Trojan.DownLoader26.54742

Technical Information

To ensure autorun and distribution:

Modifies the following registry keys:

[<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'firefox' = '"%APPDATA%\teinObj\update.exe" about:robots'

Modifies file system:

Creates the following files:

%TEMP%\is-GBCRH.tmp\<File name>.tmp
%APPDATA%\teinObj\res\is-CSMTR.tmp
%APPDATA%\teinObj\res\is-IFT55.tmp
%APPDATA%\teinObj\res\is-I1AHV.tmp
%APPDATA%\teinObj\res\is-RVSR9.tmp
%APPDATA%\teinObj\res\is-NFCO4.tmp
%APPDATA%\teinObj\res\is-O4AFJ.tmp
%APPDATA%\teinObj\res\is-P1E96.tmp
%APPDATA%\teinObj\res\is-95KUA.tmp
%APPDATA%\teinObj\res\is-GL0I6.tmp
%APPDATA%\teinObj\res\is-0NM8S.tmp
%APPDATA%\teinObj\res\is-9DKQG.tmp
%APPDATA%\teinObj\res\is-4EFK0.tmp
%APPDATA%\teinObj\res\is-GR7PO.tmp
%APPDATA%\teinObj\res\is-I8NPI.tmp
%APPDATA%\teinObj\res\is-5K3LN.tmp
%APPDATA%\teinObj\res\is-5MBJ6.tmp
%APPDATA%\teinObj\res\is-GSK0J.tmp
%APPDATA%\teinObj\res\dtd\is-282ES.tmp
%APPDATA%\teinObj\res\dtd\is-RH8EK.tmp
%APPDATA%\teinObj\res\entityTables\is-0F36I.tmp
%APPDATA%\teinObj\res\entityTables\is-3L0SE.tmp
%APPDATA%\teinObj\res\entityTables\is-2CL14.tmp
%APPDATA%\teinObj\res\entityTables\is-H40CS.tmp
%APPDATA%\teinObj\res\entityTables\is-2R2CS.tmp
%APPDATA%\teinObj\res\entityTables\is-67272.tmp
%APPDATA%\teinObj\res\fonts\is-10MD7.tmp
%APPDATA%\teinObj\res\fonts\is-50CS9.tmp
%APPDATA%\teinObj\res\fonts\is-KKSOT.tmp
%APPDATA%\teinObj\res\is-S2315.tmp
%APPDATA%\teinObj\res\is-CPE87.tmp
%APPDATA%\teinObj\res\is-9JHOP.tmp
%APPDATA%\teinObj\res\is-SLVMC.tmp
%APPDATA%\teinObj\res\fonts\is-H907S.tmp
%APPDATA%\teinObj\modules\is-BRTC3.tmp
%APPDATA%\teinObj\modules\is-OS5P3.tmp
%APPDATA%\teinObj\modules\is-CKNLE.tmp
%APPDATA%\teinObj\modules\is-470BD.tmp
%APPDATA%\teinObj\modules\is-T802G.tmp
%APPDATA%\teinObj\modules\is-RQC48.tmp
%APPDATA%\teinObj\modules\is-RFJK8.tmp
%APPDATA%\teinObj\modules\is-27P8G.tmp
%APPDATA%\teinObj\modules\is-MIU2T.tmp
%APPDATA%\teinObj\plugins\is-B39H6.tmp
%APPDATA%\teinObj\plugins\is-T2BBT.tmp
%APPDATA%\teinObj\res\is-VR7HN.tmp
%APPDATA%\teinObj\res\fonts\is-I2HU6.tmp
%APPDATA%\teinObj\modules\is-HHNUN.tmp
%APPDATA%\teinObj\res\is-LL5TO.tmp
%APPDATA%\teinObj\res\is-HJRG0.tmp
%APPDATA%\teinObj\res\is-L0I0H.tmp
%APPDATA%\teinObj\res\is-6S7BB.tmp
%APPDATA%\teinObj\res\is-QD3CM.tmp
%APPDATA%\teinObj\res\is-FLEBI.tmp
%APPDATA%\teinObj\res\is-N36V9.tmp
%APPDATA%\teinObj\res\is-STJ02.tmp
%APPDATA%\teinObj\res\is-GJBRA.tmp
%APPDATA%\teinObj\res\is-BOVNN.tmp
%APPDATA%\teinObj\res\is-VD1AV.tmp
%APPDATA%\teinObj\res\is-JM85I.tmp
%APPDATA%\teinObj\res\is-GVCDO.tmp
%APPDATA%\teinObj\res\is-JVK70.tmp
%APPDATA%\teinObj\res\is-Q5ADK.tmp
%APPDATA%\teinObj\res\is-8QL14.tmp
%APPDATA%\teinObj\res\is-P2HUQ.tmp
%APPDATA%\teinObj\components\is-1QQI7.tmp
%APPDATA%\teinObj\res\fonts\is-HB64J.tmp
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\extensions.rdf
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\prefs-1.js
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\places.sqlite-journal
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\places.sqlite
%TEMP%\tFdfxPr20.dll
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\pluginreg.dat
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\extensions-1.rdf
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\search.sqlite-journal
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\search.sqlite
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\search.json
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\formhistory.sqlite-journal
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\formhistory.sqlite
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\content-prefs.sqlite-journal
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\content-prefs.sqlite
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\extensions-1.ini
%APPDATA%\teinObj\modules\is-CS85V.tmp
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\extensions-1.cache
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\cert8.db
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\key3.db
