製品情報
導入事例
サービス
サポート
ダウンロード
セキュリティ情報
 
- 最新ウイルス一覧
- ウイルス検索
- 駆除ツール
- Daily DATリリースに関するFAQ
- ウイルス絵とき理解
- ウイルス画像事典
- ウイルス解析依頼
- ウイルス用語集
- ウイルスの危険度格付け
- セキュリティ対策のヒント
パートナー
会社案内
個人のお客様
中堅・中小企業のお客様
企業のお客様
製品アップグレード
評価版
セミナー・イベント
キャンペーン
サポートQ&A
お問い合わせ
Global Sites:
Home → セキュリティ情報 → ウイルス情報:T
ウイルス情報
ウイルス名危険度
Trojan-FDPS
企業ユーザ:
個人ユーザ:
種別トロイの木馬
最小定義ファイル
(最初に検出を確認したバージョン)
7343
対応定義ファイル
(現在必要とされるバージョン)
7353 (現在7565)
対応エンジン5.4.00.1158以降 (現在5600) 
エンジンバージョンの見分け方
別名Microsoft - Trojan:Win32/Ramdo.A Kaspersky - HEUR:Trojan.Win32.Generic Fortinet - W32/Redyms.AF!tr
情報掲載日2014/02/20
発見日(米国日付)2014/02/18
駆除補足ウイルス駆除のヒント
概要ウイルスの特徴感染症状感染方法駆除方法
セキュリティ情報

最新ウイルス一覧へ >>
最新ウイルス
09/17RDN/BackDoor...
09/17DNSChanger.b...
09/17RDN/Generic....
定義ファイル・エンジンの
ダウンロード!
  定義ファイル:7565
 エンジン:5600
 
ウイルス検索
 


概要TOPに戻る

・Trojan-FDPSはアクセス可能なディスクボリュームのルートに自身をコピーするワームです。さらに、ボリュームのルートにAutorun.infファイルを作成し、次にボリュームがマウントされたときに実行されるようにします。

ウイルスの特徴TOPに戻る

・「Trojan-FDPS」は悪質なWebサイトから他のペイロードをダウンロードするトロイの木馬です。攻撃者が感染したコンピュータに侵入し、危険な行為を行えるようにする可能性があります。

・実行時、以下のIPアドレスに接続しようとします。

  • 65[削除]20
  • 65[削除]206
  • 74[削除]177
  • 74[削除]212
  • 74[削除]210
  • 74[削除]211
  • 74[削除]216
  • 74[削除]178
  • 74[削除]55
  • 74[削除]52
  • 239[削除]250

