What are these rookits Avast Anti rootkit found?

norton has neglected me sooo much…

avast! Antirootkit, version 0.9.6
Scan started: Sunday, May 10, 2009 7:51:00 PM

File C:\Documents and Settings\John ****\Local Settings\Temp~DFC5D0.tmp HIDDEN
File C:\Documents and Settings\John ****\Local Settings\Temp~DFC5E5.tmp HIDDEN

Scan finished: Sunday, May 10, 2009 8:02:17 PM
Hidden files found: 2
Hidden registry items found: 0
Hidden processes found: 0
Hidden services found: 0
Hidden boot sectors found: 0

**** is my last name

Well the beta version of the avast anti-rootkit was intended to be released as stand alone but that Idea didn’t come to fruition and it didn’t get any further development (as far as I’m aware) so it isn’t at the same level as the one in the main anti-virus, unfortunately if using an older OS that isn’t an option.

However, on with what was found, it is strange that something in a Temp folder would be hidden. Since it is in a Temp location there is no issue in clearing out all your temp files.

Could I try running it through virustotal

Waste of time IMHO as they are in a temp location and are themselves .tmp (temp) files. As I mentioned the beta version of the anti-virus is really old and threw up many entries in scans an it wasn’t too accurate.

Ok, but just in case, How do I clean my temp files

You could run windows’ own “Disk Cleanup” in your “System tools” section of your start menu.

Or try windows Cleanup! http://www.stevengould.org/index.php?option=com_content&task=view&id=28&Itemid=70

Or CCleaner http://www.ccleaner.com/

Or, just delete the files manually.

Most people use a tool like CCleaner - Temp File Cleaner, etc. or ClearProg - Temp File Cleaner. But there is nothing like the old fashioned way go to the temp folder/s using explorer and delete the contents, select all the Ctrl+A keys selects all files in the folder, the delete key.

I got CCleaner, and what would the rege cleaner do? Would it harm my system if I used it?

hmmm, Im just hit clean and one of the files it deleted had the words Server spy, another one with the word spy was before that but I couldnt read all of it

I only use ccleaner to clear out temp files, I prefer to use a speciality registry cleaner for that purpose, but this isn’t something that you so approach without extreme caution (not to mention some knowledge of the registry) as it could seriously spoil your day. The main thing before doing anything like this is the ensure that when asked, make a bakeup, answer Yes, so it is possibly to reverse the actions.

ok, but is there any malware called server spy

I haven’t the slightest idea, there are tons of malware names and even more legit names, so without detailed information, there really is no way to say one way or another.

Remember it wouldn’t be actually deleting a file but a registry entry, referring to a file.


The answer is easily found using Google. Here is a search through ScanDoo/google :

http://g.s.scandoo.com/search?hl=en&meta=on&q=server+spy

It seems to be a legitimate program.

Do you use Firefox browser? https://addons.mozilla.org/en-US/firefox/addon/2036

The above is just one of many examples from the search results in the first link.


Yeah, but I dont have the add on, ok. Im probably done here.Thanks!