TROJ_WYSOTOT.AD
別名:
TrojanDownloader:Win32/Wysotot.A (Microsoft); PUP-FFP!FF28945EA7E9. (McAfee); Download.Adware (Symantec); HEUR:Trojan.Win32.Generic (Kaspersky); Trojan.Win32.Generic!BT (Sunbelt)
プラットフォーム:
Windows 2000, Windows Server 2003, Windows XP (32-bit, 64-bit), Windows Vista (32-bit, 64-bit), Windows 7 (32-bit, 64-bit)
危険度:
ダメージ度:
感染力:
感染確認数:
マルウェアタイプ:
トロイの木馬型
破壊活動の有無:
なし
暗号化:
感染報告の有無 :
はい
概要
マルウェアは、他のマルウェアに作成されるか、悪意あるWebサイトからユーザが誤ってダウンロードすることによりコンピュータに侵入します。
詳細
ファイルサイズ 105,832 bytes
タイプ EXE
メモリ常駐 はい
発見日 2014年5月30日
侵入方法
マルウェアは、他のマルウェアに作成されるか、悪意あるWebサイトからユーザが誤ってダウンロードすることによりコンピュータに侵入します。
インストール
マルウェアは、以下のフォルダを作成します。
- %User Profile%\Application Data\eIntaller
- %User Profile%\eIntaller\25DF7284A552470dA9952942DDC2D2F8
- %User Temp%\Desk365
- %User Temp%\Desk365\Desk_365
- %User Temp%\Desk365\Desk_365/desk_bkg
- %User Temp%\Desk365\Desk_365/image
- %User Temp%\Desk365\Desk_365/image/default
- %User Temp%\Desk365\Desk_365/image/default/awp
- %User Temp%\Desk365\Desk_365/image/default/cmn
- %User Temp%\Desk365\Desk_365/image/default/notify
- %User Temp%\Desk365\Desk_365/image/default/tips
- %User Temp%\Desk365\Desk_365/image/default/tips/en_us
- %User Temp%\Desk365\Desk_365/image/default/tips/es_es
- %User Temp%\Desk365\Desk_365/image/default/tips/pt_br
- %User Temp%\Desk365\Desk_365/image/default/tips/tr_tr
- %User Temp%\Desk365\Desk_365/image/default/upgrade
- %User Temp%\Desk365\Desk_365/language
- %User Temp%\Desk365\Desk_365/language/en_us
- %User Temp%\Desk365\Desk_365/language/es_es
- %User Temp%\Desk365\Desk_365/language/pt_br
- %User Temp%\Desk365\Desk_365/language/tr_tr
- %User Temp%\Desk365\Desk_365/language/zh_cn
- %User Temp%\Desk365\Desk_365/language/zh_tw
- %User Temp%\Desk365\Desk_365/layout
- %User Temp%\Desk365\Desk_365/layout/default
- %User Temp%\Desk365\Desk_365/popres
- %User Temp%\Desk365\Desk_365/promote
- %User Temp%\Desk365\Desk_365/style
- %User Temp%\Desk365\Desk_365/uninstaller
- %User Temp%\Desk365\eInstall
- %User Temp%\Desk365\eInstall/image
- %User Temp%\Desk365\eInstall/image/default
- %User Temp%\Desk365\eInstall/Install
- %User Temp%\Desk365\eInstall/language
- %User Temp%\Desk365\eInstall/language/en_us
- %User Temp%\Desk365\eInstall/language/es_es
- %User Temp%\Desk365\eInstall/language/pt_br
- %User Temp%\Desk365\eInstall/language/tr_tr
- %User Temp%\Desk365\eInstall/language/zh_cn
- %User Temp%\Desk365\eInstall/language/zh_tw
- %User Temp%\Desk365\eInstall/layout
- %User Temp%\Desk365\eInstall/layout/default
- %User Temp%\Desk365\eInstall/style
- %User Profile%\Application Data\Desk 365
(註:%User Profile% フォルダは、Windows 2000、XP および Server 2003 の場合、通常、"C:\Documents and Settings\<ユーザ名>"、Windows Vista および 7 の場合、"C:\Users\<ユーザ名>" です。. %User Temp%フォルダはWindowsの種類とインストール時の設定などにより異なります。標準設定では、Windows 2000、XP および Server 2003 の場合、"C:\Documents and Settings\<ユーザー名>\Local Settings\Temp"、Windows Vista および 7 の場合、"C:\Users\<ユーザ名>\AppData\Local\Temp" です。)
自動実行方法
マルウェアは、自身のコピーがWindows起動時に自動実行されるよう以下のレジストリ値を追加します。
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Run
Desk 365 = "%Program Files%\Desk 365\desk365.exe /autorun"
マルウェアは、自身をシステムサービスとして登録し、Windows起動時に自動実行されるよう以下のレジストリキーを追加します。
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\EventLog\Application\
desksvc
他のシステム変更
マルウェアは、以下のファイルを改変します。
- %Start Menu%\Programs\Internet Explorer.lnk
(註:%Start Menu%フォルダは、Windows 2000、XP および Server 2003 の場合、通常、"C:\Windows\Start Menu" または "C:\Documents and Settings\<ユーザ名>\Start Menu"、Windows Vista および 7 の場合、"C:\Users\<ユーザ名>\AppData\Roaming\Microsoft\Windows\Start Menu" です。)
マルウェアは、以下のレジストリキーを追加します。
HKEY_LOCAL_MACHINE\SOFTWARE\V9Software
HKEY_LOCAL_MACHINE\SOFTWARE\V9Software\
v9hp
HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\SearchScopes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Desk 365
HKEY_LOCAL_MACHINE\Software\V9\
Desk 365\General
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\MAIN\FeatureControl\
FEATURE_BROWSER_EMULATION
HKEY_LOCAL_MACHINE\SOFTWARE\deskSvc
HKEY_LOCAL_MACHINE\SOFTWARE\hdcode
マルウェアは、以下のレジストリ値を追加します。
HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\Main
Default_Page_URL = "{random characters}"
HKEY_LOCAL_MACHINE\SOFTWARE\V9Software\
v9hp
oem = "test"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Fonts
Segoe UI(OpenType) = "segoeui.ttf"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Fonts
Segoe UI Bold(OpenType) = "segoeuib.ttf"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Desk 365
UninstallString = "%Program Files%\Desk 365\eUninstall.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Desk 365
DisplayIcon = "%Program Files%\Desk 365\desk365.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Desk 365
DisplayVersion = "1.15.10"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Desk 365
URLInfoAbout = "http://www.{BLOCKED}65.com"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Desk 365
Publisher = "337 Technology Limited."
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Desk 365
DisplayName = "Desk 365"
HKEY_LOCAL_MACHINE\SOFTWARE\V9\
Desk 365\General
path = "%Program Files%\Desk 365"
HKEY_LOCAL_MACHINE\SOFTWARE\V9\
Desk 365\General
Language = "49"
HKEY_LOCAL_MACHINE\SOFTWARE\hdcode
dsk = "1.15.10"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Main\FeatureControl\
FEATURE_BROWSER_EMULATION
gamelogin.exe = "0"
HKEY_LOCAL_MACHINE\SOFTWARE\deskSvc
svc = "desksvc"
HKEY_LOCAL_MACHINE\SOFTWARE\deskSvc
oem = "dsk"
HKEY_LOCAL_MACHINE\SOFTWARE\deskSvc
oemver = "1.15.10"
HKEY_LOCAL_MACHINE\SOFTWARE\deskSvc
softuid = "Global\Desk365{98330085-163B-4933-B593-AB7637D77523}Desk"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\
Services\Eventlog\Application\
desksvc
EventMessageFile = "%Program Files%\Desk 365\deskSvc.exe"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\
Services\Eventlog\Application\
desksvc
TypesSupported = "7"
HKEY_LOCAL_MACHINE\SOFTWARE\hdcode
MachineGuid = "VMwareXVirtualXIDEXHardXDrive_00000000000000000001"
マルウェアは、以下のレジストリ値を変更します。
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Main
Start Page = "{random characters}"
(註:変更前の上記レジストリ値は、「http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home」となります。)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Main
Default_Page_URL = "{random characters}"
(註:変更前の上記レジストリ値は、「http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome」となります。)
HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\Main
Start Page = "{random characters}"
(註:変更前の上記レジストリ値は、「http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome」となります。)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Search
CustomizeSearch = "{random characters}"
(註:変更前の上記レジストリ値は、「http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm」となります。)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Search
SearchAssistant = "{random characters}"
(註:変更前の上記レジストリ値は、「http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm」となります。)
作成活動
マルウェアは、以下のファイルを作成します。
- %User Profile%\25DF7284A552470dA9952942DDC2D2F8\Config.ini
- %User Profile%\25DF7284A552470dA9952942DDC2D2F8\eXQ.exe
- %User Profile%\25DF7284A552470dA9952942DDC2D2F8\Desk365.exe
- %User Profile%\25DF7284A552470dA9952942DDC2D2F8\eGdpSvc.exe
- %User Profile%\Quick Launch\Launch Internet Explorer Browser.lnk
- %User Profile%\25DF7284A552470dA9952942DDC2D2F8\Desk365.exe.bk
- %User Temp%\installer.7z
- %User Temp%\Desk365\Desk_365/accelerate
- %User Temp%\Desk365\Desk_365/firstrun
- %User Temp%\Desk365\Desk_365/replacegc
- %User Temp%\Desk365\Desk_365/main
- %User Temp%\Desk365\eInstall/main
- %User Temp%\Desk365\Desk_365/image/default/finding.gif
- %User Temp%\Desk365\Desk_365/image/default/awp/1.png
- %User Temp%\Desk365\Desk_365/image/default/awp/2.png
- %User Temp%\Desk365\Desk_365/image/default/awp/3.png
- %User Temp%\Desk365\Desk_365/image/default/accelerate_button_bkg.png
- %User Temp%\Desk365\Desk_365/image/default/add_button.png
- %User Temp%\Desk365\Desk_365/image/default/add_flash.png
- %User Temp%\Desk365\Desk_365/image/default/add_shortcut.png
- %User Temp%\Desk365\Desk_365/image/default/add_shortcut_mouseover.png
- %User Temp%\Desk365\Desk_365/image/default/app_icon.png
- %User Temp%\Desk365\eInstall/image/default/app_icon.png
- %User Temp%\Desk365\Desk_365/image/default/app_menu.png
- %User Temp%\Desk365\Desk_365/image/default/app_screen.png
