chewy
-
Posts
1,400 -
Joined
-
Last visited
Content Type
Profiles
Forums
Events
Posts posted by chewy
-
-
Stick a single layer blank in and copy the right window(top part) while you are in write mode
That way we can see your burner id and the firmware
What speed of dl verbatim disks are those?
BENQ DVD DD DW1620 B7W9 (ATA)Current Profile: DVD+R
-
I am sorry to hear that there is no "classic" option available in Windows 7. Now, besides there being no functional reason for me to ever migrate to Vista or Windows 7, it appears that there are stylistic reasons for me not to do so.
-
Having DT lite installed and not having any problems would seem irrelevant to someone trying to remove a dangerous back door trojan rootkit.
We often see disabling or uninstalling certain legitimate programs as a requirement for cleaning an infection, a simlar analogy would be disabling all filter drivers in an attempt to cleaning the system bus and enabling Imgburn to function.
-
Disabling or unloading the service may allow another program to kill the sob that loads it at bootup and all the associated files it's been hiding that take over your computer.
There are no quick cures or simple fixes with battling a serious infection except format C
If rootrepeal crashes I would suspect a witches brew of drive emulation like daemon tools light and/or alcohol and/or a hosed system bus.
Of course in your case it may just have been Eset
-
Make sure you run MBAM
-
Until you told us about the infector(uniccodec) all I had to search for was Maximum number of secrets. Searching for uniccodec
led me to threads where a nasty rootkit was being removed.
The last clue(the infector) solved the puzzle
uniccodec
http://www.bleepingcomputer.com/forums/ind...mp;hl=uniccodec
c:\program files\INSTALL.LOG
c:\recycler\S-3-7-83-100021929-100011541-100016078-3385.com
c:\windows\emMON.exe
c:\windows\setup.exe
c:\windows\system32\AutoRun.inf
c:\windows\system32\drivers\gxvxcowqowfilruwevyqfhsrblugdstnncnel.sys
c:\windows\system32\gxvxccounter
c:\windows\system32\gxvxcwdynvqlpuoxusqaafouuakouafncrsum.dll
c:\windows\system32\Memman.vxd
c:\windows\system32\skinboxer43.dll
2009-04-19 04:11 . 2009-04-19 04:11 -------- d-----w c:\program files\UNICCodec
-
Maximum number of secrets error, if infected with malware should be easily confirmed by other symptoms, popups, browser redirects and warning from resident security programs.
Such an infection is extremely dangerous as it involves rootkit(s) and backdoor trojans
A complete repartition and format of your hard drive with proper precaution to prevent reinfection is the best option.
Here's the standard response given for such infections
One or more of the identified infections is a rootkit/backdoor trojan.This allows hackers to remotely control your computer, steal critical system information and download and execute files.
I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.
Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:
How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall
Someone may still be able to clean this machine but we can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do.
Removing such infections and possible repair of damage, usually requires advanced tools and the help of trained experts.
At the bottom of this link is a list of "approved" HJT forums where helpers have received this training.
Expect to wait for help as the training is so intensive there is always a shortage of helpers.
http://www.bleepingcomputer.com/combofix/h...combofix#forums
-
-
i already removed last thing i installed one of being uniccodec
that's not a program or a codec
It's a malware suite, backdoor trojan dns changer and rootkit
-
http://www.bleepingcomputer.com/forums/forum103.html
Post at the Am I Infected forum
or
at the MBAM forum
http://www.malwarebytes.org/forums/index.php?showforum=7
AdvancedSetup and others would be interested in this Imgburn error
Please download GMER from one of the following locations and save it to your desktop:
-
Main Mirror
This version will download a randomly named file (Recommended) -
Zipped Mirror
This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
- Disconnect from the Internet and close all running programs.
- Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
- Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
-
Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.
- GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
- If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
- Now click the Scan button. If you see a rootkit warning window, click OK.
- When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
- Click the Copy button and paste the results into your next reply.
- Exit GMER and re-enable all active protection when done.
-- If you encounter any problems, try running GMER in Safe Mode.
-
Main Mirror
-
For some unknown reason the author of the program thinks it's a rootkit
http://forum.imgburn.com/index.php?s=&...ost&p=92788
-
http://www.malwarebytes.org/forums/index.php?showtopic=12709
On using rootrepeal and MBAM to remove this rootkit
-
Webroot Spysweeper causes a lot of problems
-
-
Are those made in singapore disks or tawain?
You might have better results with taiyo yuden, most professionals use them
They might be That brand?
-
Company Name: Sonic Solutions
alias easycd, roxio
nickname poxio
an accident waiting to happen
-
-
That drive is so old, (Benq 1625) might be a firmware problem
You might try this file from HP but i would reccomend buying a new drive
-
Here's the big picture Spinner
the clues are all here
-
I know one program that installs by default looping titles
and is bundled with Imgburn
-
I vota Geno
-
http://www.videohelp.com/dvdplayers?DVDnam...ame&hits=50
Do everyone a favor, buy a new dvd player or check out those burns in another player, old ones weren't that good
-
data should be read only once into the RAM buffer
evidently that's not how it works even with nero and matched burners
-
You just thrash a single hard drive to death trying to read the same set of files twice doing a simultaneous burn
It would be nice if the whole burn could be read into ram and done from there
incompatible medium installed
in ImgBurn Support
Posted
http://www.pioneer.eu/eur/products/archive...107D/index.html
It can't write to dual layer