Jump to content


Photo
- - - - -

performance problems and redirects


  • This topic is locked This topic is locked
4 replies to this topic

#1 aaronfitz

aaronfitz

    New Member

  • Members
  • Pip
  • 1 posts

Posted 29 October 2011 - 11:46 AM

I've recently noticed searches being redirected, a rundll32 that won't shut down, and a big drag on system resources that seems new. I've disabled a number of useless startup programs to try to isolate what it might be, then saw a similar post about the search redirects and hoped to get more qualified help. Thanks in advance for any advice provided!


Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8031

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

10/29/2011 12:39:08 PM
mbam-log-2011-10-29 (12-39-07).txt

Scan type: Quick scan
Objects scanned: 185326
Time elapsed: 14 minute(s), 5 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)



.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_29
Run by Owner at 11:58:31 on 2011-10-29
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1023.60 [GMT -4:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Steam\Steam.exe
C:\WINDOWS\system32\rundll32.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Bar = hxxp://srch-us10.hpwis.com/
mStart Page = about:blank
mSearch Bar = hxxp://srch-us10.hpwis.com/
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = 192.168.0.11:80
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and

settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program

files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: BitDefender Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - c:\program files\bitdefender\bitdefender 2009\IEToolbar.dll
TB: {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - No File
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
EB: hp view: {8f4902b6-6c04-4ade-8052-aa58578a21bd} - c:\windows\system32\Shdocvw.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [Steam] "c:\program files\steam\Steam.exe" -silent
uRun: [SecuROM Update] rundll32 "c:\documents and settings\owner\local settings\application data\gas powered

games\gasupdate\Gasup.dll",DllRegisterServer
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {41564D57-9980-0010-8000-00AA00389B71} -

hxxp://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} -

hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1260019264093
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} -

hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1260019889093
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{C0FE1527-9BC8-4EA3-B743-10D7FFDD6EBE} : DhcpNameServer = 192.168.1.1
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Notification Packages = scecli scecli scecli
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\x0g6c534.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.cnn.com/
FF - prefs.js: network.proxy.type - 4
FF - component: c:\documents and settings\all users\application

data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\documents and settings\owner\application

data\mozilla\firefox\profiles\x0g6c534.default\extensions\{b042753d-f57e-4e8e-a01b-7379a6d4cefb}\components\IBitCometExtensio

n.dll
FF - component: c:\program files\mozilla firefox\extensions\yplayer@yummy.net\components\FYPlayer.dll
FF - plugin: c:\documents and settings\all users\application

data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\owner\application

data\mozilla\firefox\profiles\x0g6c534.default\extensions\gametap@gametap.com\plugins\npGameTapWebUpdater.dll
FF - plugin: c:\documents and settings\owner\application

