TROJ_PAM_00000207A9.T3
Adware:Win32/GameVance (Microsoft); GameVance.gen.n. (McAfee); Trojan.ADH.2 (Symantec); Gamevance LLC (v) (Sunbelt); Gen:Variant.Adware.Gamevance.10 (FSecure)
Windows 2000, Windows XP, Windows Server 2003
マルウェアタイプ:
トロイの木馬型
破壊活動の有無:
なし
暗号化:
感染報告の有無 :
はい
概要
マルウェアは、他のマルウェアに作成されるか、悪意あるWebサイトからユーザが誤ってダウンロードすることによりコンピュータに侵入します。
詳細
侵入方法
マルウェアは、他のマルウェアに作成されるか、悪意あるWebサイトからユーザが誤ってダウンロードすることによりコンピュータに侵入します。
インストール
マルウェアは、以下のフォルダを作成します。
- %Program Files%\FreeWorkz
- %User Profile%\Application Data\Mozilla
- %User Profile%\Mozilla\Extensions
- %User Profile%\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
- %User Profile%\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\links@freeworkz.com
- %User Profile%\links@freeworkz.com\components
- %User Profile%\links@freeworkz.com\chrome
- %System Root%\DOCUME~1
- %System Root%\DOCUME~1\Wilbert
- %User Profile%\LOCALS~1
- %User Temp%\nse2.tmp
- %Program Files%\Dogpile Bundle Toolbar
- %Program Files%\Dogpile Bundle Toolbar\images
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox
- %Program Files%\Dogpile Bundle Toolbar\images\ticker
- %Program Files%\Dogpile Bundle Toolbar\images\weather
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png
- %Program Files%\Dogpile Bundle Toolbar\skins
- %Program Files%\Dogpile Bundle Toolbar\skins\radio
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03
自動実行方法
マルウェアは、以下のレジストリキーを追加し、自身をBrowser Helper Object(BHO)として登録します。これにより、Internet Explorer(IE)が起動するとマルウェアが自動実行されます。
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Explorer\
Browser Helper Objects\{D1ECD019-8423-43de-98D1-7892AF2DA309}
他のシステム変更
マルウェアは、以下のファイルを削除します。
- %Program Files%\FreeWorkz\npFreeWorkzPE.dll
- %User Temp%\nse1.tmp
- %User Temp%\nse2.tmp
(註:%Program Files%は、標準設定では "C:\Program Files" です。. %User Temp%はWindowsの種類とインストール時の設定などにより異なります。標準設定では、Windows 98 および MEの場合、"C:\Windows\Temp"、Windows NT の場合、"C:\Profiles\<ユーザー名>\TEMP"、Windows 2000、XP、Server 2003 の場合、"C:\Documents and Settings\<ユーザー名>\Local Settings\TEMP" です。)
マルウェアは、以下のレジストリキーを追加します。
HKEY_LOCAL_MACHINE\Software\Microsoft\
Windows\CurrentVersion\Uninstall\
FreeWorkz
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Uninstall\
Google Chrome
HKEY_LOCAL_MACHINE\Software\Microsoft\
Windows\CurrentVersion\Uninstall\
Google Chrome
HKEY_CURRENT_USER\Software\AppDataLow
HKEY_CLASSES_ROOT\FreeWorkz.Extension.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
FreeWorkz.Extension.1\CLSID
HKEY_CLASSES_ROOT\FreeWorkz.Extension
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
FreeWorkz.Extension\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
FreeWorkz.Extension\CurVer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{D1ECD019-8423-43de-98D1-7892AF2DA309}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{D1ECD019-8423-43de-98D1-7892AF2DA309}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{D1ECD019-8423-43de-98D1-7892AF2DA309}\VersionIndependentProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{D1ECD019-8423-43de-98D1-7892AF2DA309}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{D1ECD019-8423-43de-98D1-7892AF2DA309}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{D1ECD019-8423-43de-98D1-7892AF2DA309}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{9B909531-FFB8-40B9-A739-18117253BF08}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{9B909531-FFB8-40B9-A739-18117253BF08}\1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{9B909531-FFB8-40B9-A739-18117253BF08}\1.0\
FLAGS
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{9B909531-FFB8-40B9-A739-18117253BF08}\1.0\
0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{9B909531-FFB8-40B9-A739-18117253BF08}\1.0\
0\win32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{9B909531-FFB8-40B9-A739-18117253BF08}\1.0\
HELPDIR
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{6FC29631-F716-47FC-9118-2498F0D788BA}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{6FC29631-F716-47FC-9118-2498F0D788BA}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{6FC29631-F716-47FC-9118-2498F0D788BA}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{6FC29631-F716-47FC-9118-2498F0D788BA}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B5B7CB41-8A10-4C67-846A-093D8F2B0113}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B5B7CB41-8A10-4C67-846A-093D8F2B0113}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B5B7CB41-8A10-4C67-846A-093D8F2B0113}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B5B7CB41-8A10-4C67-846A-093D8F2B0113}\TypeLib
HKEY_CURRENT_USER\SOFTWARE\AppDataLow\
FreeWorkzSettings
HKEY_CLASSES_ROOT\FreeWorkzPE.DisplayEngine.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
FreeWorkzPE.DisplayEngine.1\CLSID
HKEY_CLASSES_ROOT\FreeWorkzPE.DisplayEngine
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
FreeWorkzPE.DisplayEngine\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
FreeWorkzPE.DisplayEngine\CurVer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{88E69D5B-DC58-42aa-8E30-03942D5C762E}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{88E69D5B-DC58-42aa-8E30-03942D5C762E}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{88E69D5B-DC58-42aa-8E30-03942D5C762E}\VersionIndependentProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{88E69D5B-DC58-42aa-8E30-03942D5C762E}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{88E69D5B-DC58-42aa-8E30-03942D5C762E}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{88E69D5B-DC58-42aa-8E30-03942D5C762E}\Control
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{88E69D5B-DC58-42aa-8E30-03942D5C762E}\MiscStatus
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{88E69D5B-DC58-42aa-8E30-03942D5C762E}\MiscStatus\
1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{88E69D5B-DC58-42aa-8E30-03942D5C762E}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{88E69D5B-DC58-42aa-8E30-03942D5C762E}\Version
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{88E69D5B-DC58-42aa-8E30-03942D5C762E}\Implemented Categories
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{88E69D5B-DC58-42aa-8E30-03942D5C762E}\Implemented Categories\
{40FC6ED3-2438-11CF-A3DB-080036F12502}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{88E69D5B-DC58-42aa-8E30-03942D5C762E}\Implemented Categories\
{7DD95801-9882-11CF-9FA9-00AA006C42C4}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{88E69D5B-DC58-42aa-8E30-03942D5C762E}\Implemented Categories\
