• Email
• Facebook
• Twitter
• Google+
• Linkedin

PUA.Win32.Chistilka.B

---

• マルウェアタイプ: 潜在的に迷惑なアプリケーション
• 破壊活動の有無: なし
• 暗号化:  
• 感染報告の有無: はい

---

  概要

プログラムは、他のマルウェアに作成されるか、悪意あるWebサイトからユーザが誤ってダウンロードすることによりコンピュータに侵入します。

---

  詳細

侵入方法

プログラムは、他のマルウェアに作成されるか、悪意あるWebサイトからユーザが誤ってダウンロードすることによりコンピュータに侵入します。

インストール

プログラムは、以下のプロセスを追加します。

• "%All Users Profile%\Telamon Cleaner\tt-cleaner.exe" "--install" "--clid=" "--partner="
• "schtasks" "/create" "/sc" "onlogon" "/tn" "Telamon Cleaner" "/rl" "highest" "/tr" "\"%All Users Profile%\Telamon Cleaner\tt-cleaner.exe\" --autorun"
• "%All Users Profile%\Telamon Cleaner\tt-cleaner.exe"

(註：%All Users Profile%フォルダは、ユーザの共通プロファイルフォルダです。Windows 2000(32-bit)、XP、Server 2003(32-bit)の場合、通常 "C:\Documents and Settings\All Users” です。また、Windows Vista、7、8、8.1、2008(64-bit)、2012(64-bit)、10(64-bit)の場合、通常 "C:\ProgramData” です。)

プログラムは、以下のフォルダを作成します。

• %Start Menu%\Programs\Telamon Cleaner
• %All Users Profile%\Telamon Cleaner\platforms
• %All Users Profile%\Telamon Cleaner\styles
• %All Users Profile%\Telamon Cleaner\bearer
• %All Users Profile%\Telamon Cleaner\view\static\css
• %All Users Profile%\Telamon Cleaner\view\static\media
• %All Users Profile%\Telamon Cleaner\logs
• %All Users Profile%\Telamon Cleaner\images
• %All Users Profile%\Telamon Cleaner\view\static\js
• %All Users Profile%\Telamon Cleaner
• %All Users Profile%\Telamon Cleaner\printsupport
• %All Users Profile%\Telamon Cleaner\view
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales
• %All Users Profile%\Telamon Cleaner\position
• %All Users Profile%\Telamon Cleaner\translations
• %All Users Profile%\Telamon Cleaner\imageformats
• %All Users Profile%\Telamon Cleaner\resources
• %All Users Profile%\Telamon Cleaner\iconengines
• %All Users Profile%\Telamon Cleaner\view\static

(註：%Start Menu%フォルダは、現在ログオンしているユーザのスタートメニューフォルダです。Windows 2000(32-bit)、XP、Server 2003(32-bit)の場合、通常 "C:\Windows\Start Menu" または "C:\Documents and Settings\＜ユーザ名＞\Start Menu" です。また、Windows Vista、7、8、8.1、2008(64-bit)、012(64-bit)、10(64-bit)の場合、通常 "C:\Users\＜ユーザ名＞\AppData\Roaming\Microsoft\Windows\Start Menu" です。. %All Users Profile%フォルダは、ユーザの共通プロファイルフォルダです。Windows 2000(32-bit)、XP、Server 2003(32-bit)の場合、通常 "C:\Documents and Settings\All Users” です。また、Windows Vista、7、8、8.1、2008(64-bit)、2012(64-bit)、10(64-bit)の場合、通常 "C:\ProgramData” です。)

自動実行方法

プログラムは、自身をシステムサービスとして登録し、Windows起動時に自動実行されるよう以下のレジストリ値を追加します。

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\tclnsvc
ImagePath = "%All Users Profile%\Telamon Cleaner\tt-service.exe"

他のシステム変更

プログラムは、以下のレジストリ値を追加します。

HKEY_CURRENT_USER\Software\Telamon
clid = ""

HKEY_CURRENT_USER\Software\Telamon
prt = ""

HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Uninstall\
Telamon Cleaner
Publisher = "Telamon Tools"

HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Uninstall\
Telamon Cleaner
DisplayName = "Telamon Cleaner"

HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Uninstall\
Telamon Cleaner
DisplayIcon = "%All Users Profile%\Telamon Cleaner\tt-cleaner.exe"

HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Uninstall\
Telamon Cleaner
DisplayVersion = "1.0.70"

HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Uninstall\
Telamon Cleaner
InstallLocation = "%All Users Profile%\Telamon Cleaner"

HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Uninstall\
Telamon Cleaner
InstallDate = "20200119"

HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Uninstall\
Telamon Cleaner
UninstallString = "%All Users Profile%\Telamon Cleaner\tt-cleaner.exe --uninstall"

HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Uninstall\
Telamon Cleaner
URLInfoAbout = "https://www.{BLOCKED}ncleaner.com"

HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Uninstall\
Telamon Cleaner
NoModify = "1"

HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Uninstall\
Telamon Cleaner
NoRepair = "1"

HKEY_CURRENT_USER\Software\Telamon
uid = "{GUID}-18fc0cbcdd91686fef3836a0930dfa2caeba2492"

HKEY_CURRENT_USER\Software\Telamon
v = "1.0.70"

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\tclnsvc
DisplayName = "Telamon Cleaner"

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\tclnsvc
Start = "SERVICE_AUTO_START"

