Search DaniWeb - datastorage

Attack of a " rdriv.sys" virus 17 Years Ago by cheong101 …/AvSniff.cab[/URL] O16 - DPF: {3AC7F64E-6154-47B0-82B5-764ED4077F77} (DataStorage Class) - [URL="http://txn.hkjc.com/BetSlip/object/HKJCSecKey… Re: Attack of a " rdriv.sys" virus 17 Years Ago by tayspen …...l_uploader.cab[/url] O16 - DPF: {3AC7F64E-6154-47B0-82B5-764ED4077F77} (DataStorage Class) - [url]http://txn.hkjc.com/BetSlip/object/HKJCSecKey.cab… Good Day 15 Years Ago by Tedain …\Messenger\msmsgs.exe O16 - DPF: {3AC7F64E-6154-47B0-82B5-764ED4077F77} (DataStorage Class) - [url]http://txn02.hkjc.com/BetSlip/object/eWinCtl.cab… Re: Good Day 15 Years Ago by Tedain …\Messenger\msmsgs.exe O16 - DPF: {3AC7F64E-6154-47B0-82B5-764ED4077F77} (DataStorage Class) - [url]http://txn02.hkjc.com/BetSlip/object/eWinCtl.cab… Re: Good Day 15 Years Ago by Tedain …\Messenger\msmsgs.exe O16 - DPF: {3AC7F64E-6154-47B0-82B5-764ED4077F77} (DataStorage Class) - http://txn02.hkjc.com/BetSlip/object/eWinCtl.cab O16… Re: Good Day 15 Years Ago by Tedain …\Messenger\msmsgs.exe O16 - DPF: {3AC7F64E-6154-47B0-82B5-764ED4077F77} (DataStorage Class) - [url]http://txn02.hkjc.com/BetSlip/object/eWinCtl.cab… Re: Good Day 15 Years Ago by Tedain …\Messenger\msmsgs.exe O16 - DPF: {3AC7F64E-6154-47B0-82B5-764ED4077F77} (DataStorage Class) - [url]http://txn02.hkjc.com/BetSlip/object/eWinCtl.cab… Re: Good Day 15 Years Ago by Tedain …\Messenger\msmsgs.exe O16 - DPF: {3AC7F64E-6154-47B0-82B5-764ED4077F77} (DataStorage Class) - [url]http://txn02.hkjc.com/BetSlip/object/eWinCtl.cab… Re: Good Day 15 Years Ago by Tedain …\Messenger\msmsgs.exe O16 - DPF: {3AC7F64E-6154-47B0-82B5-764ED4077F77} (DataStorage Class) - [url]http://txn02.hkjc.com/BetSlip/object/eWinCtl.cab… Re: Good Day 15 Years Ago by Tedain …\Messenger\msmsgs.exe O16 - DPF: {3AC7F64E-6154-47B0-82B5-764ED4077F77} (DataStorage Class) - [url]http://txn02.hkjc.com/BetSlip/object/eWinCtl.cab… Re: What does it mean? 19 Years Ago by jwenting … that key is calculated. That provides an index into the datastorage where a group of items stored with that hashcode are… Re: opening a class!! 15 Years Ago by agdastidar …/Oracle) or are you using a simple text file as datastorage? explain your problem properly. Re: Delete Empty cells in a data table 14 Years Ago by thecoat … therefore the solution lies in your datatable and by extension datastorage or query. You seem to be thinking of the datagrid… Re: Attack of a " rdriv.sys" virus 17 Years Ago by cheong101 Thanks fo your help~:) i hope it will not spend you too much time~ i follow your step to fix hjack, the problem is not appear after i restart the pc i dont know it is clear or not for the Vundo after i double click and receive a message saying vundofix will close and re-open in a minute or less, i cant execute the Vundo the problem show … Re: Attack of a " rdriv.sys" virus 17 Years Ago by tayspen Lets have this scanner take out what it can. IT may be able to miss the vundo that VF couldn't get becasue it wouldn't work. I am not usre why it wouldn't work... Please download [url=http://www.ewido.net/en/download/][b][color=red]ewido anti-malware[/color][/b][/url] it is a free version of the program.[list=1] [*]Install ewido anti-malware [*]… Re: Attack of a " rdriv.sys" virus 17 Years Ago by Burton1 I am not sure how you guys do this, but from the looks to me he was infected due to not having any Service Packs installed. Maleware affects the Installa tion of Sp2, but not sp1. Please follow my instructions, then continue with theirs please. We can definitely help you, but first you need to help us. The first step in this process is to … Re: Attack of a " rdriv.sys" virus 17 Years Ago by DMR [quote=Burton1]I am not sure how you guys do this, but from the looks to me he was infected due to not having any Service Packs installed...[/quote]Good catch Burton; that's why we appreciate other pairs of eyeballs on the problems. :) That is indeed a "virgin" install of XP by the looks of it, and yes- we [I]do[/I] advise that SP1a be … Re: Good Day 15 Years Ago by jholland1964 We need to see a NEW scan log from MBA-M run in NORMAL mode. Be sure to update the program first, run it and have it fix everything found. Reboot the computer and run another HJT scan. Post back here with both of the new logs. Judy Re: Good Day 15 Years Ago by crunchie Please do not attach your logs. Continue to post as per your first post. Re: Good Day 15 Years Ago by jholland1964 Please download [B][URL="http://www.bleepingcomputer.com/files/sdfix.php"]SDFix [/URL][/B]to your desktop Now, double-click on the SDFix icon that should now be residing on your desktop. If a Open File - Security Warning box opens, click on the Run button. A window will now open showing SDFix being extracted into the C:\SDFix folder. … Re: Good Day 15 Years Ago by crunchie Do another scan with hijackthis and save the log. In notepad, go to the format tab and uncheck wordwrap. Post the new log. If you look at your first log then your last, you will see why. Re: Good Day 15 Years Ago by crunchie Find and delete the following file; C:\WINDOWS\system32\[b]zijigegu.dll[/b] Fix the following line in hijackthis; O4 - HKLM\..\Run: [yubotejeyi] Rundll32.exe "C:\WINDOWS\system32\zijigegu.dll",s Make sure all browser and explorer windows are closed before fixing. Post back a new hijackthis log after rebooting your pc and … Re: Good Day 15 Years Ago by crunchie Are you closing ALL your browser and explorer windows before fixing with hijackthis? The entry is still there along with another one. I would advise another full scan with MBAM just in case, then clean up these entries with hijackthis. O2 - BHO: (no name) - {4b26b25f-439c-44d0-8c56-b1c121108b7d} - C:\WINDOWS\system32\fakubija.dll (file missing)… Re: Good Day 15 Years Ago by crunchie Well, if you are closing every instance of Internet Explorer, something else is preventing the fix. Possibly Adaware. Can you please do the following. =============== You will need to disable Adaware to prevent it from interfering with the fix. Right click on the Adaware icon in the system tray and select 'exit.' =============== Let's look for… Re: Good Day 15 Years Ago by crunchie Please go to [url=http://virusscan.jotti.org/][u]Jotti's[/u][/url] or to [url=http://www.virustotal.com/en/virustotalf.html][u]virustotal[/u][/url] and have these files scanned. Post the results back here. c:\windows\system32\fes.ra c:\windows\system32\fe.sp c:\windows\system32\def.help c:\windows\system32\ceg.sdr c:\windows\system32\… Re: Good Day 15 Years Ago by Tedain I do not know if you want the entire scan result, or just ones that produces results. There seem to be a lot of virus scanners being run, so I will post the lines that have a result in them. I also wasn't sure if you needed the "Additional Information", so I included that under the scan results. I used VirusTotal for these scans. c:\… Re: Good Day 15 Years Ago by crunchie Sorry for the late reply. 1. Please [b][u]open Notepad[/u][/b][list] [*] Click [b]Start[/b] , then [b]Run[/b] [*]Type[b] notepad.exe[/b] in the Run Box.[/list] 2. Now [b]copy/paste[/b] the entire content of the codebox below into the Notepad window: [Quote] KillAll:: File:: c:\windows\system32\fes.ra c:\windows\system32\fe.sp c:\… Re: Good Day 15 Years Ago by jholland1964 To find the other two logs open MBA-M and click on the Logs Tab. They are there and are noted by date. Re: Good Day 15 Years Ago by crunchie I still need you to follow my last instructions too. Re: Good Day 14 Years Ago by gibnetser Hi Daniweb Community. I've just started getting the error msg "Error loading c:\windows\system32\hedafatu" recently. Does any one out there have a solution for this?