aaronfitz

performance problems and redirects

5 posts in this topic

I've recently noticed searches being redirected, a rundll32 that won't shut down, and a big drag on system resources that seems new. I've disabled a number of useless startup programs to try to isolate what it might be, then saw a similar post about the search redirects and hoped to get more qualified help. Thanks in advance for any advice provided!

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 8031

Windows 5.1.2600 Service Pack 3

Internet Explorer 7.0.5730.13

10/29/2011 12:39:08 PM

mbam-log-2011-10-29 (12-39-07).txt

Scan type: Quick scan

Objects scanned: 185326

Time elapsed: 14 minute(s), 5 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_29

Run by Owner at 11:58:31 on 2011-10-29

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1023.60 [GMT -4:00]

.

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Steam\Steam.exe

C:\WINDOWS\system32\rundll32.exe

svchost.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe -k imgsvc

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\system32\taskmgr.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = about:blank

uSearch Bar = hxxp://srch-us10.hpwis.com/

mStart Page = about:blank

mSearch Bar = hxxp://srch-us10.hpwis.com/

uInternet Settings,ProxyOverride = <local>

uInternet Settings,ProxyServer = 192.168.0.11:80

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and

settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program

files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: BitDefender Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - c:\program files\bitdefender\bitdefender 2009\IEToolbar.dll

TB: {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - No File

TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File

EB: hp view: {8f4902b6-6c04-4ade-8052-aa58578a21bd} - c:\windows\system32\Shdocvw.dll

EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File

uRun: [steam] "c:\program files\steam\Steam.exe" -silent

uRun: [secuROM Update] rundll32 "c:\documents and settings\owner\local settings\application data\gas powered

games\gasupdate\Gasup.dll",DllRegisterServer

mRun: [nwiz] nwiz.exe /install

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

DPF: {41564D57-9980-0010-8000-00AA00389B71} -

hxxp://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} -

hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1260019264093

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} -

hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1260019889093

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{C0FE1527-9BC8-4EA3-B743-10D7FFDD6EBE} : DhcpNameServer = 192.168.1.1

Notify: igfxcui - igfxsrvc.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

LSA: Notification Packages = scecli scecli scecli

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\x0g6c534.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.cnn.com/

FF - prefs.js: network.proxy.type - 4

FF - component: c:\documents and settings\all users\application

data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll

FF - component: c:\documents and settings\owner\application

data\mozilla\firefox\profiles\x0g6c534.default\extensions\{b042753d-f57e-4e8e-a01b-7379a6d4cefb}\components\IBitCometExtensio

n.dll

FF - component: c:\program files\mozilla firefox\extensions\yplayer@yummy.net\components\FYPlayer.dll

FF - plugin: c:\documents and settings\all users\application

data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll

FF - plugin: c:\documents and settings\owner\application

data\mozilla\firefox\profiles\x0g6c534.default\extensions\gametap@gametap.com\plugins\npGameTapWebUpdater.dll

FF - plugin: c:\documents and settings\owner\application

data\mozilla\firefox\profiles\x0g6c534.default\extensions\gametapplayer@gametap.com\plugins\npGameTapWebPlayer.dll

FF - plugin: c:\documents and settings\owner\local settings\application data\google\update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll

FF - plugin: c:\program files\download manager\npfpdlm.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\real\realone player\netscape6\nppl3260.dll

FF - plugin: c:\program files\real\realone player\netscape6\nprjplug.dll

FF - plugin: c:\program files\real\realone player\netscape6\nprpjplug.dll

.

---- FIREFOX POLICIES ----

FF - user.js: signed.applets.codebase_principal_support - true

.

/* To avoid the user interaction, add the following lines: */

FF - user.js: capability.principal.codebase.YummyPlayer_YAEL.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_YAEL.id - hxxp://yael.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_LHOST.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_LHOST.id - hxxp://localhost/

.

/* GLDE */

FF - user.js: capability.principal.codebase.YummyPlayer_GLDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_GLDE.id - hxxp://gamesflatrate.de/

FF - user.js: capability.principal.codebase.YummyPlayer_WGLDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_WGLDE.id - hxxp://www.gamesflatrate.de/

FF - user.js: capability.principal.codebase.YummyPlayer_GLDEINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_GLDEINT.id - hxxp://glde-int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SGLDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SGLDE.id - hxxps://gamesflatrate.de/

FF - user.js: capability.principal.codebase.YummyPlayer_WSGLDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_WSGLDE.id - hxxps://www.gamesflatrate.de/

.