{7DD95802-9882-11CF-9FA9-00AA006C42C4}
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Ext\
Stats\{88E69D5B-DC58-42aa-8E30-03942D5C762E}
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Ext\
Stats\{88E69D5B-DC58-42aa-8E30-03942D5C762E}\iexplore
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Ext\
Stats\{88E69D5B-DC58-42aa-8E30-03942D5C762E}\iexplore\
AllowedDomains
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Ext\
Stats\{88E69D5B-DC58-42aa-8E30-03942D5C762E}\iexplore\
AllowedDomains\*
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
MIME\Database\Content Type\
application/displayEngine
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{204655DD-6170-4C50-912D-66DAA4A8F8DA}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{204655DD-6170-4C50-912D-66DAA4A8F8DA}\1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{204655DD-6170-4C50-912D-66DAA4A8F8DA}\1.0\
FLAGS
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{204655DD-6170-4C50-912D-66DAA4A8F8DA}\1.0\
0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{204655DD-6170-4C50-912D-66DAA4A8F8DA}\1.0\
0\win32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{204655DD-6170-4C50-912D-66DAA4A8F8DA}\1.0\
HELPDIR
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{79D5129E-1607-4222-BE85-AFB7D080A6EA}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{79D5129E-1607-4222-BE85-AFB7D080A6EA}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{79D5129E-1607-4222-BE85-AFB7D080A6EA}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{79D5129E-1607-4222-BE85-AFB7D080A6EA}\TypeLib
HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\
System\BIOS
HKEY_LOCAL_MACHINE\SOFTWARE\FCTB000060231
マルウェアは、以下のレジストリ値を追加します。
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
FreeWorkz
DisplayName = "FreeWorkz"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
FreeWorkz
UninstallString = "%Program Files%\FreeWorkz\Uninstaller.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
FreeWorkz
DisplayIcon = "%Program Files%\FreeWorkz\Uninstaller.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
FreeWorkz
Publisher = "FreeWorkz"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
FreeWorkz
URLInfoAbout = "http://www.{BLOCKED}rkzgames.com"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
FreeWorkz
HelpLink = "http://www.{BLOCKED}rkzgames.com"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{D1ECD019-8423-43de-98D1-7892AF2DA309}\InprocServer32
ThreadingModel = "Apartment"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Explorer\
Browser Helper Objects\{D1ECD019-8423-43de-98D1-7892AF2DA309}
NoExplorer = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{6FC29631-F716-47FC-9118-2498F0D788BA}\TypeLib
Version = "1.0"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B5B7CB41-8A10-4C67-846A-093D8F2B0113}\TypeLib
Version = "1.0"
HKEY_CURRENT_USER\Software\AppDataLow\
FreeWorkzSettings
ticket = "MqAHE41951hex7fwGj1R"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{88E69D5B-DC58-42aa-8E30-03942D5C762E}\InprocServer32
ThreadingModel = "Apartment"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
MIME\Database\Content Type\
application/displayEngine
CLSID = "{88E69D5B-DC58-42aa-8E30-03942D5C762E}"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{79D5129E-1607-4222-BE85-AFB7D080A6EA}\TypeLib
Version = "1.0"
HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\Main
Enable Browser Extensions = "yes"
HKEY_LOCAL_MACHINE\SOFTWARE\FCTB000060231
FirstLaunch = "0"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\
Services\SharedAccess\Parameters\
FirewallPolicy\StandardProfile\AuthorizedApplications\
List
%Program Files%\Dogpile Bundle Toolbar\TroubleShooter.exe = "{random characters}"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\
Services\SharedAccess\Parameters\
FirewallPolicy\StandardProfile\AuthorizedApplications\
List
%Program Files%\Dogpile Bundle Toolbar\ToolbarUpdate.exe = "{random characters}"
HKEY_CURRENT_USER\Software\AppDataLow\
FreeWorkzSettings
ct = "{random values}"
HKEY_CURRENT_USER\Software\AppDataLow\
FreeWorkzSettings
ci = "e1"
HKEY_CURRENT_USER\Software\AppDataLow\
FreeWorkzSettings
sc1u = "{random characters}"
HKEY_CURRENT_USER\Software\AppDataLow\
FreeWorkzSettings
d = "0"
HKEY_CURRENT_USER\Software\AppDataLow\
FreeWorkzSettings
allowed = "{random values}"
HKEY_CURRENT_USER\Software\AppDataLow\
FreeWorkzSettings
eu = "{random values}"
HKEY_CURRENT_USER\Software\AppDataLow\
FreeWorkzSettings
eus = "d8"
マルウェアは、以下のレジストリキーを削除します。
HKEY_CURRENT_USER\Software\AppDataLow\
FreeWorkzSettings
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Ext\
Settings\{D1ECD019-8423-43de-98D1-7892AF2DA309}
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Ext\
Settings\{88E69D5B-DC58-42aa-8E30-03942D5C762E}
作成活動
マルウェアは、以下のファイルを作成します。
- %Program Files%\FreeWorkz\Uninstaller.exe
- %Program Files%\FreeWorkz\FreeWorkzIE.dll
- %Program Files%\FreeWorkz\FreeWorkzPE.dll
- %Program Files%\FreeWorkz\freeworkzXPI.tmp
- %User Profile%\links@freeworkz.com\chrome.manifest
- %User Profile%\links@freeworkz.com\install.rdf
- %User Profile%\components\freeworkz.js
- %User Profile%\components\FreeWorkzFirefox.dll
- %User Profile%\components\FreeWorkzFirefox.xpt
- %User Profile%\chrome\fwtextlinks.jar
- %User Temp%\dplinst.exe
- %User Temp%\nse2.tmp\UserInfo.dll
- %User Temp%\nse2.tmp\options.ini
- %User Temp%\nse2.tmp\gplunger.dll
- %User Temp%\nse2.tmp\nsisFirewall.dll
- %User Temp%\nse2.tmp\InetLoad.dll
- %User Temp%\nse2.tmp\frtb_static_files.cab
- %User Temp%\nse2.tmp\CABSetup.dll
- %Program Files%\Dogpile Bundle Toolbar\aboutTabs.7.js
- %Program Files%\Dogpile Bundle Toolbar\aboutTabs.8.js
- %Program Files%\Dogpile Bundle Toolbar\arrow.png
- %Program Files%\Dogpile Bundle Toolbar\audio.bmp
- %Program Files%\Dogpile Bundle Toolbar\banner_container.html
- %Program Files%\Dogpile Bundle Toolbar\bookmarksplugin.dll
- %Program Files%\Dogpile Bundle Toolbar\bookmark_off.bmp
- %Program Files%\Dogpile Bundle Toolbar\bookmark_on.bmp
- %Program Files%\Dogpile Bundle Toolbar\bubble_permissions.html
- %Program Files%\Dogpile Bundle Toolbar\caching_banner.html
- %Program Files%\Dogpile Bundle Toolbar\chevron.bmp
- %Program Files%\Dogpile Bundle Toolbar\component.xsl
- %Program Files%\Dogpile Bundle Toolbar\efolder.bmp
- %Program Files%\Dogpile Bundle Toolbar\email.bmp
