Jump to content

performance problems and redirects


Recommended Posts

I've recently noticed searches being redirected, a rundll32 that won't shut down, and a big drag on system resources that seems new. I've disabled a number of useless startup programs to try to isolate what it might be, then saw a similar post about the search redirects and hoped to get more qualified help. Thanks in advance for any advice provided!

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 8031

Windows 5.1.2600 Service Pack 3

Internet Explorer 7.0.5730.13

10/29/2011 12:39:08 PM

mbam-log-2011-10-29 (12-39-07).txt

Scan type: Quick scan

Objects scanned: 185326

Time elapsed: 14 minute(s), 5 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_29

Run by Owner at 11:58:31 on 2011-10-29

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1023.60 [GMT -4:00]

.

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Steam\Steam.exe

C:\WINDOWS\system32\rundll32.exe

svchost.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe -k imgsvc

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\system32\taskmgr.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = about:blank

uSearch Bar = hxxp://srch-us10.hpwis.com/

mStart Page = about:blank

mSearch Bar = hxxp://srch-us10.hpwis.com/

uInternet Settings,ProxyOverride = <local>

uInternet Settings,ProxyServer = 192.168.0.11:80

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and

settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program

files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: BitDefender Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - c:\program files\bitdefender\bitdefender 2009\IEToolbar.dll

TB: {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - No File

TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File

EB: hp view: {8f4902b6-6c04-4ade-8052-aa58578a21bd} - c:\windows\system32\Shdocvw.dll

EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File

uRun: [steam] "c:\program files\steam\Steam.exe" -silent

uRun: [secuROM Update] rundll32 "c:\documents and settings\owner\local settings\application data\gas powered

games\gasupdate\Gasup.dll",DllRegisterServer

mRun: [nwiz] nwiz.exe /install

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

DPF: {41564D57-9980-0010-8000-00AA00389B71} -

hxxp://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} -

hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1260019264093

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} -

hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1260019889093

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{C0FE1527-9BC8-4EA3-B743-10D7FFDD6EBE} : DhcpNameServer = 192.168.1.1

Notify: igfxcui - igfxsrvc.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

LSA: Notification Packages = scecli scecli scecli

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\x0g6c534.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.cnn.com/

FF - prefs.js: network.proxy.type - 4

FF - component: c:\documents and settings\all users\application

data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll

FF - component: c:\documents and settings\owner\application

data\mozilla\firefox\profiles\x0g6c534.default\extensions\{b042753d-f57e-4e8e-a01b-7379a6d4cefb}\components\IBitCometExtensio

n.dll

FF - component: c:\program files\mozilla firefox\extensions\yplayer@yummy.net\components\FYPlayer.dll

FF - plugin: c:\documents and settings\all users\application

data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll

FF - plugin: c:\documents and settings\owner\application

data\mozilla\firefox\profiles\x0g6c534.default\extensions\gametap@gametap.com\plugins\npGameTapWebUpdater.dll

FF - plugin: c:\documents and settings\owner\application

data\mozilla\firefox\profiles\x0g6c534.default\extensions\gametapplayer@gametap.com\plugins\npGameTapWebPlayer.dll

FF - plugin: c:\documents and settings\owner\local settings\application data\google\update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll

FF - plugin: c:\program files\download manager\npfpdlm.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\real\realone player\netscape6\nppl3260.dll

FF - plugin: c:\program files\real\realone player\netscape6\nprjplug.dll

FF - plugin: c:\program files\real\realone player\netscape6\nprpjplug.dll

.

---- FIREFOX POLICIES ----

FF - user.js: signed.applets.codebase_principal_support - true

.

/* To avoid the user interaction, add the following lines: */

FF - user.js: capability.principal.codebase.YummyPlayer_YAEL.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_YAEL.id - hxxp://yael.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_LHOST.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_LHOST.id - hxxp://localhost/

.