作成活動

プログラムは、以下のファイルを作成します。

• %All Users Profile%\Telamon Cleaner\Qt5WebEngineWidgets.dll
• %All Users Profile%\Telamon Cleaner\position\qtposition_positionpoll.dll
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\sv.pak
• %All Users Profile%\Telamon Cleaner\api-ms-win-crt-conio-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\resources\icudtl.dat
• %All Users Profile%\Telamon Cleaner\view\static\media\small-check.2f9d4c4f.svg
• %All Users Profile%\Telamon Cleaner\view\static\media\uninstall.edfbf689.svg
• %All Users Profile%\Telamon Cleaner\api-ms-win-crt-environment-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\view\static\media\hide.15164ec9.svg
• %All Users Profile%\Telamon Cleaner\view\static\media\link.8e0a1901.svg
• %All Users Profile%\Telamon Cleaner\view\static\media\virus.56b6669e.svg
• %All Users Profile%\Telamon Cleaner\view\static\media\smart-scan.e0f5b03c.svg
• %All Users Profile%\Telamon Cleaner\printsupport\windowsprintersupport.dll
• %All Users Profile%\Telamon Cleaner\view\service-worker.js
• %All Users Profile%\Telamon Cleaner\view\static\media\launch-active.fa70a186.svg
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\fi.pak
• %All Users Profile%\Telamon Cleaner\view\static\media\link.9682f50c.svg
• %All Users Profile%\Telamon Cleaner\Qt5Svg.dll
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\am.pak
• %All Users Profile%\Telamon Cleaner\view\static\media\check.83248ed0.svg
• %All Users Profile%\Telamon Cleaner\view\static\media\Rubik-Regular.b3d0902b.ttf
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\hi.pak
• %All Users Profile%\Telamon Cleaner\translations\qt_ar.qm
• %All Users Profile%\Telamon Cleaner\api-ms-win-crt-string-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\view\static\media\basket.08447196.svg
• %All Users Profile%\Telamon Cleaner\translations\qt_he.qm
• %All Users Profile%\Telamon Cleaner\view\static\media\basket_success.b509a21c.svg
• %All Users Profile%\Telamon Cleaner\view\static\media\error.309215c1.svg
• %All Users Profile%\Telamon Cleaner\Qt5Positioning.dll
• %All Users Profile%\Telamon Cleaner\api-ms-win-core-sysinfo-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\Qt5Gui.dll
• %All Users Profile%\Telamon Cleaner\view\static\media\cache-active.231ac69a.svg
• %All Users Profile%\Telamon Cleaner\view\static\media\optimizing.0a808f2d.svg
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\en-GB.pak
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\pt-BR.pak
• %All Users Profile%\Telamon Cleaner\Qt5Network.dll
• %All Users Profile%\Telamon Cleaner\imageformats\qsvg.dll
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\ko.pak
• %All Users Profile%\Telamon Cleaner\translations\qt_de.qm
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\ca.pak
• %All Users Profile%\Telamon Cleaner\api-ms-win-core-heap-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\view\static\media\cache.653c3b8e.svg
• %All Users Profile%\Telamon Cleaner\api-ms-win-core-synch-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\nl.pak
• %All Users Profile%\Telamon Cleaner\logs\tt-cln-app-2020-01-19-17-57-20.log
• %All Users Profile%\Telamon Cleaner\view\static\media\large.edee2d49.svg
• %All Users Profile%\Telamon Cleaner\api-ms-win-crt-private-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\logs\tt-cln-app-2020-01-19-17-57-22.log
• %All Users Profile%\Telamon Cleaner\view\static\media\info.5bd06285.svg
• %All Users Profile%\Telamon Cleaner\view\static\media\virus_success.2d216ac1.svg
• %All Users Profile%\Telamon Cleaner\translations\qt_sk.qm
• %All Users Profile%\Telamon Cleaner\translations\qt_ja.qm
• %All Users Profile%\Telamon Cleaner\view\static\media\refresh.3c1a10bd.svg
• %All Users Profile%\Telamon Cleaner\translations\qt_ru.qm
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\fa.pak
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\lt.pak
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\en-US.pak
• %All Users Profile%\Telamon Cleaner\translations\qt_ko.qm
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\gu.pak
• %All Users Profile%\Telamon Cleaner\view\static\media\uninstall.15dd42e9.svg
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\pt-PT.pak
• %All Users Profile%\Telamon Cleaner\view\static\css\main.20632df7.chunk.css.map
• %All Users Profile%\Telamon Cleaner\view\static\media\optimizing-active.4f64d5b9.svg
• %All Users Profile%\Telamon Cleaner\view\robots.txt
• %All Users Profile%\Telamon Cleaner\imageformats\qgif.dll
• %All Users Profile%\Telamon Cleaner\libcurl.dll
• %All Users Profile%\Telamon Cleaner\translations\qt_it.qm
• %All Users Profile%\Telamon Cleaner\view\static\media\expansion.2379eba9.svg
• %All Users Profile%\Telamon Cleaner\view\static\media\system-trash-active.7c4a1fe2.svg
• %All Users Profile%\Telamon Cleaner\bearer\qgenericbearer.dll
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\cs.pak
• %All Users Profile%\Telamon Cleaner\images\tray_notifier.png
• %All Users Profile%\Telamon Cleaner\view\static\media\cache.8df1f6f6.svg
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\pl.pak
• %All Users Profile%\Telamon Cleaner\view\favicon.ico
• %All Users Profile%\Telamon Cleaner\view\static\js\main.ff404752.chunk.js.map
• %All Users Profile%\Telamon Cleaner\ucrtbase.dll
• %All Users Profile%\Telamon Cleaner\view\static\media\link.38b2b97f.svg
• %All Users Profile%\Telamon Cleaner\api-ms-win-core-console-l1-2-0.dll
• %All Users Profile%\Telamon Cleaner\translations\qt_gd.qm
• %All Users Profile%\Telamon Cleaner\view\static\media\alert.5b6ae652.svg
• %All Users Profile%\Telamon Cleaner\view\static\media\Rubik-Light.7a06846b.ttf
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\it.pak
• %All Users Profile%\Telamon Cleaner\view\static\media\license-activation.bbff544b.svg
• %All Users Profile%\Telamon Cleaner\view\static\media\basket.e14fd4a6.svg
• %All Users Profile%\Telamon Cleaner\view\static\media\virus.0391572d.svg
• %All Users Profile%\Telamon Cleaner\view\qwebchannel.js
• %All Users Profile%\Telamon Cleaner\view\static\media\basket.28ef3a64.svg
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\th.pak
• %All Users Profile%\Telamon Cleaner\images\trial_alert.png
• %All Users Profile%\Telamon Cleaner\vccorlib140.dll
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\et.pak
• %All Users Profile%\Telamon Cleaner\translations\qt_cs.qm
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\sw.pak
• %All Users Profile%\Telamon Cleaner\view\static\media\close.a937cef6.svg
• %All Users Profile%\Telamon Cleaner\msvcp140.dll
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\sl.pak
• %All Users Profile%\Telamon Cleaner\tt-service.exe
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\da.pak
• %All Users Profile%\Telamon Cleaner\api-ms-win-core-interlocked-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\D3Dcompiler_47.dll
• %All Users Profile%\Telamon Cleaner\view\static\media\registry.302526f5.svg
• %All Users Profile%\Telamon Cleaner\view\static\media\registry.8cd67b72.svg
• %All Users Profile%\Telamon Cleaner\translations\qt_fi.qm
• %All Users Profile%\Telamon Cleaner\view\static\media\registry_success.efbf644e.svg
• %All Users Profile%\Telamon Cleaner\view\static\media\system-trash.a3d98939.svg
• %All Users Profile%\Telamon Cleaner\view\static\media\link.6032efb0.svg
• %All Users Profile%\Telamon Cleaner\api-ms-win-core-file-l1-2-0.dll
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\ja.pak
• %All Users Profile%\Telamon Cleaner\view\static\media\check.27e8057d.svg
• %All Users Profile%\Telamon Cleaner\view\static\media\incognito.7c0050fd.svg
• %All Users Profile%\Telamon Cleaner\view\static\media\virus_error.28529d0d.svg
• %All Users Profile%\Telamon Cleaner\msvcp140_1.dll
• %Desktop%\Telamon Cleaner.lnk
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\ms.pak
• %All Users Profile%\Telamon Cleaner\translations\qt_uk.qm
• %All Users Profile%\Telamon Cleaner\view\static\media\error.20480913.svg
• %All Users Profile%\Telamon Cleaner\view\static\media\plus.1eb6b2e6.svg
• %All Users Profile%\Telamon Cleaner\Qt5QmlModels.dll
• %All Users Profile%\Telamon Cleaner\api-ms-win-crt-locale-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\mr.pak
• %All Users Profile%\Telamon Cleaner\view\static\media\notification.56d87408.svg
• %All Users Profile%\Telamon Cleaner\imageformats\qjpeg.dll
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\ar.pak
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\he.pak
• %All Users Profile%\Telamon Cleaner\view\static\media\basket.c292ac3b.svg
• %All Users Profile%\Telamon Cleaner\position\qtposition_serialnmea.dll
• %Start Menu%\Programs\Telamon Cleaner\Telamon Cleaner Uninstall.lnk
• %All Users Profile%\Telamon Cleaner\resources\qtwebengine_resources.pak
• %All Users Profile%\Telamon Cleaner\view\static\media\basket-active.410c4913.svg
• %All Users Profile%\Telamon Cleaner\view\static\media\minus.db59129a.svg
• %All Users Profile%\Telamon Cleaner\api-ms-win-crt-convert-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\uk.pak
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\vi.pak
• %All Users Profile%\Telamon Cleaner\view\static\media\check.8ae6b365.svg
• %All Users Profile%\Telamon Cleaner\view\static\media\archive.6aff718f.png
• %All Users Profile%\Telamon Cleaner\libGLESV2.dll
• %All Users Profile%\Telamon Cleaner\Qt5WebChannel.dll
• %All Users Profile%\Telamon Cleaner\imageformats\qtga.dll
• %All Users Profile%\Telamon Cleaner\api-ms-win-core-localization-l1-2-0.dll
• %All Users Profile%\Telamon Cleaner\imageformats\qwebp.dll
• %All Users Profile%\Telamon Cleaner\view\manifest.json
• %All Users Profile%\Telamon Cleaner\view\static\media\large-files-active.017fed25.svg
