Trend Micro Security

Trojan.Win32.WACATAC.THEBBBO

2020年5月26日
 プラットフォーム:

Windows

 危険度:
 ダメージ度:
 感染力:
 感染確認数:


  • マルウェアタイプ: トロイの木馬型
  • 破壊活動の有無: なし
  • 暗号化:  
  • 感染報告の有無: はい

  概要


マルウェアは、他のマルウェアに作成されるか、悪意あるWebサイトからユーザが誤ってダウンロードすることによりコンピュータに侵入します。

  詳細

ファイルサイズ 458,752 bytes
タイプ EXE
メモリ常駐 はい
発見日 2020年5月26日

侵入方法

マルウェアは、他のマルウェアに作成されるか、悪意あるWebサイトからユーザが誤ってダウンロードすることによりコンピュータに侵入します。

インストール

マルウェアは、以下のプロセスを追加します。

  • vssadmin.exe Resize ShadowStorage /for=%System Root% /on=%System Root% /maxsize=401MB
  • vssadmin.exe Resize ShadowStorage /for=%System Root% /on=%System Root% /maxsize=unbounded
  • vssadmin.exe Resize ShadowStorage /for=d: /on=d: /maxsize=401MB
  • vssadmin.exe Resize ShadowStorage /for=d: /on=d: /maxsize=unbounded
  • vssadmin.exe Resize ShadowStorage /for=e: /on=e: /maxsize=401MB
  • vssadmin.exe Resize ShadowStorage /for=e: /on=e: /maxsize=unbounded
  • vssadmin.exe Resize ShadowStorage /for=f: /on=f: /maxsize=401MB
  • vssadmin.exe Resize ShadowStorage /for=f: /on=f: /maxsize=unbounded
  • vssadmin.exe Resize ShadowStorage /for=g: /on=g: /maxsize=401MB
  • vssadmin.exe Resize ShadowStorage /for=g: /on=g: /maxsize=unbounded
  • vssadmin.exe Resize ShadowStorage /for=h: /on=h: /maxsize=401MB
  • vssadmin.exe Resize ShadowStorage /for=h: /on=h: /maxsize=unbounded
  • vssadmin.exe Delete Shadows /All /Quiet
  • del /s /f /q %System Root%\*.VHD %System Root%\*.bac %System Root%\*.bak %System Root%\*.wbcat %System Root%\*.bkf %System Root%\Backup*.* %System Root%\backup*.* %System Root%\*.set %System Root%\*.win %System Root%\*.dsk
  • del /s /f /q d:\*.VHD d:\*.bac d:\*.bak d:\*.wbcat d:\*.bkf d:\Backup*.* d:\backup*.* d:\*.set d:\*.win d:\*.dsk
  • del /s /f /q e:\*.VHD e:\*.bac e:\*.bak e:\*.wbcat e:\*.bkf e:\Backup*.* e:\backup*.* e:\*.set e:\*.win e:\*.dsk
  • del /s /f /q f:\*.VHD f:\*.bac f:\*.bak f:\*.wbcat f:\*.bkf f:\Backup*.* f:\backup*.* f:\*.set f:\*.win f:\*.dsk
  • del /s /f /q g:\*.VHD g:\*.bac g:\*.bak g:\*.wbcat g:\*.bkf g:\Backup*.* g:\backup*.* g:\*.set g:\*.win g:\*.dsk
  • del /s /f /q h:\*.VHD h:\*.bac h:\*.bak h:\*.wbcat h:\*.bkf h:\Backup*.* h:\backup*.* h:\*.set h:\*.win h:\*.dsk
  • del %0
  • bcdedit.exe /set {default} recoveryenabled No
  • bcdedit.exe /set {default} bootstatuspolicy ignoreallfailures
  • wbadmin DELETE SYSTEMSTATEBACKUP
  • wmic.exe SHADOWCOPY /nointeractive

(註:%System Root%フォルダは、オペレーティングシステム(OS)が存在する場所で、いずれのOSでも通常、 "C:" です。.)

自動実行方法

マルウェアは、自身のコピーがWindows起動時に自動実行されるよう以下のレジストリ値を追加します。

HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Run
MSFEEditor = "{malware file path and name} e"