/* BGFR */

FF - user.js: capability.principal.codebase.YummyPlayer_BGFR.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_BGFR.id - hxxp://linternaute.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SBGFR.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SBGFR.id - hxxps://linternaute.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_BGFRINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_BGFRINT.id - hxxp://bgfr-int.metaboli.fr/

.

/* BILD */

FF - user.js: capability.principal.codebase.YummyPlayer_BILD.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_BILD.id - hxxp://bild.metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_SBILD.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SBILD.id - hxxps://bild.metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_BILDINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_BILDINT.id - hxxp://bild-int.metaboli.fr/

.

/* BTUK */

FF - user.js: capability.principal.codebase.YummyPlayer_BTUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_BTUK.id - hxxp://btvision.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_SBTUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SBTUK.id - hxxps://btvision.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_BTUKINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_BTUKINT.id - hxxp://bt-int.metaboli.fr/

.

/* CLIC */

FF - user.js: capability.principal.codebase.YummyPlayer_CLIC.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_CLIC.id - hxxp://clubic.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SCLIC.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SCLIC.id - hxxps://clubic.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_CLICINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_CLICINT.id - hxxp://clic-int.metaboli.fr/

.

/* COUK */

FF - user.js: capability.principal.codebase.YummyPlayer_COUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_COUK.id - hxxp://metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_WCOUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_WCOUK.id - hxxp://www.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_WSCOUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_WSCOUK.id - hxxps://www.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_SCOUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SCOUK.id - hxxps://metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_COUKINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_COUKINT.id - hxxp://uk-int.metaboli.fr/

.

/* MEDE */

FF - user.js: capability.principal.codebase.YummyPlayer_MEDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_MEDE.id - hxxp://metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_WMEDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_WMEDE.id - hxxp://www.metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_SMEDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SMEDE.id - hxxps://metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_MEDEINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_MEDEINT.id - hxxp://de-int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_WSMEDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_WSMEDE.id - hxxps://www.metaboli.de/

.

/* CUUK */

FF - user.js: capability.principal.codebase.YummyPlayer_CUUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_CUUK.id - hxxp://custompc.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_SCUUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SCUUK.id - hxxps://custompc.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_CUUKINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_CUUKINT.id - hxxp://cuuk-int.metaboli.fr/

.

/* EUUK */

FF - user.js: capability.principal.codebase.YummyPlayer_EUUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_EUUK.id - hxxp://eurogamer.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_SEUUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SEUUK.id - hxxps://eurogamer.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_EUUKINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_EUUKINT.id - hxxp://euuk-int.metaboli.fr/

.

/* FUNR */

FF - user.js: capability.principal.codebase.YummyPlayer_FUNR.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_FUNR.id - hxxp://fun.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SFUNR.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SFUNR.id - hxxps://fun.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_FUNRINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_FUNRINT.id - hxxp://fun-int.metaboli.fr/

.

/* GONE */

FF - user.js: capability.principal.codebase.YummyPlayer_GONE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_GONE.id - hxxp://gameone.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SGONE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SGONE.id - hxxps://gameone.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_GONEINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_GONEINT.id - hxxp://gone-int.metaboli.fr/

.

/* GUDE */

FF - user.js: capability.principal.codebase.YummyPlayer_GUDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_GUDE.id - hxxp://gamerunlimited.metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_SGUDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SGUDE.id - hxxps://gamerunlimited.metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_GUDEINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_GUDEINT.id - hxxp://gude-int.metaboli.fr/

.

/* META */

FF - user.js: capability.principal.codebase.YummyPlayer_META.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_META.id - hxxp://metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_WMETA.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_WMETA.id - hxxp://www.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SMETA.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SMETA.id - hxxps://metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_WSMETA.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_WSMETA.id - hxxps://www.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_METAINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_METAINT.id - hxxp://fr-int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_METAINT2.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_METAINT2.id - hxxp://www.preprod.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SMETAINT2.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SMETAINT2.id - hxxp://www.preprod.metaboli.fr/

.