• %All Users Profile%\Telamon Cleaner\api-ms-win-core-string-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\es.pak
• %All Users Profile%\Telamon Cleaner\view\index.html
• %All Users Profile%\Telamon Cleaner\view\static\media\optimizing.7e7d3b28.svg
• %All Users Profile%\Telamon Cleaner\view\static\media\launch.3c193b4e.svg
• %All Users Profile%\Telamon Cleaner\translations\qt_lv.qm
• %All Users Profile%\Telamon Cleaner\api-ms-win-core-processthreads-l1-1-1.dll
• %All Users Profile%\Telamon Cleaner\api-ms-win-crt-filesystem-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\view\static\js\2.5218f4e7.chunk.js.map
• %All Users Profile%\Telamon Cleaner\view\static\media\cache.edee2d49.svg
• %All Users Profile%\Telamon Cleaner\api-ms-win-core-datetime-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\translations\qt_hu.qm
• %All Users Profile%\Telamon Cleaner\Qt5Qml.dll
• %All Users Profile%\Telamon Cleaner\Qt5QuickWidgets.dll
• %All Users Profile%\Telamon Cleaner\view\static\js\runtime-main.55200035.js.map
• %All Users Profile%\Telamon Cleaner\api-ms-win-crt-process-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\imageformats\qtiff.dll
• %All Users Profile%\Telamon Cleaner\view\static\media\virus.39255d86.svg
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\sk.pak
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\zh-CN.pak
• %All Users Profile%\Telamon Cleaner\api-ms-win-core-rtlsupport-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\resources\qtwebengine_resources_200p.pak
• %All Users Profile%\Telamon Cleaner\Qt5Widgets.dll
• %All Users Profile%\Telamon Cleaner\view\static\media\menu-options.a8e3940f.svg
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\zh-TW.pak
• %All Users Profile%\Telamon Cleaner\view\static\media\lock.d6e850fb.svg
• %All Users Profile%\Telamon Cleaner\view\static\media\registry.09ceb769.svg
• %All Users Profile%\Telamon Cleaner\api-ms-win-crt-heap-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\translations\qt_pl.qm
• %All Users Profile%\Telamon Cleaner\api-ms-win-core-profile-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\Qt5PrintSupport.dll
• %All Users Profile%\Telamon Cleaner\view\static\media\alert.1191a968.svg
• %All Users Profile%\Telamon Cleaner\view\static\media\virus.f2fabc80.svg
• %All Users Profile%\Telamon Cleaner\api-ms-win-crt-utility-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\opengl32sw.dll
• %All Users Profile%\Telamon Cleaner\api-ms-win-crt-multibyte-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\view\static\media\last-pages.715ac269.svg
• %All Users Profile%\Telamon Cleaner\view\static\media\graph.f69674ba.png
• %All Users Profile%\Telamon Cleaner\api-ms-win-core-timezone-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\view\static\media\large_success.ec6f36b9.svg
• %All Users Profile%\Telamon Cleaner\resources\qtwebengine_devtools_resources.pak
• %All Users Profile%\Telamon Cleaner\view\static\media\cart.45a17efe.svg
• %All Users Profile%\Telamon Cleaner\view\asset-manifest.json
• %All Users Profile%\Telamon Cleaner\view\static\media\link.a8b349ae.svg
• %All Users Profile%\Telamon Cleaner\api-ms-win-core-processenvironment-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\view\static\media\info.f900f4bc.svg
• %All Users Profile%\Telamon Cleaner\api-ms-win-core-libraryloader-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\api-ms-win-core-debug-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\view\static\media\pause.f7005af9.svg
• %User Temp%\tt-cln-inst.txt
• %All Users Profile%\Telamon Cleaner\QtWebEngineProcess.exe
• %All Users Profile%\Telamon Cleaner\view\static\media\alert.ab3d2628.svg
• %All Users Profile%\Telamon Cleaner\api-ms-win-core-memory-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\Qt5WinExtras.dll
• %All Users Profile%\Telamon Cleaner\iconengines\qsvgicon.dll
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\ml.pak
• %All Users Profile%\Telamon Cleaner\view\static\media\notification-active.6140a5c1.svg
• %All Users Profile%\Telamon Cleaner\api-ms-win-core-file-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\libEGL.dll
• %All Users Profile%\Telamon Cleaner\translations\qt_ca.qm
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\ro.pak
• %All Users Profile%\Telamon Cleaner\styles\qwindowsvistastyle.dll
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\tr.pak
• %All Users Profile%\Telamon Cleaner\api-ms-win-crt-math-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\view\precache-manifest.8d93f17d152114ef864751f60c02471b.js
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\te.pak
• %All Users Profile%\Telamon Cleaner\view\static\media\check.cb5943eb.svg
• %All Users Profile%\Telamon Cleaner\Qt5Core.dll
• %All Users Profile%\Telamon Cleaner\view\static\media\basket.811779cf.svg
