How do you know the virus/spyware is gone

[Julie]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

All of my scans and checks are coming up clean, but i still get an
application error that says " the instruction at 0x01a82dc0 referenced memory
at 0x01a82dc0. the memory could not be read click on ok to terminate the
program" every time i close internet explorer. And some scans I have done
with registry scanners say that there are bad keys (i think thats what it
said) that need to be repaired. If i do have to repair that is there a free
program to do it. Is my intell32 virus gone? Is it say to do my online
banking again? somebody please help me before I lose my mind!!!

 

[Julie]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

I do have the winxp serv pk 2 and i ran all of the checks in safe mode and
another from panda active scan everything came up ok.

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

From: "Julie" <Julie@discussions.microsoft.com>

| All of my scans and checks are coming up clean, but i still get an
| application error that says " the instruction at 0x01a82dc0 referenced memory
| at 0x01a82dc0. the memory could not be read click on ok to terminate the
| program" every time i close internet explorer. And some scans I have done
| with registry scanners say that there are bad keys (i think thats what it
| said) that need to be repaired. If i do have to repair that is there a free
| program to do it. Is my intell32 virus gone? Is it say to do my online
| banking again? somebody please help me before I lose my mind!!!

First, as Leythos indicated, you must make sure that all aspects of the Trojan associated
with intell32.exe is eliminated.

Then the problem with IE can be looked at.

Do you have WinXP SP2 installed ?

I also think you should ignore "registry scanners" for now.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

In article <E6A7ECC7-A5ED-4703-A37B-0A3286E9DD95@microsoft.com>,
Julie@discussions.microsoft.com says...
> All of my scans and checks are coming up clean, but i still get an
> application error that says " the instruction at 0x01a82dc0 referenced memory
> at 0x01a82dc0. the memory could not be read click on ok to terminate the
> program" every time i close internet explorer. And some scans I have done
> with registry scanners say that there are bad keys (i think thats what it
> said) that need to be repaired. If i do have to repair that is there a free
> program to do it. Is my intell32 virus gone? Is it say to do my online
> banking again? somebody please help me before I lose my mind!!!

Follow this set of directions:

http://securityresponse.symantec.com/avcenter/venc/data/trojan.desktophi
jack.c.html

Also, make sure that you've run the AV and Antispyware programs in SAFE
MODE, if not in safe mode it may not clean everything.


--

spam999free@rrohio.com
remove 999 in order to email me

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

In article <E6A7ECC7-A5ED-4703-A37B-0A3286E9DD95@microsoft.com>,
Julie@discussions.microsoft.com says...
> All of my scans and checks are coming up clean, but i still get an
> application error that says " the instruction at 0x01a82dc0 referenced memory
> at 0x01a82dc0. the memory could not be read click on ok to terminate the
> program" every time i close internet explorer. And some scans I have done
> with registry scanners say that there are bad keys (i think thats what it
> said) that need to be repaired. If i do have to repair that is there a free
> program to do it. Is my intell32 virus gone? Is it say to do my online
> banking again? somebody please help me before I lose my mind!!!

A couple things to consider:

1) Once a machine is compromised it's almost never going to be
considered secure/clean unless you wipe it

2) Any problems you have after cleaning a machine of a virus or spyware
may indicate that you have other viruses/spyware, or that the
virus/spyware modified/damaged some critical files in some way that the
cleaning process could not properly repair

3) Viruses not caught during their installation phase are something that
your AV software is "reacting" to after the fact, which means you don't
really know if your AV software is capable of cleaning it completely.

4) If you take a compromised computer to a shop, unless they are
unethical, they are going to wipe it and reinstall your OS from your
restore CD's - this is no other means to ensure that your compromised
system is really clean.

5) Doing a "repair/reinstall" may fix corrupted files or registry
entries, but, a repair/reinstall does not clean the virus/spyware from
your computer - if the files are still on your drive (virus/spyware) you
stand a very real chance of being infected again.

6) Most importantly - if you don't understand how you got infected in
the first place, you won't be able to keep it from occurring again. It's
very important that you understand how to secure your computer, how to
browse securely, and what to click on (or what to not click on).

With that said, I would first suggest that you WIPE/Reinstall to ensure
that your system is clean. Assuming that you "Feel" your system is
clean, you should try the "repair/reinstall" method which leaves all
your files / data in tact. Repair/Reinstall may require re-activation,
be ready for that.

--

spam999free@rrohio.com
remove 999 in order to email me