/* GLDE */

FF - user.js: capability.principal.codebase.YummyPlayer_GLDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_GLDE.id - hxxp://gamesflatrate.de/

FF - user.js: capability.principal.codebase.YummyPlayer_WGLDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_WGLDE.id - hxxp://www.gamesflatrate.de/

FF - user.js: capability.principal.codebase.YummyPlayer_GLDEINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_GLDEINT.id - hxxp://glde-int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SGLDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SGLDE.id - hxxps://gamesflatrate.de/

FF - user.js: capability.principal.codebase.YummyPlayer_WSGLDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_WSGLDE.id - hxxps://www.gamesflatrate.de/

.

/* BGFR */

FF - user.js: capability.principal.codebase.YummyPlayer_BGFR.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_BGFR.id - hxxp://linternaute.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SBGFR.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SBGFR.id - hxxps://linternaute.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_BGFRINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_BGFRINT.id - hxxp://bgfr-int.metaboli.fr/

.

/* BILD */

FF - user.js: capability.principal.codebase.YummyPlayer_BILD.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_BILD.id - hxxp://bild.metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_SBILD.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SBILD.id - hxxps://bild.metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_BILDINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_BILDINT.id - hxxp://bild-int.metaboli.fr/

.

/* BTUK */

FF - user.js: capability.principal.codebase.YummyPlayer_BTUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_BTUK.id - hxxp://btvision.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_SBTUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SBTUK.id - hxxps://btvision.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_BTUKINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_BTUKINT.id - hxxp://bt-int.metaboli.fr/

.

/* CLIC */

FF - user.js: capability.principal.codebase.YummyPlayer_CLIC.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_CLIC.id - hxxp://clubic.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SCLIC.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SCLIC.id - hxxps://clubic.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_CLICINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_CLICINT.id - hxxp://clic-int.metaboli.fr/

.

/* COUK */

FF - user.js: capability.principal.codebase.YummyPlayer_COUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_COUK.id - hxxp://metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_WCOUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_WCOUK.id - hxxp://www.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_WSCOUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_WSCOUK.id - hxxps://www.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_SCOUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SCOUK.id - hxxps://metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_COUKINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_COUKINT.id - hxxp://uk-int.metaboli.fr/

.

/* MEDE */

FF - user.js: capability.principal.codebase.YummyPlayer_MEDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_MEDE.id - hxxp://metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_WMEDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_WMEDE.id - hxxp://www.metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_SMEDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SMEDE.id - hxxps://metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_MEDEINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_MEDEINT.id - hxxp://de-int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_WSMEDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_WSMEDE.id - hxxps://www.metaboli.de/

.

/* CUUK */

FF - user.js: capability.principal.codebase.YummyPlayer_CUUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_CUUK.id - hxxp://custompc.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_SCUUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SCUUK.id - hxxps://custompc.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_CUUKINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_CUUKINT.id - hxxp://cuuk-int.metaboli.fr/

.

/* EUUK */

FF - user.js: capability.principal.codebase.YummyPlayer_EUUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_EUUK.id - hxxp://eurogamer.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_SEUUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SEUUK.id - hxxps://eurogamer.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_EUUKINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_EUUKINT.id - hxxp://euuk-int.metaboli.fr/

.

/* FUNR */

FF - user.js: capability.principal.codebase.YummyPlayer_FUNR.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_FUNR.id - hxxp://fun.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SFUNR.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SFUNR.id - hxxps://fun.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_FUNRINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_FUNRINT.id - hxxp://fun-int.metaboli.fr/

.

/* GONE */

FF - user.js: capability.principal.codebase.YummyPlayer_GONE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_GONE.id - hxxp://gameone.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SGONE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SGONE.id - hxxps://gameone.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_GONEINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_GONEINT.id - hxxp://gone-int.metaboli.fr/

.

/* GUDE */

FF - user.js: capability.principal.codebase.YummyPlayer_GUDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_GUDE.id - hxxp://gamerunlimited.metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_SGUDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SGUDE.id - hxxps://gamerunlimited.metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_GUDEINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_GUDEINT.id - hxxp://gude-int.metaboli.fr/

.