data\mozilla\firefox\profiles\x0g6c534.default\extensions\gametapplayer@gametap.com\plugins\npGameTapWebPlayer.dll
FF - plugin: c:\documents and settings\owner\local settings\application data\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\download manager\npfpdlm.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\real\realone player\netscape6\nppl3260.dll
FF - plugin: c:\program files\real\realone player\netscape6\nprjplug.dll
FF - plugin: c:\program files\real\realone player\netscape6\nprpjplug.dll
.
---- FIREFOX POLICIES ----
FF - user.js: signed.applets.codebase_principal_support - true
.
/* To avoid the user interaction, add the following lines: */
FF - user.js: capability.principal.codebase.YummyPlayer_YAEL.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_YAEL.id - hxxp://yael.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_LHOST.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_LHOST.id - hxxp://localhost/
.
/* GLDE */
FF - user.js: capability.principal.codebase.YummyPlayer_GLDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GLDE.id - hxxp://gamesflatrate.de/
FF - user.js: capability.principal.codebase.YummyPlayer_WGLDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WGLDE.id - hxxp://www.gamesflatrate.de/
FF - user.js: capability.principal.codebase.YummyPlayer_GLDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GLDEINT.id - hxxp://glde-int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SGLDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGLDE.id - hxxps://gamesflatrate.de/
FF - user.js: capability.principal.codebase.YummyPlayer_WSGLDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WSGLDE.id - hxxps://www.gamesflatrate.de/
.
/* BGFR */
FF - user.js: capability.principal.codebase.YummyPlayer_BGFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_BGFR.id - hxxp://linternaute.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SBGFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SBGFR.id - hxxps://linternaute.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_BGFRINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_BGFRINT.id - hxxp://bgfr-int.metaboli.fr/
.
/* BILD */
FF - user.js: capability.principal.codebase.YummyPlayer_BILD.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_BILD.id - hxxp://bild.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SBILD.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SBILD.id - hxxps://bild.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_BILDINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_BILDINT.id - hxxp://bild-int.metaboli.fr/
.
/* BTUK */
FF - user.js: capability.principal.codebase.YummyPlayer_BTUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_BTUK.id - hxxp://btvision.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SBTUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SBTUK.id - hxxps://btvision.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_BTUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_BTUKINT.id - hxxp://bt-int.metaboli.fr/
.
/* CLIC */
FF - user.js: capability.principal.codebase.YummyPlayer_CLIC.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CLIC.id - hxxp://clubic.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SCLIC.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SCLIC.id - hxxps://clubic.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_CLICINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CLICINT.id - hxxp://clic-int.metaboli.fr/
.
/* COUK */
FF - user.js: capability.principal.codebase.YummyPlayer_COUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_COUK.id - hxxp://metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_WCOUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WCOUK.id - hxxp://www.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_WSCOUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WSCOUK.id - hxxps://www.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SCOUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SCOUK.id - hxxps://metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_COUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_COUKINT.id - hxxp://uk-int.metaboli.fr/
.
/* MEDE */
FF - user.js: capability.principal.codebase.YummyPlayer_MEDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MEDE.id - hxxp://metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_WMEDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WMEDE.id - hxxp://www.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SMEDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMEDE.id - hxxps://metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_MEDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MEDEINT.id - hxxp://de-int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WSMEDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WSMEDE.id - hxxps://www.metaboli.de/
.
/* CUUK */
FF - user.js: capability.principal.codebase.YummyPlayer_CUUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CUUK.id - hxxp://custompc.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SCUUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SCUUK.id - hxxps://custompc.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_CUUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CUUKINT.id - hxxp://cuuk-int.metaboli.fr/
.
/* EUUK */
FF - user.js: capability.principal.codebase.YummyPlayer_EUUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_EUUK.id - hxxp://eurogamer.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SEUUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SEUUK.id - hxxps://eurogamer.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_EUUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_EUUKINT.id - hxxp://euuk-int.metaboli.fr/
.
/* FUNR */
FF - user.js: capability.principal.codebase.YummyPlayer_FUNR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_FUNR.id - hxxp://fun.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SFUNR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SFUNR.id - hxxps://fun.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_FUNRINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_FUNRINT.id - hxxp://fun-int.metaboli.fr/
.
/* GONE */
FF - user.js: capability.principal.codebase.YummyPlayer_GONE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GONE.id - hxxp://gameone.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SGONE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGONE.id - hxxps://gameone.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_GONEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GONEINT.id - hxxp://gone-int.metaboli.fr/
.
/* GUDE */
FF - user.js: capability.principal.codebase.YummyPlayer_GUDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GUDE.id - hxxp://gamerunlimited.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SGUDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGUDE.id - hxxps://gamerunlimited.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_GUDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GUDEINT.id - hxxp://gude-int.metaboli.fr/
.
/* META */
FF - user.js: capability.principal.codebase.YummyPlayer_META.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_META.id - hxxp://metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WMETA.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WMETA.id - hxxp://www.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SMETA.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMETA.id - hxxps://metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WSMETA.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WSMETA.id - hxxps://www.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_METAINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_METAINT.id - hxxp://fr-int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_METAINT2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_METAINT2.id - hxxp://www.preprod.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SMETAINT2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMETAINT2.id - hxxp://www.preprod.metaboli.fr/
.
/* MNDE */
FF - user.js: capability.principal.codebase.YummyPlayer_MNDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNDE.id - hxxp://livegames.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SMNDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMNDE.id - hxxps://livegames.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_MNDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNDEINT.id - hxxp://msde-int.metaboli.fr/
.
/* MNFR */
FF - user.js: capability.principal.codebase.YummyPlayer_MNFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNFR.id - hxxp://livegames.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SMNFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMNFR.id - hxxps://livegames.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_MNFRINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNFRINT.id - hxxp://msfr-int.metaboli.fr/
.
/* MNUK */
FF - user.js: capability.principal.codebase.YummyPlayer_MNUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNUK.id - hxxp://livegames.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SMNUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMNUK.id - hxxps://livegames.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_MNUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNUKINT.id - hxxp://msuk-int.metaboli.fr/
.
/* NCNU */
FF - user.js: capability.principal.codebase.YummyPlayer_NCNU.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_NCNU.id - hxxp://numericable.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SNCNU.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SNCNU.id - hxxps://numericable.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_NCNUINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_NCNUINT.id - hxxp://ncnu-int.metaboli.fr/
.
/* QPUK */
FF - user.js: capability.principal.codebase.YummyPlayer_QPUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_QPUK.id - hxxp://quintplay.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SQPUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SQPUK.id - hxxps://quintplay.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_QPUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_QPUKINT.id - hxxp://qpuk-int.metaboli.fr/
.
/* SFFR */
FF - user.js: capability.principal.codebase.YummyPlayer_SFFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SFFR.id - hxxp://jeux-pc.sfr.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SSFFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSFFR.id - hxxps://jeux-pc.sfr.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SFFRM.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SFFRM.id - hxxp://sfr.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SSFFRM.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSFFRM.id - hxxps://sfr.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SFFRINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SFFRINT.id - hxxp://sfr-int.metaboli.fr/
.
/* SPDE */
FF - user.js: capability.principal.codebase.YummyPlayer_SPDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SPDE.id - hxxp://spieletipps.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SSPDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSPDE.id - hxxps://spieletipps.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SPDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SPDEINT.id - hxxp://spde-int.metaboli.fr/
.
/* WOJ_ */
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_.id - hxxp://woj-prod.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_.id - hxxps://woj-prod.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_INT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_INT.id - hxxp://woj-int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_INT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_INT.id - hxxps://woj-int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_PP.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_PP.id - hxxp://woj-pp.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_PP.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_PP.id - hxxps://woj-pp.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_PPINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_PPINT.id - hxxp://woj-int.jeu.orange.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_PPINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_PPINT.id - hxxps://woj-int.jeu.orange.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_2.id - hxxp://preprod-god.jeu.orange.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_2.id - hxxps://preprod-god.jeu.orange.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_3.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_3.id - hxxp://prod.jeu.orange.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_3.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_3.id - hxxps://prod.jeu.orange.fr/
.
user_pref(capability.principal.codebase.YummyPlayer_XX0001.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0001.id,hxxp://www.neufgame.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0002.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0002.id,hxxps://www.neufgame.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0003.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0003.id,hxxp://neufgame.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0004.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0004.id,hxxp://ad.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0005.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0005.id,hxxps://ad.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0006.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0006.id,hxxp://ads.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0007.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0007.id,hxxps://ads.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0008.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0008.id,hxxp://ads.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0009.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0009.id,hxxps://ads.metaboli.fr);