他のシステム変更

マルウェアは、以下のファイルを削除します。

  • %System Root%\Python27\Lib\chunk.py
  • %System Root%\Python27\Lib\nntplib.py
  • %System Root%\excel2k\XLS2KE04.xls
  • %System Root%\excel2k\XLS2KE02.xls
  • %System Root%\Python27\Lib\macpath.py
  • %System Root%\Python27\Lib\encodings\cp1254.py
  • %System Root%\Python27\libs\_tkinter.lib
  • %System Root%\Python27\Lib\httplib.pyc
  • %System Root%\word2k\DOC2KE01.doc
  • %System Root%\Python27\Lib\encodings\cp437.py
  • %System Root%\Python27\Lib\decimal.pyc
  • %System Root%\Python27\include\datetime.h
  • %System Root%\Python27\include\memoryobject.h
  • %System Root%\Python27\Lib\new.py
  • %System Root%\Python27\include\intrcheck.h
  • %System Root%\Python27\Lib\linecache.pyc
  • %System Root%\Python27\Lib\abc.py
  • %System Root%\Python27\include\warnings.h
  • %System Root%\Python27\Lib\distutils\dep_util.pyc
  • %System Root%\Python27\Lib\encodings\aliases.py
  • %System Root%\Python27\Lib\encodings\bz2_codec.py
  • %System Root%\Python27\Lib\cgi.pyc
  • %System Root%\Python27\Lib\gzip.pyc
  • %System Root%\Python27\Lib\encodings\aliases.pyc
  • %System Root%\Python27\Lib\ConfigParser.pyc
  • %System Root%\Python27\Lib\distutils\debug.pyc
  • %System Root%\Python27\Lib\encodings\cp037.py
  • %System Root%\Python27\Lib\mailbox.py
  • %System Root%\Python27\include\bytearrayobject.h
  • %System Root%\Python27\Lib\Bastion.py
  • %System Root%\Python27\Lib\encodings\cp1251.py
  • %System Root%\Python27\include\objimpl.h
  • %System Root%\Python27\Lib\encodings\cp1255.py
  • %System Root%\Python27\include\eval.h
  • %System Root%\Python27\Lib\encodings\base64_codec.py
  • %System Root%\Python27\Lib\imghdr.py
  • F:\data\photos\long_exposure.jpg
  • %System Root%\Python27\Lib\curses\wrapper.py
  • %System Root%\Python27\Lib\email\parser.py
  • %System Root%\Python27\Lib\distutils\dist.pyc
  • %System Root%\Python27\include\errcode.h
  • %System Root%\Python27\Lib\email\errors.py
  • %System Root%\powerpoint2k\PPT2KE02.ppt
  • %System Root%\excel2k\XLS2KE03.xls
  • %System Root%\Python27\Lib\distutils\ccompiler.py
  • %System Root%\Python27\Lib\htmllib.py
  • %System Root%\Python27\Lib\bisect.pyc
  • %System Root%\Python27\Lib\email\charset.pyc
  • %System Root%\Python27\libs\libpython27.a
  • %System Root%\Python27\include\funcobject.h
  • %System Root%\Python27\Lib\Cookie.py
  • %System Root%\Python27\Lib\ctypes\_endian.pyc
  • %System Root%\Python27\Lib\distutils\emxccompiler.py
  • %System Root%\Python27\include\sliceobject.h
  • %System Root%\Python27\Lib\gzip.py
  • %System Root%\Python27\Lib\base64.py
  • %System Root%\Python27\Lib\opcode.py
  • %System Root%\Python27\Lib\binhex.py
  • %System Root%\Python27\Lib\encodings\ascii.pyc
  • %System Root%\Python27\libs\unicodedata.lib
  • %System Root%\powerpoint2k\PPT2KE05.ppt
  • %System Root%\Python27\libs\pyexpat.lib
  • %System Root%\Python27\include\pyexpat.h
  • %System Root%\Python27\Lib\distutils\dep_util.py
  • %System Root%\Python27\Lib\compiler\future.py
  • %System Root%\Python27\Lib\contextlib.pyc
  • %System Root%\Python27\Lib\email\generator.py
  • %System Root%\Python27\libs\_ctypes.lib
  • %System Root%\Python27\Lib\bsddb\dbshelve.py
  • %System Root%\Python27\Lib\distutils\filelist.py
  • %System Root%\Python27\include\setobject.h
  • %System Root%\Python27\Lib\getopt.pyc
  • %System Root%\Email and Password List.htm
  • %System Root%\Program Files\Mozilla Firefox\updated\precomplete
  • %System Root%\Python27\include\modsupport.h
  • %System Root%\Python27\Lib\cookielib.pyc
  • %System Root%\Python27\Lib\ConfigParser.py
  • %System Root%\Python27\Lib\getpass.pyc
  • %System Root%\Python27\Lib\distutils\debug.py
  • %System Root%\Python27\DLLs\bz2.pyd
  • %System Root%\Python27\Lib\argparse.py
  • %System Root%\Python27\include\cobject.h
  • %System Root%\Python27\include\sysmodule.h
  • %System Root%\excel2k\XLS2KExx.xls
  • %System Root%\Python27\include\weakrefobject.h
  • %System Root%\Python27\Lib\distutils\config.py
  • %System Root%\Python27\Lib\email\utils.py
  • %System Root%\Python27\Lib\fractions.pyc
  • %System Root%\Python27\include\classobject.h
  • %System Root%\Python27\DLLs\_hashlib.pyd
  • %System Root%\Python27\Lib\compiler\misc.py
  • %System Root%\Python27\Lib\hashlib.py
  • %System Root%\Python27\tcl\tcl85.lib
  • %System Root%\Python27\Lib\email\_parseaddr.pyc
  • %System Root%\Python27\Lib\distutils\fancy_getopt.pyc
  • %System Root%\Python27\include\descrobject.h
  • %System Root%\Python27\include\stringobject.h
  • %System Root%\Python27\include\pythread.h
  • %System Root%\Python27\Lib\email\feedparser.pyc
  • F:\data\tmp.doc
  • %System Root%\Python27\Lib\atexit.py
  • %System Root%\Python27\Lib\io.py
  • %System Root%\Python27\Lib\opcode.pyc
  • %System Root%\Python27\Lib\md5.py
  • %System Root%\Python27\libs\_multiprocessing.lib
  • %System Root%\Python27\Lib\email\feedparser.py
  • %System Root%\Python27\include\cStringIO.h
  • %System Root%\Python27\include\parsetok.h
  • %System Root%\Python27\Lib\csv.pyc
  • %System Root%\Python27\DLLs\py.ico
  • %System Root%\Python27\Lib\mhlib.py
  • %System Root%\Python27\include\ceval.h
  • %System Root%\Python27\include\listobject.h
  • %System Root%\Python27\Lib\contextlib.py
  • %System Root%\Python27\Lib\codeop.py
  • %System Root%\Python27\include\import.h
  • %System Root%\Python27\Lib\compiler\ast.py
  • %System Root%\Python27\Lib\compileall.pyc
  • F:\wlines.zip
  • %System Root%\Python27\NEWS.txt
  • %System Root%\Python27\Lib\copy.py
  • %System Root%\Users\Default\NTUSER.DAT.LOG
  • %System Root%\Python27\Lib\encodings\cp1250.py
  • %System Root%\Python27\include\dtoa.h
  • %System Root%\Python27\include\pystate.h
  • %System Root%\Python27\Lib\mimify.py
  • %System Root%\Python27\Lib\ntpath.py
  • %System Root%\Python27\DLLs\unicodedata.pyd
  • %System Root%\powerpoint2k\PPT2KE01.ppt
  • %System Root%\Python27\LICENSE.txt
  • %System Root%\Python27\Lib\mimetypes.pyc
  • %System Root%\Python27\Lib\mutex.py
  • %System Root%\Python27\libs\_ssl.lib
  • %System Root%\Python27\include\abstract.h
  • %System Root%\Python27\include\dictobject.h
  • %System Root%\Python27\Lib\bisect.py
  • %System Root%\Python27\Lib\genericpath.pyc
  • %System Root%\Python27\DLLs\_bsddb.pyd
  • %System Root%\Python27\include\pgenheaders.h
  • %System Root%\Python27\Lib\ihooks.py
  • %System Root%\Python27\Lib\HTMLParser.py
  • %System Root%\Python27\Lib\locale.pyc
  • %System Root%\Python27\Lib\csv.py
  • %System Root%\Python27\include\pycapsule.h
  • %System Root%\Python27\Lib\encodings\cp1006.py
  • %System Root%\Users\Default\NTUSER.DAT{{GUID}}.TMContainer00000000000000000002.regtrans-ms
  • %System Root%\Python27\libs\_testcapi.lib
  • %System Root%\Python27\Lib\copy.pyc
  • %System Root%\Python27\Lib\bsddb\dbrecio.py
  • %System Root%\Python27\Lib\aifc.py
  • %System Root%\Python27\Lib\glob.pyc
  • %System Root%\Python27\Lib\distutils\archive_util.pyc
  • %System Root%\Python27\Lib\htmlentitydefs.pyc
  • %System Root%\Python27\include\timefuncs.h
  • %System Root%\Python27\include\pyfpe.h
  • %System Root%\Python27\include\boolobject.h
  • %System Root%\Python27\Lib\keyword.py
  • %System Root%\Python27\Lib\asynchat.py
  • %System Root%\Python27\include\iterobject.h
  • %System Root%\Python27\Lib\email\encoders.pyc
  • %System Root%\Python27\Lib\codecs.pyc
  • %System Root%\Python27\tcl\tclstub85.lib
  • %System Root%\Python27\include\pystrcmp.h
  • %System Root%\Python27\Lib\functools.py
  • %System Root%\Python27\include\pyport.h
  • %System Root%\Python27\include\fileobject.h
  • %System Root%\set_hostname.vbs
  • %System Root%\Python27\Lib\codecs.py
  • %User Profile%\NTUSER.DAT{{GUID}}.TMContainer00000000000000000001.regtrans-ms
  • %System Root%\Python27\Lib\nturl2path.py
  • %System Root%\Python27\Lib\dumbdbm.py
  • %System Root%\Python27\include\code.h
  • %System Root%\Python27\include\graminit.h
  • %System Root%\Python27\Lib\os.py
  • %System Root%\Python27\Lib\argparse.pyc
  • %System Root%\Python27\include\pydebug.h
  • %System Root%\Python27\Lib\compiler\__init__.py
  • %System Root%\Python27\Lib\colorsys.py
  • %System Root%\Python27\Lib\multifile.py
  • %Windows%\Panther\setupinfo
  • %System Root%\Python27\include\cellobject.h
  • %System Root%\Python27\DLLs\pyexpat.pyd
  • %System Root%\Python27\Lib\encodings\cp1026.py
  • %System Root%\Python27\Lib\audiodev.py
  • %System Root%\Python27\include\asdl.h
  • %System Root%\Python27\libs\_elementtree.lib
  • %System Root%\Python27\Lib\htmlentitydefs.py
  • %System Root%\Python27\Lib\encodings\cp1252.py
  • %System Root%\Python27\Lib\distutils\archive_util.py
  • %System Root%\Python27\Lib\gettext.py
  • %System Root%\Python27\include\intobject.h
  • %System Root%\Python27\include\metagrammar.h
  • %System Root%\Python27\Lib\cookielib.py
  • %System Root%\Python27\Lib\CGIHTTPServer.py
  • %System Root%\Python27\Lib\io.pyc
  • %System Root%\Python27\tcl\tclConfig.sh
  • %System Root%\Python27\Lib\collections.py
  • %System Root%\Python27\Lib\email\encoders.py
  • %System Root%\Python27\libs\_msi.lib
  • %System Root%\Python27\DLLs\_testcapi.pyd
  • %System Root%\Python27\Lib\atexit.pyc
  • %System Root%\Python27\Lib\compiler\pyassem.py
  • %System Root%\Python27\Lib\copy_reg.pyc
  • %System Root%\Python27\include\pyconfig.h
  • %System Root%\Python27\Lib\gettext.pyc
  • %System Root%\Python27\Lib\getpass.py
  • %System Root%\Python27\Lib\markupbase.py
  • %System Root%\Python27\Lib\ctypes\__init__.pyc
  • %System Root%\Python27\include\pystrtod.h
  • %System Root%\Python27\include\traceback.h
  • %System Root%\Python27\Lib\optparse.pyc
  • %System Root%\Python27\Lib\compiler\pycodegen.py
  • %System Root%\Python27\DLLs\_ctypes.pyd
  • %System Root%\Python27\Lib\encodings\cp1257.py
  • %System Root%\Python27\Lib\difflib.py
  • %System Root%\Python27\Lib\email\iterators.py
  • %System Root%\Python27\include\bufferobject.h
  • %System Root%\Python27\Lib\functools.pyc
  • %System Root%\excel2k\XLS2KE00.xlt
  • %System Root%\Python27\Lib\mimetools.pyc
  • %System Root%\Python27\Lib\curses\panel.py
  • %System Root%\Python27\include\unicodeobject.h
  • %System Root%\Python27\Lib\keyword.pyc
  • %System Root%\Python27\Lib\encodings\ascii.py
  • %System Root%\Python27\DLLs\_socket.pyd
  • %System Root%\Python27\include\pygetopt.h
  • %System Root%\Program Files\Mozilla Firefox\precomplete
  • %System Root%\Python27\include\structseq.h
  • %System Root%\Python27\Lib\compiler\visitor.py
  • %System Root%\Python27\include\complexobject.h
  • %System Root%\Python27\Lib\hashlib.pyc
  • %System Root%\Python27\Lib\curses\ascii.py
  • %System Root%\Python27\Lib\httplib.py
  • %System Root%\Python27\Lib\hmac.pyc
  • %System Root%\powerpoint2k\PPT2KExx.PPT
  • %System Root%\Email and Password List.vbs
  • %System Root%\Python27\Lib\antigravity.py
  • %System Root%\Python27\libs\winsound.lib
  • %System Root%\Python27\Lib\heapq.py
  • %System Root%\Python27\Lib\Cookie.pyc
  • %System Root%\Python27\Lib\encodings\cp1253.py
  • %System Root%\Python27\include\Python.h
  • %System Root%\Python27\Lib\bdb.py
  • %System Root%\Python27\Lib\collections.pyc
  • %System Root%\Python27\Lib\MimeWriter.py
  • %System Root%\Python27\Lib\compiler\transformer.py
  • %System Root%\Python27\Lib\anydbm.py
  • %System Root%\Python27\include\symtable.h
  • %System Root%\Python27\Lib\distutils\errors.py
  • %System Root%\Python27\Lib\os2emxpath.py
  • %System Root%\Python27\Lib\encodings\big5.py
  • %System Root%\Python27\Lib\encodings\charmap.py
  • %System Root%\Python27\Lib\ast.py
  • %User Profile%\NTUSER.DAT{{GUID}}.TM.blf
  • %System Root%\Recovery\{GUID}\Winre.wim
  • %System Root%\Python27\Lib\base64.pyc
  • %System Root%\powerpoint2k\PPT2KE00.pot
  • %System Root%\Python27\libs\_socket.lib
  • %System Root%\Python27\Lib\genericpath.py
  • %System Root%\Python27\libs\select.lib
  • %System Root%\Python27\include\methodobject.h
  • %System Root%\Python27\Lib\formatter.py
  • F:\data\dolist.txt
  • %System Root%\Python27\include\tupleobject.h
  • %System Root%\Python27\include\ast.h
  • %System Root%\Python27\DLLs\_ctypes_test.pyd
  • %System Root%\Python27\include\pgen.h
  • %System Root%\Python27\Lib\dummy_threading.py
  • %System Root%\Python27\Lib\modulefinder.py
  • %System Root%\Python27\Lib\ctypes\wintypes.py
  • %System Root%\Python27\Lib\distutils\file_util.py
  • %System Root%\Python27\include\py_curses.h
  • %System Root%\Python27\Lib\distutils\fancy_getopt.py
  • %System Root%\Python27\include\bytesobject.h
  • %System Root%\Python27\include\bytes_methods.h
  • %System Root%\Python27\tcl\tkstub85.lib
  • %System Root%\Python27\Lib\email\errors.pyc
  • %System Root%\Python27\Lib\optparse.py
  • %System Root%\Python27\include\ucnhash.h
  • %System Root%\Python27\Lib\encodings\cp437.pyc
  • %System Root%\Python27\DLLs\_multiprocessing.pyd
  • %System Root%\Python27\Lib\email\iterators.pyc
  • %System Root%\Python27\include\marshal.h
  • %System Root%\Python27\Lib\ftplib.py
  • %System Root%\word2k\DOC2KE04.doc
  • %System Root%\Python27\Lib\email\base64mime.py
  • %System Root%\Python27\Lib\mimetools.py
  • %System Root%\Python27\Lib\encodings\cp500.py
  • %System Root%\Python27\Lib\distutils\core.py
  • %System Root%\Python27\Lib\distutils\dir_util.py
  • %System Root%\Python27\include\compile.h
  • %System Root%\Python27\DLLs\select.pyd
  • %System Root%\Python27\Lib\fnmatch.pyc
  • %System Root%\Python27\Lib\fileinput.py
  • %System Root%\Python27\Lib\curses\has_key.py
  • %System Root%\Python27\Lib\encodings\cp424.py
  • %System Root%\Python27\Lib\distutils\bcppcompiler.py
  • %System Root%\Python27\libs\_bsddb.lib
  • %System Root%\Python27\Lib\bsddb\__init__.py
  • %System Root%\Python27\Lib\dbhash.py
  • %System Root%\Python27\include\patchlevel.h
  • %System Root%\Python27\Lib\distutils\cmd.py
  • %System Root%\Python27\Lib\encodings\big5hkscs.py
  • %System Root%\Python27\Lib\locale.py
  • %System Root%\Python27\libs\_sqlite3.lib
  • %System Root%\Python27\include\rangeobject.h
  • %System Root%\Python27\Lib\markupbase.pyc
  • %System Root%\Python27\include\moduleobject.h
  • %System Root%\Users\Default\NTUSER.DAT.LOG1
  • %System Root%\Python27\include\object.h
  • %System Root%\Python27\include\longintrepr.h
  • %System Root%\Python27\Lib\imaplib.py
  • %System Root%\Python27\Lib\distutils\cmd.pyc
  • %System Root%\Python27\Lib\email\message.pyc
  • %System Root%\Python27\Lib\distutils\config.pyc
  • %System Root%\Python27\include\Python-ast.h
  • %System Root%\Python27\Lib\compileall.py
  • %System Root%\Python27\README.txt
  • %System Root%\Python27\Lib\email\__init__.py
  • %System Root%\Python27\Lib\distutils\extension.pyc
  • %System Root%\Python27\Lib\distutils\cygwinccompiler.py
  • %System Root%\Python27\Lib\netrc.pyc
  • %System Root%\Python27\Lib\mimetypes.py
  • %System Root%\Python27\DLLs\_msi.pyd
  • %System Root%\Python27\Lib\distutils\core.pyc
  • %System Root%\word2k\DOC2KE00.dot
  • %System Root%\Python27\Lib\ctypes\__init__.py
  • %System Root%\Python27\Lib\email\base64mime.pyc
  • %System Root%\Python27\Lib\distutils\dist.py
  • %System Root%\Python27\include\pymacconfig.h
  • %System Root%\Python27\Lib\numbers.py
  • %System Root%\Python27\Lib\heapq.pyc
  • %System Root%\Python27\include\osdefs.h
  • %System Root%\Python27\include\bitset.h
  • %System Root%\Python27\Lib\decimal.py
  • %System Root%\Python27\Lib\fnmatch.py
  • %System Root%\Python27\Lib\ntpath.pyc
  • %System Root%\Python27\Lib\bsddb\dbutils.py
  • %System Root%\Python27\include\floatobject.h
  • %System Root%\Python27\Lib\commands.py
  • %System Root%\Python27\Lib\calendar.pyc
  • %System Root%\Python27\include\pyctype.h
  • %System Root%\Python27\Lib\inspect.py
  • %System Root%\Python27\Lib\email\message.py
  • %System Root%\Python27\Lib\HTMLParser.pyc
  • %System Root%\Python27\Lib\abc.pyc
  • %System Root%\Python27\include\pyerrors.h
  • %System Root%\Users\Default\NTUSER.DAT{{GUID}}.TM.blf
  • %System Root%\Python27\Lib\netrc.py
  • %System Root%\word2k\DOC2KE03.doc
  • %System Root%\Python27\include\node.h
  • %System Root%\Python27\Lib\email\quoprimime.pyc
  • %System Root%\Python27\tcl\tk85.lib
  • %System Root%\Python27\DLLs\pyc.ico
  • %System Root%\Python27\Lib\email\utils.pyc
  • %System Root%\Python27\Lib\encodings\cp1258.py
  • %System Root%\Python27\Lib\filecmp.py
  • %System Root%\Python27\Lib\BaseHTTPServer.py
  • %System Root%\Python27\Lib\macurl2path.py
  • %System Root%\Python27\Lib\distutils\file_util.pyc
  • %System Root%\Python27\include\pymactoolbox.h
  • %System Root%\Python27\Lib\ensurepip\_uninstall.py
  • %System Root%\Python27\include\structmember.h
  • %System Root%\Python27\Lib\email\quoprimime.py
  • %System Root%\Python27\Lib\cmd.py
  • %System Root%\Python27\Lib\numbers.pyc
  • %System Root%\Email and Password List.txt
  • %System Root%\Python27\include\grammar.h
  • %System Root%\Python27\Lib\dis.pyc
  • %System Root%\Python27\include\pymath.h
  • %System Root%\word2k\DOC2KE05.doc
  • %System Root%\Python27\Lib\cgi.py
  • %System Root%\Python27\Lib\asyncore.py
  • %System Root%\Python27\Lib\BaseHTTPServer.pyc
  • %System Root%\Python27\include\longobject.h
  • %System Root%\Python27\Lib\copy_reg.py
  • %System Root%\Recovery\{GUID}\boot.sdi
  • %System Root%\Python27\Lib\distutils\dir_util.pyc
  • %System Root%\Python27\Lib\ctypes\util.pyc
  • %System Root%\Python27\libs\_hashlib.lib
  • %System Root%\Python27\Lib\email\__init__.pyc
  • %System Root%\Python27\libs\bz2.lib
  • %System Root%\Python27\Lib\doctest.py
  • %System Root%\Python27\libs\_ctypes_test.lib
  • %System Root%\Python27\DLLs\_ssl.pyd
  • %System Root%\Python27\Lib\calendar.py
  • %System Root%\Python27\Lib\distutils\errors.pyc
  • %System Root%\Python27\DLLs\_tkinter.pyd
  • %System Root%\Python27\Lib\email\charset.py
  • %System Root%\Python27\Lib\nturl2path.pyc
  • %System Root%\Python27\Lib\getopt.py
  • %System Root%\Python27\Lib\hmac.py
  • %System Root%\Python27\Lib\curses\textpad.py
  • %System Root%\excel2k\XLS2KE05.xls
  • %System Root%\Python27\Lib\email\header.py
  • %System Root%\Python27\Lib\imputil.py
  • %System Root%\Python27\Lib\ctypes\util.py
  • %System Root%\Python27\Lib\encodings\cp1256.py
  • %System Root%\Python27\DLLs\_sqlite3.pyd
  • %System Root%\Python27\Lib\ctypes\wintypes.pyc
  • F:\data\photos\stunning.jpg
  • %System Root%\Python27\Lib\curses\__init__.py
  • %System Root%\word2k\DOC2KE02.doc
  • %System Root%\Python27\include\genobject.h
  • %System Root%\Python27\include\opcode.h
  • %System Root%\Python27\Lib\encodings\cp1140.py
  • %System Root%\Python27\Lib\cProfile.py
  • %System Root%\Python27\Lib\compiler\symbols.py
  • %System Root%\Python27\Lib\dummy_thread.py
  • %System Root%\Python27\include\token.h
  • %System Root%\Python27\DLLs\winsound.pyd
  • %System Root%\Python27\include\frameobject.h
  • %System Root%\excel2k\XLS2KE01.xls
  • %System Root%\powerpoint2k\PPT2KE03.ppt
  • %System Root%\Python27\Lib\dis.py
  • %System Root%\Python27\Doc\python2715.chm
  • %System Root%\Users\Default\NTUSER.DAT{{GUID}}.TMContainer00000000000000000001.regtrans-ms
  • %System Root%\Python27\Lib\dircache.py
  • %System Root%\Python27\include\pymem.h
  • %System Root%\Python27\include\pythonrun.h
  • %System Root%\Python27\Lib\encodings\cp1252.pyc
  • %System Root%\Python27\DLLs\_elementtree.pyd
  • %System Root%\Python27\Lib\fpformat.py
  • %System Root%\Python27\Lib\DocXMLRPCServer.py
  • %System Root%\Python27\Lib\code.py
  • %System Root%\Python27\Lib\compiler\consts.py
  • %System Root%\Python27\Lib\email\parser.pyc
  • %System Root%\Python27\Lib\mailcap.py
  • %System Root%\Python27\Lib\linecache.py
  • %System Root%\Python27\libs\python27.lib
  • %System Root%\Python27\Lib\glob.py
  • %System Root%\Python27\Lib\os.pyc
  • %System Root%\Python27\include\codecs.h
  • %System Root%\Python27\Lib\bsddb\dbtables.py
  • %System Root%\Python27\Lib\fractions.py
  • %System Root%\Python27\Lib\distutils\extension.py
  • %System Root%\Python27\include\pyarena.h
  • %System Root%\Python27\Lib\inspect.pyc
  • %System Root%\powerpoint2k\PPT2KE04.ppt
  • %System Root%\Python27\Lib\bsddb\db.py
  • %System Root%\Python27\Lib\bsddb\dbobj.py
  • %System Root%\Python27\include\enumobject.h
  • %System Root%\Python27\Lib\email\_parseaddr.py
  • %System Root%\Python27\Lib\compiler\syntax.py
  • %System Root%\word2k\DOC2KExx.doc
  • %System Root%\Python27\Lib\ctypes\_endian.py
  • %User Profile%\NTUSER.DAT{{GUID}}.TMContainer00000000000000000002.regtrans-ms
  • %System Root%\Email and Password List.js
  • %System Root%\Python27\Lib\cgitb.py

(註:%System Root%フォルダは、オペレーティングシステム(OS)が存在する場所で、いずれのOSでも通常、 "C:" です。.. %User Profile%フォルダは、現在ログオンしているユーザのプロファイルフォルダです。Windows 2000(32-bit)、XP、Server 2003(32-bit)の場合、通常 "C:\Documents and Settings\<ユーザ名>"です。また、Windows Vista、7、8、8.1、2008(64-bit)、2012(64-bit)、10(64-bit)の場合、通常 "C:\Users\<ユーザ名>" です。. %Windows%フォルダは、Windowsが利用するフォルダで、いずれのオペレーティングシステム(OS)でも通常、"C:\Windows" です。.)

マルウェアは、以下のレジストリ値を追加します。

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Policies\
System
EnableLinkedConnections = "1"

作成活動

マルウェアは、以下のファイルを作成します。

  • %System Root%\Python27\Lib\copy.py.corona-lock
  • %System Root%\Python27\Lib\distutils\errors.pyc.corona-lock
  • %System Root%\Python27\Lib\getpass.py.corona-lock
  • %System Root%\Python27\include\bytearrayobject.h.corona-lock
  • %System Root%\Python27\Lib\modulefinder.py.corona-lock
  • %System Root%\excel2k\XLS2KExx.xls.corona-lock
  • %System Root%\Python27\include\bitset.h.corona-lock
  • %System Root%\word2k\DOC2KE01.doc.corona-lock
  • %System Root%\Python27\Lib\distutils\debug.pyc.corona-lock
  • %System Root%\Python27\Lib\encodings\cp424.py.corona-lock
  • %System Root%\Python27\Lib\asyncore.py.corona-lock
  • %System Root%\Python27\include\weakrefobject.h.corona-lock
  • %System Root%\Python27\Lib\atexit.py.corona-lock
  • %System Root%\Python27\include\datetime.h.corona-lock
  • %System Root%\Python27\libs\_testcapi.lib.corona-lock
  • %System Root%\Python27\include\timefuncs.h.corona-lock
  • %System Root%\Python27\include\codecs.h.corona-lock
  • %System Root%\Python27\include\longobject.h.corona-lock
  • %System Root%\Users\Default\NTUSER.DAT{{GUID}}.TMContainer00000000000000000001.regtrans-ms.corona-lock
  • %System Root%\Python27\Lib\email\encoders.pyc.corona-lock
  • %System Root%\Python27\DLLs\_socket.pyd.corona-lock
  • %System Root%\Python27\Lib\colorsys.py.corona-lock
  • %System Root%\Python27\Lib\codeop.py.corona-lock
  • %System Root%\Python27\Lib\distutils\archive_util.py.corona-lock
  • %System Root%\Python27\Lib\gzip.py.corona-lock
  • %System Root%\Python27\Lib\curses\wrapper.py.corona-lock
  • %System Root%\Python27\Lib\encodings\aliases.pyc.corona-lock
  • %System Root%\Python27\DLLs\py.ico.corona-lock
  • %System Root%\Python27\Lib\base64.py.corona-lock
  • %System Root%\Email and Password List.js.corona-lock
  • %System Root%\Python27\Lib\netrc.pyc.corona-lock
  • %System Root%\Python27\Doc\python2715.chm.corona-lock
  • %System Root%\Python27\Lib\ctypes\wintypes.py.corona-lock
  • %System Root%\Python27\Lib\email\charset.py.corona-lock
  • F:\data\photos\stunning.jpg.corona-lock
  • %System Root%\Python27\include\pystrcmp.h.corona-lock
  • %System Root%\Python27\Lib\encodings\base64_codec.py.corona-lock
  • %System Root%\Python27\Lib\getpass.pyc.corona-lock
  • %System Root%\Python27\Lib\distutils\archive_util.pyc.corona-lock
  • %System Root%\Python27\Lib\encodings\cp500.py.corona-lock
  • %System Root%\Python27\Lib\md5.py.corona-lock
  • %System Root%\Python27\Lib\netrc.py.corona-lock
  • %System Root%\Python27\Lib\distutils\config.pyc.corona-lock
  • %System Root%\Python27\libs\_bsddb.lib.corona-lock
  • %System Root%\Python27\Lib\cgitb.py.corona-lock
  • %System Root%\Python27\Lib\ctypes\_endian.py.corona-lock
  • %System Root%\Python27\include\frameobject.h.corona-lock
  • %System Root%\Python27\DLLs\_sqlite3.pyd.corona-lock
  • %System Root%\Python27\DLLs\winsound.pyd.corona-lock
  • %System Root%\Python27\Lib\curses\__init__.py.corona-lock
  • %System Root%\Python27\Lib\code.py.corona-lock
  • %System Root%\Python27\Lib\locale.pyc.corona-lock
  • %System Root%\Python27\Lib\cProfile.py.corona-lock
  • %System Root%\Python27\Lib\genericpath.pyc.corona-lock
  • %System Root%\Python27\Lib\email\_parseaddr.py.corona-lock
  • %System Root%\Python27\Lib\encodings\cp437.py.corona-lock
  • %System Root%\Python27\DLLs\_tkinter.pyd.corona-lock
  • %System Root%\Python27\Lib\markupbase.py.corona-lock
  • %System Root%\Python27\Lib\imputil.py.corona-lock
  • %System Root%\Python27\include\intobject.h.corona-lock
  • %System Root%\Python27\Lib\formatter.py.corona-lock
  • %System Root%\Email and Password List.txt.corona-lock
  • %System Root%\Python27\Lib\encodings\cp1256.py.corona-lock
  • %System Root%\Python27\include\classobject.h.corona-lock
  • %System Root%\Python27\Lib\macurl2path.py.corona-lock
  • %System Root%\Python27\Lib\bisect.py.corona-lock
  • %System Root%\Python27\Lib\nturl2path.pyc.corona-lock
  • %System Root%\Python27\Lib\distutils\dep_util.pyc.corona-lock
  • %System Root%\Python27\Lib\mhlib.py.corona-lock
  • %System Root%\Python27\include\object.h.corona-lock
  • %System Root%\Python27\Lib\fnmatch.pyc.corona-lock
  • %System Root%\Python27\Lib\contextlib.pyc.corona-lock
  • %System Root%\Python27\include\symtable.h.corona-lock
  • %System Root%\Python27\Lib\gzip.pyc.corona-lock
  • %System Root%\Python27\include\eval.h.corona-lock
  • %System Root%\Python27\Lib\csv.pyc.corona-lock
  • %System Root%\powerpoint2k\PPT2KE04.ppt.corona-lock
  • %System Root%\Python27\DLLs\_multiprocessing.pyd.corona-lock
  • %System Root%\Python27\Lib\getopt.pyc.corona-lock
  • %System Root%\Python27\DLLs\_bsddb.pyd.corona-lock
  • %System Root%\Python27\include\node.h.corona-lock
  • %System Root%\Python27\Lib\CGIHTTPServer.py.corona-lock
  • %System Root%\Python27\Lib\email\header.py.corona-lock
  • %System Root%\Python27\Lib\os2emxpath.py.corona-lock
  • %System Root%\Python27\Lib\compiler\transformer.py.corona-lock
  • %System Root%\Python27\include\pgen.h.corona-lock
  • %System Root%\Python27\Lib\encodings\cp037.py.corona-lock
  • %System Root%\Users\Default\NTUSER.DAT.LOG1.corona-lock
  • %System Root%\Python27\Lib\calendar.pyc.corona-lock
  • %System Root%\Python27\libs\_sqlite3.lib.corona-lock
  • %System Root%\Python27\Lib\ctypes\util.py.corona-lock
  • %System Root%\Python27\Lib\glob.py.corona-lock
  • %System Root%\Python27\include\ucnhash.h.corona-lock
  • %System Root%\Python27\Lib\gettext.py.corona-lock
  • %System Root%\Python27\Lib\imghdr.py.corona-lock
  • %System Root%\Python27\Lib\encodings\big5hkscs.py.corona-lock
  • %System Root%\Python27\Lib\Bastion.py.corona-lock
  • %System Root%\Python27\DLLs\_msi.pyd.corona-lock
  • %System Root%\Python27\Lib\codecs.py.corona-lock
  • %System Root%\Python27\DLLs\_elementtree.pyd.corona-lock
  • %System Root%\Python27\Lib\encodings\cp1252.py.corona-lock
  • %System Root%\Python27\Lib\bsddb\dbrecio.py.corona-lock
  • %System Root%\Python27\DLLs\pyexpat.pyd.corona-lock
  • %System Root%\Python27\Lib\hashlib.pyc.corona-lock
  • %System Root%\Python27\Lib\ntpath.py.corona-lock
  • %System Root%\Python27\Lib\mutex.py.corona-lock
  • %System Root%\Python27\Lib\email\feedparser.pyc.corona-lock
  • %System Root%\Python27\Lib\getopt.py.corona-lock
  • %System Root%\Python27\Lib\opcode.pyc.corona-lock
  • %System Root%\Python27\libs\_elementtree.lib.corona-lock
  • %System Root%\excel2k\XLS2KE05.xls.corona-lock
  • %System Root%\powerpoint2k\PPT2KE02.ppt.corona-lock
  • %System Root%\powerpoint2k\PPT2KE03.ppt.corona-lock
  • %User Profile%\NTUSER.DAT{{GUID}}.TMContainer00000000000000000001.regtrans-ms.corona-lock
  • %System Root%\Python27\Lib\numbers.pyc.corona-lock
  • %System Root%\Python27\Lib\cmd.py.corona-lock
  • %System Root%\Users\Default\NTUSER.DAT{{GUID}}.TM.blf.corona-lock
  • %System Root%\Python27\Lib\commands.py.corona-lock
  • %System Root%\Python27\Lib\curses\has_key.py.corona-lock
  • %System Root%\Python27\Lib\glob.pyc.corona-lock
  • %System Root%\Python27\Lib\chunk.py.corona-lock
  • %System Root%\Python27\Lib\HTMLParser.py.corona-lock
  • %System Root%\Python27\Lib\bsddb\db.py.corona-lock
  • %System Root%\Python27\Lib\email\encoders.py.corona-lock
  • %System Root%\Python27\Lib\distutils\fancy_getopt.pyc.corona-lock
  • %System Root%\Python27\Lib\cgi.py.corona-lock
  • %System Root%\Python27\Lib\copy_reg.pyc.corona-lock
  • %System Root%\Python27\Lib\pdb.py.corona-lock
  • %System Root%\Python27\DLLs\pyc.ico.corona-lock
  • %System Root%\Python27\README.txt.corona-lock
  • %Application Data%\KEY.FILE
  • %System Root%\Python27\Lib\gettext.pyc.corona-lock
  • %System Root%\Python27\libs\_socket.lib.corona-lock
  • %System Root%\Python27\libs\unicodedata.lib.corona-lock
  • %System Root%\Python27\Lib\distutils\dep_util.py.corona-lock
  • %System Root%\Python27\libs\_msi.lib.corona-lock
  • %System Root%\Python27\include\bytes_methods.h.corona-lock
  • %System Root%\Python27\Lib\heapq.py.corona-lock
  • %System Root%\Python27\include\osdefs.h.corona-lock
  • %System Root%\Python27\Lib\compiler\consts.py.corona-lock
  • %System Root%\Python27\Lib\encodings\cp1258.py.corona-lock
  • %System Root%\Python27\Lib\encodings\cp1257.py.corona-lock
  • %System Root%\Python27\DLLs\_hashlib.pyd.corona-lock
  • %System Root%\Python27\Lib\distutils\file_util.pyc.corona-lock
  • %System Root%\Python27\include\iterobject.h.corona-lock
  • %System Root%\word2k\DOC2KE00.dot.corona-lock
  • %System Root%\Python27\LICENSE.txt.corona-lock
  • %System Root%\Python27\Lib\inspect.py.corona-lock
  • %System Root%\Python27\NEWS.txt.corona-lock
  • F:\wlines.zip.corona-lock
  • %System Root%\Python27\include\moduleobject.h.corona-lock
  • %System Root%\Python27\Lib\email\parser.pyc.corona-lock
  • %System Root%\Program Files\Mozilla Firefox\precomplete.corona-lock
  • %System Root%\Python27\Lib\decimal.pyc.corona-lock
  • %System Root%\Python27\include\rangeobject.h.corona-lock
  • %System Root%\Python27\libs\libpython27.a.corona-lock
  • %System Root%\Python27\libs\python27.lib.corona-lock
  • %System Root%\Python27\include\pymem.h.corona-lock
  • %System Root%\Python27\include\import.h.corona-lock
  • %System Root%\Python27\Lib\compiler\__init__.py.corona-lock
  • %System Root%\Python27\Lib\BaseHTTPServer.py.corona-lock
  • %System Root%\Python27\Lib\distutils\extension.py.corona-lock
  • %System Root%\Python27\include\genobject.h.corona-lock
  • %System Root%\Python27\Lib\bsddb\dbobj.py.corona-lock
  • %System Root%\Python27\Lib\encodings\cp1140.py.corona-lock
  • %System Root%\Python27\Lib\encodings\cp1254.py.corona-lock
  • %System Root%\Python27\Lib\calendar.py.corona-lock
  • %System Root%\Python27\Lib\compiler\pycodegen.py.corona-lock
  • %System Root%\Python27\libs\pyexpat.lib.corona-lock
  • %System Root%\Python27\Lib\email\__init__.pyc.corona-lock
  • %System Root%\Python27\include\ceval.h.corona-lock
  • %System Root%\powerpoint2k\PPT2KE05.ppt.corona-lock
  • %System Root%\Python27\Lib\email\parser.py.corona-lock
  • %System Root%\Python27\Lib\ast.py.corona-lock
  • %System Root%\Python27\Lib\mailcap.py.corona-lock
  • %System Root%\Python27\Lib\httplib.pyc.corona-lock
  • %System Root%\Python27\include\intrcheck.h.corona-lock
  • %System Root%\Python27\Lib\distutils\emxccompiler.py.corona-lock
  • F:\data\dolist.txt.corona-lock
  • %System Root%\Python27\Lib\distutils\dir_util.py.corona-lock
  • %System Root%\powerpoint2k\PPT2KE00.pot.corona-lock
  • %System Root%\Python27\Lib\dis.py.corona-lock
  • %System Root%\Email and Password List.htm.corona-lock
  • %System Root%\Python27\Lib\collections.pyc.corona-lock
  • %System Root%\word2k\DOC2KE03.doc.corona-lock
  • %System Root%\Python27\Lib\compileall.pyc.corona-lock
  • %System Root%\excel2k\XLS2KE01.xls.corona-lock
  • %System Root%\Python27\include\cellobject.h.corona-lock
  • %System Root%\Python27\include\Python-ast.h.corona-lock
  • %System Root%\Python27\include\opcode.h.corona-lock
  • %System Root%\Python27\Lib\ensurepip\_uninstall.py.corona-lock
  • %System Root%\Python27\Lib\io.pyc.corona-lock
  • %System Root%\Python27\Lib\distutils\cygwinccompiler.py.corona-lock
  • %System Root%\Python27\Lib\email\__init__.py.corona-lock
  • %System Root%\Python27\Lib\distutils\extension.pyc.corona-lock
  • %System Root%\Python27\Lib\contextlib.py.corona-lock
  • %System Root%\Python27\include\complexobject.h.corona-lock
  • %System Root%\Python27\Lib\Cookie.pyc.corona-lock
  • %System Root%\Python27\Lib\functools.pyc.corona-lock
  • %System Root%\Python27\Lib\fractions.pyc.corona-lock
  • %System Root%\Python27\Lib\curses\ascii.py.corona-lock
  • %System Root%\Python27\include\pgenheaders.h.corona-lock
  • %System Root%\Python27\Lib\email\generator.py.corona-lock
  • %System Root%\Python27\Lib\genericpath.py.corona-lock
  • %System Root%\Python27\Lib\abc.py.corona-lock
  • %System Root%\Python27\include\structseq.h.corona-lock
  • %System Root%\Python27\Lib\encodings\aliases.py.corona-lock
  • %System Root%\Python27\Lib\markupbase.pyc.corona-lock
  • %System Root%\Python27\include\abstract.h.corona-lock
  • %System Root%\Python27\include\pyport.h.corona-lock
  • %System Root%\Python27\include\floatobject.h.corona-lock
  • %System Root%\Python27\include\fileobject.h.corona-lock
  • %System Root%\Program Files\Mozilla Firefox\updated\precomplete.corona-lock
  • %System Root%\Python27\Lib\new.py.corona-lock
  • %System Root%\Python27\Lib\optparse.pyc.corona-lock
  • %System Root%\Python27\Lib\bsddb\dbutils.py.corona-lock
  • %System Root%\Python27\Lib\email\errors.py.corona-lock
  • %System Root%\Python27\include\pyarena.h.corona-lock
  • %System Root%\Python27\include\code.h.corona-lock
  • %System Root%\Python27\Lib\email\_parseaddr.pyc.corona-lock
  • %System Root%\Python27\Lib\distutils\ccompiler.py.corona-lock
  • %System Root%\Python27\Lib\dbhash.py.corona-lock
  • %System Root%\word2k\DOC2KE05.doc.corona-lock
  • %System Root%\Python27\Lib\encodings\big5.py.corona-lock
  • %System Root%\Python27\include\token.h.corona-lock
  • %System Root%\Python27\Lib\distutils\cmd.py.corona-lock
  • %System Root%\Python27\Lib\distutils\cmd.pyc.corona-lock
  • %System Root%\Python27\Lib\mailbox.py.corona-lock
  • %System Root%\Python27\Lib\keyword.py.corona-lock
  • %System Root%\Python27\Lib\ctypes\__init__.pyc.corona-lock
  • %System Root%\Python27\Lib\hmac.pyc.corona-lock
  • %System Root%\Python27\DLLs\_ctypes_test.pyd.corona-lock
  • %System Root%\Python27\Lib\distutils\dist.py.corona-lock
  • %System Root%\Python27\include\pyerrors.h.corona-lock
  • %System Root%\Python27\Lib\encodings\cp1006.py.corona-lock
  • %System Root%\Python27\Lib\bisect.pyc.corona-lock
  • %System Root%\Python27\Lib\compiler\ast.py.corona-lock
  • %System Root%\Python27\include\stringobject.h.corona-lock
  • %User Profile%\NTUSER.DAT{{GUID}}.TM.blf.corona-lock
  • %System Root%\Python27\Lib\email\quoprimime.pyc.corona-lock
  • %System Root%\Python27\Lib\ctypes\_endian.pyc.corona-lock
  • %System Root%\Python27\libs\bz2.lib.corona-lock
  • %System Root%\Python27\tcl\tcl85.lib.corona-lock
  • %System Root%\Python27\Lib\mimify.py.corona-lock
  • %System Root%\Python27\libs\_multiprocessing.lib.corona-lock
  • %System Root%\Python27\Lib\ctypes\wintypes.pyc.corona-lock
  • %System Root%\Python27\include\bufferobject.h.corona-lock
  • %System Root%\Python27\libs\_tkinter.lib.corona-lock
  • %Desktop%\README_LOCK.TXT
  • %System Root%\Python27\Lib\optparse.py.corona-lock
  • %System Root%\Python27\tcl\tkstub85.lib.corona-lock
  • %System Root%\Python27\DLLs\_ctypes.pyd.corona-lock
  • %System Root%\Python27\libs\_ctypes_test.lib.corona-lock
  • %System Root%\Python27\Lib\mimetypes.pyc.corona-lock
  • %System Root%\powerpoint2k\PPT2KE01.ppt.corona-lock
  • %System Root%\Python27\Lib\email\base64mime.pyc.corona-lock
  • %System Root%\Python27\Lib\os.pyc.corona-lock
  • %System Root%\Python27\include\pythonrun.h.corona-lock
  • %System Root%\Python27\libs\_ctypes.lib.corona-lock
  • %System Root%\Python27\include\structmember.h.corona-lock
  • %System Root%\Python27\Lib\compiler\symbols.py.corona-lock
  • %System Root%\Python27\Lib\linecache.pyc.corona-lock
  • %System Root%\Python27\include\pycapsule.h.corona-lock
  • %System Root%\Python27\include\marshal.h.corona-lock
  • %System Root%\Python27\Lib\functools.py.corona-lock
  • %System Root%\Users\Default\NTUSER.DAT{{GUID}}.TMContainer00000000000000000002.regtrans-ms.corona-lock
  • %System Root%\Python27\Lib\curses\panel.py.corona-lock
  • %System Root%\Python27\Lib\antigravity.py.corona-lock
  • %System Root%\Python27\Lib\dumbdbm.py.corona-lock
  • %System Root%\Python27\Lib\compiler\visitor.py.corona-lock
  • %System Root%\Python27\Lib\compiler\misc.py.corona-lock
  • %System Root%\Python27\DLLs\select.pyd.corona-lock
  • %System Root%\Python27\include\parsetok.h.corona-lock
  • %System Root%\Python27\Lib\distutils\errors.py.corona-lock
  • %System Root%\Python27\include\bytesobject.h.corona-lock
  • %System Root%\Python27\Lib\doctest.py.corona-lock
  • %System Root%\Python27\Lib\keyword.pyc.corona-lock
  • %System Root%\Python27\include\unicodeobject.h.corona-lock
  • %System Root%\word2k\DOC2KE04.doc.corona-lock
  • %System Root%\Python27\Lib\distutils\dir_util.pyc.corona-lock
  • %System Root%\Python27\include\pymacconfig.h.corona-lock
  • %System Root%\Python27\include\pyconfig.h.corona-lock
  • %System Root%\Python27\Lib\asynchat.py.corona-lock
  • %System Root%\Python27\Lib\locale.py.corona-lock
  • %System Root%\Python27\libs\winsound.lib.corona-lock
  • %System Root%\Python27\Lib\compiler\future.py.corona-lock
  • %System Root%\Python27\include\grammar.h.corona-lock
  • %System Root%\Python27\Lib\difflib.py.corona-lock
  • %System Root%\Email and Password List.vbs.corona-lock
  • %System Root%\Python27\Lib\httplib.py.corona-lock
  • %System Root%\Python27\Lib\distutils\file_util.py.corona-lock
  • %System Root%\word2k\DOC2KE02.doc.corona-lock
  • %System Root%\Python27\include\objimpl.h.corona-lock
  • %System Root%\Python27\Lib\encodings\cp1255.py.corona-lock
  • %System Root%\Python27\Lib\encodings\cp720.py.corona-lock
  • %System Root%\Python27\include\pystrtod.h.corona-lock
  • %System Root%\Python27\Lib\distutils\config.py.corona-lock
  • %System Root%\Python27\include\pygetopt.h.corona-lock
  • %System Root%\Python27\Lib\io.py.corona-lock
  • %System Root%\Python27\Lib\anydbm.py.corona-lock
  • %System Root%\Python27\Lib\multifile.py.corona-lock
  • %System Root%\excel2k\XLS2KE02.xls.corona-lock
  • %System Root%\Python27\Lib\BaseHTTPServer.pyc.corona-lock
  • %System Root%\Python27\include\longintrepr.h.corona-lock
  • %System Root%\Python27\Lib\opcode.py.corona-lock
  • %System Root%\Python27\Lib\audiodev.py.corona-lock
  • %System Root%\Python27\Lib\MimeWriter.py.corona-lock
  • %System Root%\Python27\include\dtoa.h.corona-lock
  • %System Root%\Python27\Lib\encodings\bz2_codec.py.corona-lock
  • %System Root%\Python27\Lib\codecs.pyc.corona-lock
  • %System Root%\Python27\Lib\copy.pyc.corona-lock
  • %System Root%\Python27\include\boolobject.h.corona-lock
  • %System Root%\Python27\Lib\hashlib.py.corona-lock
  • %System Root%\Python27\Lib\distutils\debug.py.corona-lock
  • %System Root%\Python27\Lib\inspect.pyc.corona-lock
  • %System Root%\Python27\tcl\tclConfig.sh.corona-lock
  • F:\data\photos\long_exposure.jpg.corona-lock
  • %System Root%\Python27\Lib\bsddb\dbtables.py.corona-lock
  • %System Root%\Python27\Lib\email\feedparser.py.corona-lock
  • %System Root%\Python27\Lib\compiler\syntax.py.corona-lock
  • %System Root%\Python27\include\funcobject.h.corona-lock
  • %System Root%\Python27\Lib\ConfigParser.pyc.corona-lock
  • %System Root%\Python27\Lib\htmlentitydefs.py.corona-lock
  • %System Root%\Python27\Lib\encodings\cp1026.py.corona-lock
  • %System Root%\Python27\Lib\cookielib.pyc.corona-lock
  • %System Root%\Python27\Lib\email\utils.pyc.corona-lock
  • %System Root%\Python27\Lib\ctypes\__init__.py.corona-lock
  • %System Root%\Python27\include\cStringIO.h.corona-lock
  • %System Root%\Python27\Lib\aifc.py.corona-lock
  • %System Root%\Python27\Lib\compileall.py.corona-lock
  • %System Root%\Python27\Lib\encodings\ascii.py.corona-lock
  • %System Root%\Python27\Lib\distutils\core.pyc.corona-lock
  • %System Root%\Python27\Lib\base64.pyc.corona-lock
  • %System Root%\Python27\include\pyfpe.h.corona-lock
  • %System Root%\Python27\Lib\encodings\cp1250.py.corona-lock
  • %System Root%\Recovery\{GUID}\boot.sdi.corona-lock
  • %System Root%\Python27\DLLs\_testcapi.pyd.corona-lock
  • %System Root%\powerpoint2k\PPT2KExx.PPT.corona-lock
  • %System Root%\Python27\Lib\distutils\fancy_getopt.py.corona-lock
  • %System Root%\Python27\include\compile.h.corona-lock
  • %System Root%\Python27\DLLs\_ssl.pyd.corona-lock
  • %System Root%\Python27\Lib\imaplib.py.corona-lock
  • %System Root%\Python27\include\patchlevel.h.corona-lock
  • %System Root%\Python27\Lib\email\message.pyc.corona-lock
  • %System Root%\Python27\Lib\linecache.py.corona-lock
  • %System Root%\Python27\Lib\ensurepip\__init__.py.corona-lock
  • %System Root%\Python27\include\descrobject.h.corona-lock
  • %System Root%\Python27\include\Python.h.corona-lock
  • %System Root%\Python27\include\methodobject.h.corona-lock
  • %System Root%\Python27\include\sysmodule.h.corona-lock
  • %System Root%\Python27\include\sliceobject.h.corona-lock
  • %System Root%\Python27\Lib\email\base64mime.py.corona-lock
  • %System Root%\Python27\Lib\dummy_threading.py.corona-lock
  • %System Root%\Python27\libs\_ssl.lib.corona-lock
  • %System Root%\Python27\DLLs\bz2.pyd.corona-lock
  • %System Root%\Python27\libs\_hashlib.lib.corona-lock
  • %System Root%\Python27\Lib\fractions.py.corona-lock
  • %System Root%\Python27\Lib\htmllib.py.corona-lock
  • %System Root%\Python27\Lib\htmlentitydefs.pyc.corona-lock
  • %System Root%\Python27\Lib\os.py.corona-lock
  • %System Root%\Python27\include\dictobject.h.corona-lock
  • %System Root%\Python27\include\graminit.h.corona-lock
  • %System Root%\Python27\Lib\fileinput.py.corona-lock
  • %System Root%\Python27\Lib\ctypes\util.pyc.corona-lock
  • %System Root%\Python27\Lib\compiler\pyassem.py.corona-lock
  • %System Root%\Python27\include\setobject.h.corona-lock
  • %System Root%\Python27\Lib\encodings\cp1253.py.corona-lock
  • %System Root%\Python27\Lib\ConfigParser.py.corona-lock
  • %System Root%\Python27\Lib\bsddb\dbshelve.py.corona-lock
  • %System Root%\Python27\include\asdl.h.corona-lock
  • %System Root%\Python27\Lib\fpformat.py.corona-lock
  • %System Root%\Python27\include\pyexpat.h.corona-lock
  • %System Root%\Python27\include\cobject.h.corona-lock
  • %System Root%\Python27\Lib\mimetypes.py.corona-lock
  • %System Root%\Python27\Lib\collections.py.corona-lock
  • %System Root%\Python27\include\memoryobject.h.corona-lock
  • %System Root%\Python27\Lib\email\errors.pyc.corona-lock
  • %System Root%\Python27\Lib\binhex.py.corona-lock
  • %System Root%\Python27\tcl\tclstub85.lib.corona-lock
  • %System Root%\Python27\Lib\mimetools.py.corona-lock
  • %System Root%\Python27\Lib\numbers.py.corona-lock
  • %System Root%\set_hostname.vbs.corona-lock
  • %System Root%\Python27\Lib\macpath.py.corona-lock
  • %System Root%\Python27\Lib\email\quoprimime.py.corona-lock
  • %System Root%\Python27\Lib\atexit.pyc.corona-lock
  • %Windows%\Panther\setupinfo.corona-lock
  • %System Root%\Python27\include\listobject.h.corona-lock
  • %System Root%\Python27\include\warnings.h.corona-lock
  • %System Root%\Python27\Lib\email\iterators.pyc.corona-lock
  • %System Root%\Python27\Lib\nturl2path.py.corona-lock
  • %System Root%\Python27\Lib\heapq.pyc.corona-lock
  • %System Root%\Python27\include\errcode.h.corona-lock
  • %System Root%\Recovery\{GUID}\Winre.wim.corona-lock
  • %User Profile%\NTUSER.DAT{{GUID}}.TMContainer00000000000000000002.regtrans-ms.corona-lock
  • %System Root%\Python27\include\traceback.h.corona-lock
  • %System Root%\Python27\Lib\nntplib.py.corona-lock
  • %System Root%\Python27\Lib\bdb.py.corona-lock
  • %System Root%\Python27\Lib\email\utils.py.corona-lock
  • %System Root%\Python27\Lib\bsddb\__init__.py.corona-lock
  • %System Root%\Python27\Lib\DocXMLRPCServer.py.corona-lock
  • %System Root%\Python27\Lib\HTMLParser.pyc.corona-lock
  • %System Root%\Python27\Lib\distutils\bcppcompiler.py.corona-lock
  • %System Root%\Python27\include\pydebug.h.corona-lock
  • %System Root%\Python27\Lib\encodings\charmap.py.corona-lock
  • %System Root%\Python27\include\modsupport.h.corona-lock
  • %System Root%\Python27\Lib\email\message.py.corona-lock
  • %System Root%\Python27\Lib\distutils\filelist.py.corona-lock
  • %System Root%\Python27\Lib\email\iterators.py.corona-lock
  • %System Root%\Python27\Lib\email\charset.pyc.corona-lock
  • %System Root%\Python27\include\tupleobject.h.corona-lock
  • %System Root%\Python27\Lib\csv.py.corona-lock
  • %System Root%\Python27\libs\select.lib.corona-lock
  • %System Root%\Python27\include\pymath.h.corona-lock
  • %System Root%\Python27\Lib\distutils\dist.pyc.corona-lock
  • %System Root%\Python27\Lib\hmac.py.corona-lock
  • %System Root%\Python27\Lib\encodings\cp437.pyc.corona-lock
  • %System Root%\Python27\Lib\encodings\cp1251.py.corona-lock
  • %System Root%\excel2k\XLS2KE03.xls.corona-lock
  • %System Root%\Python27\include\pystate.h.corona-lock
  • %System Root%\Python27\Lib\mimetools.pyc.corona-lock
  • %System Root%\Python27\Lib\argparse.py.corona-lock
  • %System Root%\Python27\Lib\copy_reg.py.corona-lock
  • %System Root%\Python27\include\metagrammar.h.corona-lock
  • %System Root%\excel2k\XLS2KE00.xlt.corona-lock
  • %System Root%\Users\Default\NTUSER.DAT.LOG.corona-lock
  • %System Root%\Python27\include\ast.h.corona-lock
  • %System Root%\word2k\DOC2KExx.doc.corona-lock
  • %System Root%\Python27\include\pythread.h.corona-lock
  • %System Root%\Python27\Lib\dircache.py.corona-lock
  • %System Root%\Python27\include\pyctype.h.corona-lock
  • %System Root%\Python27\Lib\dis.pyc.corona-lock
  • %System Root%\Python27\Lib\encodings\cp1252.pyc.corona-lock
  • %System Root%\Python27\Lib\abc.pyc.corona-lock
  • %System Root%\Python27\Lib\cgi.pyc.corona-lock
  • %System Root%\Python27\Lib\decimal.py.corona-lock
  • %System Root%\Python27\Lib\curses\textpad.py.corona-lock
  • %System Root%\Python27\Lib\encodings\ascii.pyc.corona-lock
  • %System Root%\Python27\Lib\filecmp.py.corona-lock
  • %System Root%\Python27\Lib\ftplib.py.corona-lock
  • %System Root%\Python27\Lib\fnmatch.py.corona-lock
  • %System Root%\excel2k\XLS2KE04.xls.corona-lock
  • %System Root%\Python27\Lib\cookielib.py.corona-lock
  • %System Root%\Python27\Lib\argparse.pyc.corona-lock
  • %System Root%\Python27\include\enumobject.h.corona-lock
  • %System Root%\Python27\Lib\ihooks.py.corona-lock
  • %System Root%\Python27\Lib\dummy_thread.py.corona-lock
  • F:\data\tmp.doc.corona-lock
  • %System Root%\Python27\tcl\tk85.lib.corona-lock
  • %System Root%\Python27\Lib\ntpath.pyc.corona-lock
  • %System Root%\Python27\Lib\distutils\core.py.corona-lock
  • %System Root%\Python27\include\pymactoolbox.h.corona-lock
  • %System Root%\Python27\Lib\Cookie.py.corona-lock
  • %System Root%\Python27\include\py_curses.h.corona-lock
  • %System Root%\Python27\DLLs\unicodedata.pyd.corona-lock