- %User Temp%\Desk365\Desk_365/image/default/arrow_left.png
- %User Temp%\Desk365\Desk_365/image/default/arrow_right.png
- %User Temp%\Desk365\Desk_365/image/default/bg_hover.png
- %User Temp%\Desk365\Desk_365/image/default/bg_pushed.png
- %User Temp%\Desk365\Desk_365/image/default/bug.png
- %User Temp%\Desk365\Desk_365/image/default/button_delete.png
- %User Temp%\Desk365\Desk_365/image/default/button_selected.png
- %User Temp%\Desk365\Desk_365/image/default/button_skin.png
- %User Temp%\Desk365\Desk_365/image/default/change_skin.png
- %User Temp%\Desk365\eInstall/image/default/change_skin.png
- %User Temp%\Desk365\Desk_365/image/default/check_checked.png
- %User Temp%\Desk365\Desk_365/image/default/check_intermediate.png
- %User Temp%\Desk365\Desk_365/image/default/check_uncheck.png
- %User Temp%\Desk365\Desk_365/image/default/cloud_flash.png
- %User Temp%\Desk365\Desk_365/image/default/collectlnkdlg.png
- %User Temp%\Desk365\Desk_365/image/default/combo_skin.png
- %User Temp%\Desk365\eInstall/image/default/combo_skin.png
- %User Temp%\Desk365\Desk_365/image/default/combo_skin_op.png
- %User Temp%\Desk365\Desk_365/image/default/customize.png
- %User Temp%\Desk365\Desk_365/image/default/customize_bk.png
- %User Temp%\Desk365\Desk_365/image/default/custom_screen.png
- %User Temp%\Desk365\Desk_365/image/default/delete_button.png
- %User Temp%\Desk365\Desk_365/image/default/DeskBkgnd.png
- %User Temp%\Desk365\Desk_365/image/default/deskbtnbk.png
- %User Temp%\Desk365\Desk_365/image/default/desktopmasks_bk.png
- %User Temp%\Desk365\Desk_365/image/default/desk_about_bg.png
- %User Temp%\Desk365\Desk_365/desk_bkg/desk_bkg_1.png
- %User Temp%\Desk365\Desk_365/desk_bkg/desk_bkg_2.png
- %User Temp%\Desk365\Desk_365/desk_bkg/desk_bkg_3.png
- %User Temp%\Desk365\Desk_365/desk_bkg/desk_bkg_4.png
- %User Temp%\Desk365\Desk_365/desk_bkg/desk_bkg_5.png
- %User Temp%\Desk365\Desk_365/desk_bkg/desk_bkg_default.png
- %User Temp%\Desk365\Desk_365/image/default/desk_close.png
- %User Temp%\Desk365\Desk_365/image/default/desk_cmd_list.png
- %User Temp%\Desk365\Desk_365/image/default/desk_default_bk.png
- %User Temp%\Desk365\Desk_365/image/default/desk_edit.png
- %User Temp%\Desk365\Desk_365/image/default/desk_fbar.png
- %User Temp%\Desk365\Desk_365/image/default/desk_menu.png
- %User Temp%\Desk365\Desk_365/image/default/desk_more.png
- %User Temp%\Desk365\Desk_365/image/default/desk_skin.png
- %User Temp%\Desk365\Desk_365/image/default/tips/pt_br/desk_tip1.png
- %User Temp%\Desk365\Desk_365/image/default/tips/en_us/desk_tip1.png
- %User Temp%\Desk365\Desk_365/image/default/tips/tr_tr/desk_tip1.png
- %User Temp%\Desk365\Desk_365/image/default/tips/es_es/desk_tip1.png
- %User Temp%\Desk365\Desk_365/image/default/tips/pt_br/desk_tip2.png
- %User Temp%\Desk365\Desk_365/image/default/tips/en_us/desk_tip2.png
- %User Temp%\Desk365\Desk_365/image/default/tips/tr_tr/desk_tip2.png
- %User Temp%\Desk365\Desk_365/image/default/tips/es_es/desk_tip2.png
- %User Temp%\Desk365\Desk_365/image/default/tips/pt_br/desk_tip3.png
- %User Temp%\Desk365\Desk_365/image/default/tips/en_us/desk_tip3.png
- %User Temp%\Desk365\Desk_365/image/default/tips/tr_tr/desk_tip3.png
- %User Temp%\Desk365\Desk_365/image/default/tips/es_es/desk_tip3.png
- %User Temp%\Desk365\Desk_365/image/default/DlgBkgnd.png
- %User Temp%\Desk365\Desk_365/image/default/edesk_hover.png
- %User Temp%\Desk365\Desk_365/image/default/edesk_hover_small.png
- %User Temp%\Desk365\Desk_365/image/default/edesk_normal.png
- %User Temp%\Desk365\Desk_365/image/default/edit_skin.png
- %User Temp%\Desk365\eInstall/image/default/edit_skin.png
- %User Temp%\Desk365\Desk_365/image/default/edit_skin_op.png
- %User Temp%\Desk365\Desk_365/image/default/cmn/game_bk_wnd.png
- %User Temp%\Desk365\Desk_365/image/default/cmn/game_close.png
- %User Temp%\Desk365\Desk_365/image/default/cmn/game_hide.png
- %User Temp%\Desk365\Desk_365/image/default/cmn/game_max.png
- %User Temp%\Desk365\Desk_365/image/default/cmn/game_min.png
- %User Temp%\Desk365\Desk_365/image/default/cmn/game_restore.png
- %User Temp%\Desk365\Desk_365/image/default/cmn/game_system.png
- %User Temp%\Desk365\Desk_365/image/default/tips/pt_br/help1.png
- %User Temp%\Desk365\Desk_365/image/default/tips/en_us/help1.png
- %User Temp%\Desk365\Desk_365/image/default/tips/tr_tr/help1.png
- %User Temp%\Desk365\Desk_365/image/default/tips/es_es/help1.png
- %User Temp%\Desk365\Desk_365/image/default/tips/pt_br/help2.png
- %User Temp%\Desk365\Desk_365/image/default/tips/en_us/help2.png
- %User Temp%\Desk365\Desk_365/image/default/tips/tr_tr/help2.png
- %User Temp%\Desk365\Desk_365/image/default/tips/es_es/help2.png
- %User Temp%\Desk365\Desk_365/image/default/tips/pt_br/help3.png
- %User Temp%\Desk365\Desk_365/image/default/tips/en_us/help3.png
- %User Temp%\Desk365\Desk_365/image/default/tips/tr_tr/help3.png
- %User Temp%\Desk365\Desk_365/image/default/tips/es_es/help3.png
- %User Temp%\Desk365\Desk_365/image/default/horizontal_line.png
- %User Temp%\Desk365\Desk_365/image/default/hscroll.png
- %User Temp%\Desk365\Desk_365/image/default/icon_Tip.png
- %User Temp%\Desk365\Desk_365/image/default/improve_arrow.png
- %User Temp%\Desk365\Desk_365/image/default/indicator.png
- %User Temp%\Desk365\Desk_365/image/default/installing1.png
- %User Temp%\Desk365\Desk_365/image/default/installing2.png
- %User Temp%\Desk365\Desk_365/image/default/installing_bg.png
- %User Temp%\Desk365\Desk_365/image/default/install_back.png
- %User Temp%\Desk365\eInstall/image/default/install_back.png
- %User Temp%\Desk365\Desk_365/image/default/install_button_skin.png
- %User Temp%\Desk365\eInstall/image/default/install_button_skin.png
- %User Temp%\Desk365\Desk_365/image/default/install_check_checked.png
- %User Temp%\Desk365\eInstall/image/default/install_check_checked.png
- %User Temp%\Desk365\Desk_365/image/default/install_check_intermediate.png
- %User Temp%\Desk365\eInstall/image/default/install_check_intermediate.png
- %User Temp%\Desk365\Desk_365/image/default/install_check_uncheck.png
- %User Temp%\Desk365\eInstall/image/default/install_check_uncheck.png
- %User Temp%\Desk365\Desk_365/image/default/install_hover.png
- %User Temp%\Desk365\Desk_365/image/default/install_logo.png
- %User Temp%\Desk365\eInstall/image/default/install_logo.png
- %User Temp%\Desk365\Desk_365/image/default/install_normal.png
- %User Temp%\Desk365\Desk_365/image/default/large-arrow.png
- %User Temp%\Desk365\Desk_365/image/default/large_add_icon.png
- %User Temp%\Desk365\Desk_365/image/default/line-foot.png
- %User Temp%\Desk365\Desk_365/image/default/line-top.png
- %User Temp%\Desk365\Desk_365/image/default/line_ver.png
- %User Temp%\Desk365\Desk_365/image/default/loading.png
- %User Temp%\Desk365\Desk_365/image/default/menuitem_selbk.png
- %User Temp%\Desk365\Desk_365/image/default/cmn/menu_bg.png
- %User Temp%\Desk365\Desk_365/image/default/menu_bk.png
- %User Temp%\Desk365\Desk_365/image/default/cmn/menu_iconlist.png
- %User Temp%\Desk365\Desk_365/image/default/cmn/menu_item_over.png
- %User Temp%\Desk365\Desk_365/image/default/msg_btn_close.png
- %User Temp%\Desk365\Desk_365/image/default/msg_center.png
- %User Temp%\Desk365\Desk_365/image/default/new_icon.png
- %User Temp%\Desk365\Desk_365/image/default/new_icon_xp.png
- %User Temp%\Desk365\Desk_365/image/default/nextpage.png
- %User Temp%\Desk365\Desk_365/image/default/nothing.png
- %User Temp%\Desk365\Desk_365/image/default/notify/notify_bg.png
- %User Temp%\Desk365\Desk_365/popres/notify_bg.png
- %User Temp%\Desk365\Desk_365/image/default/notify/notify_close.png
- %User Temp%\Desk365\Desk_365/popres/notify_close.png
- %User Temp%\Desk365\Desk_365/image/default/num.png
- %User Temp%\Desk365\Desk_365/image/default/number.png
- %User Temp%\Desk365\Desk_365/image/default/PageBtnBkg.png
- %User Temp%\Desk365\Desk_365/image/default/PageNavigate.png
- %User Temp%\Desk365\Desk_365/image/default/patch_file_icon.png
- %User Temp%\Desk365\eInstall/image/default/patch_file_icon.png
- %User Temp%\Desk365\Desk_365/image/default/percent_sign.png
- %User Temp%\Desk365\Desk_365/image/default/pic-error.png
- %User Temp%\Desk365\Desk_365/image/default/cmn/pic-error.png
- %User Temp%\Desk365\eInstall/image/default/pic-error.png
- %User Temp%\Desk365\Desk_365/image/default/pic-info.png
