I have been very lucky without getting any viruses until lately. I have accumulated several trojans, and have quarantined them. Is there still a threat to my security (like bank account info, pass words, etc)? I have not downloaded anything in quite a while, yet I continue to get these trojans. Could someone please help me by answering my question, and any suggestions would be apprectiated. I am a novice at these type things, so please keep your answers as easy to understand as possible. Thanks for your help.

First off...the most important thing is keeping your AV software up to date. Sound like you are...that's more than half the battle.

Delete what's in quarentine.

Also...a Sysopt favorite around here are two free programs, that scan and delete spyware and adware.

First is Ad Aware by Lavasoft, the second is SpyBot.

Download them both, update them, and run them.
It is very important to update them before running them, as they come out with new definitions freequently, just as your AV does.

You can get them both here, free for home use.

Good luck!!

Ad Aware (http://www.lavasoftusa.com/support/download/)

SpyBot (http://www.safer-networking.org/index.php?page=download)

reation date of the report file: 23.04.2004 16:31

AntiVir®/XP (2000 + NT) Personal Edition v6.24.00.10 of 04.02.2004
VDF file v6.25.0.26 (0) of 22.04.2004

Start of scan: 23.04.2004 16:31

C:\
pagefile.sys
Access denied! Error during file opening!
This is a Windows swap file. This file is locked by Windows.
Error code: 0x000D
WARNING! Access error/file locked!
C:\Documents and Settings\Ronad Inglet\Local Settings\Temp
bi.cab
ArchiveType: CAB (Microsoft)
--> bi.dll
[DETECTION] The Trojan horse TR/BiSpy.DLL.B
--> biprep.exe
[DETECTION] The Trojan horse TR/Small.Dld.AH.5

This scan...as i read it says i have a virus in the acrchives and the files cannot be deleted or repaired. I went to "search" and found the files, but am scared to delete them all. Should i delete them and then reinstall windows? I am not sure if this is the place to bring this, but please help. Thanks.

You didn't need all that... Also, keep the same topics in the same thread. It is easier for us if we know all the details, thanks. :)

Re-start your computer in Safe mode (tap F8 key as windows re-starts). Delete biprep.exe and bi.dll. Then while still in safe mode, run AntiVIR again.
Delete anything it might find. Run updated Ad-Aware next and delete anything it finds. Re-start and you should be good-to-go.

Good luck! :D

The files won't be visible in Explorer because it's archived (compressed) into a .CAB file. Go to Safe Mode like Direct1 said, then enable hidden file viewing in Explorer just in case (Tools->Folder Options->View->Show hidden files and folders->Apply->OK), and delete the file named bi.cab in C:\Documents and Settings\Ronad Inglet\Local Settings\Temp.

Darn it...sorry I did not realize I had posted it on top of the previous thread. Thanks for the help. I am working till 6AM, but will try to fix it when I get home. Will contact you all and let you know if I was able to find the files, and if not will ask for more help. Again thanks so much for you help....I do have one question though...why do you do these things in the "safe mode"?

why do you do these things in the "safe mode"?
So they (and hardly anything else) are not running. Easier to deal with. Safe mode is your friend. Can fix a lot of things in safe mode.

Good luck! :D

First, I could not get my pc to boot in the safe mode. I pressed the F-8 key till the cows came home several times, and it would not go to safe mode.
I did get into the part of explorer and enabled the "show hidden files", but could not find the 2 files that need to be deleted (actually I did not see any files at all, just about 6 icons). There were several icons in the window, and when I tried to open some of them it prompted me that they could not be opened, and asked me if I would like to find the program on the internet to open it. Well I will wait for someone to reply, but I hate it when the instructions seem very clear, but the PC (and most probably the PC user are not getting it). I wonder why I could not boot up in the safe mode? I have done it before to remove a memory virus, but could not this time. Thanks

Were you hitting the "F" and "8" keys separately or just the "F8"?

Here is how to get into safe mode...

http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001052409420406

...Select your OS...

Once in safe mode, look here C:\Documents and Settings\Ronad Inglet\Local Settings\Temp and delete bi.cab. You can also do a seach for bi.cab, bi.dll, and biprep.exe . Delete any that are found.

Good luck! :D

I was hitting the F8 key. Thanks for all your help Direct1. I think I finally got the Trojan out of the system. I did a complete scan before coming to work tonight, and there were zero alerts, and zero viruses found. I will do another full scan when I get home to double check.
I was in internet explorer, not explorer. :eek: I pulled up you post again and realized my mistake, and it sure made things a lot easier.:rolleyes: Again thanks for all your help because someone like me that has very little practial experience with PC's sure appreciates someone like you. Thanks again.....I learned a lot on this one.

Do'h! "Iexplore.exe" and "Explorer.exe" are pretty similar. Now you won't make that mistake again. Glad it is all fixed.

Good luck! :D