Free Malware Removal Forum

[snooker&molly]

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6208
# api_version=3.0.2
# EOSSerial=0c4c20c83566fc408788213fd5126201
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2009-10-17 08:09:40
# local_time=2009-10-17 07:09:40 (+1000, AUS Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 809204 809204 0 0
# compatibility_mode=2815 16777215 0 0 0 0 0 0
# compatibility_mode=3839 16777215 0 0 0 0 0 0
# compatibility_mode=4351 16777215 0 0 0 0 0 0
# compatibility_mode=5121 16776533 100 96 2790556 7911270 0 0
# compatibility_mode=5890 16777214 0 0 0 0 0 0
# compatibility_mode=8447 16777215 0 0 0 0 0 0
# scanned=11891
# found=0
# cleaned=0
# scan_time=4837
esets_scanner_update returned -1 esets_gle=53251
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6208
# api_version=3.0.2
# EOSSerial=0c4c20c83566fc408788213fd5126201
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2009-10-17 09:04:18
# local_time=2009-10-17 08:04:18 (+1000, AUS Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 817316 817316 0 0
# compatibility_mode=2815 16777215 0 0 0 0 0 0
# compatibility_mode=3839 16777215 0 0 0 0 0 0
# compatibility_mode=4351 16777215 0 0 0 0 0 0
# compatibility_mode=5121 16776533 100 96 2798668 7919382 0 0
# compatibility_mode=5890 16777214 0 0 0 0 0 0
# compatibility_mode=8447 16777215 0 0 0 0 0 0
# scanned=16
# found=0
# cleaned=0
# scan_time=3245
esets_scanner_update returned -1 esets_gle=53251
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6208
# api_version=3.0.2
# EOSSerial=0c4c20c83566fc408788213fd5126201
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2009-10-17 10:15:56
# local_time=2009-10-17 09:15:56 (+1000, AUS Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 818121 818121 0 0
# compatibility_mode=2815 16777215 0 0 0 0 0 0
# compatibility_mode=3839 16777215 0 0 0 0 0 0
# compatibility_mode=4351 16777215 0 0 0 0 0 0
# compatibility_mode=5121 16776533 100 96 2799473 7920187 0 0
# compatibility_mode=5890 16777214 0 0 0 0 0 0
# compatibility_mode=8447 16777215 0 0 0 0 0 0
# scanned=67615
# found=0
# cleaned=0
# scan_time=3495





Displays protocol statistics and current TCP/IP network connections.

NETSTAT [-a] [-b] [-e] [-n] [-o] [-p proto] [-r] [-s] [-v] [interval]

-a Displays all connections and listening ports.
-b Displays the executable involved in creating each connection or
listening port. In some cases well-known executables host
multiple independent components, and in these cases the
sequence of components involved in creating the connection
or listening port is displayed. In this case the executable
name is in [] at the bottom, on top is the component it called,
and so forth until TCP/IP was reached. Note that this option
can be time-consuming and will fail unless you have sufficient
permissions.
-e Displays Ethernet statistics. This may be combined with the -s
option.
-n Displays addresses and port numbers in numerical form.
-o Displays the owning process ID associated with each connection.
-p proto Shows connections for the protocol specified by proto; proto
may be any of: TCP, UDP, TCPv6, or UDPv6. If used with the -s
option to display per-protocol statistics, proto may be any of:
IP, IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP, or UDPv6.
-r Displays the routing table.
-s Displays per-protocol statistics. By default, statistics are
shown for IP, IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP, and UDPv6;
the -p option may be used to specify a subset of the default.
-v When used in conjunction with -b, will display sequence of
components involved in creating the connection or listening
port for all executables.
interval Redisplays selected statistics, pausing interval seconds
between each display. Press CTRL+C to stop redisplaying
statistics. If omitted, netstat will print the current
configuration information once.

[snooker&molly]

If I was to re-format my hard-drive, but before doing so I copied my documents to a DVD - is it likely that the malware/spyware would get copied with this? And then when I copied my document back to my re-formatted computer re-infect it?

I am just thinking that it may be easier to just start again - and stop wasting your time. Most of my photos and music are on an external drive that has not been hooked up to the computer since it has been infected.

[deltalima]

Hi snooker&molly,

A reformat will probably be the quickest way of getting your computer back to normal.

is it likely that the malware/spyware would get copied with this

It is unlikely but possible, be careful not to copy any executables to DVD. Ensure one of the fist things you do is install and update your antivirus software and then run all Windows updates once you have reinstalled.

REFORMAT & REINSTALL

Since you decided to do a clean install read some information below.

Please make sure that you know what to do before beginning the operation.

Here are a few links that propably help.
You can Print all these information, so you have them handy.

Reformatting Windows XP by wng_z3r0
When should I re-format? How should I reinstall?
Windows XP Clean install

[askey127]

snooker&molly, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.