start Menu%\Programs\2BrightSparks\SyncBackSE\Help.lnk
  • %Start Menu%\Programs\2BrightSparks\SyncBackSE\Mailing List.lnk
  • %Start Menu%\Programs\2BrightSparks\SyncBackSE\Online Forums.lnk
  • %Start Menu%\Programs\2BrightSparks\SyncBackSE\Uninstall SyncBackSE.lnk
  • %Desktop%\SyncBackSE.lnk

手順 6

最新のバージョン(エンジン、パターンファイル)を導入したウイルス対策製品を用い、ウイルス検索を実行してください。「TROJ_DONTOVO.SMJ」と検出したファイルはすべて削除してください。 検出されたファイルが、弊社ウイルス対策製品により既に駆除、隔離またはファイル削除の処理が実行された場合、ウイルスの処理は完了しており、他の削除手順は特にありません。

手順 7

以下のファイルをバックアップを用いて修復します。なお、マイクロソフト製品に関連したファイルのみ修復されます。このマルウェア/グレイウェア/スパイウェアが同社製品以外のプログラムをも削除した場合には、該当プログラムを再度インストールする必要があります。

  • %User Temp%\nsi1.tmp
  • %User Temp%\nsc2.tmp
  • %Start Menu%\Programs\2BrightSparks\SyncBackSE\SyncBackSE.pif
  • %Start Menu%\Programs\2BrightSparks\SyncBackSE\SyncBackSE.url
  • %Start Menu%\Programs\2BrightSparks\SyncBackSE\Help.pif
  • %Start Menu%\Programs\2BrightSparks\SyncBackSE\Help.url
  • %Start Menu%\Programs\2BrightSparks\SyncBackSE\Mailing List.pif
  • %Start Menu%\Programs\2BrightSparks\SyncBackSE\Mailing List.url
  • %Start Menu%\Programs\2BrightSparks\SyncBackSE\Online Forums.pif
  • %Start Menu%\Programs\2BrightSparks\SyncBackSE\Online Forums.url
  • %Start Menu%\Programs\2BrightSparks\SyncBackSE\Uninstall SyncBackSE.pif
  • %Start Menu%\Programs\2BrightSparks\SyncBackSE\Uninstall SyncBackSE.url
  • %Desktop%\SyncBackSE.pif
  • %Desktop%\SyncBackSE.url


ご利用はいかがでしたか? アンケートにご協力ください