Jump to content
MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. ×


  • Posts

  • Joined

  • Last visited

  • Days Won

  • Donations

  • Country


Posts posted by D.Draker

  1. On 10/10/2021 at 3:39 PM, UCyborg said:

    Theoretically, you should have .reg script with essential references.

    Hi , so I  tracked down Xaudio files that are needed for the game . XAudio2_7.dll needs to be in sysWoW64 and in sys32 (both) for it to work . But it doesn't want to play sound without the registry entries , in other words , it wants it to be installed . Will you help me to force the game to use them locally ? Thank you.

  2. Hi to ya all. I joined the beta testers team . Seems good so far ! I do not have any weird incoming connections that several of us had with the previous 2260 build . COOL !!!

    I have three questions though .

    1 - What was done to block broadcasting on mdns port 5353 ?

    2 - Why can't I see cert. info , if I press on the padlock ? No popup window follows.

    3 - Is there any way to remove qr code abomination popup ?

    4 - Bonus question : if I open settings and press "inspect" , I see strings in russian language , is it supposed to be so ? 


    Thank you very much !

    screencap rus lang.png

  3. On 10/20/2021 at 7:36 PM, Vistapocalypse said:

    KB4489887 was a March 2019 Preview in which build 6003 was first introduced. For those actually running Server 2008 SP2, such Previews were Optional updates. I don’t think any MSFN member running Vista installed it at the time, since the build number change was not noted here until April 2019.

    About your BSOD: AFAIK those Win32k.sys BSODs were all attributable to applications that depended on version string “6002.” Even if you don’t use Avast/AVG, antivirus would still be my first guess. One MSFN member traced his BSOD to VMWare (see my link and read a few pages). If you can identify another program that was broken by 6003, I would be as interested as anyone. Since this seems to be the only Vista thread that new members want to read, I’ll mention that Avast solved their issue with a microupdate in June 2019. To install Avast 18.8 on 6003, I would try an online installer because the offline installer is older than the microupdate.

    Nah , it was a clean windows Vista SP2 (no progs). Sorry for the late reply . Somehow , I was able to boot and deleted this junk from safe mode . Yet it left numerous traces , for example inside winsxs. Again , I don't have Avast , I think I  wrote it . Anyways , thanks for the explanations.

  4. 20 hours ago, Vistapocalypse said:

    I am inclined to agree with that. Reports of limited improvement could be an example of the placebo effect.

    I tried that update , I'm getting BSOD right now , started to search for this exact error and found this .

    Besides , KB4493471 was superseded by KB4499149  (released May 14 , 2019) !

    "Facing Wind23k.sys BSOD on Windows 2008 SP2 on normal boot. Uninstalling KB4493471 from Windows Safe Mode solved the BSOD"


    And no , I don't have Avast installed. Someone please tell what is windows6.0-kb4489887-x64 and I don't fully understand what they have to do with extended kernel , I have none. Thank you.

    • Like 1
  5. 10 hours ago, ArcticFoxie said:

    I have no inbound here.  Can you post a screencap?  Can it be isolated to any background tab that is opened?

    Post a srceencap of what exactly ? How my firewall asks me if I want to block it ? No background opened , nothing , it happens only right at the start , but if I press agree to block and nothing later . I guess it would have happened later on too if I didn't press agree to block. 

  6. 7 hours ago, Dixel said:

    "hiya" is a form of greeting , mostly used by the British peasants

    xD !!! I've met quite a few British hooligans here , yes I'm still alive and well after that , nice lads actually. And the second word ,after hiya, they really like is b@ll@cks. 

  7. 5 hours ago, dmiranda said:

    Even portable soft can mess with your firewall and other system settings if you are careless -particularly with software whose source is not open to scrutiny.

    Hi , I think you replied to the wrong person, it was arcticfoxie , the OP. Anyways , I agree with you ! Had some soft and it modified the firewall settings.

  8. 2 hours ago, ArcticFoxie said:

    Be cautious.  Most other Chrome-based browsers add to your firewall rules for you.  This one doesn't do that because we don't use any "installer".

    I do think what you guys are seeing is present in several other web browsers.

    I love the vigilance!

    Never used any non-portable soft , but thanks for the warning . Yet the question remains open . Several members reported inbound traffic , even though I have all "chromecast router" junk disabled.

    • Like 1
  9. 2 hours ago, ArcticFoxie said:

    All Chrome-based browsers do that, not sure since when, part of "Chromecast".

    All Firefox-based browsers do that since v36 but I think this is disabled via browser.casting.enabled=false, unsure.

    I had this piece of crap disabled since ages . BTW , your flag is of no use . This is the right one: 

    --load-media-router-component-extension=0 (not my invention , credits to and suggested by  @Dixel). 

    • Like 1
  10. 2 hours ago, ArcticFoxie said:

    All Chrome-based browsers do that, not sure since when, part of "Chromecast".

    All Firefox-based browsers do that since v36 but I think this is disabled via browser.casting.enabled=false, unsure.

    I do not get these types of warnings on any other chrome based browsers. Only with this one. With all versions that are presented here , including yours . 

  11. 2 hours ago, msfntor said:

    I see too 360Chrome.exe on UDP listening on ALL IPv4 local IP connections oh uh

    Exactly !!! And not only UDP , it's TCP , also . And it's trying to accept incoming traffic ! Firewall asks me if I want to block it , I answer "yes" and the firewall creates a new rule to block incoming connections for this browser. I'm glad I'm not the only one who noticed.

  12. 2 hours ago, ArcticFoxie said:

    We really don't need the anti-Russian rhetoric, folks.

    This is an international community.

    Yes, Russia is in the "Top 10" of hackers around the globe - so is China, so is the USA, so is Turkey, so is Poland, so is Brazil, so is India, so is Germany, blah blah blah...

    Why are you trying to sweep under the rug the results of these antivirus scans ? You do not use AV , fine , doesn't mean others don't . And I would say exactly the same if the results showed another nation hackers , but they didn't. 

  13. 2 hours ago, msfntor said:

    Have you the Russian link, please?

    No , I don't , I can't read russian anyways , I just know how their language sounds , from the times of the yellow vests protests and from my Paris visits. But arcticfoxie said he made his version from the russian repack you're talking about , ain't that true , arcticfoxie ?

    • Like 1
  14. 2 hours ago, msfntor said:



    150 Mathilda Place, Ste. 300

    Sunnyvale, CA 94086

    - so California, Russia.:yes: or :no: ?

    Visit California: https://www.visitcalifornia.com/en

    BTW , if you suspect that Crowdstrike is russian  , it may very well be true ! I live in Vichy , but every time I go to Paris , I see many russians there. I even heard russian language during the yellow vests protests too ! I think it's plenty of them in California and Florida and it seems they don't want to live in their own country ! I'm 100% pcertain there are zero french population in Moscow , but plenty of russians in Paris and everywhere else. So ...

  15. 2 hours ago, msfntor said:

    Hi @D.Drakerhmm, I am well aware of the Russians, I can not be more!
    But CrowdInspect is a very good tool that I have been using for long years. Never problems.



    150 Mathilda Place, Ste. 300

    Sunnyvale, CA 94086

    - so California, Russia.:yes: or :no: ?

    Visit California: https://www.visitcalifornia.com/en

    Martin Brinkmann  from ghacks.net about CrowdInspect FREE tool, article: https://www.ghacks.net/2017/02/23/crowdinspect-second-opinion-malware-scanner-with-virustotal-integration/

    Hi ! I was saying about the executable you checked there , the launcher for this browser was made by russians , not about CrowdInspect.

    • Like 1
  16. 7 hours ago, msfntor said:


    I am using a tool called CrowdInspect from CrowdStrike. For the process 360Loader.exe, in the "MHR" column, I've red point with two exclamations, think of malware inside, maybe?..  

    In this link: https://www.crowdstrike.com/blog/free-community-tool-crowdinspect/  - we read:

    "Shown in the “MHR” column, Team Cymru maintains a repository of known malware that can be queried given an MD5 hash of the file contents. In this case we are simply querying for a yes/no answer so the results can be one of the following: ...

    !!  (o Red icon)

    The entry DOES exist in the MHR database. The process is known to be malware. This is bad."

    I hope it's false-positive result...


    This launcher was made by russians , what else would you expect ? Be on your guard.

  • Create New...