Computer Newbies

General discussion

Avira (hidden objects)

by merceeee / April 23, 2010 6:10 PM PDT

Hi..I'm a newbie when it comes to computer so I really don't know that much..I'm still trying my best to learn by joining forums like this.. OK so here goes.. I use to have the free version of Avast but a friend of mine said that Avira is better so I downloaded it and installed it..Whenever I scan it always has the same numbers the scanned files etc..Hidden Objects showed 13 but when I checked the forums about it most of them said that there's nothing to be worried about it ( Are they right?) Now, I usually download at Kickass Torrents I'm always careful in reading the reviews..I never download when I have a feeling that something's wrong with it..I downloaded an episode and everything was ok..scanned by Avira no virus was found.. but when my friend downloaded the same episode she said Avast found a Virus in it so it got me really worried..( She uses Avast by the way..) after a week whenever Avira scans and updates my pc ( I scan in the morning and at night ) Morning scan says 13 hidden objects found at night 0 hidden Objects found..but no virus found in the same scan..but recently the numbers are already changing ( sorry I didn't copy but from now on I will )..Yesterday Prior to opening this website I just want to mention that I have McAfee Site Adviser and it was a green site I tell you..now I opened a website about American Idol eliminations ( I know its not necessary but I just want to be specific) a warning popped out saying they detected "MALWARE FOUND" so I quarantined it and deleted it..everything looks fine to me..but whenever I browse the net its a little slower than before ( I really don't have that much files just pictures and a few documents - less than 20 Microsoft Word files I think) Now I'm scanning and it says 1 hidden object found and its this one


HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\RNG\seed
[NOTE] The registry entry is invisible.


1. Should I be worried about this?
2. Could I have gotten the virus from the website I opened? (because it popped out at exactly the same moment I opened it)
3. What should I do about it?
4. Do you have any tips on how to keep my PC virus free?
5. Should I stop downloading at Kickass?

Xcess:
6. I know this is out of the topic but I also play Cafe world, Treasure Isle and Medical Mayhem in Facebook..Could I have gotten the virus there? I've heard of Farmville Viruses too that's where I got the idea of getting a virus from applications..

THANK YOU SO MUCH! Thank you for taking the time to read this forum..I will forever be grateful with whatever help you can offer me! Thanks!


and oh these are the results of the Avira report last night and today..


Avira AntiVir Personal
Report file date: Saturday, April 24, 2010 03:20

Scanning for 2037171 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 2) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : MERCY-AD01CE653