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\cookies.sqlite-journal
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\cookies.sqlite
<LS_APPDATA>\AMozilla\AFirefox\Profiles\sgxyu303.default\Cache\_CACHE_001_
<LS_APPDATA>\AMozilla\AFirefox\Profiles\sgxyu303.default\Cache\_CACHE_002_
<LS_APPDATA>\AMozilla\AFirefox\Profiles\sgxyu303.default\Cache\_CACHE_003_
<LS_APPDATA>\AMozilla\AFirefox\Profiles\sgxyu303.default\Cache\_CACHE_MAP_
<LS_APPDATA>\AMozilla\AFirefox\Profiles\sgxyu303.default\urlclassifier3.sqlite-journal
<LS_APPDATA>\AMozilla\AFirefox\Profiles\sgxyu303.default\urlclassifier3.sqlite
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\localstore-1.rdf
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\downloads.sqlite-journal
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\downloads.sqlite
%TEMP%\nsq5.tmp\System.dll
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\mimeTypes-1.rdf
%APPDATA%\teinObj\modules\is-EG76N.tmp
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\permissions.sqlite-journal
%TEMP%\nsk3.tmp\InstallOptions.dll
%APPDATA%\teinObj\searchplugins\is-J5GPS.tmp
%APPDATA%\teinObj\searchplugins\is-94RHH.tmp
%APPDATA%\teinObj\searchplugins\is-OURH2.tmp
%APPDATA%\teinObj\searchplugins\is-P4MT0.tmp
%APPDATA%\teinObj\searchplugins\is-TBGVU.tmp
%APPDATA%\teinObj\searchplugins\is-FCHIR.tmp
%APPDATA%\teinObj\uninstall\is-0OJ6M.tmp
%APPDATA%\is-JKSK6.tmp
%TEMP%\is-01FNO.tmp\rog\unins000.dat
%TEMP%\nsp2.tmp
%APPDATA%\AMozilla\AFirefox\Crash Reports\InstallTime20100401080539
%TEMP%\nsk3.tmp\System.dll
%TEMP%\nsk3.tmp\ioSpecial.ini
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\permissions.sqlite
%APPDATA%\teinObj\res\html\is-KK3HC.tmp
%APPDATA%\teinObj\searchplugins\is-4RU3J.tmp
%APPDATA%\teinObj\components\xpti.dat.tmp
%APPDATA%\AMozilla\AFirefox\profiles.ini
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\bookmarks.html
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\chrome\userChrome-example.css
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\chrome\userContent-example.css
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\localstore.rdf
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\mimeTypes.rdf
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\prefs.js
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\compatibility.ini
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\xpti.dat.tmp
<LS_APPDATA>\AMozilla\AFirefox\Profiles\sgxyu303.default\XPC.mfl
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\compreg.dat.tmp
<LS_APPDATA>\AMozilla\AFirefox\Profiles\sgxyu303.default\XUL.mfl
%TEMP%\nsk3.tmp\modern-header.bmp
%TEMP%\nsk3.tmp\modern-wizard.bmp
%APPDATA%\teinObj\modules\is-4DHGR.tmp
%APPDATA%\teinObj\modules\is-TUBAM.tmp
%APPDATA%\teinObj\modules\is-1G5JA.tmp
%APPDATA%\teinObj\chrome\is-05C1T.tmp
%APPDATA%\teinObj\chrome\is-M6NBP.tmp
%APPDATA%\teinObj\chrome\is-S78E9.tmp
%APPDATA%\teinObj\chrome\is-F40H3.tmp
%APPDATA%\teinObj\chrome\is-IKEEE.tmp
%APPDATA%\teinObj\chrome\is-M17DE.tmp
%APPDATA%\teinObj\chrome\is-3QD5K.tmp
%APPDATA%\teinObj\chrome\is-IRUGS.tmp
%APPDATA%\teinObj\chrome\is-RG44A.tmp
%APPDATA%\teinObj\chrome\is-NMIDO.tmp
%APPDATA%\teinObj\chrome\is-OET66.tmp
%APPDATA%\teinObj\chrome\is-VIBEL.tmp
%APPDATA%\teinObj\is-JC7T0.tmp
%APPDATA%\teinObj\is-93OUP.tmp
%APPDATA%\teinObj\chrome\is-E6E9J.tmp
%APPDATA%\teinObj\components\is-UAL08.tmp
%APPDATA%\teinObj\components\is-6N9J1.tmp
%APPDATA%\teinObj\components\is-7AQD9.tmp
%APPDATA%\teinObj\components\is-US4HT.tmp
%APPDATA%\teinObj\components\is-6ADF9.tmp
%APPDATA%\teinObj\components\is-4MH1C.tmp
%APPDATA%\teinObj\components\is-4HTO1.tmp
%APPDATA%\teinObj\components\is-6PBMJ.tmp
%APPDATA%\teinObj\components\is-GC1HK.tmp
%APPDATA%\teinObj\components\is-EN741.tmp
%APPDATA%\teinObj\components\is-674OD.tmp
%APPDATA%\teinObj\components\is-OF9NF.tmp
%APPDATA%\teinObj\components\is-1JUGV.tmp
%APPDATA%\teinObj\components\is-TMNSF.tmp
%APPDATA%\teinObj\components\is-HSDUN.tmp
%APPDATA%\teinObj\components\is-S4AK7.tmp
%TEMP%\G3UZKtYh.part
%APPDATA%\teinObj\components\is-ISQ7P.tmp
%APPDATA%\teinObj\is-P4L46.tmp
%TEMP%\is-01FNO.tmp\rog\is-NIGKQ.tmp
%APPDATA%\teinObj\is-Q114F.tmp
%APPDATA%\teinObj\is-A7VD3.tmp
%APPDATA%\teinObj\is-P4PRF.tmp
%APPDATA%\teinObj\is-J2LJF.tmp
%APPDATA%\teinObj\is-DKTSO.tmp
%APPDATA%\teinObj\is-HQ31G.tmp
%APPDATA%\teinObj\is-P3F8C.tmp
%APPDATA%\teinObj\is-FNGN0.tmp
%APPDATA%\teinObj\is-G9LTG.tmp
%APPDATA%\teinObj\is-FFDG4.tmp
%APPDATA%\teinObj\is-CSV8J.tmp
%APPDATA%\teinObj\is-IOBB6.tmp
%APPDATA%\teinObj\is-8MMOJ.tmp
%APPDATA%\teinObj\is-GAFLV.tmp
%APPDATA%\teinObj\is-D7G1D.tmp
%APPDATA%\teinObj\is-U63VP.tmp
%APPDATA%\teinObj\is-OQSNA.tmp
%APPDATA%\teinObj\is-FSFN7.tmp
%APPDATA%\teinObj\is-1NBA2.tmp
%APPDATA%\teinObj\is-NNC8G.tmp
%APPDATA%\teinObj\is-H0C1T.tmp
%APPDATA%\teinObj\is-O2Q75.tmp
%APPDATA%\teinObj\is-08L0P.tmp
%APPDATA%\teinObj\is-8D6T3.tmp
%APPDATA%\teinObj\is-PD3NU.tmp
%APPDATA%\teinObj\is-SFD0C.tmp
%APPDATA%\teinObj\is-HJ0LR.tmp
%APPDATA%\teinObj\is-SH5PB.tmp
%TEMP%\is-01FNO.tmp\_isetup\_isdecmp.dll
%APPDATA%\teinObj\is-DQ4OT.tmp
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\secmod.db
%APPDATA%\teinObj\components\is-Q0FE5.tmp
%APPDATA%\teinObj\components\is-8QHDC.tmp
%APPDATA%\teinObj\components\is-IR73B.tmp
%APPDATA%\teinObj\components\is-1Q6PK.tmp
%APPDATA%\teinObj\defaults\autoconfig\is-O6MLA.tmp
%APPDATA%\teinObj\defaults\autoconfig\is-3H4SU.tmp
%APPDATA%\teinObj\defaults\pref\is-L6ELC.tmp
%APPDATA%\teinObj\defaults\pref\is-3GKAO.tmp
%APPDATA%\teinObj\defaults\pref\is-T50TS.tmp
%APPDATA%\teinObj\defaults\pref\is-K2P6O.tmp
%APPDATA%\teinObj\defaults\pref\is-EVP1D.tmp
%APPDATA%\teinObj\defaults\profile\is-NG0DU.tmp
%APPDATA%\teinObj\defaults\profile\is-FCMGQ.tmp
%APPDATA%\teinObj\defaults\profile\is-322KG.tmp
%APPDATA%\teinObj\defaults\profile\is-P7RH6.tmp
%APPDATA%\teinObj\components\is-K3MJ9.tmp
%APPDATA%\teinObj\components\is-4R68B.tmp
%APPDATA%\teinObj\components\is-DFM7C.tmp
%APPDATA%\teinObj\dictionaries\is-H9PIH.tmp
%APPDATA%\teinObj\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\is-UM51H.tmp
%APPDATA%\teinObj\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\is-TDN8S.tmp
%APPDATA%\teinObj\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\is-R8MQS.tmp
%APPDATA%\teinObj\greprefs\is-AUIN3.tmp
%APPDATA%\teinObj\greprefs\is-20SFF.tmp
%APPDATA%\teinObj\greprefs\is-U8D1G.tmp
%APPDATA%\teinObj\modules\is-JQ6L0.tmp
%APPDATA%\teinObj\modules\is-THGKN.tmp
%APPDATA%\teinObj\modules\is-G3SAF.tmp
%APPDATA%\teinObj\modules\is-RJVBH.tmp
%APPDATA%\teinObj\modules\is-V61M2.tmp
%APPDATA%\teinObj\modules\is-FLL52.tmp
%APPDATA%\teinObj\defaults\profile\chrome\is-LTDJU.tmp
%APPDATA%\teinObj\dictionaries\is-T5G8V.tmp
%APPDATA%\teinObj\components\is-TLK73.tmp
%APPDATA%\teinObj\defaults\profile\chrome\is-6VS1T.tmp
%APPDATA%\teinObj\chrome\is-7BJ5C.tmp
%APPDATA%\teinObj\components\is-9MOT2.tmp
%APPDATA%\teinObj\components\is-5EHSQ.tmp
%APPDATA%\teinObj\components\is-TJOHN.tmp
%APPDATA%\teinObj\components\is-TJI9H.tmp
%APPDATA%\teinObj\components\is-T6LCS.tmp
%APPDATA%\teinObj\components\is-BUOQP.tmp
%APPDATA%\teinObj\components\is-ENLIK.tmp
%APPDATA%\teinObj\components\is-RG751.tmp
%APPDATA%\teinObj\components\is-6QG9A.tmp
%APPDATA%\teinObj\components\is-MBS7V.tmp
%APPDATA%\teinObj\components\is-I9NFH.tmp
%APPDATA%\teinObj\components\is-MO4SJ.tmp
%APPDATA%\teinObj\components\is-9DA24.tmp
%APPDATA%\teinObj\components\is-VFNE6.tmp
%APPDATA%\teinObj\components\is-N3LTR.tmp
%APPDATA%\teinObj\components\is-0LD5J.tmp
%APPDATA%\teinObj\components\is-FMMB3.tmp
%APPDATA%\teinObj\components\is-VB1UU.tmp
%APPDATA%\teinObj\components\is-3EP8D.tmp
%APPDATA%\teinObj\components\is-D57MV.tmp
%APPDATA%\teinObj\components\is-KFPRV.tmp
%APPDATA%\teinObj\components\is-LCE28.tmp
%APPDATA%\teinObj\components\is-1NQ3S.tmp
%APPDATA%\teinObj\components\is-K81N8.tmp
%APPDATA%\teinObj\components\is-318GF.tmp
%APPDATA%\teinObj\components\is-57M7N.tmp
%APPDATA%\teinObj\components\is-2ITQB.tmp
%APPDATA%\teinObj\components\is-M8QEK.tmp
%APPDATA%\teinObj\components\is-VA38B.tmp
%APPDATA%\teinObj\components\is-V4MJ3.tmp
%APPDATA%\teinObj\components\is-H1H0V.tmp
%TEMP%\smyEBatM.part