/* META */

FF - user.js: capability.principal.codebase.YummyPlayer_META.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_META.id - hxxp://metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_WMETA.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_WMETA.id - hxxp://www.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SMETA.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SMETA.id - hxxps://metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_WSMETA.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_WSMETA.id - hxxps://www.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_METAINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_METAINT.id - hxxp://fr-int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_METAINT2.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_METAINT2.id - hxxp://www.preprod.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SMETAINT2.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SMETAINT2.id - hxxp://www.preprod.metaboli.fr/

.

/* MNDE */

FF - user.js: capability.principal.codebase.YummyPlayer_MNDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_MNDE.id - hxxp://livegames.metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_SMNDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SMNDE.id - hxxps://livegames.metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_MNDEINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_MNDEINT.id - hxxp://msde-int.metaboli.fr/

.

/* MNFR */

FF - user.js: capability.principal.codebase.YummyPlayer_MNFR.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_MNFR.id - hxxp://livegames.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SMNFR.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SMNFR.id - hxxps://livegames.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_MNFRINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_MNFRINT.id - hxxp://msfr-int.metaboli.fr/

.

/* MNUK */

FF - user.js: capability.principal.codebase.YummyPlayer_MNUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_MNUK.id - hxxp://livegames.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_SMNUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SMNUK.id - hxxps://livegames.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_MNUKINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_MNUKINT.id - hxxp://msuk-int.metaboli.fr/

.

/* NCNU */

FF - user.js: capability.principal.codebase.YummyPlayer_NCNU.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_NCNU.id - hxxp://numericable.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SNCNU.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SNCNU.id - hxxps://numericable.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_NCNUINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_NCNUINT.id - hxxp://ncnu-int.metaboli.fr/

.

/* QPUK */

FF - user.js: capability.principal.codebase.YummyPlayer_QPUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_QPUK.id - hxxp://quintplay.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_SQPUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SQPUK.id - hxxps://quintplay.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_QPUKINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_QPUKINT.id - hxxp://qpuk-int.metaboli.fr/

.

/* SFFR */

FF - user.js: capability.principal.codebase.YummyPlayer_SFFR.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SFFR.id - hxxp://jeux-pc.sfr.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SSFFR.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SSFFR.id - hxxps://jeux-pc.sfr.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SFFRM.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SFFRM.id - hxxp://sfr.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SSFFRM.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SSFFRM.id - hxxps://sfr.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SFFRINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SFFRINT.id - hxxp://sfr-int.metaboli.fr/

.

/* SPDE */

FF - user.js: capability.principal.codebase.YummyPlayer_SPDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SPDE.id - hxxp://spieletipps.metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_SSPDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SSPDE.id - hxxps://spieletipps.metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_SPDEINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SPDEINT.id - hxxp://spde-int.metaboli.fr/

.

/* WOJ_ */

FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_.id - hxxp://woj-prod.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_.id - hxxps://woj-prod.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_INT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_INT.id - hxxp://woj-int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_INT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_INT.id - hxxps://woj-int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_PP.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_PP.id - hxxp://woj-pp.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_PP.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_PP.id - hxxps://woj-pp.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_PPINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_PPINT.id - hxxp://woj-int.jeu.orange.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_PPINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_PPINT.id - hxxps://woj-int.jeu.orange.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_2.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_2.id - hxxp://preprod-god.jeu.orange.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_2.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_2.id - hxxps://preprod-god.jeu.orange.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_3.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_3.id - hxxp://prod.jeu.orange.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_3.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_3.id - hxxps://prod.jeu.orange.fr/

.

user_pref(capability.principal.codebase.YummyPlayer_XX0001.granted,UniversalXPConnect);

user_pref(capability.principal.codebase.YummyPlayer_XX0001.id,hxxp://www.neufgame.fr);

user_pref(capability.principal.codebase.YummyPlayer_XX0002.granted,UniversalXPConnect);

user_pref(capability.principal.codebase.YummyPlayer_XX0002.id,hxxps://www.neufgame.fr);

user_pref(capability.principal.codebase.YummyPlayer_XX0003.granted,UniversalXPConnect);

user_pref(capability.principal.codebase.YummyPlayer_XX0003.id,hxxp://neufgame.fr);

user_pref(capability.principal.codebase.YummyPlayer_XX0004.granted,UniversalXPConnect);