Version information:
BUILD.DAT : 10.0.0.567 32097 Bytes 4/19/2010 15:07:00
AVSCAN.EXE : 10.0.3.0 433832 Bytes 4/19/2010 18:01:43
AVSCAN.DLL : 10.0.3.0 46440 Bytes 4/19/2010 18:01:43
LUKE.DLL : 10.0.2.3 104296 Bytes 3/7/2010 10:33:04
LUKERES.DLL : 10.0.0.1 12648 Bytes 2/10/2010 15:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 01:05:36
VBASE001.VDF : 7.10.1.0 1372672 Bytes 11/19/2009 11:27:49
VBASE002.VDF : 7.10.3.1 3143680 Bytes 1/20/2010 09:37:42
VBASE003.VDF : 7.10.3.75 996864 Bytes 1/26/2010 08:37:42
VBASE004.VDF : 7.10.4.203 1579008 Bytes 3/5/2010 03:29:03
VBASE005.VDF : 7.10.6.82 2494464 Bytes 4/15/2010 07:01:45
VBASE006.VDF : 7.10.6.83 2048 Bytes 4/15/2010 07:01:45
VBASE007.VDF : 7.10.6.84 2048 Bytes 4/15/2010 07:01:46
VBASE008.VDF : 7.10.6.85 2048 Bytes 4/15/2010 07:01:46
VBASE009.VDF : 7.10.6.86 2048 Bytes 4/15/2010 07:01:46
VBASE010.VDF : 7.10.6.87 2048 Bytes 4/15/2010 07:01:47
VBASE011.VDF : 7.10.6.88 2048 Bytes 4/15/2010 07:01:47
VBASE012.VDF : 7.10.6.89 2048 Bytes 4/15/2010 07:01:48
VBASE013.VDF : 7.10.6.90 2048 Bytes 4/15/2010 07:01:48
VBASE014.VDF : 7.10.6.123 126464 Bytes 4/19/2010 18:01:43
VBASE015.VDF : 7.10.6.152 123392 Bytes 4/21/2010 18:00:45
VBASE016.VDF : 7.10.6.178 122880 Bytes 4/22/2010 18:00:40
VBASE017.VDF : 7.10.6.179 2048 Bytes 4/22/2010 18:00:40
VBASE018.VDF : 7.10.6.180 2048 Bytes 4/22/2010 18:00:40
VBASE019.VDF : 7.10.6.181 2048 Bytes 4/22/2010 18:00:41
VBASE020.VDF : 7.10.6.182 2048 Bytes 4/22/2010 18:00:41
VBASE021.VDF : 7.10.6.183 2048 Bytes 4/22/2010 18:00:42
VBASE022.VDF : 7.10.6.184 2048 Bytes 4/22/2010 18:00:42
VBASE023.VDF : 7.10.6.185 2048 Bytes 4/22/2010 18:00:43
VBASE024.VDF : 7.10.6.186 2048 Bytes 4/22/2010 18:00:43
VBASE025.VDF : 7.10.6.187 2048 Bytes 4/22/2010 18:00:43
VBASE026.VDF : 7.10.6.188 2048 Bytes 4/22/2010 18:00:44
VBASE027.VDF : 7.10.6.189 2048 Bytes 4/22/2010 18:00:44
VBASE028.VDF : 7.10.6.190 2048 Bytes 4/22/2010 18:00:45
VBASE029.VDF : 7.10.6.191 2048 Bytes 4/22/2010 18:00:45
VBASE030.VDF : 7.10.6.192 2048 Bytes 4/22/2010 18:00:46
VBASE031.VDF : 7.10.6.197 65536 Bytes 4/23/2010 19:20:06
Engineversion : 8.2.1.224
AEVDF.DLL : 8.1.2.0 106868 Bytes 4/23/2010 18:01:01
AESCRIPT.DLL : 8.1.3.27 1294714 Bytes 4/23/2010 18:01:00
AESCN.DLL : 8.1.5.0 127347 Bytes 2/25/2010 10:38:41
AESBX.DLL : 8.1.3.1 254324 Bytes 4/23/2010 18:01:04
AERDL.DLL : 8.1.4.6 541043 Bytes 4/17/2010 07:02:35
AEPACK.DLL : 8.2.1.1 426358 Bytes 3/27/2010 03:49:44
AEOFFICE.DLL : 8.1.0.41 201083 Bytes 3/17/2010 03:09:46
AEHEUR.DLL : 8.1.1.24 2613623 Bytes 4/17/2010 07:02:29
AEHELP.DLL : 8.1.11.3 242039 Bytes 4/2/2010 07:51:27
AEGEN.DLL : 8.1.3.7 373106 Bytes 4/17/2010 07:02:08
AEEMU.DLL : 8.1.2.0 393588 Bytes 4/23/2010 18:00:54
AECORE.DLL : 8.1.13.1 188790 Bytes 4/2/2010 07:50:48
AEBB.DLL : 8.1.1.0 53618 Bytes 4/23/2010 18:00:51
AVWINLL.DLL : 10.0.0.0 19304 Bytes 1/14/2010 04:03:38
AVPREF.DLL : 10.0.0.0 44904 Bytes 1/14/2010 04:03:35
AVREP.DLL : 10.0.0.8 62209 Bytes 2/18/2010 08:47:40
AVREG.DLL : 10.0.3.0 53096 Bytes 4/19/2010 18:01:43
AVSCPLR.DLL : 10.0.3.0 83816 Bytes 4/19/2010 18:01:43
AVARKT.DLL : 10.0.0.14 227176 Bytes 4/19/2010 18:01:43
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 1/26/2010 01:53:30
SQLITE3.DLL : 3.6.19.0 355688 Bytes 1/28/2010 04:57:58
AVSMTP.DLL : 10.0.0.17 63848 Bytes 3/16/2010 07:38:56
NETNT.DLL : 10.0.0.0 11624 Bytes 2/19/2010 06:41:00
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 1/28/2010 05:10:20
RCTEXT.DLL : 10.0.53.0 97128 Bytes 4/19/2010 18:01:43

