locked
SKYPE Dubious Background Process RRS feed

  • Question

  • Hello,

    First of all I want to mention that I don't use Skype.

    So here's the event that I'm seeking some help on.

    On 11/21/2020, using my laptop, I encountered a very strange event.  The only application I had manually open was my Firefox browser and I left my laptop idle.  After idling for about 10 minutes, I began to hear a person talking in Spanish or Portuguese as if I was hearing another phone call conversation.  At first I thought Firefox homepage was playing a video, so I scrolled up and down the homepage without finding any sort of video playing.  I closed the Firefox browser and I could still hear the man speaking in Spanish/Portuguese.  Once I had closed the browser, I saw multiple windows opened to my local 'DOWNLOAD' folder with multiple gibberish alphanumeric '.TMP' files and they're all time stamped within the same time I began to encounter the mysterious issue.  My hunch was that I was hacked and that someone had breached my laptop.

    I pulled up my task manager and notice that 'SKYPE' was running in the background and extremely utilizing my PC's CPU and Disk I/O.  Once I stopped the Skype process, the erroneous phone call I was hearing stopped.  That brings me to question if SKYPE was compromised? So quickly disconnected my laptop WIFI from the network.

    I have zipped up the unknown .tmp files that were created and deleted the original .tmp files.

    So this morning, Nov 22, 2020, I started up my laptop and I saw one dubious .tmp file create into my 'DOWNLOAD' folder around the same time I had logged onto my PC.  I open up Windows Task Manager and I could see that SKYPE was on the top of the list for utilizing CPU and Memory usage. In Task Manager, I clicked on the drop down for the running SKYPE process and notice one process that seem out of place.  This one SKYPE process had the following URL --- https://www.jabajo.pw/get/files?com: & the path properties for this strange SKYPE process is

    C:\Users\Chiefs Bulls Family\AppData\Local\Packages\Microsoft.Windows.Skype_cw5n1h2txyewy

    Hope this makes some sense.

    Like I mention before, I don't use Skype and I'm worried that Skype has a backdoor that has allowed someone access to my laptop or that SKYPE is actively eavesdropping even though I never use SKYPE nor even logged into it.


    Sunday, November 22, 2020 4:43 PM

Answers

All replies

  • I'd try asking for help over here.

    https://answers.microsoft.com/en-us/protect/forum

    https://answers.microsoft.com/en-us/skype/forum

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    • Proposed as answer by Guido Franzke Monday, November 23, 2020 7:07 AM
    • Marked as answer by Guido Franzke Friday, November 27, 2020 7:04 AM
    Sunday, November 22, 2020 5:03 PM
  • Thank you for the provided links to the correct forum.
    • Proposed as answer by KHURRAM RAHIM Thursday, December 3, 2020 7:28 AM
    Thursday, December 3, 2020 3:58 AM
  • You're welcome.

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Thursday, December 3, 2020 4:03 AM