・実行時、以下の場所にファイルをドロップ(作成)します。

  • %Appdata%\Microsoft\Office\Groove12.pip
  • %Appdata%\Adobe\acupx217.dll

・以下はTrojan-FDPSによって作成されるフォルダです。

  • %Appdata%\Microsoft\Office
  • %Appdata%\Adobe

・以下はシステムに追加されるレジストリキーです。

  • HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P
  • HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History
  • HKEY_USERS\.DEFAULT\Software\Adobe
  • HKEY_USERS\.DEFAULT\Software\Adobe\Acrobat Reader
  • HKEY_USERS\.DEFAULT\Software\Adobe\Acrobat Reader\10.0
  • HKEY_USERS\.DEFAULT\Software\Adobe\Acrobat Reader\10.0\IPM
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Internet Explorer\MenuExt
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Multimedia\msacm.imaadpcm
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Multimedia\msacm.msgsm610
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\LanguageResources\EnabledLanguages
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\General
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\Migration
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\Migration\Groove
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\Migration\Office
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\Research
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\Research\Translation
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Access
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Access\Security
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Access\Security\Trusted Locations
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Access\Security\Trusted Locations\Location2
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Excel
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Excel\Security
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Excel\Security\Trusted Locations
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Excel\Security\Trusted Locations\Location0
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Excel\Security\Trusted Locations\Location1
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Excel\Security\Trusted Locations\Location2
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Excel\Security\Trusted Locations\Location3
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Excel\Security\Trusted Locations\Location4
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Excel\Security\Trusted Locations\Location5
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Groove
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\PowerPoint
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\PowerPoint\Security
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\PowerPoint\Security\Trusted Locations
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\PowerPoint\Security\Trusted Locations\Location0
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\PowerPoint\Security\Trusted Locations\Location1
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\PowerPoint\Security\Trusted Locations\Location2
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\PowerPoint\Security\Trusted Locations\Location3
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\AccessDE_Core
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\Access_Core
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\Ace_OdbcCurrentUser
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\Excel_Core
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\Excel_Intl
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\Graph_Core
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\Mso_Core
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\Mso_CoreReg
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\Mso_Intl
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\outexum
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\Outlook_AutoDiscover
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\Outlook_Core
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\Outlook_Intl
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\PowerPoint_Core
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\PowerPoint_Intl
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\Sps_OutlookAddin
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\Word_Core
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\Word_Intl
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\XDocs_XMLEditVerbHandler
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Word
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Word\Options
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Word\Security
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Word\Security\Trusted Locations
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Word\Security\Trusted Locations\Location0
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Word\Security\Trusted Locations\Location1
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Word\Security\Trusted Locations\Location2
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Common\Smart Tag
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Common\Smart Tag\Actions
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Common\Smart Tag\Actions\{06F9A697-9708-422D-A5AF-C559391A850A}
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Common\Smart Tag\Actions\{339361CD-6723-455D-A40B-C95F1F91FF8A}
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Common\Smart Tag\Actions\{49DF3409-46B3-4B0C-B7BF-FEC0F9401EDD}
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Common\Smart Tag\Actions\{GUID}
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Common\Smart Tag\Actions\{C3754D1A-04D3-4085-8CFB-97705B57A98F}
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Common\Smart Tag\Actions\{F114AE61-1331-4238-92C9-BBE330AF25FD}
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Common\Smart Tag\Recognizers
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Common\Smart Tag\Recognizers\{32D85DA2-070B-49A0-9261-E7854457A6D6}
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Common\Smart Tag\Recognizers\{GUID}
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Common\Smart Tag\Recognizers\{GUID}\urn:schemas-microsoft-com:office:smarttags#phone
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Common\Smart Tag\Recognizers\{GUID}\urn:schemas-microsoft-com:office:smarttags#time
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Common\Smart Tag\Recognizers\{87EF1CFE-51CA-4E6B-8C76-E576AA926888}
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Access
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Access\Addins
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Access\Addins\AceCnfViewer.sortie
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Outlook
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Outlook\Addins
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Outlook\Addins\AccessAddin.DC
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Outlook\Addins\ColleagueImport.ColleagueImportAddin
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Outlook\Addins\UmOutlookAddin.FormRegionAddin
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Word
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Word\Addins
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Word\Addins\WordEEFonts.Connect
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dll\OpenWithProgids
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Startup
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Internet Settings\TemplatePolicies
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Internet Settings\TemplatePolicies\High
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Extensions
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\ShellNoRoam\BagMRU\1\0\1\0\0
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\ShellNoRoam\BagMRU\1\0\1\0\0\0
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\ShellNoRoam\BagMRU\1\0\1\0\0\0\0
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\ShellNoRoam\BagMRU\1\0\1\0\0\0\0\0
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\ShellNoRoam\Bags\7
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\ShellNoRoam\Bags\7\Shell
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\ASF Stream Descriptor File
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\ASF Stream Descriptor File\Settings
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Internet Mail and News
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Internet Mail and News\Mail
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\MS Design Tools
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\MS Design Tools\MDTDBD
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\MSDAIPP
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\MSDAIPP\Providers
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\MSDAIPP\Providers\{GUID}
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\MSDAIPP\Providers\{GUID}
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Font Mapping
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Conversation
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Document
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\E-mail Message
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Fax
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Letter
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Meeting
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Meeting Cancellation
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Meeting Request
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Meeting Response
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Microsoft Access
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Microsoft Excel
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Microsoft PowerPoint
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Microsoft Word
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Note
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Phone Call
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Remote Session
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Task
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Task Request
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Task Response
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Web Service Providers
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Web Service Providers\FreeBusy
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Web Service Providers\FreeBusy\office.microsoft.com
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Web Service Providers\WebDrive
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Web Service Providers\WebDrive\www.msnusers.com
  • HKEY_USERS\S-1-5-21-[不定]\Software\Netscape\Netscape Navigator\Suffixes
  • HKEY_USERS\S-1-5-21-[不定]\Software\Adobe
  • HKEY_USERS\S-1-5-21-[不定]\Software\Adobe\Acrobat Reader
  • HKEY_USERS\S-1-5-21-[不定]\Software\Adobe\Acrobat Reader\10.0
  • HKEY_USERS\S-1-5-21-[不定]\Software\Adobe\Acrobat Reader\10.0\IPM
  • HKEY_USERS\S-1-5-21-[不定]\Software\ODBC
  • HKEY_USERS\S-1-5-21-[不定]\Software\ODBC\ODBC.INI
  • HKEY_USERS\S-1-5-21-[不定]\Software\ODBC\ODBC.INI\dBASE Files
  • HKEY_USERS\S-1-5-21-[不定]\Software\ODBC\ODBC.INI\dBASE Files\Engines
  • HKEY_USERS\S-1-5-21-[不定]\Software\ODBC\ODBC.INI\dBASE Files\Engines\Xbase
  • HKEY_USERS\S-1-5-21-[不定]\Software\ODBC\ODBC.INI\Excel Files
  • HKEY_USERS\S-1-5-21-[不定]\Software\ODBC\ODBC.INI\Excel Files\Engines
  • HKEY_USERS\S-1-5-21-[不定]\Software\ODBC\ODBC.INI\Excel Files\Engines\Jet
  • HKEY_USERS\S-1-5-21-[不定]\Software\ODBC\ODBC.INI\MS Access Database
  • HKEY_USERS\S-1-5-21-[不定]\Software\ODBC\ODBC.INI\MS Access Database\Engines
  • HKEY_USERS\S-1-5-21-[不定]\Software\ODBC\ODBC.INI\MS Access Database\Engines\Jet
  • HKEY_USERS\S-1-5-21-[不定]\Software\ODBC\ODBC.INI\ODBC Data Sources
  • HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P
  • HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History
  • HKEY_USERS\S-1-5-18\Software\Adobe
  • HKEY_USERS\S-1-5-18\Software\Adobe\Acrobat Reader
  • HKEY_USERS\S-1-5-18\Software\Adobe\Acrobat Reader\10.0
  • HKEY_USERS\S-1-5-18\Software\Adobe\Acrobat Reader\10.0\IPM