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: low
Primary action......................: quarantine
Secondary action....................: delete
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+PFS,+SPR,

Start of the scan: Saturday, April 24, 2010 03:20

Starting search for hidden objects.
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\RNG\seed
[NOTE] The registry entry is invisible.

The scan of running processes will be started
Scan process 'WINWORD.EXE' - '43' Module(s) have been scanned
Scan process 'rsmsink.exe' - '27' Module(s) have been scanned
Scan process 'avscan.exe' - '68' Module(s) have been scanned
Scan process 'avcenter.exe' - '99' Module(s) have been scanned
Scan process 'firefox.exe' - '97' Module(s) have been scanned
Scan process 'dllhost.exe' - '44' Module(s) have been scanned
Scan process 'vssvc.exe' - '47' Module(s) have been scanned
Scan process 'skypePM.exe' - '58' Module(s) have been scanned
Scan process 'Skype.exe' - '106' Module(s) have been scanned
Scan process 'msdtc.exe' - '39' Module(s) have been scanned
Scan process 'dllhost.exe' - '59' Module(s) have been scanned
Scan process 'alg.exe' - '32' Module(s) have been scanned
Scan process 'iPodService.exe' - '28' Module(s) have been scanned
Scan process 'NMIndexingService.exe' - '37' Module(s) have been scanned
Scan process 'wscntfy.exe' - '17' Module(s) have been scanned
Scan process 'ServiceLayer.exe' - '42' Module(s) have been scanned
Scan process 'tbhDaemon.exe' - '21' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '14' Module(s) have been scanned
Scan process 'tbhMonitor.exe' - '14' Module(s) have been scanned
Scan process 'svchost.exe' - '41' Module(s) have been scanned
Scan process 'mcsacore.exe' - '56' Module(s) have been scanned
Scan process 'jqs.exe' - '32' Module(s) have been scanned
Scan process 'avshadow.exe' - '25' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '31' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '28' Module(s) have been scanned
Scan process 'avguard.exe' - '54' Module(s) have been scanned
Scan process 'RocketDock.exe' - '44' Module(s) have been scanned
Scan process 'NMIndexStoreSvr.exe' - '52' Module(s) have been scanned
Scan process 'YahooMessenger.exe' - '124' Module(s) have been scanned
Scan process 'ctfmon.exe' - '23' Module(s) have been scanned
Scan process 'btdna.exe' - '40' Module(s) have been scanned
Scan process 'jusched.exe' - '19' Module(s) have been scanned
Scan process 'avgnt.exe' - '44' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '61' Module(s) have been scanned
Scan process 'tbhSystray.exe' - '38' Module(s) have been scanned
Scan process 'LaunchApplication.exe' - '63' Module(s) have been scanned
Scan process 'PACTray.exe' - '20' Module(s) have been scanned
Scan process 'GUCI_AVS.exe' - '20' Module(s) have been scanned
Scan process 'GrooveMonitor.exe' - '39' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '36' Module(s) have been scanned
Scan process 'igfxsrvc.exe' - '22' Module(s) have been scanned
Scan process 'igfxpers.exe' - '21' Module(s) have been scanned
Scan process 'hkcmd.exe' - '24' Module(s) have been scanned
Scan process 'igfxtray.exe' - '25' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'Explorer.EXE' - '118' Module(s) have been scanned
Scan process 'sched.exe' - '41' Module(s) have been scanned
Scan process 'spoolsv.exe' - '55' Module(s) have been scanned
Scan process 'svchost.exe' - '40' Module(s) have been scanned
Scan process 'svchost.exe' - '31' Module(s) have been scanned
Scan process 'svchost.exe' - '154' Module(s) have been scanned
Scan process 'svchost.exe' - '39' Module(s) have been scanned
Scan process 'svchost.exe' - '50' Module(s) have been scanned
Scan process 'lsass.exe' - '57' Module(s) have been scanned
Scan process 'services.exe' - '35' Module(s) have been scanned
Scan process 'winlogon.exe' - '70' Module(s) have been scanned
Scan process 'csrss.exe' - '12' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '1695' files ).