/* MNDE */

FF - user.js: capability.principal.codebase.YummyPlayer_MNDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_MNDE.id - hxxp://livegames.metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_SMNDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SMNDE.id - hxxps://livegames.metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_MNDEINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_MNDEINT.id - hxxp://msde-int.metaboli.fr/

.

/* MNFR */

FF - user.js: capability.principal.codebase.YummyPlayer_MNFR.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_MNFR.id - hxxp://livegames.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SMNFR.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SMNFR.id - hxxps://livegames.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_MNFRINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_MNFRINT.id - hxxp://msfr-int.metaboli.fr/

.

/* MNUK */

FF - user.js: capability.principal.codebase.YummyPlayer_MNUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_MNUK.id - hxxp://livegames.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_SMNUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SMNUK.id - hxxps://livegames.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_MNUKINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_MNUKINT.id - hxxp://msuk-int.metaboli.fr/

.

/* NCNU */

FF - user.js: capability.principal.codebase.YummyPlayer_NCNU.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_NCNU.id - hxxp://numericable.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SNCNU.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SNCNU.id - hxxps://numericable.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_NCNUINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_NCNUINT.id - hxxp://ncnu-int.metaboli.fr/

.

/* QPUK */

FF - user.js: capability.principal.codebase.YummyPlayer_QPUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_QPUK.id - hxxp://quintplay.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_SQPUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SQPUK.id - hxxps://quintplay.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_QPUKINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_QPUKINT.id - hxxp://qpuk-int.metaboli.fr/

.

/* SFFR */

FF - user.js: capability.principal.codebase.YummyPlayer_SFFR.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SFFR.id - hxxp://jeux-pc.sfr.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SSFFR.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SSFFR.id - hxxps://jeux-pc.sfr.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SFFRM.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SFFRM.id - hxxp://sfr.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SSFFRM.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SSFFRM.id - hxxps://sfr.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SFFRINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SFFRINT.id - hxxp://sfr-int.metaboli.fr/

.

/* SPDE */

FF - user.js: capability.principal.codebase.YummyPlayer_SPDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SPDE.id - hxxp://spieletipps.metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_SSPDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SSPDE.id - hxxps://spieletipps.metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_SPDEINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SPDEINT.id - hxxp://spde-int.metaboli.fr/

.

/* WOJ_ */

FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_.id - hxxp://woj-prod.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_.id - hxxps://woj-prod.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_INT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_INT.id - hxxp://woj-int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_INT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_INT.id - hxxps://woj-int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_PP.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_PP.id - hxxp://woj-pp.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_PP.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_PP.id - hxxps://woj-pp.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_PPINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_PPINT.id - hxxp://woj-int.jeu.orange.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_PPINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_PPINT.id - hxxps://woj-int.jeu.orange.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_2.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_2.id - hxxp://preprod-god.jeu.orange.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_2.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_2.id - hxxps://preprod-god.jeu.orange.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_3.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_3.id - hxxp://prod.jeu.orange.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_3.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_3.id - hxxps://prod.jeu.orange.fr/

.

user_pref(capability.principal.codebase.YummyPlayer_XX0001.granted,UniversalXPConnect);

user_pref(capability.principal.codebase.YummyPlayer_XX0001.id,hxxp://www.neufgame.fr);

user_pref(capability.principal.codebase.YummyPlayer_XX0002.granted,UniversalXPConnect);

user_pref(capability.principal.codebase.YummyPlayer_XX0002.id,hxxps://www.neufgame.fr);

user_pref(capability.principal.codebase.YummyPlayer_XX0003.granted,UniversalXPConnect);

user_pref(capability.principal.codebase.YummyPlayer_XX0003.id,hxxp://neufgame.fr);

user_pref(capability.principal.codebase.YummyPlayer_XX0004.granted,UniversalXPConnect);

user_pref(capability.principal.codebase.YummyPlayer_XX0004.id,hxxp://ad.metaboli.fr);

user_pref(capability.principal.codebase.YummyPlayer_XX0005.granted,UniversalXPConnect);

user_pref(capability.principal.codebase.YummyPlayer_XX0005.id,hxxps://ad.metaboli.fr);

user_pref(capability.principal.codebase.YummyPlayer_XX0006.granted,UniversalXPConnect);

user_pref(capability.principal.codebase.YummyPlayer_XX0006.id,hxxp://ads.metaboli.de);

user_pref(capability.principal.codebase.YummyPlayer_XX0007.granted,UniversalXPConnect);

user_pref(capability.principal.codebase.YummyPlayer_XX0007.id,hxxps://ads.metaboli.de);

user_pref(capability.principal.codebase.YummyPlayer_XX0008.granted,UniversalXPConnect);

user_pref(capability.principal.codebase.YummyPlayer_XX0008.id,hxxp://ads.metaboli.fr);

user_pref(capability.principal.codebase.YummyPlayer_XX0009.granted,UniversalXPConnect);

user_pref(capability.principal.codebase.YummyPlayer_XX0009.id,hxxps://ads.metaboli.fr);

***I've removed the repetitive entries here because the post was too long***

user_pref(capability.principal.codebase.YummyPlayer_XX0410.granted,UniversalXPConnect);

user_pref(capability.principal.codebase.YummyPlayer_XX0410.id,hxxp://go.metaboli.fr);

user_pref(capability.principal.codebase.YummyPlayer_XX0411.granted,UniversalXPConnect);

user_pref(capability.principal.codebase.YummyPlayer_XX0411.id,hxxps://go.metaboli.fr);

.

/* added 17-03-09 */

user_pref(capability.principal.codebase.YummyPlayer_XX0412.granted,UniversalXPConnect);

user_pref(capability.principal.codebase.YummyPlayer_XX0412.id,hxxp://cnet.metaboli.co.uk);

user_pref(capability.principal.codebase.YummyPlayer_XX0413.granted,UniversalXPConnect);

user_pref(capability.principal.codebase.YummyPlayer_XX0413.id,hxxps://cnet.metaboli.co.uk);

.

/* GWDE */

FF - user.js: capability.principal.codebase.YummyPlayer_GWDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_GWDE.id - hxxp://gwde.metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_GWDEINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_GWDEINT.id - hxxp://gwde.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SGWDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SGWDE.id - hxxps://gwde.metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_SGWDEINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SGWDEINT.id - hxxps://gwde.int.metaboli.fr/

.

/* GMUK */

FF - user.js: capability.principal.codebase.YummyPlayer_GMUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_GMUK.id - hxxp://game.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_GMUKINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_GMUKINT.id - hxxp://gmuk.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SGMUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SGMUK.id - hxxps://game.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_SGMUKINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SGMUKINT.id - hxxps://gmuk.int.metaboli.fr/

.

/* CNET */

FF - user.js: capability.principal.codebase.YummyPlayer_CNET.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_CNET.id - hxxp://cnet.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_CNETINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_CNETINT.id - hxxp://cnet.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SCNET.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SCNET.id - hxxps://cnet.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_SCNETINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SCNETINT.id - hxxps://cnet.int.metaboli.fr/

.

/* IGUK */

FF - user.js: capability.principal.codebase.YummyPlayer_IGUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_IGUK.id - hxxp://iguk.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_IGUKINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_IGUKINT.id - hxxp://iguk.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SIGUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SIGUK.id - hxxps://iguk.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_SIGUKINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SIGUKINT.id - hxxps://iguk.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_IGUK2.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_IGUK2.id - hxxp://Incgamers.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_SIGUK2.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SIGUK2.id - hxxps://Incgamers.metaboli.co.uk/

.

/* SKFR */

FF - user.js: capability.principal.codebase.YummyPlayer_SKFR.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SKFR.id - hxxp://skfr.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SKFRINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SKFRINT.id - hxxp://skfr.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SSKFR.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SSKFR.id - hxxps://skfr.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SSKFRINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SSKFRINT.id - hxxps://skfr.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SKFR2.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SKFR2.id - hxxp://Skyrock.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SSKFR2.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SSKFR2.id - hxxps://Skyrock.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SKFR3.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SKFR3.id - hxxp://ondemand.premium.games.skyrock.net/

FF - user.js: capability.principal.codebase.YummyPlayer_SSKFR3.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SSKFR3.id - hxxps://ondemand.premium.games.skyrock.net/

.

FF - user.js: capability.principal.codebase.YummyPlayer_FREEINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_FREEINT.id - hxxp://free-int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SFREEINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SFREEINT.id - hxxps://free-int.metaboli.fr/

.

/* GNUK */

FF - user.js: capability.principal.codebase.YummyPlayer_GNUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_GNUK.id - hxxp://gamestation.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_SGNUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SGNUK.id - hxxps://gamestation.metaboli.co.uk/

.

/* NEW MSN UK DE */

FF - user.js: capability.principal.codebase.YummyPlayer_NEWMNUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_NEWMNUK.id - hxxp://playnow.tech.uk.msn.com/

FF - user.js: capability.principal.codebase.YummyPlayer_SNEWMNUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SNEWMNUK.id - hxxps://playnow.tech.uk.msn.com/

FF - user.js: capability.principal.codebase.YummyPlayer_NEWMNDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_NEWMNDE.id - hxxp://pc-spiele-flatrate.msn.de/

FF - user.js: capability.principal.codebase.YummyPlayer_SNEWMNDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SNEWMNDE.id - hxxps://pc-spiele-flatrate.msn.de/

.

/* VMUK */

FF - user.js: capability.principal.codebase.YummyPlayer_VMUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_VMUK.id - hxxp://virginmedia.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_SVMUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SVMUK.id - hxxps://virginmedia.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_VMUKINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_VMUKINT.id - hxxp://vmuk.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SVMUKINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SVMUKINT.id - hxxps://vmuk.int.metaboli.fr/

.

/* WDDE (web de) INT */

FF - user.js: capability.principal.codebase.YummyPlayer_WDDEINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_WDDEINT.id - hxxp://wdde.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SWDDEINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SWDDEINT.id - hxxps://wdde.int.metaboli.fr/

.

/* ORUK */

FF - user.js: capability.principal.codebase.YummyPlayer_ORUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_ORUK.id - hxxp://orange.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_SORUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SORUK.id - hxxps://orange.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_ORUKINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_ORUKINT.id - hxxp://oruk.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SORUKINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SORUKINT.id - hxxps://oruk.int.metaboli.fr/

.

/* MEDI int */

FF - user.js: capability.principal.codebase.YummyPlayer_MEDIINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_MEDIINT.id - hxxp://medi.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SMEDIINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SMEDIINT.id - hxxps://medi.int.metaboli.fr/

.

/* SAT1 */

FF - user.js: capability.principal.codebase.YummyPlayer_SAT1.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SAT1.id - hxxp://spieleflatrate.sat1.de/

FF - user.js: capability.principal.codebase.YummyPlayer_SSAT1.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SSAT1.id - hxxps://spieleflatrate.sat1.de/

FF - user.js: capability.principal.codebase.YummyPlayer_SAT1INT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SAT1INT.id - hxxp://sat1.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SSAT1INT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SSAT1INT.id - hxxps://sat1.int.metaboli.fr/

.

/* OWDE */

FF - user.js: capability.principal.codebase.YummyPlayer_OWDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_OWDE.id - hxxp://onlinewelten.metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_SOWDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SOWDE.id - hxxps://onlinewelten.metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_OWDEINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_OWDEINT.id - hxxp://owde.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SOWDEINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SOWDEINT.id - hxxps://owde.int.metaboli.fr/

.

/* GRAD INT */

FF - user.js: capability.principal.codebase.YummyPlayer_GRADINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_GRADINT.id - hxxp://grad.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SGRADINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SGRADINT.id - hxxps://grad.int.metaboli.fr/

.

/* RTLN */

FF - user.js: capability.principal.codebase.YummyPlayer_RTLN.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_RTLN.id - hxxp://rtl.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SRTLN.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SRTLN.id - hxxps://rtl.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_RTLNINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_RTLNINT.id - hxxp://rtln.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SRTLNINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SRTLNINT.id - hxxps://rtln.int.metaboli.fr/

.