・以下はシステムに追加されるレジストリキー値です。

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Common Favorites: "C:\Documents and Settings\All Users\Favorites"
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109030000000000000000F01FEC\Usage\GrooveFiles: 0x44530001
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109030000000000000000F01FEC\Usage\ProductFiles: 0x44530001
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109AB0090400000000000F01FEC\Usage\GrooveFilesIntl_1033: 0x44530001
  • HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable: 0x00000000
  • HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings: [バイナリデータ]
  • HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings:[バイナリデータ]
  • HKEY_USERS\.DEFAULT\Software\Adobe\Acrobat Reader\10.0\IPM\iTestPropulsion: [バイナリデータ]
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Internet Explorer\Toolbar\ShowDiscussionButton: "Yes"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\: "res://%Program Files%\MICROS~2\Office12\EXCEL.EXE/3000"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\Contexts: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Multimedia\msacm.imaadpcm\MaxRTEncodeSetting: 0x00000006
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Multimedia\msacm.imaadpcm\MaxRTDecodeSetting: 0x00000006
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Multimedia\msacm.msgsm610\MaxRTDecodeSetting: 0x00000004
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Multimedia\msacm.msgsm610\MaxRTEncodeSetting: 0x00000004
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\LanguageResources\UISnapshot: 31 30 33 33 00
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\LanguageResources\UIFallback: 31 30 33 33 00
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\LanguageResources\UILanguage: 0x00000409
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\LanguageResources\HelpLanguage: 0x00000409
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\LanguageResources\InstallLanguage: 0x00000409
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\LanguageResources\PreviousInstallLanguage: 0x00000409
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\LanguageResources\WordChangeInstallLanguage: "No"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\LanguageResources\WordMailChangeInstallLanguage: "No"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\LanguageResources\XLChangeInstallLanguage: "No"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\LanguageResources\PPTChangeInstallLanguage: "No"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\LanguageResources\AccessChangeInstallLanguage: "No"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\LanguageResources\OutlookChangeInstallLanguage: "No"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\LanguageResources\SharePointDesignerChangeInstallLanguage: "No"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\LanguageResources\PublisherChangeInstallLanguage: "No"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\LanguageResources\ProjectChangeInstallLanguage: "No"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\LanguageResources\InfoPathChangeInstallLanguage: "No"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\LanguageResources\OneNoteChangeInstallLanguage: "No"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\LanguageResources\WebDesignerChangeInstallLanguage: "No"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\LanguageResources\LangTuneUp: "OfficeCompleted"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\LanguageResources\ShowDates: "ON"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\LanguageResources\EnabledLanguages\1033: "On"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\General\Xlstart: "XLSTART"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\General\Themes: "Themes"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\General\Templates: "Templates"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\General\Stationery: "Stationery"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\General\Startup: "STARTUP"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\General\Signatures: "Signatures"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\General\RecentFiles: "Recent"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\General\Queries: "Queries"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\General\Proof: "Proof"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\General\MyPictures: "My Pictures"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\General\MyDocuments: "My Documents"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\General\Favorites: "Favorites"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\General\Desktop: "Desktop"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\General\ApplicationData: "Application Data"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\General\AddIns: "AddIns"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\General\Actors: "Actors"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\General\FirstRunTime: 0x01623253
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Common\Research\Translation\CurrentProvider: "0/0/2"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Access\Security\Trusted Locations\Location2\Path: "%Program Files%\Microsoft Office\Office12\ACCWIZ\"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Access\Security\Trusted Locations\Location2\Description: "Access default location: Wizard Databases"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Excel\Security\Trusted Locations\Location5\AllowSubFolders: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Excel\Security\Trusted Locations\Location5\Path: "%Program Files%\Microsoft Office\Office12\Library\"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Excel\Security\Trusted Locations\Location5\Description: "12"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Excel\Security\Trusted Locations\Location4\AllowSubFolders: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Excel\Security\Trusted Locations\Location4\Path: "%Program Files%\Microsoft Office\Office12\STARTUP\"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Excel\Security\Trusted Locations\Location4\Description: "7"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Excel\Security\Trusted Locations\Location3\AllowSubFolders: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Excel\Security\Trusted Locations\Location3\Path: "%Program Files%\Microsoft Office\Templates\"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Excel\Security\Trusted Locations\Location3\Description: "6"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Excel\Security\Trusted Locations\Location2\Path: "%APPDATA%\Microsoft\Templates"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Excel\Security\Trusted Locations\Location2\Description: "5"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Excel\Security\Trusted Locations\Location1\Path: "%APPDATA%\Microsoft\Excel\XLSTART"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Excel\Security\Trusted Locations\Location1\Description: "4"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Excel\Security\Trusted Locations\Location0\AllowSubFolders: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Excel\Security\Trusted Locations\Location0\Path: "%Program Files%\Microsoft Office\Office12\XLSTART\"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Excel\Security\Trusted Locations\Location0\Description: "3"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Groove\MTTF: 0x00000002
