Author Topic: Win32: Trojano-191 (Tri)  (Read 7639 times)

0 Members and 1 Guest are viewing this topic.

Offline bracken

  • Newbie
  • *
  • Posts: 2
Win32: Trojano-191 (Tri)
« on: July 02, 2004, 02:57:05 PM »
Hello

I keep getting an Avast warning that the Win32: Trojano-191 (Tri) virus is in File Name C:\WINDOWS\mhelv.dll. when I try to enter an Internet site I delete it using Avast then the same virus is identified twice more in different files. I then delete them and everything is ok until I search a new internet site.

I'm using XP fully up to date

I would be grateful if anyone had any ideas on how to sort this out and I've attached a screen print of the initial Avast warning

Maurice

Offline lee20

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2326
  • The only true failure is when you give up
Re:Win32: Trojano-191 (Tri)
« Reply #1 on: July 02, 2004, 10:30:12 PM »
I belive this is the trojan you had, http://www.pestpatrol.com/pestinfo/a/aol_password_stealing_trojan_191.asp . If it is then i suggest you use a spyware scanner such was "spy sweeper" which you can get from http://www.webroot.com/wb/downloads/index.php , or "ad-ware" from http://www.lavasoftusa.com/.

Hope this was of some help.

--lee
« Last Edit: July 02, 2004, 10:30:45 PM by lee16 »

"Anyone who has never made a mistake has never tried anything new."-Albert Einstein

Comodo Firewall, Avast 4.8, SpywareBlaster, Spybot + superantispyware, PeerGuardian and ALL software patched!

F4

  • Guest
Re:Win32: Trojano-191 (Tri)
« Reply #2 on: July 03, 2004, 12:21:00 AM »
The easiest way you can try before looking for other solutions to solve this problem is that using boot-time scan (Windows 2000/XP only) then avast will scan and get rid of malware (if it can) at the next Windows start.

This has proved to me several times that this boot-time scan works great. You don't need to boot in safe mode to scan, I've never seen this option in other antivirus I've tried.


Offline Gillie2tat

  • Full Member
  • ***
  • Posts: 171
  • In a hole in the ground there lived a hobbit.
    • Tatting at Bella Online
Re:Win32: Trojano-191 (Tri)
« Reply #3 on: July 03, 2004, 07:25:57 PM »
I had that  same trojan last night, will run Spybot right away - thanks for that info!  By the way I moved all three files that came up as infected to the Virus Chest - they were .html files that I had saved and were in a folder in My Documents - then deleted from there and AVast has now run two full clean scans.

Just updated and run Spybot, we're OK :)
« Last Edit: July 03, 2004, 07:30:31 PM by Gillie2tat »

Offline bracken

  • Newbie
  • *
  • Posts: 2
Re:Win32: Trojano-191 (Tri)
« Reply #4 on: July 03, 2004, 07:55:44 PM »
Thank you everyone so far.

The Boot up scan suggested by F4 (Thank you) identified a lot of files infected by Trojan-191 (and I think later variants). Unfortunately, getting rid of them seems to be a little difficult, most of them were in System and System32.

Consequently, I'm a little wary of deleting them and they won't repair.

Any thoughts on just deleting them all, as they're id' and downloading clean replacements as they crop up as errors?

I'm going to get these little beasties!

Maurice


Offline Bigbro

  • Jr. Member
  • **
  • Posts: 45
  • Hello good friends!
Re:Win32: Trojano-191 (Tri)
« Reply #5 on: July 05, 2004, 12:42:20 AM »
I want to know about this too. I have already deleted the following files yesterday and would like to replace them if they need to be.

Hewlit-Packard\Digital Imaging\hp psc 2170 series\TO ur\enu\newupdatehtml.exe

C:System Volume Information\_restore{6A543CB3-1263-4A81-9673-A42A5EC9EAB5}RP57\A0012404.exe
Gateway 1200 Select, 1.20GHZ, 0.98GB RAM, 60GB HD + 30GB HD, Windows XP Home-SP3, avast V5.1.889 Free. Comodo Firewall

Dell Dimension 8400, 4CPU 3.20GHZ, 3.1 3.25GB RAM, 80GB HD, Windows XP Pro Media Edition -SP3, avast V5.1.889 Free. Comodo Firewall

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 44946
  • 61 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re:Win32: Trojano-191 (Tri)
« Reply #6 on: July 11, 2004, 01:25:46 AM »
fhurst
Look in your Recycle Bin at least one of the files might be in there. I highly doubt that the _restore info will be there though.
Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v20H2 64bit, 24 Gig Ram, 1TB SSD, AvastOmni 20.7.xxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline Bigbro

  • Jr. Member
  • **
  • Posts: 45
  • Hello good friends!
Re:Win32: Trojano-191 (Tri)
« Reply #7 on: July 11, 2004, 06:39:15 AM »
fhurst
Look in your Recycle Bin at least one of the files might be in there. I highly doubt that the _restore info will be there though.

I think the best thing to do now is contact HP and see what they recomend. Those files no longer exist and I'm not sure what they were for, since the programs that they relate to work fine so far without them.

Thanks for your help and patience,
fhurst
Gateway 1200 Select, 1.20GHZ, 0.98GB RAM, 60GB HD + 30GB HD, Windows XP Home-SP3, avast V5.1.889 Free. Comodo Firewall

Dell Dimension 8400, 4CPU 3.20GHZ, 3.1 3.25GB RAM, 80GB HD, Windows XP Pro Media Edition -SP3, avast V5.1.889 Free. Comodo Firewall

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 44946
  • 61 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re:Win32: Trojano-191 (Tri)
« Reply #8 on: July 11, 2004, 06:53:22 AM »
fhurst
I can tell you that the _restore file is from your Sytem Restore function. Since you say that everything is working fine, be sure to make a new restore point. The other file is related to your computer manufacturer and as you said, you should be able to get help from them. Good luck.
If you have any other questions, just post to let some one know.
We have lots of patience. What we really need is a doctor. :) ;D
Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v20H2 64bit, 24 Gig Ram, 1TB SSD, AvastOmni 20.7.xxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline Bigbro

  • Jr. Member
  • **
  • Posts: 45
  • Hello good friends!
Re:Win32: Trojano-191 (Tri)
« Reply #9 on: July 12, 2004, 04:34:32 AM »


We have lots of patience. What we really need is a doctor. :) ;D

Thanks again!
You may not be doctors but you're fine nurses.  ;D
Gateway 1200 Select, 1.20GHZ, 0.98GB RAM, 60GB HD + 30GB HD, Windows XP Home-SP3, avast V5.1.889 Free. Comodo Firewall

Dell Dimension 8400, 4CPU 3.20GHZ, 3.1 3.25GB RAM, 80GB HD, Windows XP Pro Media Edition -SP3, avast V5.1.889 Free. Comodo Firewall

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 44946
  • 61 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re:Win32: Trojano-191 (Tri)
« Reply #10 on: July 12, 2004, 05:24:10 AM »
fhurst
Thanks for the compliment. Guess I'd better change my outfit. :)
Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v20H2 64bit, 24 Gig Ram, 1TB SSD, AvastOmni 20.7.xxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq