Author Topic: What are these rookits Avast Anti rootkit found?  (Read 4735 times)

0 Members and 1 Guest are viewing this topic.

Offline John2009

  • Sr. Member
  • ****
  • Posts: 209
What are these rookits Avast Anti rootkit found?
« on: May 11, 2009, 02:06:38 AM »
norton has neglected me sooo much...

avast! Antirootkit, version 0.9.6
Scan started: Sunday, May 10, 2009 7:51:00 PM

File C:\Documents and Settings\John ****\Local Settings\Temp\~DFC5D0.tmp  **HIDDEN**
File C:\Documents and Settings\John ****\Local Settings\Temp\~DFC5E5.tmp  **HIDDEN**

Scan finished: Sunday, May 10, 2009 8:02:17 PM
Hidden files found: 2
Hidden registry items found: 0
Hidden processes found: 0
Hidden services found: 0
Hidden boot sectors found: 0

**** is my last name

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83756
  • No support PMs thanks
Re: What are these rookits Avast Anti rootkit found?
« Reply #1 on: May 11, 2009, 02:23:13 AM »
Well the beta version of the avast anti-rootkit was intended to be released as stand alone but that Idea didn't come to fruition and it didn't get any further development (as far as I'm aware) so it isn't at the same level as the one in the main anti-virus, unfortunately if using an older OS that isn't an option.

However, on with what was found, it is strange that something in a Temp folder would be hidden. Since it is in a Temp location there is no issue in clearing out all your temp files.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 2004 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.7.2425 (build 20.7.5568.595) UI-1.0.558/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline John2009

  • Sr. Member
  • ****
  • Posts: 209
Re: What are these rookits Avast Anti rootkit found?
« Reply #2 on: May 11, 2009, 02:24:13 AM »
Could I try running it through virustotal

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83756
  • No support PMs thanks
Re: What are these rookits Avast Anti rootkit found?
« Reply #3 on: May 11, 2009, 02:32:56 AM »
Waste of time IMHO as they are in a temp location and are themselves .tmp (temp) files. As I mentioned the beta version of the anti-virus is really old and threw up many entries in scans an it wasn't too accurate.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 2004 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.7.2425 (build 20.7.5568.595) UI-1.0.558/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline John2009

  • Sr. Member
  • ****
  • Posts: 209
Re: What are these rookits Avast Anti rootkit found?
« Reply #4 on: May 11, 2009, 02:52:36 AM »
Ok, but just in case, How do I clean my temp files

Offline scythe944

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 2913
    • My Tech Blog
Re: What are these rookits Avast Anti rootkit found?
« Reply #5 on: May 11, 2009, 03:03:57 AM »
You could run windows' own "Disk Cleanup" in your "System tools" section of your start menu.

Or try windows Cleanup! http://www.stevengould.org/index.php?option=com_content&task=view&id=28&Itemid=70

Or CCleaner http://www.ccleaner.com/

Or, just delete the files manually.
For generic computer (not avast) problems, you can also visit my forum for help: http://www.jacobytech.net/forum

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83756
  • No support PMs thanks
Re: What are these rookits Avast Anti rootkit found?
« Reply #6 on: May 11, 2009, 03:09:48 AM »
Most people use a tool like CCleaner - Temp File Cleaner, etc. or ClearProg - Temp File Cleaner. But there is nothing like the old fashioned way go to the temp folder/s using explorer and delete the contents, select all the Ctrl+A keys selects all files in the folder, the delete key.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 2004 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.7.2425 (build 20.7.5568.595) UI-1.0.558/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline John2009

  • Sr. Member
  • ****
  • Posts: 209
Re: What are these rookits Avast Anti rootkit found?
« Reply #7 on: May 11, 2009, 05:42:21 AM »
I got CCleaner, and what would the rege cleaner do? Would it harm my system if I used it?

Offline John2009

  • Sr. Member
  • ****
  • Posts: 209
Re: What are these rookits Avast Anti rootkit found?
« Reply #8 on: May 11, 2009, 05:47:35 AM »
hmmm, Im just hit clean and one of the files it deleted had the words Server spy, another one with the word spy was before that but I couldnt read all of it

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83756
  • No support PMs thanks
Re: What are these rookits Avast Anti rootkit found?
« Reply #9 on: May 11, 2009, 03:40:46 PM »
I got CCleaner, and what would the rege cleaner do? Would it harm my system if I used it?

I only use ccleaner to clear out temp files, I prefer to use a speciality registry cleaner for that purpose, but this isn't something that you so approach without extreme caution (not to mention some knowledge of the registry) as it could seriously spoil your day. The main thing before doing anything like this is the ensure that when asked, make a bakeup, answer Yes, so it is possibly to reverse the actions.

WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 2004 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.7.2425 (build 20.7.5568.595) UI-1.0.558/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline John2009

  • Sr. Member
  • ****
  • Posts: 209
Re: What are these rookits Avast Anti rootkit found?
« Reply #10 on: May 11, 2009, 11:21:47 PM »
ok, but is there any malware called server spy

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83756
  • No support PMs thanks
Re: What are these rookits Avast Anti rootkit found?
« Reply #11 on: May 12, 2009, 12:22:14 AM »
I haven't the slightest idea, there are tons of malware names and even more legit names, so without detailed information, there really is no way to say one way or another.

Remember it wouldn't be actually deleting a file but a registry entry, referring to a file.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 2004 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.7.2425 (build 20.7.5568.595) UI-1.0.558/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline CharleyO

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 7085
  • Be alert for error code - ID 10T
Re: What are these rookits Avast Anti rootkit found?
« Reply #12 on: May 12, 2009, 08:31:29 AM »
***

The answer is easily found using Google. Here is a search through ScanDoo/google :

http://g.s.scandoo.com/search?hl=en&meta=on&q=server+spy

It seems to be a legitimate program.

Do you use Firefox browser?      https://addons.mozilla.org/en-US/firefox/addon/2036

The above is just one of many examples from the search results in the first link.


***
Self-built desktop (8 years old) - AMD64 3200+_Gigabyte GA-K8NS Ultra-939_4 gb RAM_GeForceFX 5800w/256 ram_XP/SP3_Avast 7_MBAM_ZA Free __and__ Toshiba Satellite Laptop_W7-64bit_ 4 gb Ram_Avast 8_MBAM

Offline John2009

  • Sr. Member
  • ****
  • Posts: 209
Re: What are these rookits Avast Anti rootkit found?
« Reply #13 on: May 12, 2009, 02:07:24 PM »
Yeah, but I dont have the add on, ok. Im probably done here.Thanks!