Author Topic: Please help! unable to put high threat into chest on avast 5  (Read 8415 times)

0 Members and 1 Guest are viewing this topic.

Lindabee

  • Guest
Avast has just found a high threat on my laptop... its win32:SkiMorph if that makes any sense to anyone!!

MY PROBLEM: although it found the virus, it won't allow me to put it into 'the chest' (the recommended action) I get the error; ERROR: THE HANDLE IS INVALID (6)

My computer has been playing up, and I'm thinking this must be why, so I'm in safe-mode at the moment... I so want to safely get rid of it... :'(

please please help?

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89427
  • No support PMs thanks
Re: Please help! unable to put high threat into chest on avast 5
« Reply #1 on: July 21, 2010, 07:35:34 PM »
What is the infected file name, where was it found e.g. (C:\windows\system32\infected-file-name.xxx) ?
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.6.6121 (build 24.6.9241.848) UI 1.0.809/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Lindabee

  • Guest
Re: Please help! unable to put high threat into chest on avast 5
« Reply #2 on: July 21, 2010, 07:52:52 PM »
What is the infected file name, where was it found e.g. (C:\windows\system32\infected-file-name.xxx) ?

Hello DavidR, I'm no good at this stuff, but it says:

C:Programme Files\wild games\Tradewinds 2\tw2_vista-WT.exe >[embedded_o#0c6000]

I hope this is what you were asking?  :-\ thanks for trying to help me  :)

I haven't played that game for ages...  :-\
« Last Edit: July 21, 2010, 07:57:00 PM by Lindabee »

Lindabee

  • Guest
Re: Please help! unable to put high threat into chest on avast 5
« Reply #3 on: July 21, 2010, 08:01:54 PM »

The threat is called: win32:SkiMorph [cryp]  ???

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89427
  • No support PMs thanks
Re: Please help! unable to put high threat into chest on avast 5
« Reply #4 on: July 21, 2010, 09:56:03 PM »
Because this signature has the [cryp] indicates it is encrypted I don't know how accurately the scan can be as it is encrypted.

Is this Tradewinds 2 a game that you have installed yourself and has it been on your system for some time ?
If so it is possible that the encryption is to protect copyright (I don't know that for sure), but normally there shouldn't be much reason for files to be encrypted.

This is by WildTangent, Inc. and is often associated with adware/spyware, so there may well be something in there that is considered spyware.

You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here the URL in the Address bar of the VT results page. You can't do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.

- avast5 - Create a folder called Suspect in the C:\ drive. Now exclude that folder in the File System Shield, Expert Settings, Exclusions, Add, type (or copy and paste) C:\Suspect\* That will stop the File System Shield scanning any file you put in that folder. Now enter the chest again and Extract the file to the Suspect folder and upload it to VT.

Also see http://www.sunbeltsecurity.com/threatdisplay.aspx?name=Trojan.Win32.SkiMorph&tid=4663574&cs=B7601222008CAFBC78FD9080E9349881 and the recommendation is to remove.

So personally I would be looming at uninstalling this game if there is any doubt about it at all.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.6.6121 (build 24.6.9241.848) UI 1.0.809/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Lindabee

  • Guest
Re: Please help! unable to put high threat into chest on avast 5
« Reply #5 on: July 21, 2010, 10:11:15 PM »
Thank you very very much for taking the time out to help me  :)

It will take me ages to slowly work through what you have detailed above as I'm not very IT wired!

I downloaded that game about 18mths ago, and its the first time its ever come up as a problem, ... but i don't know how virus's work, maybe they attach to other things? I would happily delete it... would that also delete the problem (she says hopefully?  ;D ??? )

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89427
  • No support PMs thanks
Re: Please help! unable to put high threat into chest on avast 5
« Reply #6 on: July 21, 2010, 10:22:57 PM »
That is the problem with new signatures being added all the time something which in the past got through is not picked up. Though it goes to show it isn't too serious, in that is doesn't seem to adversely effect your system (presumably you don't play it very much).

I'm not to familiar with the win32:SkiMorph malware name as to exactly what it does, usually spyware gathers data that would be useful to the game makers.

If you removed the game, for sure it wouldn't be detected by avast and personally I doubt this would have spawned anything else, but you can run some other tools.