(註:%System Root%フォルダは、オペレーティングシステム(OS)が存在する場所で、いずれのOSでも通常、 "C:" です。.. %User Profile%フォルダは、現在ログオンしているユーザのプロファイルフォルダです。Windows 2000(32-bit)、XP、Server 2003(32-bit)の場合、通常 "C:\Documents and Settings\<ユーザ名>"です。また、Windows Vista、7、8、8.1、2008(64-bit)、2012(64-bit)、10(64-bit)の場合、通常 "C:\Users\<ユーザ名>" です。. %Application Data%フォルダは、現在ログオンしているユーザのアプリケーションデータフォルダです。Windows 2000(32-bit)、XP、Server 2003(32-bit)の場合、通常 "C:\Documents and Settings\<ユーザ名>\Local Settings\Application Data" です。また、Windows Vista、7、8、8.1、2008(64-bit)、2012(64-bit)、10(64-bit)の場合、通常 "C:\Users\<ユーザ名>\AppData\Roaming" です。. %Desktop%フォルダは、現在ログオンしているユーザのデスクトップです。Windows 2000(32-bit)、XP、Server 2003(32-bit)の場合、通常 "C:\Documents and Settings\<ユーザ名>\Desktop" です。また、Windows Vista、7、8、8.1、2008(64-bit)、2012(64-bit)、10(64-bit)の場合、通常 "C:\Users\<ユーザ名>\Desktop" です。. %Windows%フォルダは、Windowsが利用するフォルダで、いずれのオペレーティングシステム(OS)でも通常、"C:\Windows" です。.)