user_pref(capability.principal.codebase.YummyPlayer_XX0004.id,hxxp://ad.metaboli.fr);

user_pref(capability.principal.codebase.YummyPlayer_XX0005.granted,UniversalXPConnect);

user_pref(capability.principal.codebase.YummyPlayer_XX0005.id,hxxps://ad.metaboli.fr);

user_pref(capability.principal.codebase.YummyPlayer_XX0006.granted,UniversalXPConnect);

user_pref(capability.principal.codebase.YummyPlayer_XX0006.id,hxxp://ads.metaboli.de);

user_pref(capability.principal.codebase.YummyPlayer_XX0007.granted,UniversalXPConnect);

user_pref(capability.principal.codebase.YummyPlayer_XX0007.id,hxxps://ads.metaboli.de);

user_pref(capability.principal.codebase.YummyPlayer_XX0008.granted,UniversalXPConnect);

user_pref(capability.principal.codebase.YummyPlayer_XX0008.id,hxxp://ads.metaboli.fr);

user_pref(capability.principal.codebase.YummyPlayer_XX0009.granted,UniversalXPConnect);

user_pref(capability.principal.codebase.YummyPlayer_XX0009.id,hxxps://ads.metaboli.fr);

***I've removed the repetitive entries here because the post was too long***

user_pref(capability.principal.codebase.YummyPlayer_XX0410.granted,UniversalXPConnect);

user_pref(capability.principal.codebase.YummyPlayer_XX0410.id,hxxp://go.metaboli.fr);

user_pref(capability.principal.codebase.YummyPlayer_XX0411.granted,UniversalXPConnect);

user_pref(capability.principal.codebase.YummyPlayer_XX0411.id,hxxps://go.metaboli.fr);

.

/* added 17-03-09 */

user_pref(capability.principal.codebase.YummyPlayer_XX0412.granted,UniversalXPConnect);

user_pref(capability.principal.codebase.YummyPlayer_XX0412.id,hxxp://cnet.metaboli.co.uk);

user_pref(capability.principal.codebase.YummyPlayer_XX0413.granted,UniversalXPConnect);

user_pref(capability.principal.codebase.YummyPlayer_XX0413.id,hxxps://cnet.metaboli.co.uk);

.

/* GWDE */

FF - user.js: capability.principal.codebase.YummyPlayer_GWDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_GWDE.id - hxxp://gwde.metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_GWDEINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_GWDEINT.id - hxxp://gwde.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SGWDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SGWDE.id - hxxps://gwde.metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_SGWDEINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SGWDEINT.id - hxxps://gwde.int.metaboli.fr/

.

/* GMUK */

FF - user.js: capability.principal.codebase.YummyPlayer_GMUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_GMUK.id - hxxp://game.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_GMUKINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_GMUKINT.id - hxxp://gmuk.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SGMUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SGMUK.id - hxxps://game.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_SGMUKINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SGMUKINT.id - hxxps://gmuk.int.metaboli.fr/

.

/* CNET */

FF - user.js: capability.principal.codebase.YummyPlayer_CNET.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_CNET.id - hxxp://cnet.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_CNETINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_CNETINT.id - hxxp://cnet.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SCNET.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SCNET.id - hxxps://cnet.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_SCNETINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SCNETINT.id - hxxps://cnet.int.metaboli.fr/

.

/* IGUK */

FF - user.js: capability.principal.codebase.YummyPlayer_IGUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_IGUK.id - hxxp://iguk.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_IGUKINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_IGUKINT.id - hxxp://iguk.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SIGUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SIGUK.id - hxxps://iguk.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_SIGUKINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SIGUKINT.id - hxxps://iguk.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_IGUK2.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_IGUK2.id - hxxp://Incgamers.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_SIGUK2.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SIGUK2.id - hxxps://Incgamers.metaboli.co.uk/

.