- %Program Files%\Dogpile Bundle Toolbar\email2.bmp
- %Program Files%\Dogpile Bundle Toolbar\email3.bmp
- %Program Files%\Dogpile Bundle Toolbar\emailchecker_plugin.dll
- %Program Files%\Dogpile Bundle Toolbar\facebook.feature
- %Program Files%\Dogpile Bundle Toolbar\fbrss.xsl
- %Program Files%\Dogpile Bundle Toolbar\FixToolbar1163.bat
- %Program Files%\Dogpile Bundle Toolbar\folder.bmp
- %Program Files%\Dogpile Bundle Toolbar\iefavelem.bmp
- %Program Files%\Dogpile Bundle Toolbar\location.xsl
- %Program Files%\Dogpile Bundle Toolbar\magglass.ico
- %Program Files%\Dogpile Bundle Toolbar\manage_bookmarks.html
- %Program Files%\Dogpile Bundle Toolbar\marquee.html
- %Program Files%\Dogpile Bundle Toolbar\marquee_permissions.html
- %Program Files%\Dogpile Bundle Toolbar\messaging.bmp
- %Program Files%\Dogpile Bundle Toolbar\minus.bmp
- %Program Files%\Dogpile Bundle Toolbar\msgboxplugin.dll
- %Program Files%\Dogpile Bundle Toolbar\msgbox_bubble.tmpl
- %Program Files%\Dogpile Bundle Toolbar\msgbox_openmsg.tmpl
- %Program Files%\Dogpile Bundle Toolbar\offline.html
- %Program Files%\Dogpile Bundle Toolbar\plus.bmp
- %Program Files%\Dogpile Bundle Toolbar\podcast.bmp
- %Program Files%\Dogpile Bundle Toolbar\podcast.xsl
- %Program Files%\Dogpile Bundle Toolbar\radio.bmp
- %Program Files%\Dogpile Bundle Toolbar\RadioPlugin.dll
- %Program Files%\Dogpile Bundle Toolbar\resize.bmp
- %Program Files%\Dogpile Bundle Toolbar\rssfeed.bmp
- %Program Files%\Dogpile Bundle Toolbar\RSSReader_plugin.dll
- %Program Files%\Dogpile Bundle Toolbar\search.xsl
- %Program Files%\Dogpile Bundle Toolbar\SearchComponent.dll
- %Program Files%\Dogpile Bundle Toolbar\star_on.gif
- %Program Files%\Dogpile Bundle Toolbar\update_progress.html
- %Program Files%\Dogpile Bundle Toolbar\version.xsl
- %Program Files%\Dogpile Bundle Toolbar\weatherplugin.dll
- %Program Files%\Dogpile Bundle Toolbar\weather_bubble.tmpl
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox\down.gif
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox\hr.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox\mark.png
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox\mark_do.png
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox\mark_na.png
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox\navbg.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox\refresh.png
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox\refresh_do.png
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox\refresh_na.png
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox\trash.png
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox\trash_do.png
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox\trash_na.png
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox\unmark.png
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox\unmark_do.png
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox\unmark_na.png
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox\up.gif
- %Program Files%\Dogpile Bundle Toolbar\images\ticker\left.gif
- %Program Files%\Dogpile Bundle Toolbar\images\ticker\right.gif
- %Program Files%\Dogpile Bundle Toolbar\images\weather\0.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\1.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\10.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\11.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\12.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\13.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\14.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\15.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\16.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\17.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\18.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\19.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\2.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\20.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\21.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\22.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\23.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\24.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\25.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\26.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\27.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\28.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\29.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\3.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\30.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\31.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\32.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\33.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\34.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\35.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\36.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\37.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\38.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\39.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\4.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\40.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\41.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\42.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\43.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\44.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\45.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\46.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\47.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\5.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\6.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\7.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\8.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\9.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\hr.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\na.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\0.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\1.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\10.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\11.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\12.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\13.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\14.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\15.