/* MNIT */

FF - user.js: capability.principal.codebase.YummyPlayer_MNIT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_MNIT.id - hxxp://pcgames.msn.it/

FF - user.js: capability.principal.codebase.YummyPlayer_SMNIT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SMNIT.id - hxxps://pcgames.msn.it/

FF - user.js: capability.principal.codebase.YummyPlayer_MNITINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_MNITINT.id - hxxp://mnit.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SMNITINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SMNITINT.id - hxxps://mnit.int.metaboli.fr/

.

/* CUUK */

FF - user.js: capability.principal.codebase.YummyPlayer_CUUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_CUUK.id - hxxp://atheneum.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_SCUUK.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SCUUK.id - hxxps://atheneum.metaboli.co.uk/

FF - user.js: capability.principal.codebase.YummyPlayer_CUUKINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_CUUKINT.id - hxxp://cuuk.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SCUUKINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SCUUKINT.id - hxxps://cuuk.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_CCUK2.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_CCUK2.id - hxxp://atheneum.uk.com/

FF - user.js: capability.principal.codebase.YummyPlayer_SCCUK2.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SCCUK2.id - hxxps://atheneum.uk.com/

.

/* SCDE */

FF - user.js: capability.principal.codebase.YummyPlayer_SCDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SCDE.id - hxxp://schueler.metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_SSCDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SSCDE.id - hxxps://schueler.metaboli.de/

.

/* MNSE */

FF - user.js: capability.principal.codebase.YummyPlayer_MNSE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_MNSE.id - hxxp://spela.pcspel.msn.se/

FF - user.js: capability.principal.codebase.YummyPlayer_SMNSE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SMNSE.id - hxxps://spela.pcspel.msn.se/

.

/* GMSE */

FF - user.js: capability.principal.codebase.YummyPlayer_GMSE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_GMSE.id - hxxp://game.metaboli.se/

FF - user.js: capability.principal.codebase.YummyPlayer_SGMSE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SGMSE.id - hxxps://game.metaboli.se/

.

/* OHFR */

FF - user.js: capability.principal.codebase.YummyPlayer_OHFR.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_OHFR.id - hxxp://jeuxpc.orange.ch/

FF - user.js: capability.principal.codebase.YummyPlayer_SOHFR.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SOHFR.id - hxxps://jeuxpc.orange.ch/

FF - user.js: capability.principal.codebase.YummyPlayer_OHFRINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_OHFRINT.id - hxxp://ohfr.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SOHFRINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SOHFRINT.id - hxxps://ohfr.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_OHFR2.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_OHFR2.id - hxxp://ohfr.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SOHFR2.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SOHFR2.id - hxxps://ohfr.metaboli.fr/

.

/* OHDE */

FF - user.js: capability.principal.codebase.YummyPlayer_OHDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_OHDE.id - hxxp://pcspiele.orange.ch/

FF - user.js: capability.principal.codebase.YummyPlayer_SOHDE.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SOHDE.id - hxxps://pcspiele.orange.ch/

FF - user.js: capability.principal.codebase.YummyPlayer_OHDEINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_OHDEINT.id - hxxp://ohde.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_SOHDEINT.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SOHDEINT.id - hxxps://ohde.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_OHDE2.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_OHDE2.id - hxxp://ohde.metaboli.de/

FF - user.js: capability.principal.codebase.YummyPlayer_SOHDE2.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SOHDE2.id - hxxps://ohde.metaboli.de/

.

/* GAMETAP */

FF - user.js: capability.principal.codebase.YummyPlayer_GTUS.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_GTUS.id - hxxp://www.gametap.com/

FF - user.js: capability.principal.codebase.YummyPlayer_SGTUS.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SGTUS.id - hxxps://www.gametap.com/

FF - user.js: capability.principal.codebase.YummyPlayer_IGTUS.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_IGTUS.id - hxxp://integ.gametap.com/

FF - user.js: capability.principal.codebase.YummyPlayer_ISGTUS.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_ISGTUS.id - hxxps://integ.gametap.com/

FF - user.js: capability.principal.codebase.YummyPlayer_IIGTUS.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_IIGTUS.id - hxxp://gtus.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_IISGTUS.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_IISGTUS.id - hxxps://gtus.int.metaboli.fr/