Deletes the following files:

%TEMP%\is-01FNO.tmp\rog\unins000.dat
%TEMP%\is-01FNO.tmp\rog\unins000.exe
%TEMP%\is-01FNO.tmp\_isetup\_isdecmp.dll
%APPDATA%\teinObj\components\xpti.dat
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\permissions.sqlite-journal
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\compreg.dat
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\xpti.dat
<LS_APPDATA>\AMozilla\AFirefox\Profiles\sgxyu303.default\XUL.mfl
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\search.sqlite-journal
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\formhistory.sqlite-journal
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\content-prefs.sqlite-journal
%TEMP%\nsq5.tmp\System.dll
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\cookies.sqlite-journal
%TEMP%\is-GBCRH.tmp\<File name>.tmp
<LS_APPDATA>\AMozilla\AFirefox\Profiles\sgxyu303.default\urlclassifier3.sqlite-journal
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\downloads.sqlite-journal

Moves the following files:

from %TEMP%\is-01FNO.tmp\rog\is-NIGKQ.tmp to %TEMP%\is-01FNO.tmp\rog\unins000.exe
from %APPDATA%\teinObj\modules\is-470BD.tmp to %APPDATA%\teinObj\modules\PluralForm.jsm
from %APPDATA%\teinObj\modules\is-T802G.tmp to %APPDATA%\teinObj\modules\SpatialNavigation.js
from %APPDATA%\teinObj\modules\is-RQC48.tmp to %APPDATA%\teinObj\modules\utils.js
from %APPDATA%\teinObj\modules\is-RFJK8.tmp to %APPDATA%\teinObj\modules\WindowDraggingUtils.jsm
from %APPDATA%\teinObj\modules\is-27P8G.tmp to %APPDATA%\teinObj\modules\WindowsPreviewPerTab.jsm
from %APPDATA%\teinObj\modules\is-MIU2T.tmp to %APPDATA%\teinObj\modules\XPCOMUtils.jsm
from %APPDATA%\teinObj\plugins\is-B39H6.tmp to %APPDATA%\teinObj\plugins\npbasic.dll
from %APPDATA%\teinObj\plugins\is-T2BBT.tmp to %APPDATA%\teinObj\plugins\npnul32.dll
from %APPDATA%\teinObj\res\is-VR7HN.tmp to %APPDATA%\teinObj\res\arrow.gif
from %APPDATA%\teinObj\res\is-HJRG0.tmp to %APPDATA%\teinObj\res\arrowd.gif
from %APPDATA%\teinObj\greprefs\is-20SFF.tmp to %APPDATA%\teinObj\greprefs\security-prefs.js
from %APPDATA%\teinObj\res\is-Q5ADK.tmp to %APPDATA%\teinObj\res\broken-image.png
from %APPDATA%\teinObj\res\is-P2HUQ.tmp to %APPDATA%\teinObj\res\charsetData.properties
from %APPDATA%\teinObj\res\is-L0I0H.tmp to %APPDATA%\teinObj\res\contenteditable.css
from %APPDATA%\teinObj\res\is-6S7BB.tmp to %APPDATA%\teinObj\res\designmode.css
from %APPDATA%\teinObj\res\is-QD3CM.tmp to %APPDATA%\teinObj\res\EditorOverride.css
from %APPDATA%\teinObj\res\is-FLEBI.tmp to %APPDATA%\teinObj\res\forms.css
from %APPDATA%\teinObj\res\is-N36V9.tmp to %APPDATA%\teinObj\res\grabber.gif
from %APPDATA%\teinObj\res\is-STJ02.tmp to %APPDATA%\teinObj\res\hiddenWindow.html
from %APPDATA%\teinObj\res\is-GJBRA.tmp to %APPDATA%\teinObj\res\html.css
from %APPDATA%\teinObj\res\is-BOVNN.tmp to %APPDATA%\teinObj\res\langGroups.properties
from %APPDATA%\teinObj\res\is-VD1AV.tmp to %APPDATA%\teinObj\res\language.properties
from %APPDATA%\teinObj\modules\is-OS5P3.tmp to %APPDATA%\teinObj\modules\openLocationLastURL.jsm
from %APPDATA%\teinObj\modules\is-CKNLE.tmp to %APPDATA%\teinObj\modules\PlacesDBUtils.jsm
from %APPDATA%\teinObj\modules\is-BRTC3.tmp to %APPDATA%\teinObj\modules\NetworkPrioritizer.jsm
from %APPDATA%\teinObj\modules\is-EG76N.tmp to %APPDATA%\teinObj\modules\NetUtil.jsm
from %APPDATA%\teinObj\modules\is-HHNUN.tmp to %APPDATA%\teinObj\modules\Microformats.js
from %APPDATA%\teinObj\defaults\profile\is-FCMGQ.tmp to %APPDATA%\teinObj\defaults\profile\localstore.rdf
from %APPDATA%\teinObj\defaults\profile\is-322KG.tmp to %APPDATA%\teinObj\defaults\profile\mimeTypes.rdf
from %APPDATA%\teinObj\defaults\profile\is-P7RH6.tmp to %APPDATA%\teinObj\defaults\profile\prefs.js
from %APPDATA%\teinObj\defaults\profile\chrome\is-LTDJU.tmp to %APPDATA%\teinObj\defaults\profile\chrome\userChrome-example.css
from %APPDATA%\teinObj\defaults\profile\chrome\is-6VS1T.tmp to %APPDATA%\teinObj\defaults\profile\chrome\userContent-example.css
from %APPDATA%\teinObj\dictionaries\is-T5G8V.tmp to %APPDATA%\teinObj\dictionaries\en-US.aff
from %APPDATA%\teinObj\dictionaries\is-H9PIH.tmp to %APPDATA%\teinObj\dictionaries\en-US.dic
from %APPDATA%\teinObj\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\is-UM51H.tmp to %APPDATA%\teinObj\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\icon.png
from %APPDATA%\teinObj\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\is-TDN8S.tmp to %APPDATA%\teinObj\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\install.rdf
from %APPDATA%\teinObj\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\is-R8MQS.tmp to %APPDATA%\teinObj\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\preview.png
from %APPDATA%\teinObj\res\is-JM85I.tmp to %APPDATA%\teinObj\res\loading-image.png
from %APPDATA%\teinObj\res\is-8QL14.tmp to %APPDATA%\teinObj\res\charsetalias.properties
from %APPDATA%\teinObj\greprefs\is-AUIN3.tmp to %APPDATA%\teinObj\greprefs\all.js
from %APPDATA%\teinObj\modules\is-JQ6L0.tmp to %APPDATA%\teinObj\modules\CertUtils.jsm
from %APPDATA%\teinObj\modules\is-THGKN.tmp to %APPDATA%\teinObj\modules\ctypes.jsm
from %APPDATA%\teinObj\modules\is-G3SAF.tmp to %APPDATA%\teinObj\modules\debug.js
from %APPDATA%\teinObj\modules\is-RJVBH.tmp to %APPDATA%\teinObj\modules\distribution.js
from %APPDATA%\teinObj\modules\is-V61M2.tmp to %APPDATA%\teinObj\modules\DownloadLastDir.jsm