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\16.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\17.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\18.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\19.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\2.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\20.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\21.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\22.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\23.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\24.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\25.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\26.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\27.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\28.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\29.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\3.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\30.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\31.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\32.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\33.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\34.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\35.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\36.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\37.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\38.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\39.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\4.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\40.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\41.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\42.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\43.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\44.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\45.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\46.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\47.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\5.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\6.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\7.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\8.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\9.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\na.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\Thumbs.db
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_dropdwn_down.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_dropdwn_over.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_dropdwn_up.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_max_down.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_max_over.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_max_up.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_min_down.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_min_over.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_min_up.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_pause_down.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_pause_over.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_pause_up.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_playcntrl_over.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_playcntrl_up.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_play_down.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_play_over.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_play_up.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_stop_down.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_stop_over.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_stop_up.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_volcntrl_over.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_volcntrl_up.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\Equalizer1.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\Equalizer2.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\Equalizer3.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\Equalizer4.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\Equalizer5.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\Equalizer6.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\playcntrl_bg.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\radio.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\radio_mask.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\radio_minimalized.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\radio_minimalized_mask.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\station.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\volslide_bg.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\volslide_track.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\vol_01.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\vol_02.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\vol_03.bmp
- %Program Files%\Dogpile Bundle Toolbar\gedit.exe
- %Program Files%\Dogpile Bundle Toolbar\Helper.dll
- %Program Files%\Dogpile Bundle Toolbar\Toolbar.dll
- %Program Files%\Dogpile Bundle Toolbar\ff.xsl
- %Program Files%\Dogpile Bundle Toolbar\build
- %Program Files%\Dogpile Bundle Toolbar\TroubleShooter.exe
- %Program Files%\Dogpile Bundle Toolbar\version.txt
- %Program Files%\Dogpile Bundle Toolbar\default.xml
- %Program Files%\Dogpile Bundle Toolbar\icons.bmp
- %Program Files%\Dogpile Bundle Toolbar\localization.xml
- %Program Files%\Dogpile Bundle Toolbar\patch.bat
- %Program Files%\Dogpile Bundle Toolbar\settings
- %Program Files%\Dogpile Bundle Toolbar\ticker.html
- %Program Files%\Dogpile Bundle Toolbar\images\amazon.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\ebay.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\email.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\email2.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\wikipedia.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\yahoo.bmp
- %Program Files%\Dogpile Bundle Toolbar\ToolbarUpdate.exe
- %User Temp%\nse2.tmp\nsExec.dll
- %User Temp%\nse2.tmp\ns3.tmp
その他
マルウェアは、以下の不正なWebサイトにアクセスします。
- http://pages.{BLOCKED}z.com/aj/inst.php?{random characters}
- http://af.{BLOCKED}w.facdn.com/{BLOCKED}w/download/dogpiletoolbar/Dogpile_Toolbar.exe
- http://pages.{BLOCKED}z.com/aj/bund.php?{random characters}
- http://s31.{BLOCKED}use.com/frtb_static_files.cab