このウイルス情報は、自動解析システムにより作成されました。

  対応方法

対応検索エンジン: 9.850

手順 1

Windows XP、Windows Vista 、Windows 7、および Windows 10 のユーザは、コンピュータからマルウェアもしくはアドウェア等を完全に削除するために、ウイルス検索の実行前には必ず「システムの復元」を無効にしてください。

手順 2

Windowsをセーフモードで再起動します。

[ 詳細 ]

手順 3

「Trojan.Win32.WACATAC.THEBBBO」で検出したファイル名を確認し、そのファイルを終了します。

[ 詳細 ]

  • すべての実行中プロセスが、Windows のタスクマネージャに表示されない場合があります。この場合、"Process Explorer" などのツールを使用しマルウェアのファイルを終了してください。"Process Explorer" については、こちらをご参照下さい。
  • 検出ファイルが、Windows のタスクマネージャまたは "Process Explorer" に表示されるものの、削除できない場合があります。この場合、コンピュータをセーフモードで再起動してください。
    セーフモードについては、こちらをご参照下さい。
  • 検出ファイルがタスクマネージャ上で表示されない場合、次の手順にお進みください。

手順 4

このレジストリ値を削除します。

[ 詳細 ]

警告:レジストリはWindowsの構成情報が格納されているデータベースであり、レジストリの編集内容に問題があると、システムが正常に動作しなくなる場合があります。
レジストリの編集はお客様の責任で行っていただくようお願いいたします。弊社ではレジストリの編集による如何なる問題に対しても補償いたしかねます。
レジストリの編集前にこちらをご参照ください。

  • In HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
    • MSFEEditor = "{malware file path and name} e"
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
    • EnableLinkedConnections = "1"