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Groove\MTTA: 0x00000002
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\yahoo.com.vn: "%Program Files%\MICROS~2\Office12\OUTLOO~1\YA332C~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\yahoo.co.uk: "%Program Files%\MICROS~2\Office12\OUTLOO~1\YAHOOC~2.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\yahoo.com.tw: "%Program Files%\MICROS~2\Office12\OUTLOO~1\YA5B10~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\yahoo.co.th: "%Program Files%\MICROS~2\Office12\OUTLOO~1\YAE7E0~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\yahoo.com.sg: "%Program Files%\MICROS~2\Office12\OUTLOO~1\YA1710~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\yahoo.se: "%Program Files%\MICROS~2\Office12\OUTLOO~1\YAHOOS~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\yahoo.pl: "%Program Files%\MICROS~2\Office12\OUTLOO~1\YAHOOP~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\yahoo.com.ph: "%Program Files%\MICROS~2\Office12\OUTLOO~1\YAHOOC~3.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\yahoo.co.nz: "%Program Files%\MICROS~2\Office12\OUTLOO~1\YADF2D~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\yahoo.no: "%Program Files%\MICROS~2\Office12\OUTLOO~1\YAHOON~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\yahoo.com.my: "%Program Files%\MICROS~2\Office12\OUTLOO~1\YA6FF7~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\yahoo.com.mx: "%Program Files%\MICROS~2\Office12\OUTLOO~1\YA5FF3~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\yahoo.co.kr: "%Program Files%\MICROS~2\Office12\OUTLOO~1\YAHOOC~4.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\ybb.ne.jp: "%Program Files%\MICROS~2\Office12\OUTLOO~1\YAHOOJ~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\yahoo.it: "%Program Files%\MICROS~2\Office12\OUTLOO~1\YAHOOI~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\yahoo.co.in: "%Program Files%\MICROS~2\Office12\OUTLOO~1\YADFFA~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\yahoo.ie: "%Program Files%\MICROS~2\Office12\OUTLOO~1\YAHOOI~2.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\yahoo.co.id: "%Program Files%\MICROS~2\Office12\OUTLOO~1\YAD7DA~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\yahoo.com.hk: "%Program Files%\MICROS~2\Office12\OUTLOO~1\YA2BEF~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\yahoo.fr: "%Program Files%\MICROS~2\Office12\OUTLOO~1\YAHOOF~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\yahoo.es: "%Program Files%\MICROS~2\Office12\OUTLOO~1\YAHOOE~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\yahoo.dk: "%Program Files%\MICROS~2\Office12\OUTLOO~1\YAHOOH~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\yahoo.de: "%Program Files%\MICROS~2\Office12\OUTLOO~1\YAHOOD~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\yahoo.com.cn: "%Program Files%\MICROS~2\Office12\OUTLOO~1\YA37DB~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\yahoo.co.jp: "%Program Files%\MICROS~2\Office12\OUTLOO~1\YAD705~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\yahoo.ca: "%Program Files%\MICROS~2\Office12\OUTLOO~1\YAHOOC~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\yahoo.com.br: "%Program Files%\MICROS~2\Office12\OUTLOO~1\YA43DB~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\yahoo.com.au: "%Program Files%\MICROS~2\Office12\OUTLOO~1\YA5FC7~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\yahoo.com.ar: "%Program Files%\MICROS~2\Office12\OUTLOO~1\YA4FCB~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\yahoo.com: "%Program Files%\MICROS~2\Office12\OUTLOO~1\YA6788~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\wans.net: "%Program Files%\MICROS~2\Office12\OUTLOO~1\WANSNE~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\talk21.com: "%Program Files%\MICROS~2\Office12\OUTLOO~1\TALK21~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\swbell.net: "%Program Files%\MICROS~2\Office12\OUTLOO~1\SWBELL~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\snet.net: "%Program Files%\MICROS~2\Office12\OUTLOO~1\SNETNE~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\sbcglobal.net: "%Program Files%\MICROS~2\Office12\OUTLOO~1\SBCGLO~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\rogers.com: "%Program Files%\MICROS~2\Office12\OUTLOO~1\ROGERS~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\prodigy.net: "%Program Files%\MICROS~2\Office12\OUTLOO~1\PRODIG~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\pacbell.net: "%Program Files%\MICROS~2\Office12\OUTLOO~1\PACBEL~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\nvbell.net: "%Program Files%\MICROS~2\Office12\OUTLOO~1\NVBELL~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\nl.rogers.com: "%Program Files%\MICROS~2\Office12\OUTLOO~1\NLROGE~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\flash.net: "%Program Files%\MICROS~2\Office12\OUTLOO~1\FLASHN~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\btopenworld.com: "%Program Files%\MICROS~2\Office12\OUTLOO~1\BTOPEN~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\btinternet.com: "%Program Files%\MICROS~2\Office12\OUTLOO~1\BTINTE~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Outlook\AutoDiscover\ameritech.net: "%Program Files%\MICROS~2\Office12\OUTLOO~1\AMERIT~1.XML"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\PowerPoint\Security\Trusted Locations\Location3\AllowSubFolders: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\PowerPoint\Security\Trusted Locations\Location3\Path: "%Program Files%\Microsoft Office\Document Themes 12\"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\PowerPoint\Security\Trusted Locations\Location3\Description: "11"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\PowerPoint\Security\Trusted Locations\Location2\Path: "%APPDATA%\Microsoft\Addins"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\PowerPoint\Security\Trusted Locations\Location2\Description: "10"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\PowerPoint\Security\Trusted Locations\Location1\AllowSubFolders: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\PowerPoint\Security\Trusted Locations\Location1\Path: "%Program Files%\Microsoft Office\Templates\"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\PowerPoint\Security\Trusted Locations\Location1\Description: "9"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\PowerPoint\Security\Trusted Locations\Location0\AllowSubFolders: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\PowerPoint\Security\Trusted Locations\Location0\Path: "%APPDATA%\Microsoft\Templates"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\PowerPoint\Security\Trusted Locations\Location0\Description: "8"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\XDocs_XMLEditVerbHandler\Count: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\Word_Intl\Count: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\Word_Core\Count: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\Sps_OutlookAddin\Count: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\PowerPoint_Intl\Count: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\PowerPoint_Core\Count: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\Outlook_Intl\Count: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\Outlook_Core\Count: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\Outlook_AutoDiscover\Count: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\outexum\Count: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\Mso_Intl\Count: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\Mso_CoreReg\Count: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\Mso_Core\Count: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\Graph_Core\Count: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\Excel_Intl\Count: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\Excel_Core\Count: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\Ace_OdbcCurrentUser\Count: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\Access_Core\Count: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\User Settings\AccessDE_Core\Count: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Word\Security\Trusted Locations\Location2\Path: "%APPDATA%\Microsoft\Word\Startup"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Word\Security\Trusted Locations\Location2\Description: "2"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Word\Security\Trusted Locations\Location1\AllowSubFolders: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Word\Security\Trusted Locations\Location1\Path: "%Program Files%\Microsoft Office\Templates\"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Word\Security\Trusted Locations\Location1\Description: "1"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Word\Security\Trusted Locations\Location0\Path: "%APPDATA%\Microsoft\Templates"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Word\Security\Trusted Locations\Location0\Description: "0"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\12.0\Word\Options\PROGRAMDIR: "%Program Files%\Microsoft Office\Office12\"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Common\Smart Tag\Actions\{F114AE61-1331-4238-92C9-BBE330AF25FD}\OMain: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Common\Smart Tag\Actions\{F114AE61-1331-4238-92C9-BBE330AF25FD}\XLMAIN: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Common\Smart Tag\Actions\{F114AE61-1331-4238-92C9-BBE330AF25FD}\PPFrameClass: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Common\Smart Tag\Actions\{49DF3409-46B3-4B0C-B7BF-FEC0F9401EDD}\OMain: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Common\Smart Tag\Actions\{49DF3409-46B3-4B0C-B7BF-FEC0F9401EDD}\PPFrameClass: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Common\Smart Tag\Actions\{06F9A697-9708-422D-A5AF-C559391A850A}\Internet Explorer_Server: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Common\Smart Tag\Actions\{06F9A697-9708-422D-A5AF-C559391A850A}\OpusApp: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Common\Smart Tag\Actions\{06F9A697-9708-422D-A5AF-C559391A850A}\IEFrame: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Common\Smart Tag\Recognizers\{GUID}\urn:schemas-microsoft-com:office:smarttags#time\OMain: 0x00000002
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Common\Smart Tag\Recognizers\{GUID}\urn:schemas-microsoft-com:office:smarttags#time\XLMAIN: 0x00000002
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Common\Smart Tag\Recognizers\{GUID}\urn:schemas-microsoft-com:office:smarttags#time\PPFrameClass: 0x00000002
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Common\Smart Tag\Recognizers\{GUID}\urn:schemas-microsoft-com:office:smarttags#phone\OMain: 0x00000002
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Common\Smart Tag\Recognizers\{GUID}\urn:schemas-microsoft-com:office:smarttags#phone\XLMAIN: 0x00000002
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Common\Smart Tag\Recognizers\{GUID}\urn:schemas-microsoft-com:office:smarttags#phone\PPFrameClass: 0x00000002
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Common\Smart Tag\Recognizers\{GUID}\OpusApp: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Common\Smart Tag\Recognizers\{GUID}\Status: 0x00000008
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Common\Smart Tag\Recognizers\{32D85DA2-070B-49A0-9261-E7854457A6D6}\XLMAIN: 0x00000002
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Common\Smart Tag\Recognizers\{32D85DA2-070B-49A0-9261-E7854457A6D6}\OpusApp: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Access\Addins\AceCnfViewer.sortie\SatelliteDllName: "acecnf.dll"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Access\Addins\AceCnfViewer.sortie\Description: "This wizard helps you to resolve replication conflicts in Access and SQL Server."
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Access\Addins\AceCnfViewer.sortie\LoadBehavior: 0x00000008
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Access\Addins\AceCnfViewer.sortie\CommandLineSafe: 0x00000000
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Access\Addins\AceCnfViewer.sortie\FriendlyName: "Microsoft Office 2007 Access Database Engine Conflict Resolver"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Outlook\Addins\UmOutlookAddin.FormRegionAddin\Description: "Exchange Unified Messaging support for voice-mail and fax integration."