/* SKFR */

FF - user.js: capability.principal.codebase.YummyPlayer_SKFR.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SKFR.id - hxxp://skfr.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SKFRINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SKFRINT.id - hxxp://skfr.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SSKFR.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SSKFR.id - hxxps://skfr.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SSKFRINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SSKFRINT.id - hxxps://skfr.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SKFR2.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SKFR2.id - hxxp://Skyrock.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SSKFR2.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SSKFR2.id - hxxps://Skyrock.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SKFR3.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SKFR3.id - hxxp://ondemand.premium.games.skyrock.net/

FF - user.js: capability.principal.codebase.YummyPlayer_SSKFR3.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SSKFR3.id - hxxps://ondemand.premium.games.skyrock.net/

.

FF - user.js: capability.principal.codebase.YummyPlayer_FREEINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_FREEINT.id - hxxp://free-int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SFREEINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SFREEINT.id - hxxps://free-int.metaboli.fr/

.

/* GNUK */

FF - user.js: capability.principal.codebase.YummyPlayer_GNUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_GNUK.id - hxxp://gamestation.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_SGNUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SGNUK.id - hxxps://gamestation.metaboli.co.uk/

.

/* NEW MSN UK DE */

FF - user.js: capability.principal.codebase.YummyPlayer_NEWMNUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_NEWMNUK.id - hxxp://playnow.tech.uk.msn.com/

FF - user.js: capability.principal.codebase.YummyPlayer_SNEWMNUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SNEWMNUK.id - hxxps://playnow.tech.uk.msn.com/

FF - user.js: capability.principal.codebase.YummyPlayer_NEWMNDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_NEWMNDE.id - hxxp://pc-spiele-flatrate.msn.de/

FF - user.js: capability.principal.codebase.YummyPlayer_SNEWMNDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SNEWMNDE.id - hxxps://pc-spiele-flatrate.msn.de/

.

/* VMUK */

FF - user.js: capability.principal.codebase.YummyPlayer_VMUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_VMUK.id - hxxp://virginmedia.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_SVMUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SVMUK.id - hxxps://virginmedia.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_VMUKINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_VMUKINT.id - hxxp://vmuk.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SVMUKINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SVMUKINT.id - hxxps://vmuk.int.metaboli.fr/

.

/* WDDE (web de) INT */

FF - user.js: capability.principal.codebase.YummyPlayer_WDDEINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_WDDEINT.id - hxxp://wdde.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SWDDEINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SWDDEINT.id - hxxps://wdde.int.metaboli.fr/

.

/* ORUK */

FF - user.js: capability.principal.codebase.YummyPlayer_ORUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_ORUK.id - hxxp://orange.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_SORUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SORUK.id - hxxps://orange.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_ORUKINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_ORUKINT.id - hxxp://oruk.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SORUKINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SORUKINT.id - hxxps://oruk.int.metaboli.fr/

.

/* MEDI int */

FF - user.js: capability.principal.codebase.YummyPlayer_MEDIINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_MEDIINT.id - hxxp://medi.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SMEDIINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SMEDIINT.id - hxxps://medi.int.metaboli.fr/

.

/* SAT1 */

FF - user.js: capability.principal.codebase.YummyPlayer_SAT1.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SAT1.id - hxxp://spieleflatrate.sat1.de/

FF - user.js: capability.principal.codebase.YummyPlayer_SSAT1.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SSAT1.id - hxxps://spieleflatrate.sat1.de/

FF - user.js: capability.principal.codebase.YummyPlayer_SAT1INT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SAT1INT.id - hxxp://sat1.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SSAT1INT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SSAT1INT.id - hxxps://sat1.int.metaboli.fr/

.

/* OWDE */

FF - user.js: capability.principal.codebase.YummyPlayer_OWDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_OWDE.id - hxxp://onlinewelten.metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_SOWDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SOWDE.id - hxxps://onlinewelten.metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_OWDEINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_OWDEINT.id - hxxp://owde.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SOWDEINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SOWDEINT.id - hxxps://owde.int.metaboli.fr/

.

/* GRAD INT */

FF - user.js: capability.principal.codebase.YummyPlayer_GRADINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_GRADINT.id - hxxp://grad.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SGRADINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SGRADINT.id - hxxps://grad.int.metaboli.fr/

.