- http://cf.{BLOCKED}z.com/ctg?{random characters}
- http://cf.{BLOCKED}z.com/etg?format=plain
このウイルス情報は、自動解析システムにより作成されました。
対応方法
手順 1
Windows XP および Windows Server 2003 のユーザは、コンピュータからマルウェアもしくはアドウェア等を完全に削除するために、ウイルス検索の実行前には必ず「システムの復元」を無効にしてください。
手順 2
起動中ブラウザのウインドウを全て閉じてください。
手順 3
このレジストリキーを削除します。
警告:レジストリはWindowsの構成情報が格納されているデータベースであり、レジストリの編集内容に問題があると、システムが正常に動作しなくなる場合があります。
レジストリの編集はお客様の責任で行っていただくようお願いいたします。弊社ではレジストリの編集による如何なる問題に対しても補償いたしかねます。
レジストリの編集前にこちらをご参照ください。
- In HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall
- FreeWorkz
- In HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall
- Google Chrome
- In HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall
- Google Chrome
- In HKEY_CURRENT_USER\Software
- AppDataLow
- In HKEY_CLASSES_ROOT
- FreeWorkz.Extension.1
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FreeWorkz.Extension.1
- CLSID
- In HKEY_CLASSES_ROOT
- FreeWorkz.Extension
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FreeWorkz.Extension
- CLSID
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FreeWorkz.Extension
- CurVer
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID
- {D1ECD019-8423-43de-98D1-7892AF2DA309}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D1ECD019-8423-43de-98D1-7892AF2DA309}
- ProgID
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D1ECD019-8423-43de-98D1-7892AF2DA309}
- VersionIndependentProgID
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D1ECD019-8423-43de-98D1-7892AF2DA309}
- Programmable
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D1ECD019-8423-43de-98D1-7892AF2DA309}
- InprocServer32
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D1ECD019-8423-43de-98D1-7892AF2DA309}
- TypeLib
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib
- {9B909531-FFB8-40B9-A739-18117253BF08}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{9B909531-FFB8-40B9-A739-18117253BF08}
- 1.0
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{9B909531-FFB8-40B9-A739-18117253BF08}\1.0
- FLAGS
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{9B909531-FFB8-40B9-A739-18117253BF08}\1.0
- 0
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{9B909531-FFB8-40B9-A739-18117253BF08}\1.0\0
- win32
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{9B909531-FFB8-40B9-A739-18117253BF08}\1.0
- HELPDIR
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface
- {6FC29631-F716-47FC-9118-2498F0D788BA}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6FC29631-F716-47FC-9118-2498F0D788BA}
- ProxyStubClsid
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6FC29631-F716-47FC-9118-2498F0D788BA}
- ProxyStubClsid32
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6FC29631-F716-47FC-9118-2498F0D788BA}
- TypeLib
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface
- {B5B7CB41-8A10-4C67-846A-093D8F2B0113}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B5B7CB41-8A10-4C67-846A-093D8F2B0113}
- ProxyStubClsid
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B5B7CB41-8A10-4C67-846A-093D8F2B0113}
- ProxyStubClsid32
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B5B7CB41-8A10-4C67-846A-093D8F2B0113}
- TypeLib
- In HKEY_CURRENT_USER\SOFTWARE\AppDataLow
- FreeWorkzSettings
- In HKEY_CLASSES_ROOT
- FreeWorkzPE.DisplayEngine.1
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FreeWorkzPE.DisplayEngine.1
- CLSID
- In HKEY_CLASSES_ROOT
- FreeWorkzPE.DisplayEngine
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FreeWorkzPE.DisplayEngine
- CLSID
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FreeWorkzPE.DisplayEngine
- CurVer
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID
- {88E69D5B-DC58-42aa-8E30-03942D5C762E}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88E69D5B-DC58-42aa-8E30-03942D5C762E}
- ProgID
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88E69D5B-DC58-42aa-8E30-03942D5C762E}
- VersionIndependentProgID
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88E69D5B-DC58-42aa-8E30-03942D5C762E}
- Programmable
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88E69D5B-DC58-42aa-8E30-03942D5C762E}
- InprocServer32
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88E69D5B-DC58-42aa-8E30-03942D5C762E}
- Control
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88E69D5B-DC58-42aa-8E30-03942D5C762E}
- MiscStatus
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88E69D5B-DC58-42aa-8E30-03942D5C762E}\MiscStatus
- 1
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88E69D5B-DC58-42aa-8E30-03942D5C762E}
- TypeLib
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88E69D5B-DC58-42aa-8E30-03942D5C762E}
- Version
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88E69D5B-DC58-42aa-8E30-03942D5C762E}
- Implemented Categories
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88E69D5B-DC58-42aa-8E30-03942D5C762E}\Implemented Categories
- {40FC6ED3-2438-11CF-A3DB-080036F12502}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88E69D5B-DC58-42aa-8E30-03942D5C762E}\Implemented Categories
- {7DD95801-9882-11CF-9FA9-00AA006C42C4}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88E69D5B-DC58-42aa-8E30-03942D5C762E}\Implemented Categories
- {7DD95802-9882-11CF-9FA9-00AA006C42C4}
- In HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats
- {88E69D5B-DC58-42aa-8E30-03942D5C762E}
- In HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{88E69D5B-DC58-42aa-8E30-03942D5C762E}
- iexplore
- In HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{88E69D5B-DC58-42aa-8E30-03942D5C762E}\iexplore
- AllowedDomains
- In HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{88E69D5B-DC58-42aa-8E30-03942D5C762E}\iexplore\AllowedDomains
- *
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type
- application/displayEngine
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib
- {204655DD-6170-4C50-912D-66DAA4A8F8DA}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{204655DD-6170-4C50-912D-66DAA4A8F8DA}
- 1.0
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{204655DD-6170-4C50-912D-66DAA4A8F8DA}\1.0
- FLAGS
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{204655DD-6170-4C50-912D-66DAA4A8F8DA}\1.0
- 0
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{204655DD-6170-4C50-912D-66DAA4A8F8DA}\1.0\0
- win32
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{204655DD-6170-4C50-912D-66DAA4A8F8DA}\1.0
- HELPDIR
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface
- {79D5129E-1607-4222-BE85-AFB7D080A6EA}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{79D5129E-1607-4222-BE85-AFB7D080A6EA}
- ProxyStubClsid
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{79D5129E-1607-4222-BE85-AFB7D080A6EA}
- ProxyStubClsid32
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{79D5129E-1607-4222-BE85-AFB7D080A6EA}
- TypeLib
- In HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System
- BIOS
- In HKEY_LOCAL_MACHINE\SOFTWARE
- FCTB000060231
手順 4
このレジストリ値を削除します。
警告:レジストリはWindowsの構成情報が格納されているデータベースであり、レジストリの編集内容に問題があると、システムが正常に動作しなくなる場合があります。
レジストリの編集はお客様の責任で行っていただくようお願いいたします。弊社ではレジストリの編集による如何なる問題に対しても補償いたしかねます。
レジストリの編集前にこちらをご参照ください。
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FreeWorkz
- DisplayName = "FreeWorkz"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FreeWorkz
- UninstallString = "%Program Files%\FreeWorkz\Uninstaller.exe"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FreeWorkz
- DisplayIcon = "%Program Files%\FreeWorkz\Uninstaller.exe"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FreeWorkz
- Publisher = "FreeWorkz"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FreeWorkz
- URLInfoAbout = "http://www.{BLOCKED}rkzgames.com"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FreeWorkz
- HelpLink = "http://www.{BLOCKED}rkzgames.com"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D1ECD019-8423-43de-98D1-7892AF2DA309}\InprocServer32
- ThreadingModel = "Apartment"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D1ECD019-8423-43de-98D1-7892AF2DA309}
- NoExplorer = "1"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6FC29631-F716-47FC-9118-2498F0D788BA}\TypeLib
- Version = "1.0"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B5B7CB41-8A10-4C67-846A-093D8F2B0113}\TypeLib
- Version = "1.0"
- In HKEY_CURRENT_USER\Software\AppDataLow\FreeWorkzSettings
- ticket = "MqAHE41951hex7fwGj1R"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88E69D5B-DC58-42aa-8E30-03942D5C762E}\InprocServer32
- ThreadingModel = "Apartment"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/displayEngine
- CLSID = "{88E69D5B-DC58-42aa-8E30-03942D5C762E}"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{79D5129E-1607-4222-BE85-AFB7D080A6EA}\TypeLib
- Version = "1.0"
- In HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
- Enable Browser Extensions = "yes"
- In HKEY_LOCAL_MACHINE\SOFTWARE\FCTB000060231
- FirstLaunch = "0"
- In HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
- %Program Files%\Dogpile Bundle Toolbar\TroubleShooter.exe = "{random characters}"
- In HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
- %Program Files%\Dogpile Bundle Toolbar\ToolbarUpdate.exe = "{random characters}"
- In HKEY_CURRENT_USER\Software\AppDataLow\FreeWorkzSettings
- ct = "{random values}"
- In HKEY_CURRENT_USER\Software\AppDataLow\FreeWorkzSettings
- ci = "e1"
- In HKEY_CURRENT_USER\Software\AppDataLow\FreeWorkzSettings
- sc1u = "{random characters}"
- In HKEY_CURRENT_USER\Software\AppDataLow\FreeWorkzSettings
- d = "0"
- In HKEY_CURRENT_USER\Software\AppDataLow\FreeWorkzSettings
- allowed = "{random values}"
- In HKEY_CURRENT_USER\Software\AppDataLow\FreeWorkzSettings
- eu = "{random values}"
- In HKEY_CURRENT_USER\Software\AppDataLow\FreeWorkzSettings
- eus = "d8"
手順 5
以下のファイルを検索し削除します。
- %Program Files%\FreeWorkz\Uninstaller.exe
- %Program Files%\FreeWorkz\FreeWorkzIE.dll
- %Program Files%\FreeWorkz\FreeWorkzPE.dll
- %Program Files%\FreeWorkz\freeworkzXPI.tmp
- %User Profile%\links@freeworkz.com\chrome.manifest
- %User Profile%\links@freeworkz.com\install.rdf
- %User Profile%\components\freeworkz.js
- %User Profile%\components\FreeWorkzFirefox.dll
- %User Profile%\components\FreeWorkzFirefox.xpt
- %User Profile%\chrome\fwtextlinks.jar
- %User Temp%\dplinst.exe
- %User Temp%\nse2.tmp\UserInfo.dll
- %User Temp%\nse2.tmp\options.ini
- %User Temp%\nse2.tmp\gplunger.dll
- %User Temp%\nse2.tmp\nsisFirewall.dll
- %User Temp%\nse2.tmp\InetLoad.dll
- %User Temp%\nse2.tmp\frtb_static_files.cab
- %User Temp%\nse2.tmp\CABSetup.dll
- %Program Files%\Dogpile Bundle Toolbar\aboutTabs.7.js
- %Program Files%\Dogpile Bundle Toolbar\aboutTabs.8.js
- %Program Files%\Dogpile Bundle Toolbar\arrow.png
- %Program Files%\Dogpile Bundle Toolbar\audio.bmp
- %Program Files%\Dogpile Bundle Toolbar\banner_container.html
- %Program Files%\Dogpile Bundle Toolbar\bookmarksplugin.dll
- %Program Files%\Dogpile Bundle Toolbar\bookmark_off.bmp
- %Program Files%\Dogpile Bundle Toolbar\bookmark_on.bmp
- %Program Files%\Dogpile Bundle Toolbar\bubble_permissions.html
- %Program Files%\Dogpile Bundle Toolbar\caching_banner.html
- %Program Files%\Dogpile Bundle Toolbar\chevron.bmp
- %Program Files%\Dogpile Bundle Toolbar\component.xsl
- %Program Files%\Dogpile Bundle Toolbar\efolder.bmp
- %Program Files%\Dogpile Bundle Toolbar\email.bmp
- %Program Files%\Dogpile Bundle Toolbar\email2.bmp
- %Program Files%\Dogpile Bundle Toolbar\email3.bmp
- %Program Files%\Dogpile Bundle Toolbar\emailchecker_plugin.dll
- %Program Files%\Dogpile Bundle Toolbar\facebook.feature
- %Program Files%\Dogpile Bundle Toolbar\fbrss.xsl
- %Program Files%\Dogpile Bundle Toolbar\FixToolbar1163.bat
- %Program Files%\Dogpile Bundle Toolbar\folder.bmp
- %Program Files%\Dogpile Bundle Toolbar\iefavelem.bmp
- %Program Files%\Dogpile Bundle Toolbar\location.xsl
- %Program Files%\Dogpile Bundle Toolbar\magglass.ico
- %Program Files%\Dogpile Bundle Toolbar\manage_bookmarks.html
- %Program Files%\Dogpile Bundle Toolbar\marquee.html
- %Program Files%\Dogpile Bundle Toolbar\marquee_permissions.html
- %Program Files%\Dogpile Bundle Toolbar\messaging.bmp
- %Program Files%\Dogpile Bundle Toolbar\minus.bmp
- %Program Files%\Dogpile Bundle Toolbar\msgboxplugin.dll
- %Program Files%\Dogpile Bundle Toolbar\msgbox_bubble.tmpl
- %Program Files%\Dogpile Bundle Toolbar\msgbox_openmsg.tmpl
- %Program Files%\Dogpile Bundle Toolbar\offline.html
- %Program Files%\Dogpile Bundle Toolbar\plus.bmp
- %Program Files%\Dogpile Bundle Toolbar\podcast.bmp
- %Program Files%\Dogpile Bundle Toolbar\podcast.xsl
- %Program Files%\Dogpile Bundle Toolbar\radio.bmp
- %Program Files%\Dogpile Bundle Toolbar\RadioPlugin.dll
- %Program Files%\Dogpile Bundle Toolbar\resize.bmp
- %Program Files%\Dogpile Bundle Toolbar\rssfeed.bmp
- %Program Files%\Dogpile Bundle Toolbar\RSSReader_plugin.dll
- %Program Files%\Dogpile Bundle Toolbar\search.xsl