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Outlook\Addins\UmOutlookAddin.FormRegionAddin\FriendlyName: "Microsoft Exchange Unified Messaging"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Outlook\Addins\UmOutlookAddin.FormRegionAddin\CommandLineSafe: 0x00000000
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Outlook\Addins\UmOutlookAddin.FormRegionAddin\LoadBehavior: 0x00000003
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Outlook\Addins\ColleagueImport.ColleagueImportAddin\Description: "The Add-in allows Microsoft Office SharePoint Server to import colleague suggestions based on your Outlook content"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Outlook\Addins\ColleagueImport.ColleagueImportAddin\FriendlyName: "Microsoft Office SharePoint Server Colleague Import Add-in"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Outlook\Addins\ColleagueImport.ColleagueImportAddin\CommandLineSafe: 0x00000000
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Outlook\Addins\ColleagueImport.ColleagueImportAddin\LoadBehavior: 0x00000003
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Outlook\Addins\AccessAddin.DC\Description: "The Add-in allows Microsoft Access to integrate with and enable automated scenarios around Data Collection and Publishing around user created Access solutions"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Outlook\Addins\AccessAddin.DC\FriendlyName: "Microsoft Access Outlook Add-in for Data Collection and Publishing"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Outlook\Addins\AccessAddin.DC\LoadBehavior: 0x00000002
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Outlook\Addins\AccessAddin.DC\CommandLineSafe: 0x00000000
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Word\Addins\WordEEFonts.Connect\FriendlyName: "Microsoft Word East European Fonts Tool"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Office\Word\Addins\WordEEFonts.Connect\LoadBehavior: 0x00000008
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew\Microsoft Office Access 2007 Database: [バイナリデータ]
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew\Briefcase: [バイナリデータ]
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew\Bitmap Image: [バイナリデータ]
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew\Microsoft Office Word Document: [バイナリデータ]
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew\Microsoft Office PowerPoint Presentation: [バイナリデータ]
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew\Microsoft Office Publisher Document: [バイナリデータ]
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew\WinRAR archive: [バイナリデータ]
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew\Text Document: [バイナリデータ]
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew\Wave Sound: [バイナリデータ]
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew\Microsoft Office Excel Worksheet: [バイナリデータ]
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew\WinRAR ZIP archive: [バイナリデータ]
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew\~reserved~: [バイナリデータ]
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew\Language: 0x00000409
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dll\OpenWithProgids\dllfile:
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Startup\Order: [バイナリデータ]
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU\b: "C:\WINDOWS\system32\config\systemprofile\Application Data\Adobe\1"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU\c: "regsvr32 "C:\Documents and Settings\Administrator\Desktop\acupx217.dll"\1"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU\d: "regsvr32 "C:\Documents and Settings\Administrator\Desktop\acupx217.dll", GetCurrentProcess\1"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU\e: "regsvr32 "C:\Documents and Settings\Administrator\Desktop\acupx217.dll", CreateSemaphoreA\1"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU\f: "regsvr32 "C:\Documents and Settings\Administrator\Desktop\acupx217.dll", GetCurrentDirectoryA\1"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU\g: "regsvr32 "C:\Documents and Settings\Administrator\Desktop\acupx217.dll", ExitProcess\1"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Explorer\TrayNotify\BalloonTip: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_EHACNGU:P:\JVAQBJF\flfgrz3 2\ertfie32.rkr: 01 00 00 00 0B 00 00 00 00 FF 37 F5 EE 2C CF 01
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_EHACNGU:P:\Cebtenz Svyrf\Fnsre Argjbexvat\SvyrNylmre\SvyrNylmre.rkr: 01 00 00 00 06 00 00 00 50 0F A4 29 EE 2C CF 01
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore\Type: 0x00000003
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore\Count: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore\Time: DE 07 02 00 02 00 12 00 15 00 07 00 34 00 A2 01
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Internet Settings\TemplatePolicies\High\1400: 0x00000003
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{42042206-2D85-11D3-8CFF-005004838597} {0000010B-0000-0000-C000-000000000046} 0x401: 01 00 00 00 31 00 38 00 C2 30 E1 7F ED 2C CF 01
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Extensions\mdb: "%Program Files%\MICROS~2\Office12\MSACCESS.EXE"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Extensions\mda: "%Program Files%\MICROS~2\Office12\MSACCESS.EXE"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Extensions\xlsx: "%Program Files%\MICROS~2\Office12\EXCEL.EXE"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Extensions\xls: "%Program Files%\MICROS~2\Office12\EXCEL.EXE"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Extensions\rtf: "%Program Files%\MICROS~2\Office12\WINWORD.EXE ^.rtf"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Extensions\dot: "%Program Files%\MICROS~2\Office12\WINWORD.EXE ^.dot"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Extensions\dotm: "%Program Files%\MICROS~2\Office12\WINWORD.EXE ^.dotm"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Extensions\dotx: "%Program Files%\MICROS~2\Office12\WINWORD.EXE ^.dotx"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Extensions\docm: "%Program Files%\MICROS~2\Office12\WINWORD.EXE ^.docm"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Extensions\docx: "%Program Files%\MICROS~2\Office12\WINWORD.EXE ^.docx"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Windows\CurrentVersion\Extensions\doc: "%Program Files%\MICROS~2\Office12\WINWORD.EXE ^.doc"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\ASF Stream Descriptor File\Settings\Don't Show Boot Dialog: 0x00000000