Starting the file scan:

Begin scan in 'C:\'
Begin scan in 'D:\' <New Volume>


End of the scan: Saturday, April 24, 2010 04:10
Used time: 49:27 Minute(s)

The scan has been done completely.

10457 Scanned directories
405867 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
405867 Files not concerned
2544 Archives were scanned
0 Warnings
0 Notes
312072 Objects were scanned with rootkit scan
1 Hidden objects were found


Avira AntiVir Personal
Report file date: Saturday, April 24, 2010 15:00

Scanning for 2037171 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 2) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : MERCY-AD01CE653

Version information:
BUILD.DAT : 10.0.0.567 32097 Bytes 4/19/2010 15:07:00
AVSCAN.EXE : 10.0.3.0 433832 Bytes 4/19/2010 18:01:43
AVSCAN.DLL : 10.0.3.0 46440 Bytes 4/19/2010 18:01:43
LUKE.DLL : 10.0.2.3 104296 Bytes 3/7/2010 10:33:04
LUKERES.DLL : 10.0.0.1 12648 Bytes 2/10/2010 15:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 01:05:36
VBASE001.VDF : 7.10.1.0 1372672 Bytes 11/19/2009 11:27:49
VBASE002.VDF : 7.10.3.1 3143680 Bytes 1/20/2010 09:37:42
VBASE003.VDF : 7.10.3.75 996864 Bytes 1/26/2010 08:37:42
VBASE004.VDF : 7.10.4.203 1579008 Bytes 3/5/2010 03:29:03
VBASE005.VDF : 7.10.6.82 2494464 Bytes 4/15/2010 07:01:45
VBASE006.VDF : 7.10.6.83 2048 Bytes 4/15/2010 07:01:45
VBASE007.VDF : 7.10.6.84 2048 Bytes 4/15/2010 07:01:46
VBASE008.VDF : 7.10.6.85 2048 Bytes 4/15/2010 07:01:46
VBASE009.VDF : 7.10.6.86 2048 Bytes 4/15/2010 07:01:46
VBASE010.VDF : 7.10.6.87 2048 Bytes 4/15/2010 07:01:47
VBASE011.VDF : 7.10.6.88 2048 Bytes 4/15/2010 07:01:47
VBASE012.VDF : 7.10.6.89 2048 Bytes 4/15/2010 07:01:48
VBASE013.VDF : 7.10.6.90 2048 Bytes 4/15/2010 07:01:48
VBASE014.VDF : 7.10.6.123 126464 Bytes 4/19/2010 18:01:43
VBASE015.VDF : 7.10.6.152 123392 Bytes 4/21/2010 18:00:45
VBASE016.VDF : 7.10.6.178 122880 Bytes 4/22/2010 18:00:40
VBASE017.VDF : 7.10.6.179 2048 Bytes 4/22/2010 18:00:40
VBASE018.VDF : 7.10.6.180 2048 Bytes 4/22/2010 18:00:40
VBASE019.VDF : 7.10.6.181 2048 Bytes 4/22/2010 18:00:41
VBASE020.VDF : 7.10.6.182 2048 Bytes 4/22/2010 18:00:41
VBASE021.VDF : 7.10.6.183 2048 Bytes 4/22/2010 18:00:42
VBASE022.VDF : 7.10.6.184 2048 Bytes 4/22/2010 18:00:42
VBASE023.VDF : 7.10.6.185 2048 Bytes 4/22/2010 18:00:43