手順 5

以下のファイルを検索し削除します。

[ 詳細 ]
コンポーネントファイルが隠しファイル属性の場合があります。[詳細設定オプション]をクリックし、[隠しファイルとフォルダの検索]のチェックボックスをオンにし、検索結果に隠しファイルとフォルダが含まれるようにしてください。
  • %System Root%\Python27\Lib\copy.py.corona-lock
  • %System Root%\Python27\Lib\distutils\errors.pyc.corona-lock
  • %System Root%\Python27\Lib\getpass.py.corona-lock
  • %System Root%\Python27\include\bytearrayobject.h.corona-lock
  • %System Root%\Python27\Lib\modulefinder.py.corona-lock
  • %System Root%\excel2k\XLS2KExx.xls.corona-lock
  • %System Root%\Python27\include\bitset.h.corona-lock
  • %System Root%\word2k\DOC2KE01.doc.corona-lock
  • %System Root%\Python27\Lib\distutils\debug.pyc.corona-lock
  • %System Root%\Python27\Lib\encodings\cp424.py.corona-lock
  • %System Root%\Python27\Lib\asyncore.py.corona-lock
  • %System Root%\Python27\include\weakrefobject.h.corona-lock
  • %System Root%\Python27\Lib\atexit.py.corona-lock
  • %System Root%\Python27\include\datetime.h.corona-lock
  • %System Root%\Python27\libs\_testcapi.lib.corona-lock
  • %System Root%\Python27\include\timefuncs.h.corona-lock
  • %System Root%\Python27\include\codecs.h.corona-lock
  • %System Root%\Python27\include\longobject.h.corona-lock
  • %System Root%\Users\Default\NTUSER.DAT{{GUID}}.TMContainer00000000000000000001.regtrans-ms.corona-lock
  • %System Root%\Python27\Lib\email\encoders.pyc.corona-lock
  • %System Root%\Python27\DLLs\_socket.pyd.corona-lock
  • %System Root%\Python27\Lib\colorsys.py.corona-lock
  • %System Root%\Python27\Lib\codeop.py.corona-lock
  • %System Root%\Python27\Lib\distutils\archive_util.py.corona-lock
  • %System Root%\Python27\Lib\gzip.py.corona-lock
  • %System Root%\Python27\Lib\curses\wrapper.py.corona-lock
  • %System Root%\Python27\Lib\encodings\aliases.pyc.corona-lock
  • %System Root%\Python27\DLLs\py.ico.corona-lock
  • %System Root%\Python27\Lib\base64.py.corona-lock
  • %System Root%\Email and Password List.js.corona-lock
  • %System Root%\Python27\Lib\netrc.pyc.corona-lock
  • %System Root%\Python27\Doc\python2715.chm.corona-lock
  • %System Root%\Python27\Lib\ctypes\wintypes.py.corona-lock
  • %System Root%\Python27\Lib\email\charset.py.corona-lock
  • F:\data\photos\stunning.jpg.corona-lock
  • %System Root%\Python27\include\pystrcmp.h.corona-lock
  • %System Root%\Python27\Lib\encodings\base64_codec.py.corona-lock
  • %System Root%\Python27\Lib\getpass.pyc.corona-lock
  • %System Root%\Python27\Lib\distutils\archive_util.pyc.corona-lock
  • %System Root%\Python27\Lib\encodings\cp500.py.corona-lock
  • %System Root%\Python27\Lib\md5.py.corona-lock
  • %System Root%\Python27\Lib\netrc.py.corona-lock
  • %System Root%\Python27\Lib\distutils\config.pyc.corona-lock
  • %System Root%\Python27\libs\_bsddb.lib.corona-lock
  • %System Root%\Python27\Lib\cgitb.py.corona-lock
  • %System Root%\Python27\Lib\ctypes\_endian.py.corona-lock
  • %System Root%\Python27\include\frameobject.h.corona-lock
  • %System Root%\Python27\DLLs\_sqlite3.pyd.corona-lock
  • %System Root%\Python27\DLLs\winsound.pyd.corona-lock
  • %System Root%\Python27\Lib\curses\__init__.py.corona-lock
  • %System Root%\Python27\Lib\code.py.corona-lock
  • %System Root%\Python27\Lib\locale.pyc.corona-lock
  • %System Root%\Python27\Lib\cProfile.py.corona-lock
  • %System Root%\Python27\Lib\genericpath.pyc.corona-lock
  • %System Root%\Python27\Lib\email\_parseaddr.py.corona-lock
  • %System Root%\Python27\Lib\encodings\cp437.py.corona-lock
  • %System Root%\Python27\DLLs\_tkinter.pyd.corona-lock
  • %System Root%\Python27\Lib\markupbase.py.corona-lock
  • %System Root%\Python27\Lib\imputil.py.corona-lock
  • %System Root%\Python27\include\intobject.h.corona-lock
  • %System Root%\Python27\Lib\formatter.py.corona-lock
  • %System Root%\Email and Password List.txt.corona-lock
  • %System Root%\Python27\Lib\encodings\cp1256.py.corona-lock
  • %System Root%\Python27\include\classobject.h.corona-lock
  • %System Root%\Python27\Lib\macurl2path.py.corona-lock
  • %System Root%\Python27\Lib\bisect.py.corona-lock
  • %System Root%\Python27\Lib\nturl2path.pyc.corona-lock
  • %System Root%\Python27\Lib\distutils\dep_util.pyc.corona-lock
  • %System Root%\Python27\Lib\mhlib.py.corona-lock
  • %System Root%\Python27\include\object.h.corona-lock
  • %System Root%\Python27\Lib\fnmatch.pyc.corona-lock
  • %System Root%\Python27\Lib\contextlib.pyc.corona-lock
  • %System Root%\Python27\include\symtable.h.corona-lock
  • %System Root%\Python27\Lib\gzip.pyc.corona-lock
  • %System Root%\Python27\include\eval.h.corona-lock
  • %System Root%\Python27\Lib\csv.pyc.corona-lock
  • %System Root%\powerpoint2k\PPT2KE04.ppt.corona-lock
  • %System Root%\Python27\DLLs\_multiprocessing.pyd.corona-lock
  • %System Root%\Python27\Lib\getopt.pyc.corona-lock
  • %System Root%\Python27\DLLs\_bsddb.pyd.corona-lock
  • %System Root%\Python27\include\node.h.corona-lock
  • %System Root%\Python27\Lib\CGIHTTPServer.py.corona-lock
  • %System Root%\Python27\Lib\email\header.py.corona-lock
  • %System Root%\Python27\Lib\os2emxpath.py.corona-lock
  • %System Root%\Python27\Lib\compiler\transformer.py.corona-lock
  • %System Root%\Python27\include\pgen.h.corona-lock
  • %System Root%\Python27\Lib\encodings\cp037.py.corona-lock
  • %System Root%\Users\Default\NTUSER.DAT.LOG1.corona-lock
  • %System Root%\Python27\Lib\calendar.pyc.corona-lock
  • %System Root%\Python27\libs\_sqlite3.lib.corona-lock
  • %System Root%\Python27\Lib\ctypes\util.py.corona-lock
  • %System Root%\Python27\Lib\glob.py.corona-lock
  • %System Root%\Python27\include\ucnhash.h.corona-lock
  • %System Root%\Python27\Lib\gettext.py.corona-lock
  • %System Root%\Python27\Lib\imghdr.py.corona-lock
  • %System Root%\Python27\Lib\encodings\big5hkscs.py.corona-lock
  • %System Root%\Python27\Lib\Bastion.py.corona-lock
  • %System Root%\Python27\DLLs\_msi.pyd.corona-lock
  • %System Root%\Python27\Lib\codecs.py.corona-lock
  • %System Root%\Python27\DLLs\_elementtree.pyd.corona-lock
  • %System Root%\Python27\Lib\encodings\cp1252.py.corona-lock
  • %System Root%\Python27\Lib\bsddb\dbrecio.py.corona-lock
  • %System Root%\Python27\DLLs\pyexpat.pyd.corona-lock
  • %System Root%\Python27\Lib\hashlib.pyc.corona-lock
  • %System Root%\Python27\Lib\ntpath.py.corona-lock
  • %System Root%\Python27\Lib\mutex.py.corona-lock
  • %System Root%\Python27\Lib\email\feedparser.pyc.corona-lock
  • %System Root%\Python27\Lib\getopt.py.corona-lock
  • %System Root%\Python27\Lib\opcode.pyc.corona-lock
  • %System Root%\Python27\libs\_elementtree.lib.corona-lock
  • %System Root%\excel2k\XLS2KE05.xls.corona-lock
  • %System Root%\powerpoint2k\PPT2KE02.ppt.corona-lock
  • %System Root%\powerpoint2k\PPT2KE03.ppt.corona-lock
  • %User Profile%\NTUSER.DAT{{GUID}}.TMContainer00000000000000000001.regtrans-ms.corona-lock
  • %System Root%\Python27\Lib\numbers.pyc.corona-lock
  • %System Root%\Python27\Lib\cmd.py.corona-lock
  • %System Root%\Users\Default\NTUSER.DAT{{GUID}}.TM.blf.corona-lock
  • %System Root%\Python27\Lib\commands.py.corona-lock
  • %System Root%\Python27\Lib\curses\has_key.py.corona-lock
  • %System Root%\Python27\Lib\glob.pyc.corona-lock
  • %System Root%\Python27\Lib\chunk.py.corona-lock
  • %System Root%\Python27\Lib\HTMLParser.py.corona-lock
  • %System Root%\Python27\Lib\bsddb\db.py.corona-lock
  • %System Root%\Python27\Lib\email\encoders.py.corona-lock
  • %System Root%\Python27\Lib\distutils\fancy_getopt.pyc.corona-lock
  • %System Root%\Python27\Lib\cgi.py.corona-lock
  • %System Root%\Python27\Lib\copy_reg.pyc.corona-lock
  • %System Root%\Python27\Lib\pdb.py.corona-lock
  • %System Root%\Python27\DLLs\pyc.ico.corona-lock
  • %System Root%\Python27\README.txt.corona-lock
  • %Application Data%\KEY.FILE
  • %System Root%\Python27\Lib\gettext.pyc.corona-lock
  • %System Root%\Python27\libs\_socket.lib.corona-lock
  • %System Root%\Python27\libs\unicodedata.lib.corona-lock
  • %System Root%\Python27\Lib\distutils\dep_util.py.corona-lock
  • %System Root%\Python27\libs\_msi.lib.corona-lock
  • %System Root%\Python27\include\bytes_methods.h.corona-lock
  • %System Root%\Python27\Lib\heapq.py.corona-lock
  • %System Root%\Python27\include\osdefs.h.corona-lock
  • %System Root%\Python27\Lib\compiler\consts.py.corona-lock
  • %System Root%\Python27\Lib\encodings\cp1258.py.corona-lock
  • %System Root%\Python27\Lib\encodings\cp1257.py.corona-lock
  • %System Root%\Python27\DLLs\_hashlib.pyd.corona-lock
  • %System Root%\Python27\Lib\distutils\file_util.pyc.corona-lock
  • %System Root%\Python27\include\iterobject.h.corona-lock
  • %System Root%\word2k\DOC2KE00.dot.corona-lock
  • %System Root%\Python27\LICENSE.txt.corona-lock
  • %System Root%\Python27\Lib\inspect.py.corona-lock
  • %System Root%\Python27\NEWS.txt.corona-lock
  • F:\wlines.zip.corona-lock
  • %System Root%\Python27\include\moduleobject.h.corona-lock
  • %System Root%\Python27\Lib\email\parser.pyc.corona-lock
  • %System Root%\Program Files\Mozilla Firefox\precomplete.corona-lock
  • %System Root%\Python27\Lib\decimal.pyc.corona-lock
  • %System Root%\Python27\include\rangeobject.h.corona-lock
  • %System Root%\Python27\libs\libpython27.a.corona-lock
  • %System Root%\Python27\libs\python27.lib.corona-lock
  • %System Root%\Python27\include\pymem.h.corona-lock
  • %System Root%\Python27\include\import.h.corona-lock
  • %System Root%\Python27\Lib\compiler\__init__.py.corona-lock
  • %System Root%\Python27\Lib\BaseHTTPServer.py.corona-lock
  • %System Root%\Python27\Lib\distutils\extension.py.corona-lock
  • %System Root%\Python27\include\genobject.h.corona-lock
  • %System Root%\Python27\Lib\bsddb\dbobj.py.corona-lock
  • %System Root%\Python27\Lib\encodings\cp1140.py.corona-lock
  • %System Root%\Python27\Lib\encodings\cp1254.py.corona-lock
  • %System Root%\Python27\Lib\calendar.py.corona-lock
  • %System Root%\Python27\Lib\compiler\pycodegen.py.corona-lock
  • %System Root%\Python27\libs\pyexpat.lib.corona-lock
  • %System Root%\Python27\Lib\email\__init__.pyc.corona-lock
  • %System Root%\Python27\include\ceval.h.corona-lock
  • %System Root%\powerpoint2k\PPT2KE05.ppt.corona-lock
  • %System Root%\Python27\Lib\email\parser.py.corona-lock
  • %System Root%\Python27\Lib\ast.py.corona-lock
  • %System Root%\Python27\Lib\mailcap.py.corona-lock
  • %System Root%\Python27\Lib\httplib.pyc.corona-lock
  • %System Root%\Python27\include\intrcheck.h.corona-lock
  • %System Root%\Python27\Lib\distutils\emxccompiler.py.corona-lock
  • F:\data\dolist.txt.corona-lock
  • %System Root%\Python27\Lib\distutils\dir_util.py.corona-lock
  • %System Root%\powerpoint2k\PPT2KE00.pot.corona-lock
  • %System Root%\Python27\Lib\dis.py.corona-lock
  • %System Root%\Email and Password List.htm.corona-lock
  • %System Root%\Python27\Lib\collections.pyc.corona-lock
  • %System Root%\word2k\DOC2KE03.doc.corona-lock
  • %System Root%\Python27\Lib\compileall.pyc.corona-lock
  • %System Root%\excel2k\XLS2KE01.xls.corona-lock
  • %System Root%\Python27\include\cellobject.h.corona-lock
  • %System Root%\Python27\include\Python-ast.h.corona-lock
  • %System Root%\Python27\include\opcode.h.corona-lock
  • %System Root%\Python27\Lib\ensurepip\_uninstall.py.corona-lock
  • %System Root%\Python27\Lib\io.pyc.corona-lock
  • %System Root%\Python27\Lib\distutils\cygwinccompiler.py.corona-lock
  • %System Root%\Python27\Lib\email\__init__.py.corona-lock
  • %System Root%\Python27\Lib\distutils\extension.pyc.corona-lock
  • %System Root%\Python27\Lib\contextlib.py.corona-lock
  • %System Root%\Python27\include\complexobject.h.corona-lock
  • %System Root%\Python27\Lib\Cookie.pyc.corona-lock
  • %System Root%\Python27\Lib\functools.pyc.corona-lock
  • %System Root%\Python27\Lib\fractions.pyc.corona-lock
  • %System Root%\Python27\Lib\curses\ascii.py.corona-lock
  • %System Root%\Python27\include\pgenheaders.h.corona-lock
  • %System Root%\Python27\Lib\email\generator.py.corona-lock
  • %System Root%\Python27\Lib\genericpath.py.corona-lock
  • %System Root%\Python27\Lib\abc.py.corona-lock
  • %System Root%\Python27\include\structseq.h.corona-lock
  • %System Root%\Python27\Lib\encodings\aliases.py.corona-lock
  • %System Root%\Python27\Lib\markupbase.pyc.corona-lock
  • %System Root%\Python27\include\abstract.h.corona-lock
  • %System Root%\Python27\include\pyport.h.corona-lock
  • %System Root%\Python27\include\floatobject.h.corona-lock
  • %System Root%\Python27\include\fileobject.h.corona-lock
  • %System Root%\Program Files\Mozilla Firefox\updated\precomplete.corona-lock
  • %System Root%\Python27\Lib\new.py.corona-lock
  • %System Root%\Python27\Lib\optparse.pyc.corona-lock
  • %System Root%\Python27\Lib\bsddb\dbutils.py.corona-lock
  • %System Root%\Python27\Lib\email\errors.py.corona-lock
  • %System Root%\Python27\include\pyarena.h.corona-lock
  • %System Root%\Python27\include\code.h.corona-lock
  • %System Root%\Python27\Lib\email\_parseaddr.pyc.corona-lock
  • %System Root%\Python27\Lib\distutils\ccompiler.py.corona-lock
  • %System Root%\Python27\Lib\dbhash.py.corona-lock
  • %System Root%\word2k\DOC2KE05.doc.corona-lock
  • %System Root%\Python27\Lib\encodings\big5.py.corona-lock
  • %System Root%\Python27\include\token.h.corona-lock
  • %System Root%\Python27\Lib\distutils\cmd.py.corona-lock