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Internet Mail and News\Mail\Log Outlook (0/1): 0x00000000
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Internet Mail and News\Mail\Log File (Outlook): "C:\WINDOWS\system32\"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\MS Design Tools\MDTDBD\AutoSaveChangeScript: "0"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\MSDAIPP\Providers\{9FECD571-B9D4-11D1-9C78-0000F875AC61}\: "Microsoft Data Access Internet Publishing Provider WEC"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\MSDAIPP\Providers\{9FECD571-B9D4-11D1-9C78-0000F875AC61}\Priority: 0x01000000
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\MSDAIPP\Providers\{9FECD571-B9D4-11D1-9C78-0000F875AC61}\ThreadSensitive: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\MSDAIPP\Providers\{GUID}\: "Microsoft Data Access Internet Publishing Provider DAV"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\MSDAIPP\Providers\{GUID}\Priority: 0x08800000
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\MSDAIPP\UseWinInetDefaultHandler: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared\OfficeUILanguage: 0x00000409
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Task Response\DescriptionID: 0x00000027
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Task Response\JournalByContact: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Task Response\Large Icon: "[7]"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Task Response\Small Icon: "[7]"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Task Request\DescriptionID: 0x00000026
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Task Request\JournalByContact: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Task Request\Large Icon: "[6]"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Task Request\Small Icon: "[6]"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Task\DescriptionID: 0x00000025
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Task\AutoJournaled: 0x00000000
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Task\JournalByContact: 0x00000000
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Task\Small Icon: "[11]"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Task\Large Icon: "[11]"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Remote Session\DescriptionID: 0x00000024
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Remote Session\JournalByContact: 0x00000000
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Remote Session\AutoJournaled: 0x00000000
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Remote Session\Small Icon: "[21]"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Remote Session\Large Icon: "[21]"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Phone Call\DescriptionID: 0x00000023
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Phone Call\JournalByContact: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Phone Call\AutoJournaled: 0x00000000
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Phone Call\Small Icon: "[10]"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Phone Call\Large Icon: "[10]"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Note\DescriptionID: 0x00000022
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Note\JournalByContact: 0x00000000
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Note\AutoJournaled: 0x00000000
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Note\Small Icon: "[8]"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Note\Large Icon: "[8]"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Microsoft Word\Description: "Microsoft Word"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Microsoft Word\AutoJournaled: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Microsoft Word\Large Icon: "[13]"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Microsoft Word\Small Icon: "[13]"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Microsoft PowerPoint\Description: "Microsoft PowerPoint"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Microsoft PowerPoint\AutoJournaled: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Microsoft PowerPoint\Small Icon: "[15]"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Microsoft PowerPoint\Large Icon: "[15]"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Microsoft Excel\Description: "Microsoft Office Excel"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Microsoft Excel\AutoJournaled: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Microsoft Excel\Large Icon: "[14]"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Microsoft Excel\Small Icon: "[14]"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Microsoft Access\Description: "Microsoft Office Access"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Microsoft Access\AutoJournaled: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Microsoft Access\Small Icon: "[16]"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Microsoft Access\Large Icon: "[16]"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Meeting Response\DescriptionID: 0x00000021
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Meeting Response\JournalByContact: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Meeting Response\Small Icon: "[4]"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Meeting Response\Large Icon: "[4]"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Meeting Request\DescriptionID: 0x00000020
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Meeting Request\JournalByContact: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Meeting Request\Small Icon: "[3]"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Meeting Request\Large Icon: "[3]"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Meeting Cancellation\DescriptionID: 0x0000001F
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Meeting Cancellation\JournalByContact: 0x00000001
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Meeting Cancellation\Large Icon: "[20]"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Meeting Cancellation\Small Icon: "[20]"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Meeting\DescriptionID: 0x0000001E
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Meeting\JournalByContact: 0x00000000
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Meeting\AutoJournaled: 0x00000000
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Meeting\Small Icon: "[19]"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Meeting\Large Icon: "[19]"
  • HKEY_USERS\S-1-5-21-[不定]\Software\Microsoft\Shared Tools\Outlook\Journaling\Letter\DescriptionID: 0x0000001D
  • HKE