FF - user.js: capability.principal.codebase.YummyPlayer_PPGTUS.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_PPGTUS.id - hxxp://preprod.gametap.com/

FF - user.js: capability.principal.codebase.YummyPlayer_PPSGTUS.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_PPSGTUS.id - hxxps://preprod.gametap.com/

FF - user.js: capability.principal.codebase.YummyPlayer_PPPSGTUS.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_PPPSGTUS.id - hxxp://unlimited-preprod.gametap.com/

FF - user.js: capability.principal.codebase.YummyPlayer_SPPPSGTUS.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SPPPSGTUS.id - hxxps://unlimited-preprod.gametap.com/

FF - user.js: capability.principal.codebase.YummyPlayer_PPPSGTUS.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_PPPSGTUS.id - hxxp://retro-preprod.gametap.com/

FF - user.js: capability.principal.codebase.YummyPlayer_SPPPSGTUS.granted - UniversalXPConnect

FF - user.js: capability.principal.codebase.YummyPlayer_SPPPSGTUS.id - hxxps://retro-preprod.gametap.com/

.

.

============= SERVICES / DRIVERS ===============

.

S3 Arrakis3;BitDefender Arrakis Server;c:\program files\common files\bitdefender\bitdefender arrakis server\bin\Arrakis3.exe

[2009-1-20 172032]

S3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [2008-9-18 111112]

S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys -->

c:\windows\system32\drivers\mbamswissarmy.sys [?]

.

=============== Created Last 30 ================

.

2011-10-29 15:43:21 388096 ----a-r- c:\documents and settings\owner\application

data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

2011-10-29 15:43:21 -------- d-----w- c:\program files\Trend Micro

2011-10-24 18:58:39 -------- d-----w- c:\documents and settings\owner\local settings\application

data\Ascaron Entertainment

2011-10-24 18:56:05 413696 ----a-w- c:\windows\system32\wrap_oal.dll

2011-10-24 18:56:05 110592 ----a-w- c:\windows\system32\OpenAL32.dll

2011-10-24 18:56:05 -------- d-----w- c:\program files\OpenAL

2011-10-20 14:24:00 0 ---ha-w- c:\documents and settings\owner\nwhzgmtlhs.tmp

2011-10-17 12:20:03 2106216 ----a-w- c:\program files\mozilla firefox\D3DCompiler_43.dll

2011-10-17 12:20:02 1998168 ----a-w- c:\program files\mozilla firefox\d3dx9_43.dll

2011-10-12 14:24:47 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

.

==================== Find3M ====================

.

2011-10-27 19:02:34 81984 ----a-w- c:\windows\system32\bdod.bin

2011-10-03 09:06:03 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-10-03 06:37:52 73728 ----a-w- c:\windows\system32\javacpl.cpl

2011-09-26 15:41:20 611328 ------w- c:\windows\system32\uiautomationcore.dll

2011-09-26 15:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll

2011-09-26 15:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll

2011-09-09 09:12:13 599040 ----a-w- c:\windows\system32\crypt32.dll

2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys

2011-08-31 21:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-08-17 21:32:17 832512 ----a-w- c:\windows\system32\wininet.dll

2011-08-17 21:32:16 78336 ------w- c:\windows\system32\ieencode.dll

2011-08-17 21:32:16 1830912 ------w- c:\windows\system32\inetcpl.cpl

2011-08-17 21:32:15 17408 ------w- c:\windows\system32\corpol.dll

2011-08-17 13:49:54 138496 ----a-w- c:\windows\system32\drivers\afd.sys

2011-08-17 12:22:23 389120 ------w- c:\windows\system32\html.iec

2011-08-12 17:51:26 26488 ----a-w- c:\windows\system32\spupdsvc.exe

2008-04-29 03:48:18 774144 ----a-w- c:\program files\RngInterstitial.dll

.

============= FINISH: 12:00:16.35 ===============

attach.txt

Share this post


Link to post
Share on other sites

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the contents of C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

Share this post


Link to post
Share on other sites

Are you still with us? This topic will be closed in a few days if we do not hear back from you.

Share this post


Link to post
Share on other sites

Are you still with us? This topic will be closed in a few days if we do not hear back from you.

Share this post


Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.