Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Processor - Hacking Tool & Tracking Cookies


  • Please log in to reply
5 replies to this topic

#1 resurrectme

resurrectme

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:49 AM

Posted 04 May 2006 - 08:26 PM

What a great job you guys do... thanks.

My problem is:

Three or so weeks ago I was infected by spywarequake and various other junk. i followed the posted instructions in the forums and was able to remove spywarequake and whatever else was hijacking my IE.

I had to go away for a couple of weeks and couldn't finish removing all spyware in time. So, at the moment my computer has 2 hacking tools (named Processor) & a number of tracking cookies ( Data Miners).

During the process of removing spywarequake I downloaded: Panda ActiveScan Pro; Ad-Aware SE Personal; and Spybot.

These programs clean (not permenatly though) everything, but they can't remove the hacking tool.

Can you help?

Oh... one more thing :thumbsup: MY computer is randomly starting up on it's own.... i had this once before when i was infected with a virus...

Thanks for your time,

Jeffrey

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,143 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:49 PM

Posted 05 May 2006 - 06:42 AM

It would be helpful if you could provide the names of these bad files so we could see exactly what we are dealing with.

However, if your running Win XP/2000, download and scan with Ewido Anti-Malware v3.5
Ewido Install and Scan Instructions

Make sure you have setup & configured Ad-aware as shown here, then rescan.

Make sure you have setup & configured Spybot S&D as shown here, then rescan.

When done, perform these online scans:
[Watch the Address bar in IE. You may receive alerts that "This site might require the following ActiveX control...Click here to install...". Click on that alert and then Click Install ActiveX component.]
Trend Micro Housecall Scan
a-squared Web Malware Scanner
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 resurrectme

resurrectme
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:49 AM

Posted 08 May 2006 - 05:40 AM

Thanks,

i've been away from the house so i'll try these scans now.

Panda Active Scan identifies the hacking tool as "Processor". They say it poses a low threat but i would still like to remove it.

I use Windows XP.

Thanks again,

jeffrey

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,143 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:49 PM

Posted 08 May 2006 - 06:46 AM

Is is Processor or process.exe?

The smitfraudfix uses process.exe which is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 resurrectme

resurrectme
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:49 AM

Posted 08 May 2006 - 08:24 AM

Well, Panda Active Scan says it is called Processor, but your suggestion of it being process.exe makes sense because it's location is within the smitfraudfix folder.

That puts my mind at ease now.

Thanks alot for all the effort that is put into this service. i'm sure i'll be back to learn more...

Thanks for your time,

jeffrey

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,143 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:49 PM

Posted 08 May 2006 - 08:31 AM

Your welcome.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users