from %APPDATA%\teinObj\modules\is-FLL52.tmp to %APPDATA%\teinObj\modules\DownloadUtils.jsm
from %APPDATA%\teinObj\modules\is-1G5JA.tmp to %APPDATA%\teinObj\modules\FileUtils.jsm
from %APPDATA%\teinObj\modules\is-TUBAM.tmp to %APPDATA%\teinObj\modules\ISO8601DateUtils.jsm
from %APPDATA%\teinObj\modules\is-4DHGR.tmp to %APPDATA%\teinObj\modules\LightweightThemeConsumer.jsm
from %APPDATA%\teinObj\modules\is-CS85V.tmp to %APPDATA%\teinObj\modules\LightweightThemeManager.jsm
from %APPDATA%\teinObj\defaults\profile\is-NG0DU.tmp to %APPDATA%\teinObj\defaults\profile\bookmarks.html
from %APPDATA%\teinObj\greprefs\is-U8D1G.tmp to %APPDATA%\teinObj\greprefs\xpinstall.js
from %APPDATA%\teinObj\res\is-GL0I6.tmp to %APPDATA%\teinObj\res\table-remove-column-active.gif
from %APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\mimeTypes-1.rdf to %APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\mimeTypes.rdf
from %APPDATA%\teinObj\res\is-SLVMC.tmp to %APPDATA%\teinObj\res\svg.css
from %APPDATA%\teinObj\res\fonts\is-10MD7.tmp to %APPDATA%\teinObj\res\fonts\mathfont.properties
from %APPDATA%\teinObj\res\fonts\is-50CS9.tmp to %APPDATA%\teinObj\res\fonts\mathfontStandardSymbolsL.properties
from %APPDATA%\teinObj\res\fonts\is-KKSOT.tmp to %APPDATA%\teinObj\res\fonts\mathfontSTIXNonUnicode.properties
from %APPDATA%\teinObj\res\fonts\is-I2HU6.tmp to %APPDATA%\teinObj\res\fonts\mathfontSTIXSize1.properties
from %APPDATA%\teinObj\res\fonts\is-H907S.tmp to %APPDATA%\teinObj\res\fonts\mathfontSymbol.properties
from %APPDATA%\teinObj\res\fonts\is-HB64J.tmp to %APPDATA%\teinObj\res\fonts\mathfontUnicode.properties
from %APPDATA%\teinObj\res\html\is-KK3HC.tmp to %APPDATA%\teinObj\res\html\folder.png
from %APPDATA%\teinObj\searchplugins\is-4RU3J.tmp to %APPDATA%\teinObj\searchplugins\amazondotcom.xml
from %APPDATA%\teinObj\searchplugins\is-J5GPS.tmp to %APPDATA%\teinObj\searchplugins\answers.xml
from %APPDATA%\teinObj\searchplugins\is-94RHH.tmp to %APPDATA%\teinObj\searchplugins\creativecommons.xml
from %APPDATA%\teinObj\res\is-GVCDO.tmp to %APPDATA%\teinObj\res\mathml.css
from %APPDATA%\teinObj\searchplugins\is-OURH2.tmp to %APPDATA%\teinObj\searchplugins\eBay.xml
from %APPDATA%\teinObj\searchplugins\is-TBGVU.tmp to %APPDATA%\teinObj\searchplugins\wikipedia.xml
from %APPDATA%\teinObj\searchplugins\is-FCHIR.tmp to %APPDATA%\teinObj\searchplugins\yahoo.xml
from %APPDATA%\teinObj\uninstall\is-0OJ6M.tmp to %APPDATA%\teinObj\uninstall\helper.exe
from %APPDATA%\is-JKSK6.tmp to %APPDATA%\Setup_ImgBurn_2.5.8.0.exe
from %APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\xpti.dat.tmp to %APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\xpti.dat
from %APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\compreg.dat.tmp to %APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\compreg.dat
from %APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\extensions-1.cache to %APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\extensions.cache
from %APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\extensions-1.ini to %APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\extensions.ini
from %APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\prefs-1.js to %APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\prefs.js
from %APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\extensions-1.rdf to %APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\extensions.rdf
from %APPDATA%\teinObj\res\entityTables\is-2R2CS.tmp to %APPDATA%\teinObj\res\entityTables\mathml20.properties
from %APPDATA%\teinObj\res\entityTables\is-67272.tmp to %APPDATA%\teinObj\res\entityTables\transliterate.properties
from %APPDATA%\teinObj\res\entityTables\is-H40CS.tmp to %APPDATA%\teinObj\res\entityTables\htmlEntityVersions.properties
from %APPDATA%\teinObj\res\entityTables\is-2CL14.tmp to %APPDATA%\teinObj\res\entityTables\html40Symbols.properties
from %APPDATA%\teinObj\res\entityTables\is-3L0SE.tmp to %APPDATA%\teinObj\res\entityTables\html40Special.properties
from %APPDATA%\teinObj\res\is-9JHOP.tmp to %APPDATA%\teinObj\res\table-add-column-after-hover.gif
from %APPDATA%\teinObj\res\is-S2315.tmp to %APPDATA%\teinObj\res\table-add-column-after.gif
from %APPDATA%\teinObj\res\is-CPE87.tmp to %APPDATA%\teinObj\res\table-add-column-before-active.gif
from %APPDATA%\teinObj\res\is-CSMTR.tmp to %APPDATA%\teinObj\res\table-add-column-before-hover.gif
from %APPDATA%\teinObj\res\is-IFT55.tmp to %APPDATA%\teinObj\res\table-add-column-before.gif
from %APPDATA%\teinObj\res\is-I1AHV.tmp to %APPDATA%\teinObj\res\table-add-row-after-active.gif
from %APPDATA%\teinObj\res\is-RVSR9.tmp to %APPDATA%\teinObj\res\table-add-row-after-hover.gif
from %APPDATA%\teinObj\res\is-NFCO4.tmp to %APPDATA%\teinObj\res\table-add-row-after.gif
from %APPDATA%\teinObj\res\is-O4AFJ.tmp to %APPDATA%\teinObj\res\table-add-row-before-active.gif
from %APPDATA%\teinObj\res\is-P1E96.tmp to %APPDATA%\teinObj\res\table-add-row-before-hover.gif
from %APPDATA%\teinObj\res\is-JVK70.tmp to %APPDATA%\teinObj\res\quirk.css
from %APPDATA%\teinObj\defaults\pref\is-EVP1D.tmp to %APPDATA%\teinObj\defaults\pref\reporter.js
from %APPDATA%\teinObj\res\is-95KUA.tmp to %APPDATA%\teinObj\res\table-add-row-before.gif
from %APPDATA%\teinObj\res\is-9DKQG.tmp to %APPDATA%\teinObj\res\table-remove-column.gif
from %APPDATA%\teinObj\res\is-4EFK0.tmp to %APPDATA%\teinObj\res\table-remove-row-active.gif
from %APPDATA%\teinObj\res\is-GR7PO.tmp to %APPDATA%\teinObj\res\table-remove-row-hover.gif
from %APPDATA%\teinObj\res\is-5K3LN.tmp to %APPDATA%\teinObj\res\table-remove-row.gif
from %APPDATA%\teinObj\res\is-LL5TO.tmp to %APPDATA%\teinObj\res\ua.css
from %APPDATA%\teinObj\res\is-5MBJ6.tmp to %APPDATA%\teinObj\res\viewsource.css
from %APPDATA%\teinObj\res\is-GSK0J.tmp to %APPDATA%\teinObj\res\wincharset.properties
from %APPDATA%\teinObj\res\dtd\is-282ES.tmp to %APPDATA%\teinObj\res\dtd\mathml.dtd
from %APPDATA%\teinObj\res\dtd\is-RH8EK.tmp to %APPDATA%\teinObj\res\dtd\xhtml11.dtd
from %APPDATA%\teinObj\res\entityTables\is-0F36I.tmp to %APPDATA%\teinObj\res\entityTables\html40Latin1.properties
from %APPDATA%\teinObj\res\is-I8NPI.tmp to %APPDATA%\teinObj\res\table-add-column-after-active.gif
from %APPDATA%\teinObj\res\is-0NM8S.tmp to %APPDATA%\teinObj\res\table-remove-column-hover.gif
from %APPDATA%\teinObj\searchplugins\is-P4MT0.tmp to %APPDATA%\teinObj\searchplugins\google.xml
from %APPDATA%\teinObj\defaults\pref\is-K2P6O.tmp to %APPDATA%\teinObj\defaults\pref\firefox.js
from %APPDATA%\teinObj\components\is-VA38B.tmp to %APPDATA%\teinObj\components\nsURLFormatter.js
from %APPDATA%\teinObj\is-8MMOJ.tmp to %APPDATA%\teinObj\updater.ini
from %APPDATA%\teinObj\is-GAFLV.tmp to %APPDATA%\teinObj\xpcom.dll
from %APPDATA%\teinObj\is-JC7T0.tmp to %APPDATA%\teinObj\xul.dll
from %APPDATA%\teinObj\chrome\is-7BJ5C.tmp to %APPDATA%\teinObj\chrome\browser.jar
from %APPDATA%\teinObj\chrome\is-E6E9J.tmp to %APPDATA%\teinObj\chrome\browser.manifest
from %APPDATA%\teinObj\chrome\is-05C1T.tmp to %APPDATA%\teinObj\chrome\classic.jar
from %APPDATA%\teinObj\chrome\is-M6NBP.tmp to %APPDATA%\teinObj\chrome\classic.manifest
from %APPDATA%\teinObj\chrome\is-S78E9.tmp to %APPDATA%\teinObj\chrome\comm.jar
from %APPDATA%\teinObj\chrome\is-F40H3.tmp to %APPDATA%\teinObj\chrome\comm.manifest
from %APPDATA%\teinObj\chrome\is-IKEEE.tmp to %APPDATA%\teinObj\chrome\en-US.jar
from %APPDATA%\teinObj\is-D7G1D.tmp to %APPDATA%\teinObj\nspr4.dll
from %APPDATA%\teinObj\chrome\is-M17DE.tmp to %APPDATA%\teinObj\chrome\en-US.manifest
from %APPDATA%\teinObj\chrome\is-IRUGS.tmp to %APPDATA%\teinObj\chrome\pippki.manifest
from %APPDATA%\teinObj\chrome\is-RG44A.tmp to %APPDATA%\teinObj\chrome\reporter.jar
from %APPDATA%\teinObj\chrome\is-NMIDO.tmp to %APPDATA%\teinObj\chrome\reporter.manifest
from %APPDATA%\teinObj\chrome\is-OET66.tmp to %APPDATA%\teinObj\chrome\toolkit.jar
from %APPDATA%\teinObj\chrome\is-VIBEL.tmp to %APPDATA%\teinObj\chrome\toolkit.manifest
from %APPDATA%\teinObj\components\is-UAL08.tmp to %APPDATA%\teinObj\components\browser.xpt
from %APPDATA%\teinObj\components\is-TMNSF.tmp to %APPDATA%\teinObj\components\browserdirprovider.dll
from %APPDATA%\teinObj\components\is-HSDUN.tmp to %APPDATA%\teinObj\components\brwsrcmp.dll
from %APPDATA%\teinObj\components\is-S4AK7.tmp to %APPDATA%\teinObj\components\components.list
from %APPDATA%\teinObj\components\is-6N9J1.tmp to %APPDATA%\teinObj\components\compreg.dat
from %APPDATA%\teinObj\is-SH5PB.tmp to %APPDATA%\teinObj\update.exe
from %APPDATA%\teinObj\is-P4L46.tmp to %APPDATA%\teinObj\update.locale
from %APPDATA%\teinObj\is-HJ0LR.tmp to %APPDATA%\teinObj\ssl3.dll
from %APPDATA%\teinObj\is-SFD0C.tmp to %APPDATA%\teinObj\sqlite3.dll
from %APPDATA%\teinObj\is-PD3NU.tmp to %APPDATA%\teinObj\softokn3.dll
from %APPDATA%\teinObj\is-A7VD3.tmp to %APPDATA%\teinObj\application.ini
from %APPDATA%\teinObj\is-P4PRF.tmp to %APPDATA%\teinObj\blocklist.xml
from %APPDATA%\teinObj\is-J2LJF.tmp to %APPDATA%\teinObj\browserconfig.properties
from %APPDATA%\teinObj\is-DKTSO.tmp to %APPDATA%\teinObj\crashreporter-override.ini
from %APPDATA%\teinObj\is-HQ31G.tmp to %APPDATA%\teinObj\crashreporter.exe
from %APPDATA%\teinObj\is-P3F8C.tmp to %APPDATA%\teinObj\crashreporter.ini
from %APPDATA%\teinObj\is-FNGN0.tmp to %APPDATA%\teinObj\freebl3.chk
from %APPDATA%\teinObj\is-G9LTG.tmp to %APPDATA%\teinObj\freebl3.dll
from %APPDATA%\teinObj\is-FFDG4.tmp to %APPDATA%\teinObj\js3250.dll
from %APPDATA%\teinObj\is-CSV8J.tmp to %APPDATA%\teinObj\LICENSE
from %APPDATA%\teinObj\components\is-7AQD9.tmp to %APPDATA%\teinObj\components\FeedConverter.js
from %APPDATA%\teinObj\chrome\is-3QD5K.tmp to %APPDATA%\teinObj\chrome\pippki.jar
from %APPDATA%\teinObj\is-IOBB6.tmp to %APPDATA%\teinObj\mozcrt19.dll
from %APPDATA%\teinObj\is-DQ4OT.tmp to %APPDATA%\teinObj\nssckbi.dll
from %APPDATA%\teinObj\is-U63VP.tmp to %APPDATA%\teinObj\nssdbm3.chk
from %APPDATA%\teinObj\is-OQSNA.tmp to %APPDATA%\teinObj\nssdbm3.dll
from %APPDATA%\teinObj\is-FSFN7.tmp to %APPDATA%\teinObj\nssutil3.dll
from %APPDATA%\teinObj\is-1NBA2.tmp to %APPDATA%\teinObj\platform.ini
from %APPDATA%\teinObj\is-NNC8G.tmp to %APPDATA%\teinObj\plc4.dll
from %APPDATA%\teinObj\is-H0C1T.tmp to %APPDATA%\teinObj\plds4.dll
from %APPDATA%\teinObj\is-O2Q75.tmp to %APPDATA%\teinObj\README.txt
from %APPDATA%\teinObj\is-08L0P.tmp to %APPDATA%\teinObj\smime3.dll
from %APPDATA%\teinObj\is-8D6T3.tmp to %APPDATA%\teinObj\softokn3.chk
from %APPDATA%\teinObj\is-Q114F.tmp to %APPDATA%\teinObj\AccessibleMarshal.dll
from %APPDATA%\teinObj\is-93OUP.tmp to %APPDATA%\teinObj\nss3.dll
from %APPDATA%\teinObj\components\is-9MOT2.tmp to %APPDATA%\teinObj\components\nsExtensionManager.js
from %APPDATA%\teinObj\defaults\pref\is-3GKAO.tmp to %APPDATA%\teinObj\defaults\pref\firefox-branding.js
from %APPDATA%\teinObj\components\is-4MH1C.tmp to %APPDATA%\teinObj\components\fuelApplication.js
