Donation Goal 
Donate Now Goal amount for this year: 799 USD, Received: 100 USD (13%)
Please donate to help support this website. The funds will be used to purchase owned license of LiteSpeed Web Server Enterprise (2-CPU). It provides superior performance in terms of raw speed, scalability and anti-DDoS capabilities.

Results 1 to 3 of 3
  1. 02-11-2010 #1
    dredge
    dredge is offline
    Senior Techie
    Points: 3,445, Level: 36
    Level completed: 64%, Points required for next Level: 55
    Overall activity: 0.4%
    Achievements:
    31 days registered3 months registered100 Experience Points500 Experience Points1000 Experience Points
    dredge's Avatar
    Join Date
    Oct 2009
    Posts
    223
    Liked
    1 times

    Is these entries virus or trojan?

    I am now using windows 7. However, I found some process that does not appear before but it's running now when I ran Hijackthis(just to inspect). I googled it but it seems like Prevyx and some forums suggested that theses are viruses.So, are these infected processes?

    The processes:
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] D:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] D:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    Reply With Quote Reply With Quote
  2. 02-11-2010 #2
    hellnoire
    hellnoire is offline
    *nix Technical Support
    Points: 25,110, Level: 95
    Level completed: 76%, Points required for next Level: 240
    Overall activity: 18.0%
    Achievements:
    Recommendation Second Class31 days registered3 months registered1 year registeredTagger Second Class     Awards:
    Frequent Poster
    hellnoire's Avatar
    Join Date
    Jan 2009
    Location
    /home/hellnoire
    Posts
    10,231
    Liked
    293 times
    Sidebar.exe, both of them, are fine. They're your desktop sidebar\widgets, and assuming you're using Vista or 7, it's safe. (And you said you're using 7...)

    The other... mctadmin.exe is a microsoft tool in Windows 7 and Windows server 2008 R2 to allow Local Pack installation for a customized Windows 7 installation for a specific region. It also handles the themes.

    So they're safe.
    pacman -Syyu life not found in sync db
    Reply With Quote Reply With Quote
  3. 02-11-2010 #3
    bivas600
    bivas600 is offline
    Senior Techie
    Points: 4,055, Level: 40
    Level completed: 53%, Points required for next Level: 95
    Overall activity: 0.5%
    Achievements:
    31 days registered3 months registered1 year registered100 Experience Points500 Experience Points
    bivas600's Avatar
    Join Date
    Sep 2009
    Location
    india
    Posts
    266
    Liked
    0 times
    no they seemed to be harmless
    prevx3.0 is good as detection wise but catches too much fp
    nothing to worry dude
    Reply With Quote Reply With Quote
 

 
« could not log-in to raymond.cc | Windows pirates encouraged to install security patches »

Similar Threads

  1. 2000++ Trojan & virus infection, whar else should I do?
    By Raphael in forum Spyware/Viruses
    Replies: 80
    Last Post: 06-21-2010, 08:14 AM
  2. Trojan.Clicker.CM is False Positive or Virus?
    By bkgzb in forum Spyware/Viruses
    Replies: 7
    Last Post: 11-15-2009, 11:27 PM
  3. Need help on trojan horse virus ASAP!
    By Doink in forum Spyware/Viruses
    Replies: 4
    Last Post: 02-19-2009, 09:32 PM
  4. Trojan virus steals banking info
    By Mark in forum Spyware/Viruses
    Replies: 3
    Last Post: 11-07-2008, 11:56 PM
  5. Virus/trojan horse
    By hmdjimoh in forum Spyware/Viruses
    Replies: 13
    Last Post: 07-20-2008, 01:56 AM
All times are GMT +8. The time now is 09:02 PM.