Endpoint Protection

 View Only
  • 1.  Virus sent through Skype

    Posted Apr 26, 2013 09:01 AM

    Dear Moderator / Technician

     

    My computer has just been affected by a virus and I seem to be unable to remove it.

    The infected file was sent by a trustworthy contact and presented as a PDF file. As my contact and I share a lot of files through Skype for professional reasons, I was not aware that this would be a virus.

     

    The virus saves itself on the location you have last saved a file sent through skype on (in my case, the Desktop) and when you open the file, it suddenly becomes unavailable and your skype history gets deleted. In addition, when you try to send a Skype message, it gets automatically deleted.

    Worrying thing is that two of my skype contacts sent me empty messages so I suspect they were infected as well.

     

    I asked my contact to confirm that Google Chrome cannot open any session and he did. I tried to uninstall Chrome but it would not let me.

     

    I have run a virus scan and it found one trackware file (name unavailable) but I do not believe this is the solution to the problem.

     

    Any guidance you could give would be much appreciated.

     

    Eric



  • 2.  RE: Virus sent through Skype

    Posted Apr 26, 2013 09:04 AM

    Do you still have the PDF? If so, you need to submit to Symantec Security Reposnse immediately here:

    https://www.symantec.com/security_response/submitsamples.jsp

    Also, submit to virustotal to see what else is detecting it

    https://www.virustotal.com

    Run Symantec Power Eraser on it to see what is detected. See this thread:

    https://www-secure.symantec.com/connect/forums/your-system-infected-symantec-tools-help-clear-infection



  • 3.  RE: Virus sent through Skype

    Trusted Advisor
    Posted Apr 26, 2013 09:47 AM

    Hello,

    I hope you have the Latest version of Skype installed on the machine.

    Make sure the machine is installed with all features of SEP and it has the Latest Symantec virus definitions.

    I would suggest you to submit the suspicious files which gets detected by SymHelp tool by zipping them (without password) to the Symantec Security Response Team on :

    https://submit.symantec.com/websubmit/essential.cgi

    We also offer a self-service site to analyze files, at http://www.threatexpert.com, which can give you more information on the files you submit to it.

     

    Check these Articles:

    Using Symantec Help (SymHelp) Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

    https://www-secure.symantec.com/connect/articles/using-symantec-help-symhelp-tool-how-do-we-collect-suspicious-files-and-submit-same-symante

    Symantec Power Eraser using Symantec Help (SymHelp) Tool.

    https://www-secure.symantec.com/connect/articles/symantec-power-eraser-using-symantec-help-symhelp-tool

    Hope that helps!!