If you haven't already got this software (freeware), download, install, update and run it and report the findings (it should product a log file).

Don't worry about reported tracking cookies they are a minor issue and not one of security, allow SAS to deal with them though. - See http://en.wikipedia.org/wiki/HTTP_cookie.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.6.6121 (build 24.6.9241.848) UI 1.0.809/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Lindabee

  • Guest
Re: Please help! unable to put high threat into chest on avast 5
« Reply #7 on: July 21, 2010, 11:43:54 PM »
Oh Phew! ... have to admit, that sounds easier for me to do  ;D I think I'll delete the programme, then run the software you've kindly suggested.. I think I last played it 18 months ago...

for two weeks my computer screen keeps going off, as if its asleep, but when you press the space-bar, it won't wake up.. and if it doesn't go off, it suddenly gets different coloured horizontal lines all over the screen... I've done the basics of getting a new graphics driver, and when things still didn't change, I system restored to an earlier date prior to all this happening.. no help, but then vaio support suggested I may have a virus, so I ran this full scan and thats what got me here..! hopefully, I'll delete the programme and my problems will be no more  :D ;D :)

Thank you very much for helping me  8) xx ps I'm in safe mode which seems ok, thank god :D
« Last Edit: July 21, 2010, 11:53:16 PM by Lindabee »

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89427
  • No support PMs thanks
Re: Please help! unable to put high threat into chest on avast 5
« Reply #8 on: July 22, 2010, 12:12:48 AM »
You're welcome, though I doubt what you are describing the screen going off and not coming out of sleep is related to this. As unless the file were actually running it is dormant, presumably you found this on an on-demand scan ?

Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.6.6121 (build 24.6.9241.848) UI 1.0.809/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Lindabee

  • Guest
Re: Please help! unable to put high threat into chest on avast 5
« Reply #9 on: July 22, 2010, 12:24:13 AM »
erm.. I think the answer is yes.. I told avast! to do a scan... I usually just run the quick scan, but today I chose the deep one.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89427
  • No support PMs thanks
Re: Please help! unable to put high threat into chest on avast 5
« Reply #10 on: July 22, 2010, 12:28:30 AM »
I think the answer is yes too (that is what an on-demand scan means, one that you initiate) ;D

So the file itself was lying dormant.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.6.6121 (build 24.6.9241.848) UI 1.0.809/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Lindabee

  • Guest
Re: Please help! unable to put high threat into chest on avast 5
« Reply #11 on: July 22, 2010, 12:37:49 AM »
Haha ;D I did say I was useless!

Oh well, at least I'll get rid of the virus if not the problem  :)

Offline Rednose

  • Pirate Party Member
  • Avast Überevangelist
  • Massive Poster
  • *****
  • Posts: 3742
  • Bits of Freedom : https://www.bof.nl
    • Nederlandstalig Avast! forum
Re: Please help! unable to put high threat into chest on avast 5
« Reply #12 on: July 22, 2010, 01:24:23 AM »
Hi Lindabee :)

If you would like to have a ( second ) opinion about malware, we have a procedure for that :

http://forum.avast.com/index.php?topic=53253.0

Greetz, Red.
OS: Win 10 / iOS 17 / Debian 12 / Tails 6
Real Time: Avast Premium Security
On Demand: Malwarebytes
VPN: NordVPN ( NordLynx ) with Threat Protection ( Lite )

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89427
  • No support PMs thanks
Re: Please help! unable to put high threat into chest on avast 5
« Reply #13 on: July 22, 2010, 01:35:54 AM »
I think that is possibly a bit daunting, given Lindabee's comments, MBAM and SAS as suggested aren't to daunting when taken one step at a time ;D
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.6.6121 (build 24.6.9241.848) UI 1.0.809/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Lindabee

  • Guest
Re: Please help! unable to put high threat into chest on avast 5
« Reply #14 on: July 22, 2010, 06:45:18 PM »
Hi Lindabee :)

If you would like to have a ( second ) opinion about malware, we have a procedure for that :

http://forum.avast.com/index.php?topic=53253.0

Greetz, Red.

Hello Red  :)

Thank you for trying to help me  8) Its a bit beyond me I think, but I really appreciate it  8)