***I've removed the repetitive entries here because the post was too long***

user_pref(capability.principal.codebase.YummyPlayer_XX0410.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0410.id,hxxp://go.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0411.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0411.id,hxxps://go.metaboli.fr);
.
/* added 17-03-09 */
user_pref(capability.principal.codebase.YummyPlayer_XX0412.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0412.id,hxxp://cnet.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0413.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0413.id,hxxps://cnet.metaboli.co.uk);
.
/* GWDE */
FF - user.js: capability.principal.codebase.YummyPlayer_GWDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GWDE.id - hxxp://gwde.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_GWDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GWDEINT.id - hxxp://gwde.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SGWDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGWDE.id - hxxps://gwde.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SGWDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGWDEINT.id - hxxps://gwde.int.metaboli.fr/
.
/* GMUK */
FF - user.js: capability.principal.codebase.YummyPlayer_GMUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GMUK.id - hxxp://game.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_GMUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GMUKINT.id - hxxp://gmuk.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SGMUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGMUK.id - hxxps://game.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SGMUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGMUKINT.id - hxxps://gmuk.int.metaboli.fr/
.
/* CNET */
FF - user.js: capability.principal.codebase.YummyPlayer_CNET.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CNET.id - hxxp://cnet.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_CNETINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CNETINT.id - hxxp://cnet.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SCNET.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SCNET.id - hxxps://cnet.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SCNETINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SCNETINT.id - hxxps://cnet.int.metaboli.fr/
.
/* IGUK */


FF - user.js: capability.principal.codebase.YummyPlayer_IGUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_IGUK.id - hxxp://iguk.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_IGUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_IGUKINT.id - hxxp://iguk.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SIGUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SIGUK.id - hxxps://iguk.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SIGUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SIGUKINT.id - hxxps://iguk.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_IGUK2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_IGUK2.id - hxxp://Incgamers.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SIGUK2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SIGUK2.id - hxxps://Incgamers.metaboli.co.uk/
.
/* SKFR */