- %User Temp%\Desk365\Desk_365/image/default/cmn/pic-info.png
- %User Temp%\Desk365\eInstall/image/default/pic-info.png
- %User Temp%\Desk365\Desk_365/image/default/pic-question.png
- %User Temp%\Desk365\Desk_365/image/default/cmn/pic-question.png
- %User Temp%\Desk365\eInstall/image/default/pic-question.png
- %User Temp%\Desk365\Desk_365/image/default/pic-warning.png
- %User Temp%\Desk365\Desk_365/image/default/cmn/pic-warning.png
- %User Temp%\Desk365\eInstall/image/default/pic-warning.png
- %User Temp%\Desk365\Desk_365/image/default/tips/play.png
- %User Temp%\Desk365\Desk_365/image/default/popup_dialog_bk.png
- %User Temp%\Desk365\eInstall/image/default/popup_dialog_bk.png
- %User Temp%\Desk365\Desk_365/image/default/pop_msg_bk.png
- %User Temp%\Desk365\Desk_365/image/default/prepage.png
- %User Temp%\Desk365\Desk_365/image/default/cmn/prepare.png
- %User Temp%\Desk365\Desk_365/image/default/previewdialog.png
- %User Temp%\Desk365\Desk_365/image/default/progressbar_bk.png
- %User Temp%\Desk365\eInstall/image/default/progressbar_bk.png
- %User Temp%\Desk365\Desk_365/image/default/progressbar_image.png
- %User Temp%\Desk365\eInstall/image/default/progressbar_image.png
- %User Temp%\Desk365\Desk_365/image/default/progress_bk.png
- %User Temp%\Desk365\Desk_365/image/default/progress_meter.png
- %User Temp%\Desk365\eInstall/image/default/radio_normal.png
- %User Temp%\Desk365\Desk_365/image/default/radio_normal.png
- %User Temp%\Desk365\eInstall/image/default/radio_selected.png
- %User Temp%\Desk365\Desk_365/image/default/radio_selected.png
- %User Temp%\Desk365\Desk_365/image/default/resclear_best_tip_bkg.png
- %User Temp%\Desk365\Desk_365/image/default/resclear_footer_bkg.png
- %User Temp%\Desk365\Desk_365/image/default/resclear_green_check.png
- %User Temp%\Desk365\Desk_365/image/default/resclear_main_bkg.png
- %User Temp%\Desk365\Desk_365/image/default/resclear_tip_bkg.png
- %User Temp%\Desk365\Desk_365/image/default/resource_usage_progress_bkg.png
- %User Temp%\Desk365\Desk_365/image/default/resource_usage_progress_green.png
- %User Temp%\Desk365\Desk_365/image/default/resource_usage_progress_red.png
- %User Temp%\Desk365\Desk_365/image/default/resource_usage_progress_yellow.png
- %User Temp%\Desk365\Desk_365/image/default/return_bk.png
- %User Temp%\Desk365\Desk_365/image/default/rocket_ship.png
- %User Temp%\Desk365\Desk_365/image/default/sc_button.png
- %User Temp%\Desk365\Desk_365/image/default/sc_line.png
- %User Temp%\Desk365\Desk_365/image/default/selected.png
- %User Temp%\Desk365\Desk_365/image/default/SettingBk.png
- %User Temp%\Desk365\Desk_365/image/default/shortcut_Tip.png
- %User Temp%\Desk365\Desk_365/image/default/shutdown_button_bkg.png
- %User Temp%\Desk365\Desk_365/image/default/shutdown_more_button_bkg.png
- %User Temp%\Desk365\Desk_365/image/default/SkinMgr_bg.png
- %User Temp%\Desk365\Desk_365/image/default/soft_desk.png
- %User Temp%\Desk365\Desk_365/popres/soft_desk.png
- %User Temp%\Desk365\Desk_365/image/default/spliter_skin.png
- %User Temp%\Desk365\Desk_365/image/default/tips/pt_br/start.png
- %User Temp%\Desk365\Desk_365/image/default/tips/en_us/start.png
- %User Temp%\Desk365\Desk_365/image/default/tips/tr_tr/start.png
- %User Temp%\Desk365\Desk_365/image/default/tips/es_es/start.png
- %User Temp%\Desk365\Desk_365/image/default/upgrade/start.png
- %User Temp%\Desk365\Desk_365/image/default/start_menu_bk.png
- %User Temp%\Desk365\Desk_365/image/default/switch_screen.png
- %User Temp%\Desk365\Desk_365/image/default/sys_close.png
- %User Temp%\Desk365\eInstall/image/default/sys_close.png
- %User Temp%\Desk365\Desk_365/image/default/sys_max.png
- %User Temp%\Desk365\Desk_365/image/default/sys_min.png
- %User Temp%\Desk365\Desk_365/image/default/sys_restore.png
- %User Temp%\Desk365\Desk_365/image/default/sys_setting.png
- %User Temp%\Desk365\Desk_365/image/default/tips/pt_br/tips_click_here.png
- %User Temp%\Desk365\Desk_365/image/default/tips/en_us/tips_click_here.png
- %User Temp%\Desk365\Desk_365/image/default/tips/tr_tr/tips_click_here.png
- %User Temp%\Desk365\Desk_365/image/default/tips/es_es/tips_click_here.png
- %User Temp%\Desk365\Desk_365/image/default/title_bar.png
- %User Temp%\Desk365\Desk_365/image/default/toolbar_tips_bottom.png
- %User Temp%\Desk365\Desk_365/image/default/toolbar_tips_left.png
- %User Temp%\Desk365\Desk_365/image/default/toolbar_tips_right.png
- %User Temp%\Desk365\Desk_365/image/default/toolbar_tips_top.png
- %User Temp%\Desk365\Desk_365/image/default/vertical_line.png
- %User Temp%\Desk365\Desk_365/image/default/vscroll.png
- %User Temp%\Desk365\Desk_365/image/default/web_menu.png
- %User Temp%\Desk365\Desk_365/image/default/web_screen.png
- %User Temp%\Desk365\Desk_365/image/default/WIN7_bjSmall_X.png
- %User Temp%\Desk365\Desk_365/image/default/WIN7_bjSmall_Y.png
- %User Temp%\Desk365\Desk_365/image/default/WIN7_bj_X.png
- %User Temp%\Desk365\Desk_365/image/default/WIN7_bj_Y.png
- %User Temp%\Desk365\Desk_365/image/default/wp_bk.png
- %User Temp%\Desk365\Desk_365/image/default/wp_meter.png
- %User Temp%\Desk365\Desk_365/image/default/XP_bj_hover.png
- %User Temp%\Desk365\Desk_365/image/default/XP_bj_normal.png
- %User Temp%\Desk365\Desk_365/image/default/cmn/popup_dialog_bk.bmp
- %User Temp%\Desk365\Desk_365/image/default/progressbar_bk.bmp
- %User Temp%\Desk365\Desk_365/image/default/progressbar_image.bmp
- %User Temp%\Desk365\Desk_365/image/default/spliter_bar_bk_left.bmp
- %User Temp%\Desk365\Desk_365/image/default/spliter_bar_bk_right.bmp
- %User Temp%\Desk365\Desk_365/image/default/sys_imglist.bmp
- %User Temp%\Desk365\Desk_365/image/default/vertical_border.bmp
- %User Temp%\Desk365\Desk_365/image/default/337.ico
- %User Temp%\Desk365\Desk_365/promote/337.ico
- %User Temp%\Desk365\Desk_365/image/default/angrybirds.ico
- %User Temp%\Desk365\Desk_365/promote/barbie.ico
- %User Temp%\Desk365\Desk_365/promote/facebook.ico
- %User Temp%\Desk365\Desk_365/promote/GameCenter.ico
- %User Temp%\Desk365\Desk_365/promote/google.ico
- %User Temp%\Desk365\Desk_365/promote/mario.ico
- %User Temp%\Desk365\Desk_365/promote/twitter.ico
- %User Temp%\Desk365\Desk_365/image/default/v9.ico
- %User Temp%\Desk365\Desk_365/promote/v9.ico
- %User Temp%\Desk365\Desk_365/image/default/wallpaper.ico
- %User Temp%\Desk365\Desk_365/promote/youtube.ico
- %User Temp%\Desk365\Desk_365/layout/default/add_shortcut.xml
- %User Temp%\Desk365\Desk_365/layout/default/add_shortcut_tip.xml
- %User Temp%\Desk365\Desk_365/layout/default/auto_start.xml
- %User Temp%\Desk365\Desk_365/layout/default/bug_report.xml
- %User Temp%\Desk365\Desk_365/layout/default/delete_tip.xml
- %User Temp%\Desk365\Desk_365/layout/default/desk.xml
- %User Temp%\Desk365\Desk_365/layout/default/desk_about.xml
- %User Temp%\Desk365\Desk_365/layout/default/desk_bkg.xml
- %User Temp%\Desk365\Desk_365/desk_bkg_list.xml
- %User Temp%\Desk365\Desk_365/layout/default/desk_collect_lnk.xml
- %User Temp%\Desk365\Desk_365/layout/default/desk_help.xml
- %User Temp%\Desk365\Desk_365/layout/default/desk_helptip.xml
- %User Temp%\Desk365\Desk_365/layout/default/desk_hover_dlg.xml
- %User Temp%\Desk365\Desk_365/desk_list.xml
- %User Temp%\Desk365\Desk_365/layout/default/desk_mgr.xml
- %User Temp%\Desk365\Desk_365/layout/default/desk_msgbox.xml
- %User Temp%\Desk365\Desk_365/layout/default/desk_rename.xml
- %User Temp%\Desk365\Desk_365/layout/default/desk_resclear_besttip.xml
- %User Temp%\Desk365\Desk_365/layout/default/desk_resclear_main.xml
- %User Temp%\Desk365\Desk_365/layout/default/desk_resclear_tip.xml
- %User Temp%\Desk365\Desk_365/layout/default/desk_settings.xml
- %User Temp%\Desk365\Desk_365/layout/default/desk_set_url.xml
- %User Temp%\Desk365\eInstall/layout/default/eDeskInstall.xml
- %User Temp%\Desk365\Desk_365/layout/default/gamelogin.xml
- %User Temp%\Desk365\eInstall/layout/default/gamelogin.xml
- %User Temp%\Desk365\Desk_365/layout/default/gl_game.xml
- %User Temp%\Desk365\Desk_365/layout/default/gl_newwindow.xml
- %User Temp%\Desk365\Desk_365/image/default/gl_res.xml
- %User Temp%\Desk365\Desk_365/style/gl_style.xml
- %User Temp%\Desk365\Desk_365/layout/default/import_shortcut.xml
- %User Temp%\Desk365\Desk_365/layout/default/install_msgbox.xml
- %User Temp%\Desk365\eInstall/layout/default/install_msgbox.xml
- %User Temp%\Desk365\Desk_365/image/default/install_resource.xml