/* RTLN */

FF - user.js: capability.principal.codebase.YummyPlayer_RTLN.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_RTLN.id - hxxp://rtl.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SRTLN.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SRTLN.id - hxxps://rtl.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_RTLNINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_RTLNINT.id - hxxp://rtln.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SRTLNINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SRTLNINT.id - hxxps://rtln.int.metaboli.fr/

.

/* MNIT */

FF - user.js: capability.principal.codebase.YummyPlayer_MNIT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_MNIT.id - hxxp://pcgames.msn.it/

FF - user.js: capability.principal.codebase.YummyPlayer_SMNIT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SMNIT.id - hxxps://pcgames.msn.it/

FF - user.js: capability.principal.codebase.YummyPlayer_MNITINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_MNITINT.id - hxxp://mnit.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SMNITINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SMNITINT.id - hxxps://mnit.int.metaboli.fr/

.

/* CUUK */

FF - user.js: capability.principal.codebase.YummyPlayer_CUUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_CUUK.id - hxxp://atheneum.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_SCUUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SCUUK.id - hxxps://atheneum.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_CUUKINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_CUUKINT.id - hxxp://cuuk.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SCUUKINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SCUUKINT.id - hxxps://cuuk.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_CCUK2.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_CCUK2.id - hxxp://atheneum.uk.com/

FF - user.js: capability.principal.codebase.YummyPlayer_SCCUK2.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SCCUK2.id - hxxps://atheneum.uk.com/

.

/* SCDE */

FF - user.js: capability.principal.codebase.YummyPlayer_SCDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SCDE.id - hxxp://schueler.metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_SSCDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SSCDE.id - hxxps://schueler.metaboli.de/

.

/* MNSE */

FF - user.js: capability.principal.codebase.YummyPlayer_MNSE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_MNSE.id - hxxp://spela.pcspel.msn.se/

FF - user.js: capability.principal.codebase.YummyPlayer_SMNSE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SMNSE.id - hxxps://spela.pcspel.msn.se/

.

/* GMSE */

FF - user.js: capability.principal.codebase.YummyPlayer_GMSE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_GMSE.id - hxxp://game.metaboli.se/

FF - user.js: capability.principal.codebase.YummyPlayer_SGMSE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SGMSE.id - hxxps://game.metaboli.se/

.

/* OHFR */

FF - user.js: capability.principal.codebase.YummyPlayer_OHFR.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_OHFR.id - hxxp://jeuxpc.orange.ch/

FF - user.js: capability.principal.codebase.YummyPlayer_SOHFR.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SOHFR.id - hxxps://jeuxpc.orange.ch/

FF - user.js: capability.principal.codebase.YummyPlayer_OHFRINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_OHFRINT.id - hxxp://ohfr.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SOHFRINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SOHFRINT.id - hxxps://ohfr.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_OHFR2.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_OHFR2.id - hxxp://ohfr.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SOHFR2.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SOHFR2.id - hxxps://ohfr.metaboli.fr/

.

/* OHDE */

FF - user.js: capability.principal.codebase.YummyPlayer_OHDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_OHDE.id - hxxp://pcspiele.orange.ch/

FF - user.js: capability.principal.codebase.YummyPlayer_SOHDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SOHDE.id - hxxps://pcspiele.orange.ch/

FF - user.js: capability.principal.codebase.YummyPlayer_OHDEINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_OHDEINT.id - hxxp://ohde.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SOHDEINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SOHDEINT.id - hxxps://ohde.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_OHDE2.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_OHDE2.id - hxxp://ohde.metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_SOHDE2.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SOHDE2.id - hxxps://ohde.metaboli.de/

.