- %Program Files%\Dogpile Bundle Toolbar\SearchComponent.dll
- %Program Files%\Dogpile Bundle Toolbar\star_on.gif
- %Program Files%\Dogpile Bundle Toolbar\update_progress.html
- %Program Files%\Dogpile Bundle Toolbar\version.xsl
- %Program Files%\Dogpile Bundle Toolbar\weatherplugin.dll
- %Program Files%\Dogpile Bundle Toolbar\weather_bubble.tmpl
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox\down.gif
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox\hr.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox\mark.png
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox\mark_do.png
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox\mark_na.png
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox\navbg.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox\refresh.png
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox\refresh_do.png
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox\refresh_na.png
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox\trash.png
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox\trash_do.png
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox\trash_na.png
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox\unmark.png
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox\unmark_do.png
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox\unmark_na.png
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox\up.gif
- %Program Files%\Dogpile Bundle Toolbar\images\ticker\left.gif
- %Program Files%\Dogpile Bundle Toolbar\images\ticker\right.gif
- %Program Files%\Dogpile Bundle Toolbar\images\weather\0.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\1.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\10.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\11.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\12.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\13.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\14.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\15.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\16.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\17.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\18.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\19.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\2.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\20.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\21.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\22.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\23.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\24.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\25.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\26.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\27.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\28.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\29.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\3.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\30.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\31.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\32.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\33.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\34.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\35.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\36.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\37.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\38.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\39.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\4.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\40.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\41.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\42.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\43.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\44.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\45.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\46.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\47.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\5.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\6.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\7.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\8.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\9.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\hr.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\na.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\0.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\1.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\10.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\11.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\12.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\13.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\14.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\15.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\16.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\17.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\18.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\19.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\2.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\20.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\21.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\22.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\23.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\24.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\25.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\26.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\27.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\28.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\29.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\3.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\30.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\31.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\32.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\33.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\34.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\35.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\36.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\37.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\38.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\39.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\4.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\40.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\41.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\42.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\43.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\44.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\45.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\46.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\47.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\5.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\6.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\7.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\8.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\9.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\na.png