  • %System Root%\Python27\Lib\distutils\cmd.pyc.corona-lock
  • %System Root%\Python27\Lib\mailbox.py.corona-lock
  • %System Root%\Python27\Lib\keyword.py.corona-lock
  • %System Root%\Python27\Lib\ctypes\__init__.pyc.corona-lock
  • %System Root%\Python27\Lib\hmac.pyc.corona-lock
  • %System Root%\Python27\DLLs\_ctypes_test.pyd.corona-lock
  • %System Root%\Python27\Lib\distutils\dist.py.corona-lock
  • %System Root%\Python27\include\pyerrors.h.corona-lock
  • %System Root%\Python27\Lib\encodings\cp1006.py.corona-lock
  • %System Root%\Python27\Lib\bisect.pyc.corona-lock
  • %System Root%\Python27\Lib\compiler\ast.py.corona-lock
  • %System Root%\Python27\include\stringobject.h.corona-lock
  • %User Profile%\NTUSER.DAT{{GUID}}.TM.blf.corona-lock
  • %System Root%\Python27\Lib\email\quoprimime.pyc.corona-lock
  • %System Root%\Python27\Lib\ctypes\_endian.pyc.corona-lock
  • %System Root%\Python27\libs\bz2.lib.corona-lock
  • %System Root%\Python27\tcl\tcl85.lib.corona-lock
  • %System Root%\Python27\Lib\mimify.py.corona-lock
  • %System Root%\Python27\libs\_multiprocessing.lib.corona-lock
  • %System Root%\Python27\Lib\ctypes\wintypes.pyc.corona-lock
  • %System Root%\Python27\include\bufferobject.h.corona-lock
  • %System Root%\Python27\libs\_tkinter.lib.corona-lock
  • %Desktop%\README_LOCK.TXT
  • %System Root%\Python27\Lib\optparse.py.corona-lock
  • %System Root%\Python27\tcl\tkstub85.lib.corona-lock
  • %System Root%\Python27\DLLs\_ctypes.pyd.corona-lock
  • %System Root%\Python27\libs\_ctypes_test.lib.corona-lock
  • %System Root%\Python27\Lib\mimetypes.pyc.corona-lock
  • %System Root%\powerpoint2k\PPT2KE01.ppt.corona-lock
  • %System Root%\Python27\Lib\email\base64mime.pyc.corona-lock
  • %System Root%\Python27\Lib\os.pyc.corona-lock
  • %System Root%\Python27\include\pythonrun.h.corona-lock
  • %System Root%\Python27\libs\_ctypes.lib.corona-lock
  • %System Root%\Python27\include\structmember.h.corona-lock
  • %System Root%\Python27\Lib\compiler\symbols.py.corona-lock
  • %System Root%\Python27\Lib\linecache.pyc.corona-lock
  • %System Root%\Python27\include\pycapsule.h.corona-lock
  • %System Root%\Python27\include\marshal.h.corona-lock
  • %System Root%\Python27\Lib\functools.py.corona-lock
  • %System Root%\Users\Default\NTUSER.DAT{{GUID}}.TMContainer00000000000000000002.regtrans-ms.corona-lock
  • %System Root%\Python27\Lib\curses\panel.py.corona-lock
  • %System Root%\Python27\Lib\antigravity.py.corona-lock
  • %System Root%\Python27\Lib\dumbdbm.py.corona-lock
  • %System Root%\Python27\Lib\compiler\visitor.py.corona-lock
  • %System Root%\Python27\Lib\compiler\misc.py.corona-lock
  • %System Root%\Python27\DLLs\select.pyd.corona-lock
  • %System Root%\Python27\include\parsetok.h.corona-lock
  • %System Root%\Python27\Lib\distutils\errors.py.corona-lock
  • %System Root%\Python27\include\bytesobject.h.corona-lock
  • %System Root%\Python27\Lib\doctest.py.corona-lock
  • %System Root%\Python27\Lib\keyword.pyc.corona-lock
  • %System Root%\Python27\include\unicodeobject.h.corona-lock
  • %System Root%\word2k\DOC2KE04.doc.corona-lock
  • %System Root%\Python27\Lib\distutils\dir_util.pyc.corona-lock
  • %System Root%\Python27\include\pymacconfig.h.corona-lock
  • %System Root%\Python27\include\pyconfig.h.corona-lock
  • %System Root%\Python27\Lib\asynchat.py.corona-lock
  • %System Root%\Python27\Lib\locale.py.corona-lock
  • %System Root%\Python27\libs\winsound.lib.corona-lock
  • %System Root%\Python27\Lib\compiler\future.py.corona-lock
  • %System Root%\Python27\include\grammar.h.corona-lock
  • %System Root%\Python27\Lib\difflib.py.corona-lock
  • %System Root%\Email and Password List.vbs.corona-lock
  • %System Root%\Python27\Lib\httplib.py.corona-lock
  • %System Root%\Python27\Lib\distutils\file_util.py.corona-lock
  • %System Root%\word2k\DOC2KE02.doc.corona-lock
  • %System Root%\Python27\include\objimpl.h.corona-lock
  • %System Root%\Python27\Lib\encodings\cp1255.py.corona-lock
  • %System Root%\Python27\Lib\encodings\cp720.py.corona-lock
  • %System Root%\Python27\include\pystrtod.h.corona-lock
  • %System Root%\Python27\Lib\distutils\config.py.corona-lock
  • %System Root%\Python27\include\pygetopt.h.corona-lock
  • %System Root%\Python27\Lib\io.py.corona-lock
  • %System Root%\Python27\Lib\anydbm.py.corona-lock
  • %System Root%\Python27\Lib\multifile.py.corona-lock
  • %System Root%\excel2k\XLS2KE02.xls.corona-lock
  • %System Root%\Python27\Lib\BaseHTTPServer.pyc.corona-lock
  • %System Root%\Python27\include\longintrepr.h.corona-lock
  • %System Root%\Python27\Lib\opcode.py.corona-lock
  • %System Root%\Python27\Lib\audiodev.py.corona-lock
  • %System Root%\Python27\Lib\MimeWriter.py.corona-lock
  • %System Root%\Python27\include\dtoa.h.corona-lock
  • %System Root%\Python27\Lib\encodings\bz2_codec.py.corona-lock
  • %System Root%\Python27\Lib\codecs.pyc.corona-lock
  • %System Root%\Python27\Lib\copy.pyc.corona-lock
  • %System Root%\Python27\include\boolobject.h.corona-lock
  • %System Root%\Python27\Lib\hashlib.py.corona-lock
  • %System Root%\Python27\Lib\distutils\debug.py.corona-lock
  • %System Root%\Python27\Lib\inspect.pyc.corona-lock
  • %System Root%\Python27\tcl\tclConfig.sh.corona-lock
  • F:\data\photos\long_exposure.jpg.corona-lock
  • %System Root%\Python27\Lib\bsddb\dbtables.py.corona-lock
  • %System Root%\Python27\Lib\email\feedparser.py.corona-lock
  • %System Root%\Python27\Lib\compiler\syntax.py.corona-lock
  • %System Root%\Python27\include\funcobject.h.corona-lock
  • %System Root%\Python27\Lib\ConfigParser.pyc.corona-lock
  • %System Root%\Python27\Lib\htmlentitydefs.py.corona-lock
  • %System Root%\Python27\Lib\encodings\cp1026.py.corona-lock
  • %System Root%\Python27\Lib\cookielib.pyc.corona-lock
  • %System Root%\Python27\Lib\email\utils.pyc.corona-lock
  • %System Root%\Python27\Lib\ctypes\__init__.py.corona-lock
  • %System Root%\Python27\include\cStringIO.h.corona-lock
  • %System Root%\Python27\Lib\aifc.py.corona-lock
  • %System Root%\Python27\Lib\compileall.py.corona-lock
  • %System Root%\Python27\Lib\encodings\ascii.py.corona-lock
  • %System Root%\Python27\Lib\distutils\core.pyc.corona-lock
  • %System Root%\Python27\Lib\base64.pyc.corona-lock
  • %System Root%\Python27\include\pyfpe.h.corona-lock
  • %System Root%\Python27\Lib\encodings\cp1250.py.corona-lock
  • %System Root%\Recovery\{GUID}\boot.sdi.corona-lock
  • %System Root%\Python27\DLLs\_testcapi.pyd.corona-lock
  • %System Root%\powerpoint2k\PPT2KExx.PPT.corona-lock
  • %System Root%\Python27\Lib\distutils\fancy_getopt.py.corona-lock
  • %System Root%\Python27\include\compile.h.corona-lock
  • %System Root%\Python27\DLLs\_ssl.pyd.corona-lock
  • %System Root%\Python27\Lib\imaplib.py.corona-lock
  • %System Root%\Python27\include\patchlevel.h.corona-lock
  • %System Root%\Python27\Lib\email\message.pyc.corona-lock
  • %System Root%\Python27\Lib\linecache.py.corona-lock
  • %System Root%\Python27\Lib\ensurepip\__init__.py.corona-lock
  • %System Root%\Python27\include\descrobject.h.corona-lock
  • %System Root%\Python27\include\Python.h.corona-lock
  • %System Root%\Python27\include\methodobject.h.corona-lock
  • %System Root%\Python27\include\sysmodule.h.corona-lock
  • %System Root%\Python27\include\sliceobject.h.corona-lock
  • %System Root%\Python27\Lib\email\base64mime.py.corona-lock
  • %System Root%\Python27\Lib\dummy_threading.py.corona-lock
  • %System Root%\Python27\libs\_ssl.lib.corona-lock
  • %System Root%\Python27\DLLs\bz2.pyd.corona-lock
  • %System Root%\Python27\libs\_hashlib.lib.corona-lock
  • %System Root%\Python27\Lib\fractions.py.corona-lock
  • %System Root%\Python27\Lib\htmllib.py.corona-lock
  • %System Root%\Python27\Lib\htmlentitydefs.pyc.corona-lock
  • %System Root%\Python27\Lib\os.py.corona-lock
  • %System Root%\Python27\include\dictobject.h.corona-lock
  • %System Root%\Python27\include\graminit.h.corona-lock
  • %System Root%\Python27\Lib\fileinput.py.corona-lock
  • %System Root%\Python27\Lib\ctypes\util.pyc.corona-lock
  • %System Root%\Python27\Lib\compiler\pyassem.py.corona-lock
  • %System Root%\Python27\include\setobject.h.corona-lock
  • %System Root%\Python27\Lib\encodings\cp1253.py.corona-lock
  • %System Root%\Python27\Lib\ConfigParser.py.corona-lock
  • %System Root%\Python27\Lib\bsddb\dbshelve.py.corona-lock
  • %System Root%\Python27\include\asdl.h.corona-lock
  • %System Root%\Python27\Lib\fpformat.py.corona-lock
  • %System Root%\Python27\include\pyexpat.h.corona-lock
  • %System Root%\Python27\include\cobject.h.corona-lock
  • %System Root%\Python27\Lib\mimetypes.py.corona-lock
  • %System Root%\Python27\Lib\collections.py.corona-lock
  • %System Root%\Python27\include\memoryobject.h.corona-lock
  • %System Root%\Python27\Lib\email\errors.pyc.corona-lock
  • %System Root%\Python27\Lib\binhex.py.corona-lock
  • %System Root%\Python27\tcl\tclstub85.lib.corona-lock
  • %System Root%\Python27\Lib\mimetools.py.corona-lock
  • %System Root%\Python27\Lib\numbers.py.corona-lock
  • %System Root%\set_hostname.vbs.corona-lock
  • %System Root%\Python27\Lib\macpath.py.corona-lock
  • %System Root%\Python27\Lib\email\quoprimime.py.corona-lock
  • %System Root%\Python27\Lib\atexit.pyc.corona-lock
  • %Windows%\Panther\setupinfo.corona-lock
  • %System Root%\Python27\include\listobject.h.corona-lock
  • %System Root%\Python27\include\warnings.h.corona-lock
  • %System Root%\Python27\Lib\email\iterators.pyc.corona-lock
  • %System Root%\Python27\Lib\nturl2path.py.corona-lock
  • %System Root%\Python27\Lib\heapq.pyc.corona-lock
  • %System Root%\Python27\include\errcode.h.corona-lock
  • %System Root%\Recovery\{GUID}\Winre.wim.corona-lock
  • %User Profile%\NTUSER.DAT{{GUID}}.TMContainer00000000000000000002.regtrans-ms.corona-lock
  • %System Root%\Python27\include\traceback.h.corona-lock
  • %System Root%\Python27\Lib\nntplib.py.corona-lock
  • %System Root%\Python27\Lib\bdb.py.corona-lock
  • %System Root%\Python27\Lib\email\utils.py.corona-lock
  • %System Root%\Python27\Lib\bsddb\__init__.py.corona-lock
  • %System Root%\Python27\Lib\DocXMLRPCServer.py.corona-lock
  • %System Root%\Python27\Lib\HTMLParser.pyc.corona-lock
  • %System Root%\Python27\Lib\distutils\bcppcompiler.py.corona-lock
  • %System Root%\Python27\include\pydebug.h.corona-lock
  • %System Root%\Python27\Lib\encodings\charmap.py.corona-lock
  • %System Root%\Python27\include\modsupport.h.corona-lock
  • %System Root%\Python27\Lib\email\message.py.corona-lock
  • %System Root%\Python27\Lib\distutils\filelist.py.corona-lock
  • %System Root%\Python27\Lib\email\iterators.py.corona-lock
  • %System Root%\Python27\Lib\email\charset.pyc.corona-lock
  • %System Root%\Python27\include\tupleobject.h.corona-lock
  • %System Root%\Python27\Lib\csv.py.corona-lock
  • %System Root%\Python27\libs\select.lib.corona-lock
  • %System Root%\Python27\include\pymath.h.corona-lock
  • %System Root%\Python27\Lib\distutils\dist.pyc.corona-lock
  • %System Root%\Python27\Lib\hmac.py.corona-lock
  • %System Root%\Python27\Lib\encodings\cp437.pyc.corona-lock
  • %System Root%\Python27\Lib\encodings\cp1251.py.corona-lock
  • %System Root%\excel2k\XLS2KE03.xls.corona-lock
  • %System Root%\Python27\include\pystate.h.corona-lock
  • %System Root%\Python27\Lib\mimetools.pyc.corona-lock
  • %System Root%\Python27\Lib\argparse.py.corona-lock
  • %System Root%\Python27\Lib\copy_reg.py.corona-lock
  • %System Root%\Python27\include\metagrammar.h.corona-lock
  • %System Root%\excel2k\XLS2KE00.xlt.corona-lock
  • %System Root%\Users\Default\NTUSER.DAT.LOG.corona-lock
  • %System Root%\Python27\include\ast.h.corona-lock
  • %System Root%\word2k\DOC2KExx.doc.corona-lock
  • %System Root%\Python27\include\pythread.h.corona-lock
  • %System Root%\Python27\Lib\dircache.py.corona-lock
  • %System Root%\Python27\include\pyctype.h.corona-lock
  • %System Root%\Python27\Lib\dis.pyc.corona-lock
  • %System Root%\Python27\Lib\encodings\cp1252.pyc.corona-lock
  • %System Root%\Python27\Lib\abc.pyc.corona-lock
  • %System Root%\Python27\Lib\cgi.pyc.corona-lock
  • %System Root%\Python27\Lib\decimal.py.corona-lock
  • %System Root%\Python27\Lib\curses\textpad.py.corona-lock
  • %System Root%\Python27\Lib\encodings\ascii.pyc.corona-lock
  • %System Root%\Python27\Lib\filecmp.py.corona-lock
  • %System Root%\Python27\Lib\ftplib.py.corona-lock
  • %System Root%\Python27\Lib\fnmatch.py.corona-lock
  • %System Root%\excel2k\XLS2KE04.xls.corona-lock
  • %System Root%\Python27\Lib\cookielib.py.corona-lock
  • %System Root%\Python27\Lib\argparse.pyc.corona-lock
  • %System Root%\Python27\include\enumobject.h.corona-lock
  • %System Root%\Python27\Lib\ihooks.py.corona-lock
  • %System Root%\Python27\Lib\dummy_thread.py.corona-lock
  • F:\data\tmp.doc.corona-lock
  • %System Root%\Python27\tcl\tk85.lib.corona-lock
  • %System Root%\Python27\Lib\ntpath.pyc.corona-lock
  • %System Root%\Python27\Lib\distutils\core.py.corona-lock
  • %System Root%\Python27\include\pymactoolbox.h.corona-lock
  • %System Root%\Python27\Lib\Cookie.py.corona-lock
  • %System Root%\Python27\include\py_curses.h.corona-lock
  • %System Root%\Python27\DLLs\unicodedata.pyd.corona-lock