• %All Users Profile%\Telamon Cleaner\translations\qt_en.qm
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\ru.pak
• %All Users Profile%\Telamon Cleaner\msvcp140_2.dll
• %All Users Profile%\Telamon Cleaner\view\static\media\alert.52af01f8.svg
• %All Users Profile%\Telamon Cleaner\api-ms-win-crt-runtime-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\bg.pak
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\ta.pak
• %Start Menu%\Programs\Telamon Cleaner\Telamon Cleaner.lnk
• %All Users Profile%\Telamon Cleaner\view\static\media\smart-scan-active.b8f17045.svg
• %All Users Profile%\Telamon Cleaner\Qt5WebEngineCore.dll
• %All Users Profile%\Telamon Cleaner\Qt5Quick.dll
• %All Users Profile%\Telamon Cleaner\view\static\media\bg.1ba952b6.png
• %All Users Profile%\Telamon Cleaner\imageformats\qico.dll
• %All Users Profile%\Telamon Cleaner\view\static\media\incognito.22373559.svg
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\hr.pak
• %All Users Profile%\Telamon Cleaner\Qt5SerialPort.dll
• %All Users Profile%\Telamon Cleaner\view\static\media\registry-active.6951662d.svg
• %All Users Profile%\Telamon Cleaner\api-ms-win-core-file-l2-1-0.dll
• %All Users Profile%\Telamon Cleaner\view\static\js\2.5218f4e7.chunk.js
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\nb.pak
• %All Users Profile%\Telamon Cleaner\translations\qt_da.qm
• %All Users Profile%\Telamon Cleaner\tt-cleaner.exe
• %All Users Profile%\Telamon Cleaner\translations\qt_fr.qm
• %All Users Profile%\Telamon Cleaner\translations\qt_zh_TW.qm
• %All Users Profile%\Telamon Cleaner\api-ms-win-core-util-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\vcruntime140.dll
• %All Users Profile%\Telamon Cleaner\translations\qt_es.qm
• %All Users Profile%\Telamon Cleaner\view\static\media\settings.8f73e050.svg
• %All Users Profile%\Telamon Cleaner\api-ms-win-core-console-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\view\static\media\cache.170ed16b.svg
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\sr.pak
• %All Users Profile%\Telamon Cleaner\view\static\media\notification_success.68d4c35b.svg
• %All Users Profile%\Telamon Cleaner\view\static\media\pause.e89bd789.svg
• %All Users Profile%\Telamon Cleaner\zlib1.dll
• %All Users Profile%\Telamon Cleaner\api-ms-win-crt-time-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\view\static\media\link.3dd0e581.svg
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\bn.pak
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\fil.pak
• %All Users Profile%\Telamon Cleaner\view\static\media\registry.e844022a.svg
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\kn.pak
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\es-419.pak
• %All Users Profile%\Telamon Cleaner\view\static\media\link.626d08ba.svg
• %All Users Profile%\Telamon Cleaner\api-ms-win-core-processthreads-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\imageformats\qicns.dll
• %All Users Profile%\Telamon Cleaner\API-MS-Win-core-xstate-l2-1-0.dll
• %All Users Profile%\Telamon Cleaner\view\static\media\large-files.6b7da8c8.svg
• %All Users Profile%\Telamon Cleaner\api-ms-win-core-errorhandling-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\view\static\media\link.df9cc295.svg
• %All Users Profile%\Telamon Cleaner\view\static\media\notification.a48d7bfd.svg
• %All Users Profile%\Telamon Cleaner\view\static\js\runtime-main.55200035.js
• %All Users Profile%\Telamon Cleaner\resources\qtwebengine_resources_100p.pak
• %All Users Profile%\Telamon Cleaner\concrt140.dll
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\lv.pak
• %All Users Profile%\Telamon Cleaner\view\static\js\main.ff404752.chunk.js
• %All Users Profile%\Telamon Cleaner\platforms\qwindows.dll
• %All Users Profile%\Telamon Cleaner\view\static\media\check.a47976cf.svg
• %All Users Profile%\Telamon Cleaner\api-ms-win-core-synch-l1-2-0.dll
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\el.pak
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\id.pak
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\fr.pak
• %All Users Profile%\Telamon Cleaner\view\static\media\virus-active.35307143.svg
• %All Users Profile%\Telamon Cleaner\translations\qt_bg.qm
• %All Users Profile%\Telamon Cleaner\api-ms-win-core-handle-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\view\static\media\updates.63740790.svg
• %All Users Profile%\Telamon Cleaner\api-ms-win-core-namedpipe-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\de.pak
• %All Users Profile%\Telamon Cleaner\position\qtposition_winrt.dll
• %All Users Profile%\Telamon Cleaner\imageformats\qwbmp.dll
• %All Users Profile%\Telamon Cleaner\api-ms-win-crt-stdio-l1-1-0.dll
• %All Users Profile%\Telamon Cleaner\view\static\css\main.20632df7.chunk.css
• %All Users Profile%\Telamon Cleaner\translations\qtwebengine_locales\hu.pak

