Attention COTH Skype users: Skype Virus Warning

[ImagenAshyun]

http://trojan-killer.net/beware-virus-sk...-gl-links/

The virus started from a hack into Mezrin's Skype account then spread to those in his contact list. Other users such as myself, CappnRob, Reese, KageAcuma, etc., may be sending it too. You may be seeing similar links from other users in your contact list.

Do not click on the link--it is a trojan wherein upon download, it'll infect your files. Click onto the link I provided in this post (NOT the "lol is this your profile pic?"), which will include some instructions. Also run your anti-virus, anti-malware, anti-spyware, and other cleanup programs.

Beware that some files may not be able to be removed. These can be sought out manually, the processes disabled via your Task Manager, then deleted manually.

ADDED: You need to remove the trojan itself as well, not just the viruses. Here is a tutorial: http://www.bleepingcomputer.com/tutorial...r-malware/

[Kage]

Saddly I do not know what I'm looking for when I'm trying to find these files. Anyway you can let me know what I should be looking for?

[ImagenAshyun]

Look for randomly named files. An example is "D4C8.exe".

For Windows PC users, you can hunt these down by going to your Task Manager, then clicking on the Processes tab. Right-click and select "Open File Location". You'll be directed to the folder where all the viruses are being stored. If you can't remove them, it's because the process is running. Close the process in the Task Manager and delete them, then remove them from your Recycling Bin.

Given that this is a Trojan, you may not be able to find them all at once. Keep on the lookout. Continuously run your anti-virus/malware programs until you clean your computer. It's likely you'll need to run them multiple times before they're completely gone.

Since I don't run a Mac, I can't offer advice there.

[PvtFrog]

How would someone know if they've been infected?

[Reese]

The common message i've been getting is "lol is this your profile pic?"

So yeah. Now you know.

[ImagenAshyun]

If they didn't click the link, they should be fine.

If they did but didn't open the zip file, I still recommend not taking any chances and remove it entirely then run your anti-virus. But if you surely opened it, you will be infected.

Nevertheless, just run your anti-virus and other anti-malware programs. Doing so should be a regular habit anyway.

[Piken]

Also a tip: If you see something in your processes that you're not really sure what it is, do a google search on it. More often than not, it'll be some random process you never really know about that isn't too important, but it can definitely help educate yourself on what should and shouldn't be in your processes on a normal day. <nod>

[Ormica]

Luckily I do a clean through everyday YAY! Though my skype got deleted and I'm to lazy to get it back up :P I'll be up tomarrow on skype, glad you told me about it though

[ImagenAshyun]

Added to the original post: http://www.bleepingcomputer.com/tutorial...r-malware/

[Rowgen]

... Luckily I read this before I logged on Skype and didn't click the link when I got it. Thanks a lot, Immy!

[Ebenezer]

Guess I'm safe as nobody has talked to me on Skype for a while. :)

Nevermind.

[Holynexus]

I've been checking my processes, and everything looks good.

I never click on random links. >.>

[McKnighter]

I clicked on the link... But from my iPhone! It couldn't download the file, which made me suspicious and then I found out that it was a trap. Not to mention I saw two other messages that said the same thing.

Hope everyone comes out okay! I'd suggest watching your bank accounts, just in case.

[Nikodemos]

Bleepingcomputer.com is great.

Malware has become increasingly complex in recent years, expecially in the case of rootkits and the like. Google searches, while being effective enough, can be misleading as nearly every system process can be corrupted and the majority of malware issues retain similar symptoms. My advice concerning manual removal, assuming that you are not a malware expert, is to seek aid from someone who is. Post a system log from a program such as Hijackthis on the bleepingcomputer forum along with a short summary of what you believe the problem to be. I knew that I had aquired a pilar rootkit and they were able to manage my thread rather quickly... that and they're just great. I advise keeping them in your favorites.

[Ural]

...my brain doesn't work this early in the morning.

Sorry!