Jump to content

DD_Fenrir

1. DDz Quorum
 View Profile  See their activity

  • Posts

    2,157

  • Joined

  • Last visited

  • Days Won

    348

  • Country

    United Kingdom

 Content Type 

Posts posted by DD_Fenrir

  3. Got Me A Trojan

    in Help!!

    Posted

    Ok, so i ran both Adaware and Malwarebytes and AVG 11 in safe mode, full system scans; the first two caught something but AVG didn't. All seemed to be ok, but know my PC seems to be having trouble shutting down and just 10 mins ago I' lost sound through my onboard sound card. That and Chrome is locking up.

    Ghey.

    Thought i'd nailed the lil bastard but now, I ain't so sure.

    Got a Hijack this logfile:

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 14:55:41, on 07/05/2011

    Platform: Windows XP SP3 (WinNT 5.01.2600)

    MSIE: Internet Explorer v7.00 (7.00.6000.17096)

    Boot mode: Normal

    Running processes:

    C:\WINDOWS\System32\smss.exe

    C:\PROGRA~1\AVG\AVG10\avgchsvx.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\system32\nvsvc32.exe

    C:\WINDOWS\system32\svchost.exe

    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

    C:\WINDOWS\Explorer.EXE

    C:\WINDOWS\system32\spoolsv.exe

    C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe

    C:\Program Files\AVG\AVG10\avgwdsvc.exe

    C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

    C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe

    C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe

    C:\WINDOWS\RTHDCPL.EXE

    C:\WINDOWS\system32\RUNDLL32.EXE

    C:\Program Files\AVG\AVG10\avgtray.exe

    C:\WINDOWS\system32\ctfmon.exe

    C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe

    C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE

    C:\Program Files\Java\jre6\bin\jqs.exe

    C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

    C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe

    C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

    C:\Program Files\AVG\AVG10\avgnsx.exe

    C:\Program Files\AVG\AVG10\avgemcx.exe

    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

    C:\Program Files\NaturalPoint\TrackIR4\TrackIR.exe

    C:\WINDOWS\system32\wuauclt.exe

    C:\PROGRA~1\AVG\AVG10\avgrsx.exe

    C:\Program Files\AVG\AVG10\avgcsrvx.exe

    C:\WINDOWS\System32\svchost.exe

    C:\Program Files\Steam\steam.exe

    C:\WINDOWS\system32\msiexec.exe

    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    \?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

    R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll

    F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll

    O2 - BHO: (no name) - {792da46f-a4c4-1404-f065-361c34b23609} - C:\WINDOWS\ubohacafofoc.dll (file missing)

    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

    O4 - HKLM\..\Run: [bCU] "C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe"

    O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe

    O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot

    O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

    O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"

    O4 - HKLM\..\Run: [Linksys Wireless Manager] "C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe" /cm /min /lcid 1033

    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

    O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet

    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    O4 - HKLM\..\Run: [Wnocatebicog] rundll32.exe "C:\WINDOWS\ubohacafofoc.dll",Startup

    O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe

    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

    O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent

    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

    O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll

    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe

    O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe

    O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE

    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

    O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

    --

    End of file - 7382 bytes

  4. 92 Squadron, 1941 Campaign.

    in Jim's Place

    Posted

    Kev, might be worth seeing what you can do for the roundel colours: that blue looks a bit too light for my eye and the red a bit too scarlet - a shade nearer crimson would be a bit more apt. That aside, bloody good work! If you wanna bundle your template over I'll gladly help out producing if it's something you want some assistance with.

  6. Got Me A Trojan

    in Help!!

    Posted

    AVG 11 free spotted the lil' fucker in my Sun Java folder, but I think it's nested down in my root Firefox somewhere, as every time I fire up Firefox I get directed to all sorts of (Ahem!) educational sites.

    Bugger!

    Sufficed to say nowt seems to be an issue when surfing with on Chrome - which I'm quite enjoying btw - but I don't like the idea of this lil' bastard sitting anywhere on my harddrive.

    Any suggestions for a good seek-and-destroy program i can get to smite this sumbitch out?

    Cheers,

    Fen

  9. Seow

    in Jim's Place

    Posted

    Hi Manu. Here's my 'net bits' from the conf.ini:

    [NET]

    speed=100000

    routeChannels=0

    serverChannels=7

    localPort=21000

    remotePort=21000

    SkinDownload=1

    serverName=Fen's BoB

    serverDescription=

    remoteHost=89.163.173.82

    localHost=

    socksHost=

    checkServerTimeSpeed=1

    checkClientTimeSpeed=0

    remoteHost_000=dino.servegame.org:21000

    remoteHost_001=fool.servegame.org:21000

    remoteHost_002=86.152.161.137:21000

    remoteHost_003=192.168.1.168:2100

    remoteHost_004=192.168.1.168:21000

    remoteHost_005=86.145.49.135:21000

    remoteHost_006=k9servers.com:21000

    remoteHost_007=k9server.com:21000

    remoteHost_008=fruitbat.servegame.org:21000

    remoteHost_009=toad465.servegame.org:21000

    remoteHost_010=badaim.servegame.org:21000

    remoteHost_011=bg.servegame.org:21000

    remoteHost_012=friar.servegame.org:21000

    remoteHost_013=jabo.servegame.org:21000

    remoteHost_014=90.199.175.138:21000

    remoteHost_015=rfsxcasey.servegame.com:21000

    remoteHost_016=rfxcasey.servegame.com:21000

    remoteHost_017=86.157.210.182:21000

    remoteHost_018=pap.servegame.com:21000

    remoteHost_019=81.224.218.17:21000

    remoteHost_020=86.132.32.159:21000

    remoteHost_021=86.132.45.35:21000

    remoteHost_022=blubear.dyndyns.org

    remoteHost_023=blubear.dyndns.org

    remoteHost_024=blubear.dyndns.org:21000

    remoteHost_025=81.224.218.17

    remoteHost_026=89.163.173.82

    remoteHost_027=89.163.173.82:21000

    [MaxLag]

    farMaxLagTime=10.0

    nearMaxLagTime=2.0

    cheaterWarningDelay=5.0

    cheaterWarningNum=-1

  10. Seow

    in Jim's Place

    Posted

    Charlie Chap:

    Next Monday

    21.30 CET Fenrir, but I really recommend PM'ing either Maraz or Gross to check iin advance.

    Server: ITA-SEOW

    Please note new address: <Edit by Fen>

    Access: via direct IP (Multiplayermenu)

    Teamspeak: <Edit by Fen> - password <Edit by Fen>

    (pilots are encouraged to join this Teamspeak server - several channels are being arranged)

    This is being run using the beta...but the actual campaign (probably the week after...) will be using a final....If you havn't got HSFX v5.0 beta yet ...its upto you but it maybe worth waiting a few days ? It depends upon how much you mind downloadign stuff ?

    whaddya reckon?

  11. Seow

    in Jim's Place

    Posted

    Ooh! I'm interested!

    Link to 242 is busted tho Manu. I'll see what google can do...

    EDIT: found them and PM'd charlie chap to get the gen on whether we can gatecrash and what the score is on setups and this tantalizing HSFX 5.0 amounts to....

  20. Miss Your Skip Bombing?

    in Jim's Place

    Posted

    Well, I personally like the new feature but appreciate that it has an issue; that the arming process is interrupted by contact with ground or water; not a problem if bombing from high alt but low level skip bombing fuses were of tail type fuses and shouldn't be "dudded" by first contact with sea/ground.

    There is a fix, howver, thanks to that dark magician of the mods, Zuti:

    http://www.sas1946.com/main/index.php/topic,12554.0.html

    I'm gonna give it a go....

  24. Dangerdogz Calendar 2011 (Updated)

    in Jim's Place

    Posted

    My apologies everyone, I am fully aware that Feb is nearly upon us and so far no calendar!

    The truth of the matter is, that for the past 3 weeks, every evening without fail I've been working

    till the small hours of the morning re-decorating my bathroom, not even had a chance to fire up IL2!

    However, now that job is done and real-life can go on hold for a little while, I hope to get it finished ready

    for d/l and hopefully sort out some printed ones.

    Watch this space!

    Yay! I get my friend back!

    Being jealous of a bathroom is a pretty sorry state to get into.

    Hope it went well bud, and knowing your meticulous eye for detail and craftsmanship it probably looks a peach.

    But for god's sake get your ass back in here, I've missed ya.

×
×
  • Create New...