from %APPDATA%\teinObj\components\is-VB1UU.tmp to %APPDATA%\teinObj\components\nsSessionStartup.js
from %APPDATA%\teinObj\components\is-3EP8D.tmp to %APPDATA%\teinObj\components\nsSessionStore.js
from %APPDATA%\teinObj\components\is-D57MV.tmp to %APPDATA%\teinObj\components\nsSetDefaultBrowser.js
from %APPDATA%\teinObj\components\is-KFPRV.tmp to %APPDATA%\teinObj\components\nsSidebar.js
from %APPDATA%\teinObj\components\is-LCE28.tmp to %APPDATA%\teinObj\components\nsTaggingService.js
from %APPDATA%\teinObj\components\is-1NQ3S.tmp to %APPDATA%\teinObj\components\nsTryToClose.js
from %APPDATA%\teinObj\components\is-K81N8.tmp to %APPDATA%\teinObj\components\nsUpdateService.js
from %APPDATA%\teinObj\components\is-318GF.tmp to %APPDATA%\teinObj\components\nsUpdateServiceStub.js
from %APPDATA%\teinObj\components\is-57M7N.tmp to %APPDATA%\teinObj\components\nsUpdateTimerManager.js
from %APPDATA%\teinObj\components\is-2ITQB.tmp to %APPDATA%\teinObj\components\nsUrlClassifierLib.js
from %APPDATA%\teinObj\components\is-US4HT.tmp to %APPDATA%\teinObj\components\FeedProcessor.js
from %APPDATA%\teinObj\components\is-M8QEK.tmp to %APPDATA%\teinObj\components\nsUrlClassifierListManager.js
from %APPDATA%\teinObj\components\is-VFNE6.tmp to %APPDATA%\teinObj\components\nsWebHandlerApp.js
from %APPDATA%\teinObj\components\is-0LD5J.tmp to %APPDATA%\teinObj\components\pluginGlue.js
from %APPDATA%\teinObj\components\is-N3LTR.tmp to %APPDATA%\teinObj\components\storage-Legacy.js
from %APPDATA%\teinObj\components\is-DFM7C.tmp to %APPDATA%\teinObj\components\storage-mozStorage.js
from %APPDATA%\teinObj\components\is-4R68B.tmp to %APPDATA%\teinObj\components\txEXSLTRegExFunctions.js
from %APPDATA%\teinObj\components\is-IR73B.tmp to %APPDATA%\teinObj\components\WebContentConverter.js
from %APPDATA%\teinObj\components\is-1Q6PK.tmp to %APPDATA%\teinObj\components\xpti.dat
from %APPDATA%\teinObj\defaults\autoconfig\is-O6MLA.tmp to %APPDATA%\teinObj\defaults\autoconfig\platform.js
from %APPDATA%\teinObj\defaults\autoconfig\is-3H4SU.tmp to %APPDATA%\teinObj\defaults\autoconfig\prefcalls.js
from %APPDATA%\teinObj\defaults\pref\is-L6ELC.tmp to %APPDATA%\teinObj\defaults\pref\channel-prefs.js
from %APPDATA%\teinObj\components\is-H1H0V.tmp to %APPDATA%\teinObj\components\nsSearchService.js
from %APPDATA%\teinObj\components\is-FMMB3.tmp to %APPDATA%\teinObj\components\nsSearchSuggestions.js
from %APPDATA%\teinObj\components\is-1QQI7.tmp to %APPDATA%\teinObj\components\nsSafebrowsingApplication.js
from %APPDATA%\teinObj\components\is-V4MJ3.tmp to %APPDATA%\teinObj\components\nsProxyAutoConfig.js
from %APPDATA%\teinObj\components\is-9DA24.tmp to %APPDATA%\teinObj\components\nsPrivateBrowsingService.js
from %APPDATA%\teinObj\components\is-6PBMJ.tmp to %APPDATA%\teinObj\components\jsconsole-clhandler.js
from %APPDATA%\teinObj\components\is-GC1HK.tmp to %APPDATA%\teinObj\components\NetworkGeolocationProvider.js
from %APPDATA%\teinObj\components\is-EN741.tmp to %APPDATA%\teinObj\components\nsAddonRepository.js
from %APPDATA%\teinObj\components\is-674OD.tmp to %APPDATA%\teinObj\components\nsBadCertHandler.js
from %APPDATA%\teinObj\components\is-OF9NF.tmp to %APPDATA%\teinObj\components\nsBlocklistService.js
from %APPDATA%\teinObj\components\is-1JUGV.tmp to %APPDATA%\teinObj\components\nsBrowserContentHandler.js
from %APPDATA%\teinObj\components\is-ISQ7P.tmp to %APPDATA%\teinObj\components\nsBrowserGlue.js
from %APPDATA%\teinObj\components\is-Q0FE5.tmp to %APPDATA%\teinObj\components\nsContentDispatchChooser.js
from %APPDATA%\teinObj\components\is-K3MJ9.tmp to %APPDATA%\teinObj\components\nsContentPrefService.js
from %APPDATA%\teinObj\components\is-TLK73.tmp to %APPDATA%\teinObj\components\nsDefaultCLH.js
from %APPDATA%\teinObj\components\is-6ADF9.tmp to %APPDATA%\teinObj\components\FeedWriter.js
from %APPDATA%\teinObj\defaults\pref\is-T50TS.tmp to %APPDATA%\teinObj\defaults\pref\firefox-l10n.js
from %APPDATA%\teinObj\components\is-8QHDC.tmp to %APPDATA%\teinObj\components\nsDownloadManagerUI.js
from %APPDATA%\teinObj\components\is-TJOHN.tmp to %APPDATA%\teinObj\components\nsHandlerService.js
from %APPDATA%\teinObj\components\is-TJI9H.tmp to %APPDATA%\teinObj\components\nsHelperAppDlg.js
from %APPDATA%\teinObj\components\is-T6LCS.tmp to %APPDATA%\teinObj\components\nsLivemarkService.js
from %APPDATA%\teinObj\components\is-BUOQP.tmp to %APPDATA%\teinObj\components\nsLoginInfo.js
from %APPDATA%\teinObj\components\is-ENLIK.tmp to %APPDATA%\teinObj\components\nsLoginManager.js
from %APPDATA%\teinObj\components\is-RG751.tmp to %APPDATA%\teinObj\components\nsLoginManagerPrompter.js
from %APPDATA%\teinObj\components\is-6QG9A.tmp to %APPDATA%\teinObj\components\nsMicrosummaryService.js
from %APPDATA%\teinObj\components\is-MBS7V.tmp to %APPDATA%\teinObj\components\nsPlacesAutoComplete.js
from %APPDATA%\teinObj\components\is-I9NFH.tmp to %APPDATA%\teinObj\components\nsPlacesDBFlush.js
from %APPDATA%\teinObj\components\is-MO4SJ.tmp to %APPDATA%\teinObj\components\nsPlacesTransactionsService.js
from %APPDATA%\teinObj\components\is-4HTO1.tmp to %APPDATA%\teinObj\components\GPSDGeolocationProvider.js
from %APPDATA%\teinObj\components\is-5EHSQ.tmp to %APPDATA%\teinObj\components\nsFormAutoComplete.js
from %APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\localstore-1.rdf to %APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\localstore.rdf