FF - user.js: capability.principal.codebase.YummyPlayer_SKFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SKFR.id - hxxp://skfr.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SKFRINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SKFRINT.id - hxxp://skfr.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SSKFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSKFR.id - hxxps://skfr.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SSKFRINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSKFRINT.id - hxxps://skfr.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SKFR2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SKFR2.id - hxxp://Skyrock.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SSKFR2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSKFR2.id - hxxps://Skyrock.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SKFR3.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SKFR3.id - hxxp://ondemand.premium.games.skyrock.net/
FF - user.js: capability.principal.codebase.YummyPlayer_SSKFR3.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSKFR3.id - hxxps://ondemand.premium.games.skyrock.net/
.
FF - user.js: capability.principal.codebase.YummyPlayer_FREEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_FREEINT.id - hxxp://free-int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SFREEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SFREEINT.id - hxxps://free-int.metaboli.fr/
.
/* GNUK */
FF - user.js: capability.principal.codebase.YummyPlayer_GNUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GNUK.id - hxxp://gamestation.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SGNUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGNUK.id - hxxps://gamestation.metaboli.co.uk/
.
/* NEW MSN UK DE */
FF - user.js: capability.principal.codebase.YummyPlayer_NEWMNUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_NEWMNUK.id - hxxp://playnow.tech.uk.msn.com/
FF - user.js: capability.principal.codebase.YummyPlayer_SNEWMNUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SNEWMNUK.id - hxxps://playnow.tech.uk.msn.com/
FF - user.js: capability.principal.codebase.YummyPlayer_NEWMNDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_NEWMNDE.id - hxxp://pc-spiele-flatrate.msn.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SNEWMNDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SNEWMNDE.id - hxxps://pc-spiele-flatrate.msn.de/
.
/* VMUK */
FF - user.js: capability.principal.codebase.YummyPlayer_VMUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_VMUK.id - hxxp://virginmedia.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SVMUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SVMUK.id - hxxps://virginmedia.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_VMUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_VMUKINT.id - hxxp://vmuk.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SVMUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SVMUKINT.id - hxxps://vmuk.int.metaboli.fr/
.
/* WDDE (web de) INT */
FF - user.js: capability.principal.codebase.YummyPlayer_WDDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WDDEINT.id - hxxp://wdde.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SWDDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SWDDEINT.id - hxxps://wdde.int.metaboli.fr/
.
/* ORUK */
FF - user.js: capability.principal.codebase.YummyPlayer_ORUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_ORUK.id - hxxp://orange.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SORUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SORUK.id - hxxps://orange.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_ORUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_ORUKINT.id - hxxp://oruk.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SORUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SORUKINT.id - hxxps://oruk.int.metaboli.fr/
.
/* MEDI int */
FF - user.js: capability.principal.codebase.YummyPlayer_MEDIINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MEDIINT.id - hxxp://medi.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SMEDIINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMEDIINT.id - hxxps://medi.int.metaboli.fr/
.
/* SAT1 */
FF - user.js: capability.principal.codebase.YummyPlayer_SAT1.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SAT1.id - hxxp://spieleflatrate.sat1.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SSAT1.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSAT1.id - hxxps://spieleflatrate.sat1.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SAT1INT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SAT1INT.id - hxxp://sat1.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SSAT1INT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSAT1INT.id - hxxps://sat1.int.metaboli.fr/
.
/* OWDE */
FF - user.js: capability.principal.codebase.YummyPlayer_OWDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_OWDE.id - hxxp://onlinewelten.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SOWDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SOWDE.id - hxxps://onlinewelten.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_OWDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_OWDEINT.id - hxxp://owde.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SOWDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SOWDEINT.id - hxxps://owde.int.metaboli.fr/
.
/* GRAD INT */
FF - user.js: capability.principal.codebase.YummyPlayer_GRADINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GRADINT.id - hxxp://grad.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SGRADINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGRADINT.id - hxxps://grad.int.metaboli.fr/
.
/* RTLN */
FF - user.js: capability.principal.codebase.YummyPlayer_RTLN.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_RTLN.id - hxxp://rtl.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SRTLN.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SRTLN.id - hxxps://rtl.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_RTLNINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_RTLNINT.id - hxxp://rtln.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SRTLNINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SRTLNINT.id - hxxps://rtln.int.metaboli.fr/