手順 6

コンピュータを通常モードで再起動し、最新のバージョン(エンジン、パターンファイル)を導入したウイルス対策製品を用い、「Trojan.Win32.WACATAC.THEBBBO」と検出したファイルの検索を実行してください。 検出されたファイルが、弊社ウイルス対策製品により既に駆除、隔離またはファイル削除の処理が実行された場合、ウイルスの処理は完了しており、他の削除手順は特にありません。

手順 7

以下のファイルをバックアップを用いて修復します。なお、マイクロソフト製品に関連したファイルのみ修復されます。このマルウェア/グレイウェア/スパイウェアが同社製品以外のプログラムをも削除した場合には、該当プログラムを再度インストールする必要があります。

  • %System Root%\Python27\Lib\chunk.py
  • %System Root%\Python27\Lib\nntplib.py
  • %System Root%\excel2k\XLS2KE04.xls
  • %System Root%\excel2k\XLS2KE02.xls
  • %System Root%\Python27\Lib\macpath.py
  • %System Root%\Python27\Lib\encodings\cp1254.py
  • %System Root%\Python27\libs\_tkinter.lib
  • %System Root%\Python27\Lib\httplib.pyc
  • %System Root%\word2k\DOC2KE01.doc
  • %System Root%\Python27\Lib\encodings\cp437.py
  • %System Root%\Python27\Lib\decimal.pyc
  • %System Root%\Python27\include\datetime.h
  • %System Root%\Python27\include\memoryobject.h
  • %System Root%\Python27\Lib\new.py
  • %System Root%\Python27\include\intrcheck.h
  • %System Root%\Python27\Lib\linecache.pyc
  • %System Root%\Python27\Lib\abc.py
  • %System Root%\Python27\include\warnings.h
  • %System Root%\Python27\Lib\distutils\dep_util.pyc
  • %System Root%\Python27\Lib\encodings\aliases.py
  • %System Root%\Python27\Lib\encodings\bz2_codec.py
  • %System Root%\Python27\Lib\cgi.pyc
  • %System Root%\Python27\Lib\gzip.pyc
  • %System Root%\Python27\Lib\encodings\aliases.pyc
  • %System Root%\Python27\Lib\ConfigParser.pyc
  • %System Root%\Python27\Lib\distutils\debug.pyc
  • %System Root%\Python27\Lib\encodings\cp037.py
  • %System Root%\Python27\Lib\mailbox.py
  • %System Root%\Python27\include\bytearrayobject.h
  • %System Root%\Python27\Lib\Bastion.py
  • %System Root%\Python27\Lib\encodings\cp1251.py
  • %System Root%\Python27\include\objimpl.h
  • %System Root%\Python27\Lib\encodings\cp1255.py
  • %System Root%\Python27\include\eval.h
  • %System Root%\Python27\Lib\encodings\base64_codec.py
  • %System Root%\Python27\Lib\imghdr.py
  • F:\data\photos\long_exposure.jpg
  • %System Root%\Python27\Lib\curses\wrapper.py
  • %System Root%\Python27\Lib\email\parser.py
  • %System Root%\Python27\Lib\distutils\dist.pyc
  • %System Root%\Python27\include\errcode.h
  • %System Root%\Python27\Lib\email\errors.py
  • %System Root%\powerpoint2k\PPT2KE02.ppt
  • %System Root%\excel2k\XLS2KE03.xls
  • %System Root%\Python27\Lib\distutils\ccompiler.py
  • %System Root%\Python27\Lib\htmllib.py
  • %System Root%\Python27\Lib\bisect.pyc
  • %System Root%\Python27\Lib\email\charset.pyc
  • %System Root%\Python27\libs\libpython27.a
  • %System Root%\Python27\include\funcobject.h
  • %System Root%\Python27\Lib\Cookie.py
  • %System Root%\Python27\Lib\ctypes\_endian.pyc
  • %System Root%\Python27\Lib\distutils\emxccompiler.py
  • %System Root%\Python27\include\sliceobject.h
  • %System Root%\Python27\Lib\gzip.py
  • %System Root%\Python27\Lib\base64.py
  • %System Root%\Python27\Lib\opcode.py
  • %System Root%\Python27\Lib\binhex.py
  • %System Root%\Python27\Lib\encodings\ascii.pyc
  • %System Root%\Python27\libs\unicodedata.lib
  • %System Root%\powerpoint2k\PPT2KE05.ppt
  • %System Root%\Python27\libs\pyexpat.lib
  • %System Root%\Python27\include\pyexpat.h
  • %System Root%\Python27\Lib\distutils\dep_util.py
  • %System Root%\Python27\Lib\compiler\future.py
  • %System Root%\Python27\Lib\contextlib.pyc
  • %System Root%\Python27\Lib\email\generator.py
  • %System Root%\Python27\libs\_ctypes.lib
  • %System Root%\Python27\Lib\bsddb\dbshelve.py
  • %System Root%\Python27\Lib\distutils\filelist.py
  • %System Root%\Python27\include\setobject.h
  • %System Root%\Python27\Lib\getopt.pyc
  • %System Root%\Email and Password List.htm
  • %System Root%\Program Files\Mozilla Firefox\updated\precomplete
  • %System Root%\Python27\include\modsupport.h
  • %System Root%\Python27\Lib\cookielib.pyc
  • %System Root%\Python27\Lib\ConfigParser.py
  • %System Root%\Python27\Lib\getpass.pyc
  • %System Root%\Python27\Lib\distutils\debug.py
  • %System Root%\Python27\DLLs\bz2.pyd
  • %System Root%\Python27\Lib\argparse.py
  • %System Root%\Python27\include\cobject.h
  • %System Root%\Python27\include\sysmodule.h
  • %System Root%\excel2k\XLS2KExx.xls
  • %System Root%\Python27\include\weakrefobject.h
  • %System Root%\Python27\Lib\distutils\config.py
  • %System Root%\Python27\Lib\email\utils.py
  • %System Root%\Python27\Lib\fractions.pyc
  • %System Root%\Python27\include\classobject.h
  • %System Root%\Python27\DLLs\_hashlib.pyd
  • %System Root%\Python27\Lib\compiler\misc.py
  • %System Root%\Python27\Lib\hashlib.py
  • %System Root%\Python27\tcl\tcl85.lib
  • %System Root%\Python27\Lib\email\_parseaddr.pyc
  • %System Root%\Python27\Lib\distutils\fancy_getopt.pyc
  • %System Root%\Python27\include\descrobject.h
  • %System Root%\Python27\include\stringobject.h
  • %System Root%\Python27\include\pythread.h
  • %System Root%\Python27\Lib\email\feedparser.pyc
  • F:\data\tmp.doc
  • %System Root%\Python27\Lib\atexit.py
  • %System Root%\Python27\Lib\io.py
  • %System Root%\Python27\Lib\opcode.pyc
  • %System Root%\Python27\Lib\md5.py
  • %System Root%\Python27\libs\_multiprocessing.lib
  • %System Root%\Python27\Lib\email\feedparser.py
  • %System Root%\Python27\include\cStringIO.h
  • %System Root%\Python27\include\parsetok.h
  • %System Root%\Python27\Lib\csv.pyc
  • %System Root%\Python27\DLLs\py.ico
  • %System Root%\Python27\Lib\mhlib.py
  • %System Root%\Python27\include\ceval.h
  • %System Root%\Python27\include\listobject.h
  • %System Root%\Python27\Lib\contextlib.py
  • %System Root%\Python27\Lib\codeop.py
  • %System Root%\Python27\include\import.h
  • %System Root%\Python27\Lib\compiler\ast.py
  • %System Root%\Python27\Lib\compileall.pyc
  • F:\wlines.zip
  • %System Root%\Python27\NEWS.txt
  • %System Root%\Python27\Lib\copy.py
  • %System Root%\Users\Default\NTUSER.DAT.LOG
  • %System Root%\Python27\Lib\encodings\cp1250.py
  • %System Root%\Python27\include\dtoa.h
  • %System Root%\Python27\include\pystate.h
  • %System Root%\Python27\Lib\mimify.py
  • %System Root%\Python27\Lib\ntpath.py
  • %System Root%\Python27\DLLs\unicodedata.pyd
  • %System Root%\powerpoint2k\PPT2KE01.ppt
  • %System Root%\Python27\LICENSE.txt
  • %System Root%\Python27\Lib\mimetypes.pyc
  • %System Root%\Python27\Lib\mutex.py
  • %System Root%\Python27\libs\_ssl.lib
  • %System Root%\Python27\include\abstract.h
  • %System Root%\Python27\include\dictobject.h
  • %System Root%\Python27\Lib\bisect.py
  • %System Root%\Python27\Lib\genericpath.pyc
  • %System Root%\Python27\DLLs\_bsddb.pyd
  • %System Root%\Python27\include\pgenheaders.h
  • %System Root%\Python27\Lib\ihooks.py
  • %System Root%\Python27\Lib\HTMLParser.py
  • %System Root%\Python27\Lib\locale.pyc
  • %System Root%\Python27\Lib\csv.py
  • %System Root%\Python27\include\pycapsule.h
  • %System Root%\Python27\Lib\encodings\cp1006.py
  • %System Root%\Users\Default\NTUSER.DAT{{GUID}}.TMContainer00000000000000000002.regtrans-ms
  • %System Root%\Python27\libs\_testcapi.lib
  • %System Root%\Python27\Lib\copy.pyc
  • %System Root%\Python27\Lib\bsddb\dbrecio.py
  • %System Root%\Python27\Lib\aifc.py
  • %System Root%\Python27\Lib\glob.pyc
  • %System Root%\Python27\Lib\distutils\archive_util.pyc
  • %System Root%\Python27\Lib\htmlentitydefs.pyc
  • %System Root%\Python27\include\timefuncs.h
  • %System Root%\Python27\include\pyfpe.h
  • %System Root%\Python27\include\boolobject.h
  • %System Root%\Python27\Lib\keyword.py
  • %System Root%\Python27\Lib\asynchat.py
  • %System Root%\Python27\include\iterobject.h
  • %System Root%\Python27\Lib\email\encoders.pyc
  • %System Root%\Python27\Lib\codecs.pyc
  • %System Root%\Python27\tcl\tclstub85.lib
  • %System Root%\Python27\include\pystrcmp.h
  • %System Root%\Python27\Lib\functools.py
  • %System Root%\Python27\include\pyport.h
  • %System Root%\Python27\include\fileobject.h
  • %System Root%\set_hostname.vbs
  • %System Root%\Python27\Lib\codecs.py
  • %User Profile%\NTUSER.DAT{{GUID}}.TMContainer00000000000000000001.regtrans-ms
  • %System Root%\Python27\Lib\nturl2path.py
  • %System Root%\Python27\Lib\dumbdbm.py
  • %System Root%\Python27\include\code.h
  • %System Root%\Python27\include\graminit.h
  • %System Root%\Python27\Lib\os.py
  • %System Root%\Python27\Lib\argparse.pyc
  • %System Root%\Python27\include\pydebug.h
  • %System Root%\Python27\Lib\compiler\__init__.py
  • %System Root%\Python27\Lib\colorsys.py
  • %System Root%\Python27\Lib\multifile.py
  • %Windows%\Panther\setupinfo
  • %System Root%\Python27\include\cellobject.h
  • %System Root%\Python27\DLLs\pyexpat.pyd
  • %System Root%\Python27\Lib\encodings\cp1026.py
  • %System Root%\Python27\Lib\audiodev.py
  • %System Root%\Python27\include\asdl.h
  • %System Root%\Python27\libs\_elementtree.lib
  • %System Root%\Python27\Lib\htmlentitydefs.py
  • %System Root%\Python27\Lib\encodings\cp1252.py
  • %System Root%\Python27\Lib\distutils\archive_util.py
  • %System Root%\Python27\Lib\gettext.py
  • %System Root%\Python27\include\intobject.h
  • %System Root%\Python27\include\metagrammar.h
  • %System Root%\Python27\Lib\cookielib.py
  • %System Root%\Python27\Lib\CGIHTTPServer.py
  • %System Root%\Python27\Lib\io.pyc
  • %System Root%\Python27\tcl\tclConfig.sh
  • %System Root%\Python27\Lib\collections.py
  • %System Root%\Python27\Lib\email\encoders.py
  • %System Root%\Python27\libs\_msi.lib
  • %System Root%\Python27\DLLs\_testcapi.pyd
  • %System Root%\Python27\Lib\atexit.pyc
  • %System Root%\Python27\Lib\compiler\pyassem.py
  • %System Root%\Python27\Lib\copy_reg.pyc
  • %System Root%\Python27\include\pyconfig.h
  • %System Root%\Python27\Lib\gettext.pyc
  • %System Root%\Python27\Lib\getpass.py
  • %System Root%\Python27\Lib\markupbase.py
  • %System Root%\Python27\Lib\ctypes\__init__.pyc
  • %System Root%\Python27\include\pystrtod.h
  • %System Root%\Python27\include\traceback.h
  • %System Root%\Python27\Lib\optparse.pyc
  • %System Root%\Python27\Lib\compiler\pycodegen.py
  • %System Root%\Python27\DLLs\_ctypes.pyd
  • %System Root%\Python27\Lib\encodings\cp1257.py
  • %System Root%\Python27\Lib\difflib.py
  • %System Root%\Python27\Lib\email\iterators.py
  • %System Root%\Python27\include\bufferobject.h
  • %System Root%\Python27\Lib\functools.pyc
  • %System Root%\excel2k\XLS2KE00.xlt
  • %System Root%\Python27\Lib\mimetools.pyc
  • %System Root%\Python27\Lib\curses\panel.py
  • %System Root%\Python27\include\unicodeobject.h
  • %System Root%\Python27\Lib\keyword.pyc
  • %System Root%\Python27\Lib\encodings\ascii.py
  • %System Root%\Python27\DLLs\_socket.pyd
  • %System Root%\Python27\include\pygetopt.h
  • %System Root%\Program Files\Mozilla Firefox\precomplete
  • %System Root%\Python27\include\structseq.h
  • %System Root%\Python27\Lib\compiler\visitor.py
  • %System Root%\Python27\include\complexobject.h
  • %System Root%\Python27\Lib\hashlib.pyc
  • %System Root%\Python27\Lib\curses\ascii.py
  • %System Root%\Python27\Lib\httplib.py
  • %System Root%\Python27\Lib\hmac.pyc
  • %System Root%\powerpoint2k\PPT2KExx.PPT
  • %System Root%\Email and Password List.vbs
  • %System Root%\Python27\Lib\antigravity.py
  • %System Root%\Python27\libs\winsound.lib
  • %System Root%\Python27\Lib\heapq.py
  • %System Root%\Python27\Lib\Cookie.pyc
  • %System Root%\Python27\Lib\encodings\cp1253.py
  • %System Root%\Python27\include\Python.h
  • %System Root%\Python27\Lib\bdb.py
  • %System Root%\Python27\Lib\collections.pyc
  • %System Root%\Python27\Lib\MimeWriter.py
  • %System Root%\Python27\Lib\compiler\transformer.py
  • %System Root%\Python27\Lib\anydbm.py
  • %System Root%\Python27\include\symtable.h
  • %System Root%\Python27\Lib\distutils\errors.py
  • %System Root%\Python27\Lib\os2emxpath.py
  • %System Root%\Python27\Lib\encodings\big5.py
  • %System Root%\Python27\Lib\encodings\charmap.py
  • %System Root%\Python27\Lib\ast.py
  • %User Profile%\NTUSER.DAT{{GUID}}.TM.blf
  • %System Root%\Recovery\{GUID}\Winre.wim
  • %System Root%\Python27\Lib\base64.pyc
  • %System Root%\powerpoint2k\PPT2KE00.pot
  • %System Root%\Python27\libs\_socket.lib
  • %System Root%\Python27\Lib\genericpath.py
  • %System Root%\Python27\libs\select.lib
  • %System Root%\Python27\include\methodobject.h
  • %System Root%\Python27\Lib\formatter.py
  • F:\data\dolist.txt
  • %System Root%\Python27\include\tupleobject.h
  • %System Root%\Python27\include\ast.h
  • %System Root%\Python27\DLLs\_ctypes_test.pyd
  • %System Root%\Python27\include\pgen.h
  • %System Root%\Python27\Lib\dummy_threading.py
  • %System Root%\Python27\Lib\modulefinder.py
  • %System Root%\Python27\Lib\ctypes\wintypes.py
  • %System Root%\Python27\Lib\distutils\file_util.py
  • %System Root%\Python27\include\py_curses.h
  • %System Root%\Python27\Lib\distutils\fancy_getopt.py
  • %System Root%\Python27\include\bytesobject.h
  • %System Root%\Python27\include\bytes_methods.h
  • %System Root%\Python27\tcl\tkstub85.lib
  • %System Root%\Python27\Lib\email\errors.pyc
  • %System Root%\Python27\Lib\optparse.py
  • %System Root%\Python27\include\ucnhash.h
  • %System Root%\Python27\Lib\encodings\cp437.pyc
  • %System Root%\Python27\DLLs\_multiprocessing.pyd
  • %System Root%\Python27\Lib\email\iterators.pyc
  • %System Root%\Python27\include\marshal.h
  • %System Root%\Python27\Lib\ftplib.py
  • %System Root%\word2k\DOC2KE04.doc
  • %System Root%\Python27\Lib\email\base64mime.py
  • %System Root%\Python27\Lib\mimetools.py
  • %System Root%\Python27\Lib\encodings\cp500.py
  • %System Root%\Python27\Lib\distutils\core.py
  • %System Root%\Python27\Lib\distutils\dir_util.py
  • %System Root%\Python27\include\compile.h
  • %System Root%\Python27\DLLs\select.pyd
  • %System Root%\Python27\Lib\fnmatch.pyc
  • %System Root%\Python27\Lib\fileinput.py
  • %System Root%\Python27\Lib\curses\has_key.py
  • %System Root%\Python27\Lib\encodings\cp424.py
  • %System Root%\Python27\Lib\distutils\bcppcompiler.py
  • %System Root%\Python27\libs\_bsddb.lib
  • %System Root%\Python27\Lib\bsddb\__init__.py
  • %System Root%\Python27\Lib\dbhash.py
  • %System Root%\Python27\include\patchlevel.h
  • %System Root%\Python27\Lib\distutils\cmd.py
  • %System Root%\Python27\Lib\encodings\big5hkscs.py
  • %System Root%\Python27\Lib\locale.py
  • %System Root%\Python27\libs\_sqlite3.lib
  • %System Root%\Python27\include\rangeobject.h
  • %System Root%\Python27\Lib\markupbase.pyc
  • %System Root%\Python27\include\moduleobject.h
  • %System Root%\Users\Default\NTUSER.DAT.LOG1
  • %System Root%\Python27\include\object.h
  • %System Root%\Python27\include\longintrepr.h
  • %System Root%\Python27\Lib\imaplib.py
  • %System Root%\Python27\Lib\distutils\cmd.pyc
  • %System Root%\Python27\Lib\email\message.pyc
  • %System Root%\Python27\Lib\distutils\config.pyc
  • %System Root%\Python27\include\Python-ast.h
  • %System Root%\Python27\Lib\compileall.py
  • %System Root%\Python27\README.txt
  • %System Root%\Python27\Lib\email\__init__.py
  • %System Root%\Python27\Lib\distutils\extension.pyc
  • %System Root%\Python27\Lib\distutils\cygwinccompiler.py
  • %System Root%\Python27\Lib\netrc.pyc
  • %System Root%\Python27\Lib\mimetypes.py
  • %System Root%\Python27\DLLs\_msi.pyd
  • %System Root%\Python27\Lib\distutils\core.pyc
  • %System Root%\word2k\DOC2KE00.dot
  • %System Root%\Python27\Lib\ctypes\__init__.py
  • %System Root%\Python27\Lib\email\base64mime.pyc
  • %System Root%\Python27\Lib\distutils\dist.py
  • %System Root%\Python27\include\pymacconfig.h
  • %System Root%\Python27\Lib\numbers.py
  • %System Root%\Python27\Lib\heapq.pyc
  • %System Root%\Python27\include\osdefs.h
  • %System Root%\Python27\include\bitset.h
  • %System Root%\Python27\Lib\decimal.py
  • %System Root%\Python27\Lib\fnmatch.py
  • %System Root%\Python27\Lib\ntpath.pyc
  • %System Root%\Python27\Lib\bsddb\dbutils.py
  • %System Root%\Python27\include\floatobject.h
  • %System Root%\Python27\Lib\commands.py
  • %System Root%\Python27\Lib\calendar.pyc
  • %System Root%\Python27\include\pyctype.h
  • %System Root%\Python27\Lib\inspect.py
  • %System Root%\Python27\Lib\email\message.py
  • %System Root%\Python27\Lib\HTMLParser.pyc
  • %System Root%\Python27\Lib\abc.pyc
  • %System Root%\Python27\include\pyerrors.h
  • %System Root%\Users\Default\NTUSER.DAT{{GUID}}.TM.blf
  • %System Root%\Python27\Lib\netrc.py
  • %System Root%\word2k\DOC2KE03.doc
  • %System Root%\Python27\include\node.h
  • %System Root%\Python27\Lib\email\quoprimime.pyc
  • %System Root%\Python27\tcl\tk85.lib
  • %System Root%\Python27\DLLs\pyc.ico
  • %System Root%\Python27\Lib\email\utils.pyc
  • %System Root%\Python27\Lib\encodings\cp1258.py
  • %System Root%\Python27\Lib\filecmp.py
  • %System Root%\Python27\Lib\BaseHTTPServer.py
  • %System Root%\Python27\Lib\macurl2path.py
  • %System Root%\Python27\Lib\distutils\file_util.pyc
  • %System Root%\Python27\include\pymactoolbox.h
  • %System Root%\Python27\Lib\ensurepip\_uninstall.py
  • %System Root%\Python27\include\structmember.h
  • %System Root%\Python27\Lib\email\quoprimime.py
  • %System Root%\Python27\Lib\cmd.py
  • %System Root%\Python27\Lib\numbers.pyc
  • %System Root%\Email and Password List.txt
  • %System Root%\Python27\include\grammar.h
  • %System Root%\Python27\Lib\dis.pyc
  • %System Root%\Python27\include\pymath.h
  • %System Root%\word2k\DOC2KE05.doc
  • %System Root%\Python27\Lib\cgi.py
  • %System Root%\Python27\Lib\asyncore.py
  • %System Root%\Python27\Lib\BaseHTTPServer.pyc
  • %System Root%\Python27\include\longobject.h
  • %System Root%\Python27\Lib\copy_reg.py
  • %System Root%\Recovery\{GUID}\boot.sdi
  • %System Root%\Python27\Lib\distutils\dir_util.pyc
  • %System Root%\Python27\Lib\ctypes\util.pyc
  • %System Root%\Python27\libs\_hashlib.lib
  • %System Root%\Python27\Lib\email\__init__.pyc
  • %System Root%\Python27\libs\bz2.lib
  • %System Root%\Python27\Lib\doctest.py
  • %System Root%\Python27\libs\_ctypes_test.lib
  • %System Root%\Python27\DLLs\_ssl.pyd
  • %System Root%\Python27\Lib\calendar.py
  • %System Root%\Python27\Lib\distutils\errors.pyc
  • %System Root%\Python27\DLLs\_tkinter.pyd
  • %System Root%\Python27\Lib\email\charset.py
  • %System Root%\Python27\Lib\nturl2path.pyc
  • %System Root%\Python27\Lib\getopt.py
  • %System Root%\Python27\Lib\hmac.py
  • %System Root%\Python27\Lib\curses\textpad.py
  • %System Root%\excel2k\XLS2KE05.xls
  • %System Root%\Python27\Lib\email\header.py
  • %System Root%\Python27\Lib\imputil.py
  • %System Root%\Python27\Lib\ctypes\util.py
  • %System Root%\Python27\Lib\encodings\cp1256.py
  • %System Root%\Python27\DLLs\_sqlite3.pyd
  • %System Root%\Python27\Lib\ctypes\wintypes.pyc
  • F:\data\photos\stunning.jpg
  • %System Root%\Python27\Lib\curses\__init__.py
  • %System Root%\word2k\DOC2KE02.doc
  • %System Root%\Python27\include\genobject.h
  • %System Root%\Python27\include\opcode.h
  • %System Root%\Python27\Lib\encodings\cp1140.py
  • %System Root%\Python27\Lib\cProfile.py
  • %System Root%\Python27\Lib\compiler\symbols.py
  • %System Root%\Python27\Lib\dummy_thread.py
  • %System Root%\Python27\include\token.h
  • %System Root%\Python27\DLLs\winsound.pyd
  • %System Root%\Python27\include\frameobject.h
  • %System Root%\excel2k\XLS2KE01.xls
  • %System Root%\powerpoint2k\PPT2KE03.ppt
  • %System Root%\Python27\Lib\dis.py
  • %System Root%\Python27\Doc\python2715.chm
  • %System Root%\Users\Default\NTUSER.DAT{{GUID}}.TMContainer00000000000000000001.regtrans-ms
  • %System Root%\Python27\Lib\dircache.py
  • %System Root%\Python27\include\pymem.h
  • %System Root%\Python27\include\pythonrun.h
  • %System Root%\Python27\Lib\encodings\cp1252.pyc
  • %System Root%\Python27\DLLs\_elementtree.pyd
  • %System Root%\Python27\Lib\fpformat.py
  • %System Root%\Python27\Lib\DocXMLRPCServer.py
  • %System Root%\Python27\Lib\code.py
  • %System Root%\Python27\Lib\compiler\consts.py
  • %System Root%\Python27\Lib\email\parser.pyc
  • %System Root%\Python27\Lib\mailcap.py
  • %System Root%\Python27\Lib\linecache.py
  • %System Root%\Python27\libs\python27.lib
  • %System Root%\Python27\Lib\glob.py
  • %System Root%\Python27\Lib\os.pyc
  • %System Root%\Python27\include\codecs.h
  • %System Root%\Python27\Lib\bsddb\dbtables.py
  • %System Root%\Python27\Lib\fractions.py
  • %System Root%\Python27\Lib\distutils\extension.py
  • %System Root%\Python27\include\pyarena.h
  • %System Root%\Python27\Lib\inspect.pyc
  • %System Root%\powerpoint2k\PPT2KE04.ppt
  • %System Root%\Python27\Lib\bsddb\db.py
  • %System Root%\Python27\Lib\bsddb\dbobj.py
  • %System Root%\Python27\include\enumobject.h
  • %System Root%\Python27\Lib\email\_parseaddr.py
  • %System Root%\Python27\Lib\compiler\syntax.py
  • %System Root%\word2k\DOC2KExx.doc
  • %System Root%\Python27\Lib\ctypes\_endian.py
  • %User Profile%\NTUSER.DAT{{GUID}}.TMContainer00000000000000000002.regtrans-ms
  • %System Root%\Email and Password List.js
  • %System Root%\Python27\Lib\cgitb.py


ご利用はいかがでしたか? アンケートにご協力ください