- %User Temp%\Desk365\eInstall/image/default/install_resource.xml
- %User Temp%\Desk365\Desk_365/style/install_style.xml
- %User Temp%\Desk365\eInstall/style/install_style.xml
- %User Temp%\Desk365\Desk_365/layout/default/languageSelect.xml
- %User Temp%\Desk365\eInstall/layout/default/languageSelect.xml
- %User Temp%\Desk365\Desk_365/layout/default/msgbox.xml
- %User Temp%\Desk365\Desk_365/layout/default/msg_center.xml
- %User Temp%\Desk365\Desk_365/popres/notifyproxy.xml
- %User Temp%\Desk365\Desk_365/layout/default/popMsgBox.xml
- %User Temp%\Desk365\Desk_365/layout/default/pop_context.xml
- %User Temp%\Desk365\Desk_365/layout/default/pop_message.xml
- %User Temp%\Desk365\Desk_365/layout/default/pop_standard.xml
- %User Temp%\Desk365\Desk_365/popres/pop_standard.xml
- %User Temp%\Desk365\Desk_365/process_mgr.xml
- %User Temp%\Desk365\Desk_365/promote.xml
- %User Temp%\Desk365\Desk_365/recent.xml
- %User Temp%\Desk365\Desk_365/image/default/resource.xml
- %User Temp%\Desk365\Desk_365/popres/resource.xml
- %User Temp%\Desk365\Desk_365/layout/default/set_res_used_percent.xml
- %User Temp%\Desk365\Desk_365/layout/default/shutdown_tip.xml
- %User Temp%\Desk365\Desk_365/popres/style.xml
- %User Temp%\Desk365\Desk_365/style/style.xml
- %User Temp%\Desk365\Desk_365/layout/default/uninsteDesk.xml
- %User Temp%\Desk365\Desk_365/layout/default/uninstgl.xml
- %User Temp%\Desk365\eInstall/layout/default/uninstgl.xml
- %User Temp%\Desk365\Desk_365/layout/default/update.xml
- %User Temp%\Desk365\Desk_365/layout/default/upgrade_guide.xml
- %User Temp%\Desk365\Desk_365/language/protocol.txt
- %User Temp%\Desk365\eInstall/language/protocol.txt
- %User Temp%\Desk365\Desk_365/desk_settings.ini
- %User Temp%\Desk365\Desk_365/language/en_us/edesk.ini
- %User Temp%\Desk365\Desk_365/language/pt_br/edesk.ini
- %User Temp%\Desk365\Desk_365/language/tr_tr/edesk.ini
- %User Temp%\Desk365\Desk_365/language/es_es/edesk.ini
- %User Temp%\Desk365\Desk_365/language/en_us/game_login.ini
- %User Temp%\Desk365\Desk_365/language/pt_br/game_login.ini
- %User Temp%\Desk365\Desk_365/language/tr_tr/game_login.ini
- %User Temp%\Desk365\Desk_365/language/es_es/game_login.ini
- %User Temp%\Desk365\Desk_365/language/zh_tw/game_login.ini
- %User Temp%\Desk365\Desk_365/language/en_us/install_lang.ini
- %User Temp%\Desk365\eInstall/language/en_us/install_lang.ini
- %User Temp%\Desk365\Desk_365/language/pt_br/install_lang.ini
- %User Temp%\Desk365\eInstall/language/pt_br/install_lang.ini
- %User Temp%\Desk365\Desk_365/language/tr_tr/install_lang.ini
- %User Temp%\Desk365\eInstall/language/tr_tr/install_lang.ini
- %User Temp%\Desk365\Desk_365/language/es_es/install_lang.ini
- %User Temp%\Desk365\eInstall/language/es_es/install_lang.ini
- %User Temp%\Desk365\eInstall/segoeui.ttf
- %User Temp%\Desk365\eInstall/segoeuib.ttf
- %User Temp%\Desk365\Desk_365/gl.db
- %User Temp%\Desk365\eInstall/Install/4zip.inst
- %User Temp%\Desk365\eInstall/Install/AirZip.inst
- %User Temp%\Desk365\Desk_365/uninstaller/eDesk.inst
- %User Temp%\Desk365\eInstall/Install/edesk.inst
- %User Temp%\Desk365\Desk_365/uninstaller/gamelogin.inst
- %User Temp%\Desk365\eInstall/Install/gamelogin.inst
- %User Temp%\Desk365\Desk_365/Desk365.exe
- %User Temp%\Desk365\Desk_365/DeskExternal.exe
- %User Temp%\Desk365\Desk_365/DeskSvc.exe
- %User Temp%\Desk365\Desk_365/eDhelper.exe
- %User Temp%\Desk365\Desk_365/eDhelper64.exe
- %User Temp%\Desk365\eInstall/eInstall.exe
- %User Temp%\Desk365\Desk_365/eUninstall.exe
- %User Temp%\Desk365\Desk_365/TrayDownloader.exe
- %User Temp%\Desk365\Desk_365/WinZipperdl.exe
- %User Temp%\Desk365\Desk_365/yacdl.exe
- %User Temp%\Desk365\Desk_365/ebase.dll
- %User Temp%\Desk365\Desk_365/edeskcmn.dll
- %User Temp%\Desk365\Desk_365/edis.dll
- %User Temp%\Desk365\Desk_365/edis64.dll
- %User Temp%\Desk365\Desk_365/ElexDbg.dll
- %User Temp%\Desk365\Desk_365/enotify.dll
- %User Temp%\Desk365\Desk_365/libpng.dll
- %User Temp%\Desk365\Desk_365/libpopdlg.dll
- %User Temp%\Desk365\Desk_365/mbdet.dll
- %User Temp%\Desk365\eInstall/msvcp100.dll
- %User Temp%\Desk365\eInstall/msvcr100.dll
- %User Temp%\Desk365\Desk_365/ouilibnl.dll
- %User Temp%\Desk365\Desk_365/sqlite3.dll
- %User Temp%\Desk365\Desk_365/zlib1.dll
- %Start Menu%\Programs\Desk 365\Desk 365.lnk
- %Start Menu%\Programs\Desk 365\eUninstall.lnk
- %User Profile%\SendTo\Desk 365.lnk
- %User Profile%\components\component_libcef_1.1364.1123.exe.tmp
- %Program Files%\Desk 365\svc.conf
- %User Profile%\sysicons\5c31cf0f19f1ed44ec6e8719ae1eb2ce_15.ico
- %User Profile%\icons\iexplore_9f304be9639df99cc20a25d542ff43f6.ico
- %User Profile%\sysicons\5c31cf0f19f1ed44ec6e8719ae1eb2ce_21.ico
- %User Profile%\sysicons\5c31cf0f19f1ed44ec6e8719ae1eb2ce_19.ico
- %User Profile%\sysicons\5c31cf0f19f1ed44ec6e8719ae1eb2ce_17.ico
- %User Profile%\wp\r0.jpg.tmp.tmp
- %User Profile%\wp\r1.jpg.tmp.tmp
- %User Profile%\wp\r2.jpg.tmp.tmp
- %User Profile%\wp\r3.jpg.tmp.tmp
- %User Profile%\wp\r4.jpg.tmp.tmp
- %User Profile%\wp\r6.jpg.tmp.tmp
- %User Profile%\wp\r5.jpg.tmp.tmp
- %User Profile%\wp\r8.jpg.tmp.tmp
- %User Profile%\wp\r7.jpg.tmp.tmp
- %User Profile%\wp\r9.jpg.tmp.tmp
- %Program Files%\Desk 365\segoeui.ttf
- %Program Files%\Desk 365\segoeuib.ttf
- %Program Files%\Desk 365\main
- %Program Files%\Desk 365\DeskExternal.exe
- %Program Files%\Desk 365\yacdl.exe
- %Program Files%\Desk 365\WinZipperdl.exe
- %Program Files%\Desk 365\7z.exe
- %Program Files%\Desk 365\eUninstall.exe
- %Program Files%\Desk 365\v9ht.exe
- %Program Files%\Desk 365\desk365.exe
- %Program Files%\Desk 365\eDhelper.exe
- %Program Files%\Desk 365\eDhelper64.exe
- %Program Files%\Desk 365\libpopdlg.dll
- %Program Files%\Desk 365\enotify.dll
- %Program Files%\Desk 365\TrayDownloader.exe
- %Program Files%\Desk 365\deskSvc.exe
- %Program Files%\Desk 365\curlpp.dll
- %Program Files%\Desk 365\DownloadProxy.dll
- %Program Files%\Desk 365\edeskcmn.dll
- %Program Files%\Desk 365\ebase.dll
- %Program Files%\Desk 365\edis.dll
- %Program Files%\Desk 365\edis64.dll
- %Program Files%\Desk 365\eommon.dll
- %Program Files%\Desk 365\ElexDbg.dll
- %Program Files%\Desk 365\enet.dll
- %Program Files%\Desk 365\icudt.dll
- %Program Files%\Desk 365\libcurl.dll
- %Program Files%\Desk 365\libeay32.dll
- %Program Files%\Desk 365\libpng.dll
- %Program Files%\Desk 365\ouilibnl.dll
- %Program Files%\Desk 365\ssleay32.dll
- %Program Files%\Desk 365\zlib1.dll
- %Program Files%\Desk 365\promote.xml
- %Program Files%\Desk 365\process_mgr.xml
- %Program Files%\Desk 365\recent.xml
- %Program Files%\Desk 365\desk_bkg_list.xml
- %Program Files%\Desk 365\desk_list.xml
- %Program Files%\Desk 365\desk_settings.ini
- %Program Files%\Desk 365\sqlite3.dll
- %Program Files%\Desk 365\mbdet.dll
- %Program Files%\Desk 365\22find.exe
- %User Profile%\Desk 365\desk_bkg_list.xml
- %User Profile%\Desk 365\firstrun
- %User Profile%\Desk 365\accelerate
- %User Profile%\Desk 365\promote.xml
- %System%\msvcp100.dll
- %System%\msvcr100.dll
- %User Profile%\Desk 365\desk_list.xml
- %User Profile%\Desk 365\process_mgr.xml
- %User Profile%\Desk 365\desk_settings.ini
(註:%User Profile% フォルダは、Windows 2000、XP および Server 2003 の場合、通常、"C:\Documents and Settings\<ユーザ名>"、Windows Vista および 7 の場合、"C:\Users\<ユーザ名>" です。. %User Temp%フォルダはWindowsの種類とインストール時の設定などにより異なります。標準設定では、Windows 2000、XP および Server 2003 の場合、"C:\Documents and Settings\<ユーザー名>\Local Settings\Temp"、Windows Vista および 7 の場合、"C:\Users\<ユーザ名>\AppData\Local\Temp" です。. %Start Menu%フォルダは、Windows 2000、XP および Server 2003 の場合、通常、"C:\Windows\Start Menu" または "C:\Documents and Settings\<ユーザ名>\Start Menu"、Windows Vista および 7 の場合、"C:\Users\<ユーザ名>\AppData\Roaming\Microsoft\Windows\Start Menu" です。. %Program Files%フォルダは、Windows 2000、Server 2003、XP (32ビット)、通常 Vista (32ビット) および 7 (32ビット) の場合、通常 "C:\Program Files"、Windows XP (64ビット)、Vista (64ビット) および 7 (64ビット) の場合、通常 "C:\Program Files (x86)" です。. %System%フォルダはWindowsの種類とインストール時の設定などにより異なります。標準設定では "C:\Windows\System32" です。)
その他
マルウェアは、以下の不正なWebサイトにアクセスします。
- http://www.{BLOCKED}t.com/download/res/eXQ.exe
- http://www.{BLOCKED}t.com/original/Desk365.exe
- http://www.{BLOCKED}t.com/download/res/eGdpSvc.exe
- http://www.{BLOCKED}t.com/gdp/softupdate?{random characters}
- http://www.{BLOCKED}t.com/{random path}
- http://adm.{BLOCKED}per.soft365.com/Inf/cate