Substitutes the following files:

%APPDATA%\teinObj\components\xpti.dat
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\permissions.sqlite-journal
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\xpti.dat.tmp
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\xpti.dat
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\compreg.dat.tmp
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\compreg.dat
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\prefs-1.js
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\extensions-1.cache
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\extensions-1.ini
<LS_APPDATA>\AMozilla\AFirefox\Profiles\sgxyu303.default\XUL.mfl
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\content-prefs.sqlite-journal
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\mimeTypes-1.rdf
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\mimeTypes.rdf
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\cookies.sqlite-journal
<LS_APPDATA>\AMozilla\AFirefox\Profiles\sgxyu303.default\urlclassifier3.sqlite-journal
%APPDATA%\AMozilla\AFirefox\Profiles\sgxyu303.default\downloads.sqlite-journal

Network activity:

Connects to:

'localhost':1039
'localhost':1041
'localhost':1043
'74.##5.232.51':443
'fx####s.mozilla.com':80
'po###laba.com':80
'fa###ook.com':80

TCP:

HTTP GET requests:

http://fx####s.mozilla.com/en-US/firefox/headlines.xml
http://po###laba.com/
http://fa###ook.com/

UDP:

DNS ASK sb-ssl.google.com
DNS ASK fx####s.mozilla.com
DNS ASK po###laba.com
DNS ASK fa###ook.com

Miscellaneous:

Searches for the following windows:

ClassName: 'AFirefoxMessageWindow' WindowName: ''

Creates and executes the following:

'%TEMP%\is-GBCRH.tmp\<File name>.tmp' /SL5="$30092,14660108,57856,<Full path to file>"
'%APPDATA%\Setup_ImgBurn_2.5.8.0.exe'
'%APPDATA%\teinObj\update.exe' about:robots
'%APPDATA%\teinObj\uninstall\helper.exe' /SetAsDefaultAppUser

テクノロジー

用語

トレーニングコースおよび啓蒙プロジェクト

アンチウイルスに関する誤解と噂

Technical Information

Curing recommendations

Free trial