VBASE024.VDF : 7.10.6.186 2048 Bytes 4/22/2010 18:00:43
VBASE025.VDF : 7.10.6.187 2048 Bytes 4/22/2010 18:00:43
VBASE026.VDF : 7.10.6.188 2048 Bytes 4/22/2010 18:00:44
VBASE027.VDF : 7.10.6.189 2048 Bytes 4/22/2010 18:00:44
VBASE028.VDF : 7.10.6.190 2048 Bytes 4/22/2010 18:00:45
VBASE029.VDF : 7.10.6.191 2048 Bytes 4/22/2010 18:00:45
VBASE030.VDF : 7.10.6.192 2048 Bytes 4/22/2010 18:00:46
VBASE031.VDF : 7.10.6.197 65536 Bytes 4/23/2010 19:20:06
Engineversion : 8.2.1.224
AEVDF.DLL : 8.1.2.0 106868 Bytes 4/23/2010 18:01:01
AESCRIPT.DLL : 8.1.3.27 1294714 Bytes 4/23/2010 18:01:00
AESCN.DLL : 8.1.5.0 127347 Bytes 2/25/2010 10:38:41
AESBX.DLL : 8.1.3.1 254324 Bytes 4/23/2010 18:01:04
AERDL.DLL : 8.1.4.6 541043 Bytes 4/17/2010 07:02:35
AEPACK.DLL : 8.2.1.1 426358 Bytes 3/27/2010 03:49:44
AEOFFICE.DLL : 8.1.0.41 201083 Bytes 3/17/2010 03:09:46
AEHEUR.DLL : 8.1.1.24 2613623 Bytes 4/17/2010 07:02:29
AEHELP.DLL : 8.1.11.3 242039 Bytes 4/2/2010 07:51:27
AEGEN.DLL : 8.1.3.7 373106 Bytes 4/17/2010 07:02:08
AEEMU.DLL : 8.1.2.0 393588 Bytes 4/23/2010 18:00:54
AECORE.DLL : 8.1.13.1 188790 Bytes 4/2/2010 07:50:48
AEBB.DLL : 8.1.1.0 53618 Bytes 4/23/2010 18:00:51
AVWINLL.DLL : 10.0.0.0 19304 Bytes 1/14/2010 04:03:38
AVPREF.DLL : 10.0.0.0 44904 Bytes 1/14/2010 04:03:35
AVREP.DLL : 10.0.0.8 62209 Bytes 2/18/2010 08:47:40
AVREG.DLL : 10.0.3.0 53096 Bytes 4/19/2010 18:01:43
AVSCPLR.DLL : 10.0.3.0 83816 Bytes 4/19/2010 18:01:43
AVARKT.DLL : 10.0.0.14 227176 Bytes 4/19/2010 18:01:43
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 1/26/2010 01:53:30
SQLITE3.DLL : 3.6.19.0 355688 Bytes 1/28/2010 04:57:58
AVSMTP.DLL : 10.0.0.17 63848 Bytes 3/16/2010 07:38:56
NETNT.DLL : 10.0.0.0 11624 Bytes 2/19/2010 06:41:00
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 1/28/2010 05:10:20
RCTEXT.DLL : 10.0.53.0 97128 Bytes 4/19/2010 18:01:43

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: low
Primary action......................: quarantine
Secondary action....................: delete
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+PFS,+SPR,

Start of the scan: Saturday, April 24, 2010 15:00

Starting search for hidden objects.
c:\program files\yahoo!\messenger\yupdater.exe
c:\Program Files\Yahoo!\Messenger\yupdater.exe
[NOTE] The process is not visible.

