Video Screencast Help

Virus sent through Skype

Created: 26 Apr 2013 | 2 comments

Dear Moderator / Technician

My computer has just been affected by a virus and I seem to be unable to remove it.

The infected file was sent by a trustworthy contact and presented as a PDF file. As my contact and I share a lot of files through Skype for professional reasons, I was not aware that this would be a virus.

The virus saves itself on the location you have last saved a file sent through skype on (in my case, the Desktop) and when you open the file, it suddenly becomes unavailable and your skype history gets deleted. In addition, when you try to send a Skype message, it gets automatically deleted.

Worrying thing is that two of my skype contacts sent me empty messages so I suspect they were infected as well.

I asked my contact to confirm that Google Chrome cannot open any session and he did. I tried to uninstall Chrome but it would not let me.

I have run a virus scan and it found one trackware file (name unavailable) but I do not believe this is the solution to the problem.

Any guidance you could give would be much appreciated.

Eric

Operating Systems:

Comments 2 CommentsJump to latest comment

ᗺrian's picture

Do you still have the PDF? If so, you need to submit to Symantec Security Reposnse immediately here:

https://www.symantec.com/security_response/submits...

Also, submit to virustotal to see what else is detecting it

https://www.virustotal.com

Run Symantec Power Eraser on it to see what is detected. See this thread:

https://www-secure.symantec.com/connect/forums/you...

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Mithun Sanghavi's picture

Hello,

I hope you have the Latest version of Skype installed on the machine.

Make sure the machine is installed with all features of SEP and it has the Latest Symantec virus definitions.

I would suggest you to submit the suspicious files which gets detected by SymHelp tool by zipping them (without password) to the Symantec Security Response Team on :

https://submit.symantec.com/websubmit/essential.cgi

We also offer a self-service site to analyze files, at http://www.threatexpert.com, which can give you more information on the files you submit to it.

Check these Articles:

Using Symantec Help (SymHelp) Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

https://www-secure.symantec.com/connect/articles/using-symantec-help-symhelp-tool-how-do-we-collect-suspicious-files-and-submit-same-symante

Symantec Power Eraser using Symantec Help (SymHelp) Tool.

https://www-secure.symantec.com/connect/articles/symantec-power-eraser-using-symantec-help-symhelp-tool

Hope that helps!!

Mithun Sanghavi
Associate Security Architect

MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.