- http://adm.{BLOCKED}per.soft365.com/Inf/random_img/id/9
- http://adm.{BLOCKED}per.soft365.com/Inf/random_img/id/1
- http://adm.{BLOCKED}per.soft365.com/images/5106/1440_900.jpg
- http://adm.{BLOCKED}per.soft365.com/images/2916/1440_900.jpg
- http://adm.{BLOCKED}per.soft365.com/images/3130/1440_900.jpg
- http://adm.{BLOCKED}per.soft365.com/images/4053/1440_900.jpg
- http://adm.{BLOCKED}per.soft365.com/images/111353/1440_900.jpg
- http://adm.{BLOCKED}per.soft365.com/images/3159/1440_900.jpg
- http://adm.{BLOCKED}per.soft365.com/images/112352/1440_900.jpg
- http://adm.{BLOCKED}per.soft365.com/images/1619/1440_900.jpg
- http://www.{BLOCKED}t.com/images/112378/1440_900.jpg
- http://adm.{BLOCKED}per.soft365.com/images/112271/1440_900.jpg
- {BLOCKED}.35.142
- {BLOCKED}.200.167
- {BLOCKED}.200.164
- {BLOCKED}3.191.224
- {BLOCKED}.35.150
- {BLOCKED}45.26
- {BLOCKED}.247.67
- {BLOCKED}.4.194
- {BLOCKED}129.8
このウイルス情報は、自動解析システムにより作成されました。
対応方法
対応検索エンジン: 9.700
手順 1
Windows XP、Windows Vista および Windows 7 のユーザは、コンピュータからマルウェアもしくはアドウェア等を完全に削除するために、ウイルス検索の実行前には必ず「システムの復元」を無効にしてください。
手順 2
Windowsをセーフモードで再起動します。
[ 詳細 ]
手順 3
不明なレジストリ値を削除します。
[ 詳細 ]
警告:レジストリはWindowsの構成情報が格納されているデータベースであり、レジストリの編集内容に問題があると、システムが正常に動作しなくなる場合があります。
レジストリの編集はお客様の責任で行っていただくようお願いいたします。弊社ではレジストリの編集による如何なる問題に対しても補償いたしかねます。
レジストリの編集前にこちらをご参照ください。
- In HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application
- desksvc
- In HKEY_LOCAL_MACHINE\SOFTWARE
- V9Software
- In HKEY_LOCAL_MACHINE\SOFTWARE\V9Software
- v9hp
- In HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer
- SearchScopes
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
- Desk 365
- In HKEY_LOCAL_MACHINE\Software\V9\Desk 365
- General
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl
- FEATURE_BROWSER_EMULATION
- In HKEY_LOCAL_MACHINE\SOFTWARE
- deskSvc
- In HKEY_LOCAL_MACHINE\SOFTWARE
- hdcode
手順 4
このレジストリ値を削除します。
[ 詳細 ]
警告:レジストリはWindowsの構成情報が格納されているデータベースであり、レジストリの編集内容に問題があると、システムが正常に動作しなくなる場合があります。
レジストリの編集はお客様の責任で行っていただくようお願いいたします。弊社ではレジストリの編集による如何なる問題に対しても補償いたしかねます。
レジストリの編集前にこちらをご参照ください。
- In HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
- Desk 365 = "%Program Files%\Desk 365\desk365.exe /autorun"
- In HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
- Default_Page_URL = "{random characters}"
- In HKEY_LOCAL_MACHINE\SOFTWARE\V9Software\v9hp
- oem = "test"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts
- Segoe UI(OpenType) = "segoeui.ttf"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts
- Segoe UI Bold(OpenType) = "segoeuib.ttf"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Desk 365
- UninstallString = "%Program Files%\Desk 365\eUninstall.exe"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Desk 365
- DisplayIcon = "%Program Files%\Desk 365\desk365.exe"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Desk 365
- DisplayVersion = "1.15.10"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Desk 365
- URLInfoAbout = "http://www.{BLOCKED}65.com"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Desk 365
- Publisher = "337 Technology Limited."
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Desk 365
- DisplayName = "Desk 365"
- In HKEY_LOCAL_MACHINE\SOFTWARE\V9\Desk 365\General
- path = "%Program Files%\Desk 365"
- In HKEY_LOCAL_MACHINE\SOFTWARE\V9\Desk 365\General
- Language = "49"
- In HKEY_LOCAL_MACHINE\SOFTWARE\hdcode
- dsk = "1.15.10"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION
- gamelogin.exe = "0"
- In HKEY_LOCAL_MACHINE\SOFTWARE\deskSvc
- svc = "desksvc"
- In HKEY_LOCAL_MACHINE\SOFTWARE\deskSvc
- oem = "dsk"
- In HKEY_LOCAL_MACHINE\SOFTWARE\deskSvc
- oemver = "1.15.10"
- In HKEY_LOCAL_MACHINE\SOFTWARE\deskSvc
- softuid = "Global\Desk365{98330085-163B-4933-B593-AB7637D77523}Desk"
- In HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\desksvc
- EventMessageFile = "%Program Files%\Desk 365\deskSvc.exe"
- In HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\desksvc
- TypesSupported = "7"
- In HKEY_LOCAL_MACHINE\SOFTWARE\hdcode
- MachineGuid = "VMwareXVirtualXIDEXHardXDrive_00000000000000000001"
手順 5
変更されたレジストリ値を修正します。
[ 詳細 ]
警告:レジストリはWindowsの構成情報が格納されているデータベースであり、レジストリの編集内容に問題があると、システムが正常に動作しなくなる場合があります。
事前に意図的に対象の設定を変更していた場合は、意図するオリジナルの設定に戻してください。変更する値が分からない場合は、システム管理者にお尋ねいただき、レジストリの編集はお客様の責任として行なって頂くようお願いいたします。弊社ではレジストリの編集による如何なる問題に対しても補償いたしかねます。
レジストリの編集前にこちらをご参照ください。
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main
- From: Start Page = "{random characters}"
To: Start Page = ""http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home""
- From: Start Page = "{random characters}"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main
- From: Default_Page_URL = "{random characters}"
To: Default_Page_URL = ""http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome""
- From: Default_Page_URL = "{random characters}"
- In HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
- From: Start Page = "{random characters}"
To: Start Page = ""http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome""
- From: Start Page = "{random characters}"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search
- From: CustomizeSearch = "{random characters}"
To: CustomizeSearch = ""http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm""
- From: CustomizeSearch = "{random characters}"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search
- From: SearchAssistant = "{random characters}"
To: SearchAssistant = ""http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm""
- From: SearchAssistant = "{random characters}"
手順 6
以下のファイルを検索し削除します。
[ 詳細 ]
コンポーネントファイルが隠しファイル属性の場合があります。[詳細設定オプション]をクリックし、[隠しファイルとフォルダの検索]のチェックボックスをオンにし、検索結果に隠しファイルとフォルダが含まれるようにしてください。 - %User Profile%\25DF7284A552470dA9952942DDC2D2F8\Config.ini
- %User Profile%\25DF7284A552470dA9952942DDC2D2F8\eXQ.exe
- %User Profile%\25DF7284A552470dA9952942DDC2D2F8\Desk365.exe
- %User Profile%\25DF7284A552470dA9952942DDC2D2F8\eGdpSvc.exe
- %User Profile%\Quick Launch\Launch Internet Explorer Browser.lnk
- %User Profile%\25DF7284A552470dA9952942DDC2D2F8\Desk365.exe.bk
- %User Temp%\installer.7z
- %User Temp%\Desk365\Desk_365/accelerate
- %User Temp%\Desk365\Desk_365/firstrun
- %User Temp%\Desk365\Desk_365/replacegc
- %User Temp%\Desk365\Desk_365/main
- %User Temp%\Desk365\eInstall/main
- %User Temp%\Desk365\Desk_365/image/default/finding.gif
- %User Temp%\Desk365\Desk_365/image/default/awp/1.png
- %User Temp%\Desk365\Desk_365/image/default/awp/2.png
- %User Temp%\Desk365\Desk_365/image/default/awp/3.png
- %User Temp%\Desk365\Desk_365/image/default/accelerate_button_bkg.png
- %User Temp%\Desk365\Desk_365/image/default/add_button.png
- %User Temp%\Desk365\Desk_365/image/default/add_flash.png
- %User Temp%\Desk365\Desk_365/image/default/add_shortcut.png
- %User Temp%\Desk365\Desk_365/image/default/add_shortcut_mouseover.png
- %User Temp%\Desk365\Desk_365/image/default/app_icon.png
- %User Temp%\Desk365\eInstall/image/default/app_icon.png
- %User Temp%\Desk365\Desk_365/image/default/app_menu.png
- %User Temp%\Desk365\Desk_365/image/default/app_screen.png
- %User Temp%\Desk365\Desk_365/image/default/arrow_left.png
- %User Temp%\Desk365\Desk_365/image/default/arrow_right.png
- %User Temp%\Desk365\Desk_365/image/default/bg_hover.png
- %User Temp%\Desk365\Desk_365/image/default/bg_pushed.png
- %User Temp%\Desk365\Desk_365/image/default/bug.png
- %User Temp%\Desk365\Desk_365/image/default/button_delete.png
- %User Temp%\Desk365\Desk_365/image/default/button_selected.png
- %User Temp%\Desk365\Desk_365/image/default/button_skin.png
- %User Temp%\Desk365\Desk_365/image/default/change_skin.png
- %User Temp%\Desk365\eInstall/image/default/change_skin.png
- %User Temp%\Desk365\Desk_365/image/default/check_checked.png
- %User Temp%\Desk365\Desk_365/image/default/check_intermediate.png
- %User Temp%\Desk365\Desk_365/image/default/check_uncheck.png
- %User Temp%\Desk365\Desk_365/image/default/cloud_flash.png
- %User Temp%\Desk365\Desk_365/image/default/collectlnkdlg.png
- %User Temp%\Desk365\Desk_365/image/default/combo_skin.png
- %User Temp%\Desk365\eInstall/image/default/combo_skin.png
- %User Temp%\Desk365\Desk_365/image/default/combo_skin_op.png
- %User Temp%\Desk365\Desk_365/image/default/customize.png
- %User Temp%\Desk365\Desk_365/image/default/customize_bk.png
- %User Temp%\Desk365\Desk_365/image/default/custom_screen.png
- %User Temp%\Desk365\Desk_365/image/default/delete_button.png
- %User Temp%\Desk365\Desk_365/image/default/DeskBkgnd.png
- %User Temp%\Desk365\Desk_365/image/default/deskbtnbk.png
- %User Temp%\Desk365\Desk_365/image/default/desktopmasks_bk.png
- %User Temp%\Desk365\Desk_365/image/default/desk_about_bg.png
- %User Temp%\Desk365\Desk_365/desk_bkg/desk_bkg_1.png
- %User Temp%\Desk365\Desk_365/desk_bkg/desk_bkg_2.png
- %User Temp%\Desk365\Desk_365/desk_bkg/desk_bkg_3.png
- %User Temp%\Desk365\Desk_365/desk_bkg/desk_bkg_4.png
- %User Temp%\Desk365\Desk_365/desk_bkg/desk_bkg_5.png
- %User Temp%\Desk365\Desk_365/desk_bkg/desk_bkg_default.png
- %User Temp%\Desk365\Desk_365/image/default/desk_close.png
- %User Temp%\Desk365\Desk_365/image/default/desk_cmd_list.png
- %User Temp%\Desk365\Desk_365/image/default/desk_default_bk.png
- %User Temp%\Desk365\Desk_365/image/default/desk_edit.png
- %User Temp%\Desk365\Desk_365/image/default/desk_fbar.png
- %User Temp%\Desk365\Desk_365/image/default/desk_menu.png
- %User Temp%\Desk365\Desk_365/image/default/desk_more.png
- %User Temp%\Desk365\Desk_365/image/default/desk_skin.png
- %User Temp%\Desk365\Desk_365/image/default/tips/pt_br/desk_tip1.png
- %User Temp%\Desk365\Desk_365/image/default/tips/en_us/desk_tip1.png
- %User Temp%\Desk365\Desk_365/image/default/tips/tr_tr/desk_tip1.png
- %User Temp%\Desk365\Desk_365/image/default/tips/es_es/desk_tip1.png
- %User Temp%\Desk365\Desk_365/image/default/tips/pt_br/desk_tip2.png
- %User Temp%\Desk365\Desk_365/image/default/tips/en_us/desk_tip2.png
- %User Temp%\Desk365\Desk_365/image/default/tips/tr_tr/desk_tip2.png
- %User Temp%\Desk365\Desk_365/image/default/tips/es_es/desk_tip2.png
- %User Temp%\Desk365\Desk_365/image/default/tips/pt_br/desk_tip3.png
- %User Temp%\Desk365\Desk_365/image/default/tips/en_us/desk_tip3.png
- %User Temp%\Desk365\Desk_365/image/default/tips/tr_tr/desk_tip3.png
- %User Temp%\Desk365\Desk_365/image/default/tips/es_es/desk_tip3.png
- %User Temp%\Desk365\Desk_365/image/default/DlgBkgnd.png
- %User Temp%\Desk365\Desk_365/image/default/edesk_hover.png
- %User Temp%\Desk365\Desk_365/image/default/edesk_hover_small.png
- %User Temp%\Desk365\Desk_365/image/default/edesk_normal.png
- %User Temp%\Desk365\Desk_365/image/default/edit_skin.png
- %User Temp%\Desk365\eInstall/image/default/edit_skin.png
- %User Temp%\Desk365\Desk_365/image/default/edit_skin_op.png
- %User Temp%\Desk365\Desk_365/image/default/cmn/game_bk_wnd.png
- %User Temp%\Desk365\Desk_365/image/default/cmn/game_close.png
- %User Temp%\Desk365\Desk_365/image/default/cmn/game_hide.png
- %User Temp%\Desk365\Desk_365/image/default/cmn/game_max.png
- %User Temp%\Desk365\Desk_365/image/default/cmn/game_min.png
- %User Temp%\Desk365\Desk_365/image/default/cmn/game_restore.png
- %User Temp%\Desk365\Desk_365/image/default/cmn/game_system.png
- %User Temp%\Desk365\Desk_365/image/default/tips/pt_br/help1.png
- %User Temp%\Desk365\Desk_365/image/default/tips/en_us/help1.png
- %User Temp%\Desk365\Desk_365/image/default/tips/tr_tr/help1.png
- %User Temp%\Desk365\Desk_365/image/default/tips/es_es/help1.png
- %User Temp%\Desk365\Desk_365/image/default/tips/pt_br/help2.png
- %User Temp%\Desk365\Desk_365/image/default/tips/en_us/help2.png
- %User Temp%\Desk365\Desk_365/image/default/tips/tr_tr/help2.png
- %User Temp%\Desk365\Desk_365/image/default/tips/es_es/help2.png
- %User Temp%\Desk365\Desk_365/image/default/tips/pt_br/help3.png
- %User Temp%\Desk365\Desk_365/image/default/tips/en_us/help3.png
- %User Temp%\Desk365\Desk_365/image/default/tips/tr_tr/help3.png
- %User Temp%\Desk365\Desk_365/image/default/tips/es_es/help3.png
- %User Temp%\Desk365\Desk_365/image/default/horizontal_line.png
- %User Temp%\Desk365\Desk_365/image/default/hscroll.png
- %User Temp%\Desk365\Desk_365/image/default/icon_Tip.png
- %User Temp%\Desk365\Desk_365/image/default/improve_arrow.png
- %User Temp%\Desk365\Desk_365/image/default/indicator.png
- %User Temp%\Desk365\Desk_365/image/default/installing1.png
- %User Temp%\Desk365\Desk_365/image/default/installing2.png
- %User Temp%\Desk365\Desk_365/image/default/installing_bg.png
- %User Temp%\Desk365\Desk_365/image/default/install_back.png
- %User Temp%\Desk365\eInstall/image/default/install_back.png
- %User Temp%\Desk365\Desk_365/image/default/install_button_skin.png
- %User Temp%\Desk365\eInstall/image/default/install_button_skin.png
- %User Temp%\Desk365\Desk_365/image/default/install_check_checked.png
- %User Temp%\Desk365\eInstall/image/default/install_check_checked.png
- %User Temp%\Desk365\Desk_365/image/default/install_check_intermediate.png
- %User Temp%\Desk365\eInstall/image/default/install_check_intermediate.png
- %User Temp%\Desk365\Desk_365/image/default/install_check_uncheck.png
- %User Temp%\Desk365\eInstall/image/default/install_check_uncheck.png
- %User Temp%\Desk365\Desk_365/image/default/install_hover.png
- %User Temp%\Desk365\Desk_365/image/default/install_logo.png
- %User Temp%\Desk365\eInstall/image/default/install_logo.png
- %User Temp%\Desk365\Desk_365/image/default/install_normal.png
- %User Temp%\Desk365\Desk_365/image/default/large-arrow.png
- %User Temp%\Desk365\Desk_365/image/default/large_add_icon.png
- %User Temp%\Desk365\Desk_365/image/default/line-foot.png
- %User Temp%\Desk365\Desk_365/image/default/line-top.png
- %User Temp%\Desk365\Desk_365/image/default/line_ver.png
- %User Temp%\Desk365\Desk_365/image/default/loading.png
- %User Temp%\Desk365\Desk_365/image/default/menuitem_selbk.png
- %User Temp%\Desk365\Desk_365/image/default/cmn/menu_bg.png
- %User Temp%\Desk365\Desk_365/image/default/menu_bk.png
- %User Temp%\Desk365\Desk_365/image/default/cmn/menu_iconlist.png
- %User Temp%\Desk365\Desk_365/image/default/cmn/menu_item_over.png
- %User Temp%\Desk365\Desk_365/image/default/msg_btn_close.png
- %User Temp%\Desk365\Desk_365/image/default/msg_center.png
- %User Temp%\Desk365\Desk_365/image/default/new_icon.png
- %User Temp%\Desk365\Desk_365/image/default/new_icon_xp.png
- %User Temp%\Desk365\Desk_365/image/default/nextpage.png
- %User Temp%\Desk365\Desk_365/image/default/nothing.png
- %User Temp%\Desk365\Desk_365/image/default/notify/notify_bg.png
- %User Temp%\Desk365\Desk_365/popres/notify_bg.png
- %User Temp%\Desk365\Desk_365/image/default/notify/notify_close.png
- %User Temp%\Desk365\Desk_365/popres/notify_close.png
- %User Temp%\Desk365\Desk_365/image/default/num.png
- %User Temp%\Desk365\Desk_365/image/default/number.png
- %User Temp%\Desk365\Desk_365/image/default/PageBtnBkg.png
- %User Temp%\Desk365\Desk_365/image/default/PageNavigate.png
- %User Temp%\Desk365\Desk_365/image/default/patch_file_icon.png
- %User Temp%\Desk365\eInstall/image/default/patch_file_icon.png
- %User Temp%\Desk365\Desk_365/image/default/percent_sign.png
- %User Temp%\Desk365\Desk_365/image/default/pic-error.png
- %User Temp%\Desk365\Desk_365/image/default/cmn/pic-error.png
- %User Temp%\Desk365\eInstall/image/default/pic-error.png
- %User Temp%\Desk365\Desk_365/image/default/pic-info.png
- %User Temp%\Desk365\Desk_365/image/default/cmn/pic-info.png
- %User Temp%\Desk365\eInstall/image/default/pic-info.png
- %User Temp%\Desk365\Desk_365/image/default/pic-question.png
- %User Temp%\Desk365\Desk_365/image/default/cmn/pic-question.png
- %User Temp%\Desk365\eInstall/image/default/pic-question.png
- %User Temp%\Desk365\Desk_365/image/default/pic-warning.png
- %User Temp%\Desk365\Desk_365/image/default/cmn/pic-warning.png
- %User Temp%\Desk365\eInstall/image/default/pic-warning.png
- %User Temp%\Desk365\Desk_365/image/default/tips/play.png
- %User Temp%\Desk365\Desk_365/image/default/popup_dialog_bk.png
- %User Temp%\Desk365\eInstall/image/default/popup_dialog_bk.png
- %User Temp%\Desk365\Desk_365/image/default/pop_msg_bk.png
- %User Temp%\Desk365\Desk_365/image/default/prepage.png
- %User Temp%\Desk365\Desk_365/image/default/cmn/prepare.png
- %User Temp%\Desk365\Desk_365/image/default/previewdialog.png
- %User Temp%\Desk365\Desk_365/image/default/progressbar_bk.png
- %User Temp%\Desk365\eInstall/image/default/progressbar_bk.png
- %User Temp%\Desk365\Desk_365/image/default/progressbar_image.png
- %User Temp%\Desk365\eInstall/image/default/progressbar_image.png
- %User Temp%\Desk365\Desk_365/image/default/progress_bk.png
- %User Temp%\Desk365\Desk_365/image/default/progress_meter.png
- %User Temp%\Desk365\eInstall/image/default/radio_normal.png
- %User Temp%\Desk365\Desk_365/image/default/radio_normal.png
- %User Temp%\Desk365\eInstall/image/default/radio_selected.png
- %User Temp%\Desk365\Desk_365/image/default/radio_selected.png
- %User Temp%\Desk365\Desk_365/image/default/resclear_best_tip_bkg.png
- %User Temp%\Desk365\Desk_365/image/default/resclear_footer_bkg.png
- %User Temp%\Desk365\Desk_365/image/default/resclear_green_check.png
- %User Temp%\Desk365\Desk_365/image/default/resclear_main_bkg.png
- %User Temp%\Desk365\Desk_365/image/default/resclear_tip_bkg.png
- %User Temp%\Desk365\Desk_365/image/default/resource_usage_progress_bkg.png
- %User Temp%\Desk365\Desk_365/image/default/resource_usage_progress_green.png
- %User Temp%\Desk365\Desk_365/image/default/resource_usage_progress_red.png
- %User Temp%\Desk365\Desk_365/image/default/resource_usage_progress_yellow.png
- %User Temp%\Desk365\Desk_365/image/default/return_bk.png
- %User Temp%\Desk365\Desk_365/image/default/rocket_ship.png
- %User Temp%\Desk365\Desk_365/image/default/sc_button.png
- %User Temp%\Desk365\Desk_365/image/default/sc_line.png
- %User Temp%\Desk365\Desk_365/image/default/selected.png
- %User Temp%\Desk365\Desk_365/image/default/SettingBk.png
- %User Temp%\Desk365\Desk_365/image/default/shortcut_Tip.png
- %User Temp%\Desk365\Desk_365/image/default/shutdown_button_bkg.png
- %User Temp%\Desk365\Desk_365/image/default/shutdown_more_button_bkg.png
- %User Temp%\Desk365\Desk_365/image/default/SkinMgr_bg.png
- %User Temp%\Desk365\Desk_365/image/default/soft_desk.png
- %User Temp%\Desk365\Desk_365/popres/soft_desk.png
- %User Temp%\Desk365\Desk_365/image/default/spliter_skin.png
- %User Temp%\Desk365\Desk_365/image/default/tips/pt_br/start.png
- %User Temp%\Desk365\Desk_365/image/default/tips/en_us/start.png
- %User Temp%\Desk365\Desk_365/image/default/tips/tr_tr/start.png
- %User Temp%\Desk365\Desk_365/image/default/tips/es_es/start.png
- %User Temp%\Desk365\Desk_365/image/default/upgrade/start.png
- %User Temp%\Desk365\Desk_365/image/default/start_menu_bk.png
- %User Temp%\Desk365\Desk_365/image/default/switch_screen.png
- %User Temp%\Desk365\Desk_365/image/default/sys_close.png
- %User Temp%\Desk365\eInstall/image/default/sys_close.png
- %User Temp%\Desk365\Desk_365/image/default/sys_max.png
- %User Temp%\Desk365\Desk_365/image/default/sys_min.png
- %User Temp%\Desk365\Desk_365/image/default/sys_restore.png
- %User Temp%\Desk365\Desk_365/image/default/sys_setting.png
- %User Temp%\Desk365\Desk_365/image/default/tips/pt_br/tips_click_here.png
- %User Temp%\Desk365\Desk_365/image/default/tips/en_us/tips_click_here.png
- %User Temp%\Desk365\Desk_365/image/default/tips/tr_tr/tips_click_here.png
- %User Temp%\Desk365\Desk_365/image/default/tips/es_es/tips_click_here.png
- %User Temp%\Desk365\Desk_365/image/default/title_bar.png
- %User Temp%\Desk365\Desk_365/image/default/toolbar_tips_bottom.png
- %User Temp%\Desk365\Desk_365/image/default/toolbar_tips_left.png
- %User Temp%\Desk365\Desk_365/image/default/toolbar_tips_right.png
- %User Temp%\Desk365\Desk_365/image/default/toolbar_tips_top.png
- %User Temp%\Desk365\Desk_365/image/default/vertical_line.png
- %User Temp%\Desk365\Desk_365/image/default/vscroll.png
- %User Temp%\Desk365\Desk_365/image/default/web_menu.png
- %User Temp%\Desk365\Desk_365/image/default/web_screen.png
- %User Temp%\Desk365\Desk_365/image/default/WIN7_bjSmall_X.png
- %User Temp%\Desk365\Desk_365/image/default/WIN7_bjSmall_Y.png
- %User Temp%\Desk365\Desk_365/image/default/WIN7_bj_X.png
- %User Temp%\Desk365\Desk_365/image/default/WIN7_bj_Y.png
- %User Temp%\Desk365\Desk_365/image/default/wp_bk.png
- %User Temp%\Desk365\Desk_365/image/default/wp_meter.png
- %User Temp%\Desk365\Desk_365/image/default/XP_bj_hover.png
- %User Temp%\Desk365\Desk_365/image/default/XP_bj_normal.png
- %User Temp%\Desk365\Desk_365/image/default/cmn/popup_dialog_bk.bmp
- %User Temp%\Desk365\Desk_365/image/default/progressbar_bk.bmp
- %User Temp%\Desk365\Desk_365/image/default/progressbar_image.bmp
- %User Temp%\Desk365\Desk_365/image/default/spliter_bar_bk_left.bmp
- %User Temp%\Desk365\Desk_365/image/default/spliter_bar_bk_right.bmp
- %User Temp%\Desk365\Desk_365/image/default/sys_imglist.bmp
- %User Temp%\Desk365\Desk_365/image/default/vertical_border.bmp
- %User Temp%\Desk365\Desk_365/image/default/337.ico
- %User Temp%\Desk365\Desk_365/promote/337.ico
- %User Temp%\Desk365\Desk_365/image/default/angrybirds.ico
- %User Temp%\Desk365\Desk_365/promote/barbie.ico
- %User Temp%\Desk365\Desk_365/promote/facebook.ico
- %User Temp%\Desk365\Desk_365/promote/GameCenter.ico
- %User Temp%\Desk365\Desk_365/promote/google.ico
- %User Temp%\Desk365\Desk_365/promote/mario.ico
- %User Temp%\Desk365\Desk_365/promote/twitter.ico
- %User Temp%\Desk365\Desk_365/image/default/v9.ico
- %User Temp%\Desk365\Desk_365/promote/v9.ico
- %User Temp%\Desk365\Desk_365/image/default/wallpaper.ico
- %User Temp%\Desk365\Desk_365/promote/youtube.ico
- %User Temp%\Desk365\Desk_365/layout/default/add_shortcut.xml
- %User Temp%\Desk365\Desk_365/layout/default/add_shortcut_tip.xml
- %User Temp%\Desk365\Desk_365/layout/default/auto_start.xml
- %User Temp%\Desk365\Desk_365/layout/default/bug_report.xml
- %User Temp%\Desk365\Desk_365/layout/default/delete_tip.xml
- %User Temp%\Desk365\Desk_365/layout/default/desk.xml
- %User Temp%\Desk365\Desk_365/layout/default/desk_about.xml
- %User Temp%\Desk365\Desk_365/layout/default/desk_bkg.xml
- %User Temp%\Desk365\Desk_365/desk_bkg_list.xml
- %User Temp%\Desk365\Desk_365/layout/default/desk_collect_lnk.xml
- %User Temp%\Desk365\Desk_365/layout/default/desk_help.xml
- %User Temp%\Desk365\Desk_365/layout/default/desk_helptip.xml
- %User Temp%\Desk365\Desk_365/layout/default/desk_hover_dlg.xml
- %User Temp%\Desk365\Desk_365/desk_list.xml
- %User Temp%\Desk365\Desk_365/layout/default/desk_mgr.xml
- %User Temp%\Desk365\Desk_365/layout/default/desk_msgbox.xml
- %User Temp%\Desk365\Desk_365/layout/default/desk_rename.xml
- %User Temp%\Desk365\Desk_365/layout/default/desk_resclear_besttip.xml
- %User Temp%\Desk365\Desk_365/layout/default/desk_resclear_main.xml
- %User Temp%\Desk365\Desk_365/layout/default/desk_resclear_tip.xml
- %User Temp%\Desk365\Desk_365/layout/default/desk_settings.xml
- %User Temp%\Desk365\Desk_365/layout/default/desk_set_url.xml
- %User Temp%\Desk365\eInstall/layout/default/eDeskInstall.xml
- %User Temp%\Desk365\Desk_365/layout/default/gamelogin.xml
- %User Temp%\Desk365\eInstall/layout/default/gamelogin.xml
- %User Temp%\Desk365\Desk_365/layout/default/gl_game.xml
- %User Temp%\Desk365\Desk_365/layout/default/gl_newwindow.xml
- %User Temp%\Desk365\Desk_365/image/default/gl_res.xml
- %User Temp%\Desk365\Desk_365/style/gl_style.xml
- %User Temp%\Desk365\Desk_365/layout/default/import_shortcut.xml
- %User Temp%\Desk365\Desk_365/layout/default/install_msgbox.xml
- %User Temp%\Desk365\eInstall/layout/default/install_msgbox.xml
- %User Temp%\Desk365\Desk_365/image/default/install_resource.xml
- %User Temp%\Desk365\eInstall/image/default/install_resource.xml
- %User Temp%\Desk365\Desk_365/style/install_style.xml
- %User Temp%\Desk365\eInstall/style/install_style.xml
- %User Temp%\Desk365\Desk_365/layout/default/languageSelect.xml
- %User Temp%\Desk365\eInstall/layout/default/languageSelect.xml
- %User Temp%\Desk365\Desk_365/layout/default/msgbox.xml
- %User Temp%\Desk365\Desk_365/layout/default/msg_center.xml
- %User Temp%\Desk365\Desk_365/popres/notifyproxy.xml
- %User Temp%\Desk365\Desk_365/layout/default/popMsgBox.xml
- %User Temp%\Desk365\Desk_365/layout/default/pop_context.xml
- %User Temp%\Desk365\Desk_365/layout/default/pop_message.xml
- %User Temp%\Desk365\Desk_365/layout/default/pop_standard.xml
- %User Temp%\Desk365\Desk_365/popres/pop_standard.xml
- %User Temp%\Desk365\Desk_365/process_mgr.xml
- %User Temp%\Desk365\Desk_365/promote.xml
- %User Temp%\Desk365\Desk_365/recent.xml
- %User Temp%\Desk365\Desk_365/image/default/resource.xml
- %User Temp%\Desk365\Desk_365/popres/resource.xml
- %User Temp%\Desk365\Desk_365/layout/default/set_res_used_percent.xml
- %User Temp%\Desk365\Desk_365/layout/default/shutdown_tip.xml
- %User Temp%\Desk365\Desk_365/popres/style.xml
- %User Temp%\Desk365\Desk_365/style/style.xml
- %User Temp%\Desk365\Desk_365/layout/default/uninsteDesk.xml
- %User Temp%\Desk365\Desk_365/layout/default/uninstgl.xml
- %User Temp%\Desk365\eInstall/layout/default/uninstgl.xml
- %User Temp%\Desk365\Desk_365/layout/default/update.xml
- %User Temp%\Desk365\Desk_365/layout/default/upgrade_guide.xml
- %User Temp%\Desk365\Desk_365/language/protocol.txt
- %User Temp%\Desk365\eInstall/language/protocol.txt
- %User Temp%\Desk365\Desk_365/desk_settings.ini
- %User Temp%\Desk365\Desk_365/language/en_us/edesk.ini
- %User Temp%\Desk365\Desk_365/language/pt_br/edesk.ini
- %User Temp%\Desk365\Desk_365/language/tr_tr/edesk.ini
- %User Temp%\Desk365\Desk_365/language/es_es/edesk.ini
- %User Temp%\Desk365\Desk_365/language/en_us/game_login.ini
- %User Temp%\Desk365\Desk_365/language/pt_br/game_login.ini
- %User Temp%\Desk365\Desk_365/language/tr_tr/game_login.ini
- %User Temp%\Desk365\Desk_365/language/es_es/game_login.ini
- %User Temp%\Desk365\Desk_365/language/zh_tw/game_login.ini
- %User Temp%\Desk365\Desk_365/language/en_us/install_lang.ini
- %User Temp%\Desk365\eInstall/language/en_us/install_lang.ini
- %User Temp%\Desk365\Desk_365/language/pt_br/install_lang.ini
- %User Temp%\Desk365\eInstall/language/pt_br/install_lang.ini
- %User Temp%\Desk365\Desk_365/language/tr_tr/install_lang.ini
- %User Temp%\Desk365\eInstall/language/tr_tr/install_lang.ini
- %User Temp%\Desk365\Desk_365/language/es_es/install_lang.ini
- %User Temp%\Desk365\eInstall/language/es_es/install_lang.ini
- %User Temp%\Desk365\eInstall/segoeui.ttf
- %User Temp%\Desk365\eInstall/segoeuib.ttf
- %User Temp%\Desk365\Desk_365/gl.db
- %User Temp%\Desk365\eInstall/Install/4zip.inst
- %User Temp%\Desk365\eInstall/Install/AirZip.inst
- %User Temp%\Desk365\Desk_365/uninstaller/eDesk.inst
- %User Temp%\Desk365\eInstall/Install/edesk.inst
- %User Temp%\Desk365\Desk_365/uninstaller/gamelogin.inst
- %User Temp%\Desk365\eInstall/Install/gamelogin.inst
- %User Temp%\Desk365\Desk_365/Desk365.exe
- %User Temp%\Desk365\Desk_365/DeskExternal.exe
- %User Temp%\Desk365\Desk_365/DeskSvc.exe
- %User Temp%\Desk365\Desk_365/eDhelper.exe
- %User Temp%\Desk365\Desk_365/eDhelper64.exe
- %User Temp%\Desk365\eInstall/eInstall.exe
- %User Temp%\Desk365\Desk_365/eUninstall.exe
- %User Temp%\Desk365\Desk_365/TrayDownloader.exe
- %User Temp%\Desk365\Desk_365/WinZipperdl.exe
- %User Temp%\Desk365\Desk_365/yacdl.exe
- %User Temp%\Desk365\Desk_365/ebase.dll
- %User Temp%\Desk365\Desk_365/edeskcmn.dll
- %User Temp%\Desk365\Desk_365/edis.dll
- %User Temp%\Desk365\Desk_365/edis64.dll
- %User Temp%\Desk365\Desk_365/ElexDbg.dll
- %User Temp%\Desk365\Desk_365/enotify.dll
- %User Temp%\Desk365\Desk_365/libpng.dll
- %User Temp%\Desk365\Desk_365/libpopdlg.dll
- %User Temp%\Desk365\Desk_365/mbdet.dll
- %User Temp%\Desk365\eInstall/msvcp100.dll
- %User Temp%\Desk365\eInstall/msvcr100.dll
- %User Temp%\Desk365\Desk_365/ouilibnl.dll
- %User Temp%\Desk365\Desk_365/sqlite3.dll
- %User Temp%\Desk365\Desk_365/zlib1.dll
- %Start Menu%\Programs\Desk 365\Desk 365.lnk
- %Start Menu%\Programs\Desk 365\eUninstall.lnk
- %User Profile%\SendTo\Desk 365.lnk
- %User Profile%\components\component_libcef_1.1364.1123.exe.tmp
- %Program Files%\Desk 365\svc.conf
- %User Profile%\sysicons\5c31cf0f19f1ed44ec6e8719ae1eb2ce_15.ico
- %User Profile%\icons\iexplore_9f304be9639df99cc20a25d542ff43f6.ico
- %User Profile%\sysicons\5c31cf0f19f1ed44ec6e8719ae1eb2ce_21.ico
- %User Profile%\sysicons\5c31cf0f19f1ed44ec6e8719ae1eb2ce_19.ico
- %User Profile%\sysicons\5c31cf0f19f1ed44ec6e8719ae1eb2ce_17.ico
- %User Profile%\wp\r0.jpg.tmp.tmp
- %User Profile%\wp\r1.jpg.tmp.tmp
- %User Profile%\wp\r2.jpg.tmp.tmp
- %User Profile%\wp\r3.jpg.tmp.tmp
- %User Profile%\wp\r4.jpg.tmp.tmp
- %User Profile%\wp\r6.jpg.tmp.tmp
- %User Profile%\wp\r5.jpg.tmp.tmp
- %User Profile%\wp\r8.jpg.tmp.tmp
- %User Profile%\wp\r7.jpg.tmp.tmp
- %User Profile%\wp\r9.jpg.tmp.tmp
- %Program Files%\Desk 365\segoeui.ttf
- %Program Files%\Desk 365\segoeuib.ttf
- %Program Files%\Desk 365\main
- %Program Files%\Desk 365\DeskExternal.exe
- %Program Files%\Desk 365\yacdl.exe
- %Program Files%\Desk 365\WinZipperdl.exe
- %Program Files%\Desk 365\7z.exe
- %Program Files%\Desk 365\eUninstall.exe
- %Program Files%\Desk 365\v9ht.exe
- %Program Files%\Desk 365\desk365.exe
- %Program Files%\Desk 365\eDhelper.exe
- %Program Files%\Desk 365\eDhelper64.exe
- %Program Files%\Desk 365\libpopdlg.dll
- %Program Files%\Desk 365\enotify.dll
- %Program Files%\Desk 365\TrayDownloader.exe
- %Program Files%\Desk 365\deskSvc.exe
- %Program Files%\Desk 365\curlpp.dll
- %Program Files%\Desk 365\DownloadProxy.dll
- %Program Files%\Desk 365\edeskcmn.dll
- %Program Files%\Desk 365\ebase.dll
- %Program Files%\Desk 365\edis.dll
- %Program Files%\Desk 365\edis64.dll
- %Program Files%\Desk 365\eommon.dll
- %Program Files%\Desk 365\ElexDbg.dll
- %Program Files%\Desk 365\enet.dll
- %Program Files%\Desk 365\icudt.dll
- %Program Files%\Desk 365\libcurl.dll
- %Program Files%\Desk 365\libeay32.dll
- %Program Files%\Desk 365\libpng.dll
- %Program Files%\Desk 365\ouilibnl.dll
- %Program Files%\Desk 365\ssleay32.dll
- %Program Files%\Desk 365\zlib1.dll
- %Program Files%\Desk 365\promote.xml
- %Program Files%\Desk 365\process_mgr.xml
- %Program Files%\Desk 365\recent.xml
- %Program Files%\Desk 365\desk_bkg_list.xml
- %Program Files%\Desk 365\desk_list.xml
- %Program Files%\Desk 365\desk_settings.ini
- %Program Files%\Desk 365\sqlite3.dll
- %Program Files%\Desk 365\mbdet.dll
- %Program Files%\Desk 365\22find.exe
- %User Profile%\Desk 365\desk_bkg_list.xml
- %User Profile%\Desk 365\firstrun
- %User Profile%\Desk 365\accelerate
- %User Profile%\Desk 365\promote.xml
- %System%\msvcp100.dll
- %System%\msvcr100.dll
- %User Profile%\Desk 365\desk_list.xml
- %User Profile%\Desk 365\process_mgr.xml
- %User Profile%\Desk 365\desk_settings.ini
手順 7
以下のフォルダを検索し削除します。
[ 詳細 ]
フォルダが隠しフォルダ属性に設定されている場合があります。[詳細設定オプション]をクリックし、[隠しファイルとフォルダの検索]のチェックボックスをオンにし、検索結果に隠しファイルとフォルダが含まれるようにしてください。 - %User Profile%\Application Data\eIntaller
- %User Profile%\eIntaller\25DF7284A552470dA9952942DDC2D2F8
- %User Temp%\Desk365
- %User Temp%\Desk365\Desk_365
- %User Temp%\Desk365\Desk_365/desk_bkg
- %User Temp%\Desk365\Desk_365/image
- %User Temp%\Desk365\Desk_365/image/default
- %User Temp%\Desk365\Desk_365/image/default/awp
- %User Temp%\Desk365\Desk_365/image/default/cmn
- %User Temp%\Desk365\Desk_365/image/default/notify
- %User Temp%\Desk365\Desk_365/image/default/tips
- %User Temp%\Desk365\Desk_365/image/default/tips/en_us
- %User Temp%\Desk365\Desk_365/image/default/tips/es_es
- %User Temp%\Desk365\Desk_365/image/default/tips/pt_br
- %User Temp%\Desk365\Desk_365/image/default/tips/tr_tr
- %User Temp%\Desk365\Desk_365/image/default/upgrade
- %User Temp%\Desk365\Desk_365/language
- %User Temp%\Desk365\Desk_365/language/en_us
- %User Temp%\Desk365\Desk_365/language/es_es
- %User Temp%\Desk365\Desk_365/language/pt_br
- %User Temp%\Desk365\Desk_365/language/tr_tr
- %User Temp%\Desk365\Desk_365/language/zh_cn
- %User Temp%\Desk365\Desk_365/language/zh_tw
- %User Temp%\Desk365\Desk_365/layout
- %User Temp%\Desk365\Desk_365/layout/default
- %User Temp%\Desk365\Desk_365/popres
- %User Temp%\Desk365\Desk_365/promote
- %User Temp%\Desk365\Desk_365/style
- %User Temp%\Desk365\Desk_365/uninstaller
- %User Temp%\Desk365\eInstall
- %User Temp%\Desk365\eInstall/image
- %User Temp%\Desk365\eInstall/image/default
- %User Temp%\Desk365\eInstall/Install
- %User Temp%\Desk365\eInstall/language
- %User Temp%\Desk365\eInstall/language/en_us
- %User Temp%\Desk365\eInstall/language/es_es
- %User Temp%\Desk365\eInstall/language/pt_br
- %User Temp%\Desk365\eInstall/language/tr_tr
- %User Temp%\Desk365\eInstall/language/zh_cn
- %User Temp%\Desk365\eInstall/language/zh_tw
- %User Temp%\Desk365\eInstall/layout
- %User Temp%\Desk365\eInstall/layout/default
- %User Temp%\Desk365\eInstall/style
- %User Profile%\Application Data\Desk 365
手順 8
コンピュータを通常モードで再起動し、最新のバージョン(エンジン、パターンファイル)を導入したウイルス対策製品を用い、「TROJ_WYSOTOT.AD」と検出したファイルの検索を実行してください。 検出されたファイルが、弊社ウイルス対策製品により既に駆除、隔離またはファイル削除の処理が実行された場合、ウイルスの処理は完了しており、他の削除手順は特にありません。
手順 9
以下のファイルをバックアップを用いて修復します。マイクロソフト製品に関連したファイルのみに修復されます。このマルウェアが同社製品以外のプログラムをも削除した場合には、該当プログラムを再度インストールする必要があります。
- %Start Menu%\Programs\Internet Explorer.lnk
ご利用はいかがでしたか? アンケートにご協力ください