/* GAMETAP */

FF - user.js: capability.principal.codebase.YummyPlayer_GTUS.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_GTUS.id - hxxp://www.gametap.com/

FF - user.js: capability.principal.codebase.YummyPlayer_SGTUS.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SGTUS.id - hxxps://www.gametap.com/

FF - user.js: capability.principal.codebase.YummyPlayer_IGTUS.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_IGTUS.id - hxxp://integ.gametap.com/

FF - user.js: capability.principal.codebase.YummyPlayer_ISGTUS.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_ISGTUS.id - hxxps://integ.gametap.com/

FF - user.js: capability.principal.codebase.YummyPlayer_IIGTUS.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_IIGTUS.id - hxxp://gtus.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_IISGTUS.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_IISGTUS.id - hxxps://gtus.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_PPGTUS.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_PPGTUS.id - hxxp://preprod.gametap.com/

FF - user.js: capability.principal.codebase.YummyPlayer_PPSGTUS.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_PPSGTUS.id - hxxps://preprod.gametap.com/

FF - user.js: capability.principal.codebase.YummyPlayer_PPPSGTUS.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_PPPSGTUS.id - hxxp://unlimited-preprod.gametap.com/

FF - user.js: capability.principal.codebase.YummyPlayer_SPPPSGTUS.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SPPPSGTUS.id - hxxps://unlimited-preprod.gametap.com/

FF - user.js: capability.principal.codebase.YummyPlayer_PPPSGTUS.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_PPPSGTUS.id - hxxp://retro-preprod.gametap.com/

FF - user.js: capability.principal.codebase.YummyPlayer_SPPPSGTUS.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SPPPSGTUS.id - hxxps://retro-preprod.gametap.com/

.

.

============= SERVICES / DRIVERS ===============

.

S3 Arrakis3;BitDefender Arrakis Server;c:\program files\common files\bitdefender\bitdefender arrakis server\bin\Arrakis3.exe

[2009-1-20 172032]

S3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [2008-9-18 111112]

S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys -->

c:\windows\system32\drivers\mbamswissarmy.sys [?]

.

=============== Created Last 30 ================

.

2011-10-29 15:43:21 388096 ----a-r- c:\documents and settings\owner\application

data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

2011-10-29 15:43:21 -------- d-----w- c:\program files\Trend Micro

2011-10-24 18:58:39 -------- d-----w- c:\documents and settings\owner\local settings\application

data\Ascaron Entertainment

2011-10-24 18:56:05 413696 ----a-w- c:\windows\system32\wrap_oal.dll

2011-10-24 18:56:05 110592 ----a-w- c:\windows\system32\OpenAL32.dll

2011-10-24 18:56:05 -------- d-----w- c:\program files\OpenAL

2011-10-20 14:24:00 0 ---ha-w- c:\documents and settings\owner\nwhzgmtlhs.tmp

2011-10-17 12:20:03 2106216 ----a-w- c:\program files\mozilla firefox\D3DCompiler_43.dll

2011-10-17 12:20:02 1998168 ----a-w- c:\program files\mozilla firefox\d3dx9_43.dll

2011-10-12 14:24:47 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

.

==================== Find3M ====================

.

2011-10-27 19:02:34 81984 ----a-w- c:\windows\system32\bdod.bin

2011-10-03 09:06:03 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-10-03 06:37:52 73728 ----a-w- c:\windows\system32\javacpl.cpl

2011-09-26 15:41:20 611328 ------w- c:\windows\system32\uiautomationcore.dll

2011-09-26 15:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll

2011-09-26 15:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll

2011-09-09 09:12:13 599040 ----a-w- c:\windows\system32\crypt32.dll

2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys

2011-08-31 21:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-08-17 21:32:17 832512 ----a-w- c:\windows\system32\wininet.dll

2011-08-17 21:32:16 78336 ------w- c:\windows\system32\ieencode.dll

2011-08-17 21:32:16 1830912 ------w- c:\windows\system32\inetcpl.cpl

2011-08-17 21:32:15 17408 ------w- c:\windows\system32\corpol.dll

2011-08-17 13:49:54 138496 ----a-w- c:\windows\system32\drivers\afd.sys

2011-08-17 12:22:23 389120 ------w- c:\windows\system32\html.iec

2011-08-12 17:51:26 26488 ----a-w- c:\windows\system32\spupdsvc.exe

2008-04-29 03:48:18 774144 ----a-w- c:\program files\RngInterstitial.dll

.

============= FINISH: 12:00:16.35 ===============

attach.txt

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the contents of C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

Link to post
Share on other sites

  • 2 weeks later...
  • 2 weeks later...
  • 3 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.