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png\Thumbs.db
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_dropdwn_down.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_dropdwn_over.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_dropdwn_up.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_max_down.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_max_over.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_max_up.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_min_down.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_min_over.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_min_up.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_pause_down.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_pause_over.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_pause_up.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_playcntrl_over.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_playcntrl_up.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_play_down.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_play_over.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_play_up.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_stop_down.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_stop_over.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_stop_up.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_volcntrl_over.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\btn_volcntrl_up.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\Equalizer1.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\Equalizer2.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\Equalizer3.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\Equalizer4.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\Equalizer5.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\Equalizer6.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\playcntrl_bg.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\radio.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\radio_mask.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\radio_minimalized.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\radio_minimalized_mask.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\station.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\volslide_bg.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\volslide_track.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\vol_01.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\vol_02.bmp
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03\vol_03.bmp
- %Program Files%\Dogpile Bundle Toolbar\gedit.exe
- %Program Files%\Dogpile Bundle Toolbar\Helper.dll
- %Program Files%\Dogpile Bundle Toolbar\Toolbar.dll
- %Program Files%\Dogpile Bundle Toolbar\ff.xsl
- %Program Files%\Dogpile Bundle Toolbar\build
- %Program Files%\Dogpile Bundle Toolbar\TroubleShooter.exe
- %Program Files%\Dogpile Bundle Toolbar\version.txt
- %Program Files%\Dogpile Bundle Toolbar\default.xml
- %Program Files%\Dogpile Bundle Toolbar\icons.bmp
- %Program Files%\Dogpile Bundle Toolbar\localization.xml
- %Program Files%\Dogpile Bundle Toolbar\patch.bat
- %Program Files%\Dogpile Bundle Toolbar\settings
- %Program Files%\Dogpile Bundle Toolbar\ticker.html
- %Program Files%\Dogpile Bundle Toolbar\images\amazon.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\ebay.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\email.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\email2.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\wikipedia.bmp
- %Program Files%\Dogpile Bundle Toolbar\images\yahoo.bmp
- %Program Files%\Dogpile Bundle Toolbar\ToolbarUpdate.exe
- %User Temp%\nse2.tmp\nsExec.dll
- %User Temp%\nse2.tmp\ns3.tmp
手順 6
以下のフォルダを検索し削除します。
- %Program Files%\FreeWorkz
- %User Profile%\Application Data\Mozilla
- %User Profile%\Mozilla\Extensions
- %User Profile%\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
- %User Profile%\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\links@freeworkz.com
- %User Profile%\links@freeworkz.com\components
- %User Profile%\links@freeworkz.com\chrome
- %System Root%\DOCUME~1
- %System Root%\DOCUME~1\Wilbert
- %User Profile%\LOCALS~1
- %User Temp%\nse2.tmp
- %Program Files%\Dogpile Bundle Toolbar
- %Program Files%\Dogpile Bundle Toolbar\images
- %Program Files%\Dogpile Bundle Toolbar\images\msgbox
- %Program Files%\Dogpile Bundle Toolbar\images\ticker
- %Program Files%\Dogpile Bundle Toolbar\images\weather
- %Program Files%\Dogpile Bundle Toolbar\images\weather\png
- %Program Files%\Dogpile Bundle Toolbar\skins
- %Program Files%\Dogpile Bundle Toolbar\skins\radio
- %Program Files%\Dogpile Bundle Toolbar\skins\radio\gray03
手順 7
最新のバージョン(エンジン、パターンファイル)を導入したウイルス対策製品を用い、ウイルス検索を実行してください。「TROJ_PAM_00000207A9.T3」と検出したファイルはすべて削除してください。 検出されたファイルが、弊社ウイルス対策製品により既に駆除、隔離またはファイル削除の処理が実行された場合、ウイルスの処理は完了しており、他の削除手順は特にありません。
手順 8
以下のファイルをバックアップを用いて修復します。なお、マイクロソフト製品に関連したファイルのみ修復されます。このマルウェア/グレイウェア/スパイウェアが同社製品以外のプログラムをも削除した場合には、該当プログラムを再度インストールする必要があります。
- %Program Files%\FreeWorkz\npFreeWorkzPE.dll
- %User Temp%\nse1.tmp
- %User Temp%\nse2.tmp
手順 9
以下の削除されたレジストリキーまたはレジストリ値をバックアップを用いて修復します。
※註:マイクロソフト製品に関連したレジストリキーおよびレジストリ値のみが修復されます。このマルウェアもしくはアドウェア等が同社製品以外のプログラムも削除した場合には、該当プログラムを再度インストールする必要があります。
- In HKEY_CURRENT_USER\Software\AppDataLow
- FreeWorkzSettings
- In HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings
- {D1ECD019-8423-43de-98D1-7892AF2DA309}
- In HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings
- {88E69D5B-DC58-42aa-8E30-03942D5C762E}
ご利用はいかがでしたか? アンケートにご協力ください