以下の症状が見られる場合、このウイルスに感染している可能性があります。TOPへ戻る

・上記の活動が見られます。

感染方法TOPへ戻る

・Trojan-FDPSはリムーバブルドライブに感染して拡散します。また、悪意のあるWebページを訪問することによって(リンクをクリック、またはユーザが何もしなくてもユーザのシステムにワームをインストールするスクリプトをホストしているWebサイトによって)インストールされる場合もあります。

駆除方法TOPへ戻る

■現行のエンジンとウイルス定義ファイルを使用して、検出・駆除して下さい。

システムスタートアップをフックするためのシステムレジストリ、INIファイルの修正は、推奨エンジン/ウイルス定義ファイル以上を使用した場合に正常に駆除されます。

特定のケースでは、回復コンソールでクリーンなMBRに修復する必要があります。

Windows XPの場合

  • CD-ROM ドライブに Windows XP CD-ROM を挿入し、コンピュータを再起動します。
  • 「セットアップの開始」 画面が表示されたら、R キーを押して回復コンソールを起動します。
  • 対象となるWindowsのインストールを選択し、管理者パスワードを入力してください。
  • マスタ ブート レコードを修復するfixmbrコマンドを発行します。
  • 画面上の指示に従ってください。
  • CD-ROM ドライブからCDを取り出しリセットしてください。

Windows Vista および 7 の場合

  • CD-ROM ドライブに Windows CD-ROM を挿入し、コンピュータを再起動します。
  • 「コンピュータを修復する」をクリックします。
  • [システム回復オプション] ダイアログ ボックスで、[コマンド プロンプト] を選択します。
  • マスタ ブート レコードを修復するbootrec /fixmbrコマンドを発行します。
  • 画面上の指示に従ってください。
  • CD-ROM ドライブからCDを取り出しリセットしてください。