(註：%All Users Profile%フォルダは、ユーザの共通プロファイルフォルダです。Windows 2000(32-bit)、XP、Server 2003(32-bit)の場合、通常 "C:\Documents and Settings\All Users” です。また、Windows Vista、7、8、8.1、2008(64-bit)、2012(64-bit)、10(64-bit)の場合、通常 "C:\ProgramData” です。. %Desktop%フォルダは、現在ログオンしているユーザのデスクトップです。Windows 2000(32-bit)、XP、Server 2003(32-bit)の場合、通常 "C:\Documents and Settings\＜ユーザ名＞\Desktop" です。また、Windows Vista、7、8、8.1、2008(64-bit)、2012(64-bit)、10(64-bit)の場合、通常 "C:\Users\＜ユーザ名＞\Desktop" です。. %Start Menu%フォルダは、現在ログオンしているユーザのスタートメニューフォルダです。Windows 2000(32-bit)、XP、Server 2003(32-bit)の場合、通常 "C:\Windows\Start Menu" または "C:\Documents and Settings\＜ユーザ名＞\Start Menu" です。また、Windows Vista、7、8、8.1、2008(64-bit)、012(64-bit)、10(64-bit)の場合、通常 "C:\Users\＜ユーザ名＞\AppData\Roaming\Microsoft\Windows\Start Menu" です。. %User Temp%フォルダは、現在ログオンしているユーザの一時フォルダです。Windows 2000(32-bit)、XP、Server 2003(32-bit)の場合、通常 "C:\Documents and Settings\＜ユーザー名＞\Local Settings\Temp"です。また、Windows Vista、7、8、8.1、2008(64-bit)、2012(64-bit)、10(64-bit)の場合、通常 "C:\Users\＜ユーザ名＞\AppData\Local\Temp" です。)

その他

プログラムは、以下の不正なWebサイトにアクセスします。

• http://www.{BLOCKED}oft.com/pki/certs/MicRooCerAut_2010-06-23.crt
• http://time.{BLOCKED}ncleaner.com
• http://api.{BLOCKED}ude.com
• http://update.{BLOCKED}ncleaner.com

このウイルス情報は、自動解析システムにより作成されました。

---

  対応方法

ご利用はいかがでしたか？　アンケートにご協力ください