Author Topic: What are these rookits Avast Anti rootkit found?  (Read 6247 times)

0 Members and 1 Guest are viewing this topic.

John2009

  • Guest
What are these rookits Avast Anti rootkit found?
« on: May 11, 2009, 02:06:38 AM »
norton has neglected me sooo much...

avast! Antirootkit, version 0.9.6
Scan started: Sunday, May 10, 2009 7:51:00 PM

File C:\Documents and Settings\John ****\Local Settings\Temp\~DFC5D0.tmp  **HIDDEN**
File C:\Documents and Settings\John ****\Local Settings\Temp\~DFC5E5.tmp  **HIDDEN**

Scan finished: Sunday, May 10, 2009 8:02:17 PM
Hidden files found: 2
Hidden registry items found: 0
Hidden processes found: 0
Hidden services found: 0
Hidden boot sectors found: 0

**** is my last name

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88897
  • No support PMs thanks
Re: What are these rookits Avast Anti rootkit found?
« Reply #1 on: May 11, 2009, 02:23:13 AM »
Well the beta version of the avast anti-rootkit was intended to be released as stand alone but that Idea didn't come to fruition and it didn't get any further development (as far as I'm aware) so it isn't at the same level as the one in the main anti-virus, unfortunately if using an older OS that isn't an option.

However, on with what was found, it is strange that something in a Temp folder would be hidden. Since it is in a Temp location there is no issue in clearing out all your temp files.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

John2009

  • Guest
Re: What are these rookits Avast Anti rootkit found?
« Reply #2 on: May 11, 2009, 02:24:13 AM »
Could I try running it through virustotal

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88897
  • No support PMs thanks
Re: What are these rookits Avast Anti rootkit found?
« Reply #3 on: May 11, 2009, 02:32:56 AM »
Waste of time IMHO as they are in a temp location and are themselves .tmp (temp) files. As I mentioned the beta version of the anti-virus is really old and threw up many entries in scans an it wasn't too accurate.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

John2009

  • Guest
Re: What are these rookits Avast Anti rootkit found?
« Reply #4 on: May 11, 2009, 02:52:36 AM »
Ok, but just in case, How do I clean my temp files

Offline scythe944

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 2913
    • My Tech Blog
Re: What are these rookits Avast Anti rootkit found?
« Reply #5 on: May 11, 2009, 03:03:57 AM »
You could run windows' own "Disk Cleanup" in your "System tools" section of your start menu.

Or try windows Cleanup! http://www.stevengould.org/index.php?option=com_content&task=view&id=28&Itemid=70

Or CCleaner http://www.ccleaner.com/

Or, just delete the files manually.
For generic computer (not avast) problems, you can also visit my forum for help: http://www.jacobytech.net/forum

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88897
  • No support PMs thanks
Re: What are these rookits Avast Anti rootkit found?
« Reply #6 on: May 11, 2009, 03:09:48 AM »
Most people use a tool like CCleaner - Temp File Cleaner, etc. or ClearProg - Temp File Cleaner. But there is nothing like the old fashioned way go to the temp folder/s using explorer and delete the contents, select all the Ctrl+A keys selects all files in the folder, the delete key.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

John2009

  • Guest
Re: What are these rookits Avast Anti rootkit found?
« Reply #7 on: May 11, 2009, 05:42:21 AM »
I got CCleaner, and what would the rege cleaner do? Would it harm my system if I used it?

John2009

  • Guest
Re: What are these rookits Avast Anti rootkit found?
« Reply #8 on: May 11, 2009, 05:47:35 AM »
hmmm, Im just hit clean and one of the files it deleted had the words Server spy, another one with the word spy was before that but I couldnt read all of it

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88897
  • No support PMs thanks
Re: What are these rookits Avast Anti rootkit found?
« Reply #9 on: May 11, 2009, 03:40:46 PM »
I got CCleaner, and what would the rege cleaner do? Would it harm my system if I used it?

I only use ccleaner to clear out temp files, I prefer to use a speciality registry cleaner for that purpose, but this isn't something that you so approach without extreme caution (not to mention some knowledge of the registry) as it could seriously spoil your day. The main thing before doing anything like this is the ensure that when asked, make a bakeup, answer Yes, so it is possibly to reverse the actions.

Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

John2009

  • Guest
Re: What are these rookits Avast Anti rootkit found?
« Reply #10 on: May 11, 2009, 11:21:47 PM »
ok, but is there any malware called server spy

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88897
  • No support PMs thanks
Re: What are these rookits Avast Anti rootkit found?
« Reply #11 on: May 12, 2009, 12:22:14 AM »
I haven't the slightest idea, there are tons of malware names and even more legit names, so without detailed information, there really is no way to say one way or another.

Remember it wouldn't be actually deleting a file but a registry entry, referring to a file.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

CharleyO

  • Guest
Re: What are these rookits Avast Anti rootkit found?
« Reply #12 on: May 12, 2009, 08:31:29 AM »
***

The answer is easily found using Google. Here is a search through ScanDoo/google :

http://g.s.scandoo.com/search?hl=en&meta=on&q=server+spy

It seems to be a legitimate program.

Do you use Firefox browser?      https://addons.mozilla.org/en-US/firefox/addon/2036

The above is just one of many examples from the search results in the first link.


***

John2009

  • Guest
Re: What are these rookits Avast Anti rootkit found?
« Reply #13 on: May 12, 2009, 02:07:24 PM »
Yeah, but I dont have the add on, ok. Im probably done here.Thanks!