Hello together!

I do not want to spread any panic or make any false acusations, but a weird story happenend today to me:

I am using WinXP Prof. SP2 with all latest updates. I have AVG Anti-Virus 7.5 and Commodo Firewall (all updated) installed and I am running the 137 Beta of Skype 3.0.

My AntiVirus (Real-time protection) suddenly found two viruses today: "Trojan Horse Generic2.JMN" and "Trojan Horse Collected 9.R". It is found within different files after a complete system scan. I did not have a virus or similar on my computer since years.

I have not installed anything during the last weeks and I know what I am doing on my computer.

So far, so good.

A friend of mine also uses Skype 3.0 Beta, he came back from his holiday yesterday. Today he told me that today he had exactly these two viruses on his computer, too.

We did not transfer any files by whatever channel. The only thing our machines have in common is that we run Skype 3.0 Beta for Windows and are contacts via Skype.

Did something like this happen to anyone else?

I did not find these Trojans listen on AVG's Virus Encyclopedia.

You can get viruses by just opening attachment sent by other people or attachments in email.

Are you sure that AVG did not found these things by just checking incoming email, file transfer etc?

I can say that for sure that these do not came from Skype.

Zone Alarm Security Suite shows none.

have tried f-secure, and etrust ez encyclopedias too as well as several online searches, couldn't find those... i would agree they do not originate from skype.


---edit section---

if the antivirus softwares cant remove the viruses this user has, let's assume only AVG picks them up but is unable to remove them, can anyone offer the poster any advice other than completely wiping out the system and doing clean installs?

---end ofedit section----

Just in case it was a false positive by AVG, I just scanned the Skype 3.0.0.137 executable using AVG 7.5 (database 268.14.17/553) and it's fine, nothing detected.

Sorry, perhaps I did not make myself clear enough.

I did not mean that the trojans were found within the files of Skype.

They were found on my computer as well as my friends computer at the same time.

We both know very well how to handle our computers, make all necessary updates, use other browsers like Opera etc.

The only connection our two computers have is that we both use Skype 3.0 beta and are contacts.

Might just be an ocasion, but could also be a bot using the Skype network. Remember those MSN viruses which spread. That was the reason why I posted it.

thanks for the clearing up, i think everyone understood that, but wanted to make it clear that skype is not responsible (we're all very defensivce of skype you see).

i do acknowledge that you are saying two very independent computers, sharing only skype 3.0beta as a common ground, both have found these trojans, so i do agree that it would seem logical to assume that there is a possibility that maybe skype is being used by hackers as a channel of access. however, i do doubt this. my comment/reasoning would be with many things, at first there seems to be only one link, things seem independent and we find that one link, focus on it and overlook all others... but sometimes there is more.. perhaps you and a friend both used the same installation file for say a computer game that was infected? perhaps you and the friend exchange software cd's... there are many possibilities... today even image files can carry complex viruses.

definately an interesting case in my opinion.. also i am thankful you provided the images, which indicate the viruses were successfully deleted. am pleased to see that

http://www.skype.com/security/bulletins.html

Don't blatantly deny something that might be possible

i may be wrong, BUT... in the page you linked to, there is no mention of 3.* version being affected software (which is what the poster is using)

furthermore, might is such an ugly word.... do you not ever make appointments?
are you a credit card holder?

how can you make an appointment, or arrange to pay someone in the future when there is always the possibility that the world "might" enter world war 3 tonight and that you "might" not see that future... buy making these future appointments, these promises that are to be delivered tomorrow, you, my friend, are blatantly denying something that "might" be possible.

hence,

i have and i continue to blatantly deny something that might be possible. and on that note i have no guilt in doing so whatsoever.

Well obviously there's not, pretend that you'd know of a vulnerability in Skype version X.YY and you are abusing it. Do you report it, so Skype staff can fix it and put a notice to that page so people know about it and update their Skype version, so that they aren't affected by it anymore? Besides, that link is just an example that there has been bugs in older versions of Skype that (choose a verb that suits you; [have, might, could, can, may, will, is] [be/been/being]) used in the latest Skype 3.0 Beta the way the first post says.

Well would you like me to falsely announce that Skype 3.0 Beta has vulnerabilities that can be used to pWn your computer? I didn't think so, "might" it is then.

Neither did the men and women who burnt the people accused of witchcraft. They just blatantly accepted "the fact" that who they where burning were witches.

indeed you do make some very valid points... but for the sake of argument (as i so love to do)




first a thank you, not sarcastic, but genuine, for the choice of words...lol. they do go to show that life is full of possibilities... who shouldn't go around looking for all of them, sometimes possibilities of one event are insignificant enough to be overlooked/ignored... in my opinion the possibility i was blatantly denying was such an event... however, i do accept it may not have the same value to everyone. i appreciate that. and i appreciate that through these discussions we can all learn a lil (just as you have brought to my attention the security bulletin) so these discussions do pay off as well as being fun.


see, on that note, with the comment "i didn't think so" you have blatantly denied the possibility i might say yes... and forgetting the sake of argument, my genuine responce would have been "yes". i would like you to do that, because then it might give this forum the life it once had. would make people a lil active again and would certainly be entertaining for a while. so, "might" is is not then.



now these sorts of dicussions always upset ppl when held in public... but... actually a lot of witch trials, though probably not correct in the witch context were based on more solid evidence such as people stealing, plotting against others, attempting black magic (not bothered wether or not it works) etc... so actually in my opinion most were criminals and therefore deserved to be burnt... however, i do note many innnocent people were burnt... well, that's life, innocent ppl sometimes get caught up in it... in any capital punishment system some innocents die. it's the price society must pay... and yes i am all for capital punishment, and therefore the witch trials comment makes no difference to my opinion witch trials still happen, it'scalled the legal system (happens in every country, we look for someone to blame, even on the forums, most cases it's skype we blame)