.
/* MNIT */
FF - user.js: capability.principal.codebase.YummyPlayer_MNIT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNIT.id - hxxp://pcgames.msn.it/
FF - user.js: capability.principal.codebase.YummyPlayer_SMNIT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMNIT.id - hxxps://pcgames.msn.it/
FF - user.js: capability.principal.codebase.YummyPlayer_MNITINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNITINT.id - hxxp://mnit.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SMNITINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMNITINT.id - hxxps://mnit.int.metaboli.fr/
.
/* CUUK */
FF - user.js: capability.principal.codebase.YummyPlayer_CUUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CUUK.id - hxxp://atheneum.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SCUUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SCUUK.id - hxxps://atheneum.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_CUUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CUUKINT.id - hxxp://cuuk.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SCUUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SCUUKINT.id - hxxps://cuuk.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_CCUK2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CCUK2.id - hxxp://atheneum.uk.com/
FF - user.js: capability.principal.codebase.YummyPlayer_SCCUK2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SCCUK2.id - hxxps://atheneum.uk.com/
.
/* SCDE */
FF - user.js: capability.principal.codebase.YummyPlayer_SCDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SCDE.id - hxxp://schueler.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SSCDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSCDE.id - hxxps://schueler.metaboli.de/
.
/* MNSE */
FF - user.js: capability.principal.codebase.YummyPlayer_MNSE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNSE.id - hxxp://spela.pcspel.msn.se/
FF - user.js: capability.principal.codebase.YummyPlayer_SMNSE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMNSE.id - hxxps://spela.pcspel.msn.se/
.
/* GMSE */
FF - user.js: capability.principal.codebase.YummyPlayer_GMSE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GMSE.id - hxxp://game.metaboli.se/
FF - user.js: capability.principal.codebase.YummyPlayer_SGMSE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGMSE.id - hxxps://game.metaboli.se/
.
/* OHFR */
FF - user.js: capability.principal.codebase.YummyPlayer_OHFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_OHFR.id - hxxp://jeuxpc.orange.ch/
FF - user.js: capability.principal.codebase.YummyPlayer_SOHFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SOHFR.id - hxxps://jeuxpc.orange.ch/
FF - user.js: capability.principal.codebase.YummyPlayer_OHFRINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_OHFRINT.id - hxxp://ohfr.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SOHFRINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SOHFRINT.id - hxxps://ohfr.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_OHFR2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_OHFR2.id - hxxp://ohfr.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SOHFR2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SOHFR2.id - hxxps://ohfr.metaboli.fr/
.
/* OHDE */
FF - user.js: capability.principal.codebase.YummyPlayer_OHDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_OHDE.id - hxxp://pcspiele.orange.ch/
FF - user.js: capability.principal.codebase.YummyPlayer_SOHDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SOHDE.id - hxxps://pcspiele.orange.ch/
FF - user.js: capability.principal.codebase.YummyPlayer_OHDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_OHDEINT.id - hxxp://ohde.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SOHDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SOHDEINT.id - hxxps://ohde.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_OHDE2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_OHDE2.id - hxxp://ohde.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SOHDE2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SOHDE2.id - hxxps://ohde.metaboli.de/
.
/* GAMETAP */
FF - user.js: capability.principal.codebase.YummyPlayer_GTUS.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GTUS.id - hxxp://www.gametap.com/
FF - user.js: capability.principal.codebase.YummyPlayer_SGTUS.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGTUS.id - hxxps://www.gametap.com/
FF - user.js: capability.principal.codebase.YummyPlayer_IGTUS.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_IGTUS.id - hxxp://integ.gametap.com/
FF - user.js: capability.principal.codebase.YummyPlayer_ISGTUS.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_ISGTUS.id - hxxps://integ.gametap.com/
FF - user.js: capability.principal.codebase.YummyPlayer_IIGTUS.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_IIGTUS.id - hxxp://gtus.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_IISGTUS.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_IISGTUS.id - hxxps://gtus.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_PPGTUS.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_PPGTUS.id - hxxp://preprod.gametap.com/
FF - user.js: capability.principal.codebase.YummyPlayer_PPSGTUS.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_PPSGTUS.id - hxxps://preprod.gametap.com/
FF - user.js: capability.principal.codebase.YummyPlayer_PPPSGTUS.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_PPPSGTUS.id - hxxp://unlimited-preprod.gametap.com/
FF - user.js: capability.principal.codebase.YummyPlayer_SPPPSGTUS.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SPPPSGTUS.id - hxxps://unlimited-preprod.gametap.com/
FF - user.js: capability.principal.codebase.YummyPlayer_PPPSGTUS.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_PPPSGTUS.id - hxxp://retro-preprod.gametap.com/
FF - user.js: capability.principal.codebase.YummyPlayer_SPPPSGTUS.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SPPPSGTUS.id - hxxps://retro-preprod.gametap.com/
.
.
============= SERVICES / DRIVERS ===============
.
S3 Arrakis3;BitDefender Arrakis Server;c:\program files\common files\bitdefender\bitdefender arrakis server\bin\Arrakis3.exe

[2009-1-20 172032]
S3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [2008-9-18 111112]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys -->

c:\windows\system32\drivers\mbamswissarmy.sys [?]
.
=============== Created Last 30 ================
.
2011-10-29 15:43:21 388096 ----a-r- c:\documents and settings\owner\application

data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-10-29 15:43:21 -------- d-----w- c:\program files\Trend Micro
2011-10-24 18:58:39 -------- d-----w- c:\documents and settings\owner\local settings\application

data\Ascaron Entertainment
2011-10-24 18:56:05 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2011-10-24 18:56:05 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2011-10-24 18:56:05 -------- d-----w- c:\program files\OpenAL
2011-10-20 14:24:00 0 ---ha-w- c:\documents and settings\owner\nwhzgmtlhs.tmp
2011-10-17 12:20:03 2106216 ----a-w- c:\program files\mozilla firefox\D3DCompiler_43.dll
2011-10-17 12:20:02 1998168 ----a-w- c:\program files\mozilla firefox\d3dx9_43.dll
2011-10-12 14:24:47 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
==================== Find3M ====================
.
2011-10-27 19:02:34 81984 ----a-w- c:\windows\system32\bdod.bin
2011-10-03 09:06:03 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-03 06:37:52 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-09-26 15:41:20 611328 ------w- c:\windows\system32\uiautomationcore.dll
2011-09-26 15:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 15:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-09 09:12:13 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-31 21:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-17 21:32:17 832512 ----a-w- c:\windows\system32\wininet.dll
2011-08-17 21:32:16 78336 ------w- c:\windows\system32\ieencode.dll
2011-08-17 21:32:16 1830912 ------w- c:\windows\system32\inetcpl.cpl
2011-08-17 21:32:15 17408 ------w- c:\windows\system32\corpol.dll
2011-08-17 13:49:54 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-08-17 12:22:23 389120 ------w- c:\windows\system32\html.iec
2011-08-12 17:51:26 26488 ----a-w- c:\windows\system32\spupdsvc.exe
2008-04-29 03:48:18 774144 ----a-w- c:\program files\RngInterstitial.dll
.
============= FINISH: 12:00:16.35 ===============

Attached Files



#2 screen317

screen317

    MBAM Sentinel

  • Moderators
  • PipPipPipPipPipPip
  • 19,486 posts
  • Gender:Male
  • Location:New Haven, CT

Posted 03 November 2011 - 01:27 PM

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.


Next, please visit this webpage for instructions for running ComboFix:
http://www.bleepingc...to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the contents of C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

Chris Fistonich
Research Team

Posted Image

Follow us: Twitter, Become a fan: Facebook

#3 screen317

screen317

    MBAM Sentinel

  • Moderators
  • PipPipPipPipPipPip
  • 19,486 posts
  • Gender:Male
  • Location:New Haven, CT

Posted 11 November 2011 - 07:41 PM

Are you still with us? This topic will be closed in a few days if we do not hear back from you.
Chris Fistonich
Research Team

Posted Image

Follow us: Twitter, Become a fan: Facebook

#4 screen317

screen317

    MBAM Sentinel

  • Moderators
  • PipPipPipPipPipPip
  • 19,486 posts
  • Gender:Male
  • Location:New Haven, CT

Posted 20 November 2011 - 08:01 PM

Are you still with us? This topic will be closed in a few days if we do not hear back from you.
Chris Fistonich
Research Team

Posted Image

Follow us: Twitter, Become a fan: Facebook

#5 screen317

screen317

    MBAM Sentinel

  • Moderators
  • PipPipPipPipPipPip
  • 19,486 posts
  • Gender:Male
  • Location:New Haven, CT

Posted 06 December 2011 - 02:25 PM

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!
Chris Fistonich
Research Team

Posted Image

Follow us: Twitter, Become a fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users