The scan of running processes will be started
Scan process 'rsmsink.exe' - '27' Module(s) have been scanned
Scan process 'msdtc.exe' - '39' Module(s) have been scanned
Scan process 'dllhost.exe' - '59' Module(s) have been scanned
Scan process 'dllhost.exe' - '44' Module(s) have been scanned
Scan process 'vssvc.exe' - '47' Module(s) have been scanned
Scan process 'avscan.exe' - '66' Module(s) have been scanned
Scan process 'firefox.exe' - '89' Module(s) have been scanned
Scan process 'alg.exe' - '32' Module(s) have been scanned
Scan process 'wscntfy.exe' - '17' Module(s) have been scanned
Scan process 'iPodService.exe' - '28' Module(s) have been scanned
Scan process 'NMIndexingService.exe' - '36' Module(s) have been scanned
Scan process 'ServiceLayer.exe' - '42' Module(s) have been scanned
Scan process 'wuauclt.exe' - '41' Module(s) have been scanned
Scan process 'tbhDaemon.exe' - '21' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '14' Module(s) have been scanned
Scan process 'tbhMonitor.exe' - '14' Module(s) have been scanned
Scan process 'svchost.exe' - '40' Module(s) have been scanned
Scan process 'mcsacore.exe' - '52' Module(s) have been scanned
Scan process 'jqs.exe' - '32' Module(s) have been scanned
Scan process 'avshadow.exe' - '25' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '31' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '28' Module(s) have been scanned
Scan process 'avguard.exe' - '54' Module(s) have been scanned
Scan process 'RocketDock.exe' - '44' Module(s) have been scanned
Scan process 'NMIndexStoreSvr.exe' - '48' Module(s) have been scanned
Scan process 'YahooMessenger.exe' - '124' Module(s) have been scanned
Scan process 'ctfmon.exe' - '23' Module(s) have been scanned
Scan process 'btdna.exe' - '40' Module(s) have been scanned
Scan process 'jusched.exe' - '19' Module(s) have been scanned
Scan process 'avgnt.exe' - '44' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '61' Module(s) have been scanned
Scan process 'tbhSystray.exe' - '38' Module(s) have been scanned
Scan process 'LaunchApplication.exe' - '61' Module(s) have been scanned
Scan process 'PACTray.exe' - '20' Module(s) have been scanned
Scan process 'GUCI_AVS.exe' - '20' Module(s) have been scanned
Scan process 'GrooveMonitor.exe' - '33' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '36' Module(s) have been scanned
Scan process 'igfxsrvc.exe' - '22' Module(s) have been scanned
Scan process 'igfxpers.exe' - '21' Module(s) have been scanned
Scan process 'hkcmd.exe' - '24' Module(s) have been scanned
Scan process 'igfxtray.exe' - '25' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'sched.exe' - '41' Module(s) have been scanned
Scan process 'Explorer.EXE' - '96' Module(s) have been scanned
Scan process 'spoolsv.exe' - '55' Module(s) have been scanned
Scan process 'svchost.exe' - '37' Module(s) have been scanned
Scan process 'svchost.exe' - '31' Module(s) have been scanned
Scan process 'svchost.exe' - '154' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
Scan process 'svchost.exe' - '50' Module(s) have been scanned
Scan process 'lsass.exe' - '57' Module(s) have been scanned
Scan process 'services.exe' - '35' Module(s) have been scanned
Scan process 'winlogon.exe' - '63' Module(s) have been scanned
Scan process 'csrss.exe' - '12' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '1694' files ).


Starting the file scan:

Begin scan in 'C:\'
Begin scan in 'D:\' <New Volume>


End of the scan: Saturday, April 24, 2010 15:50
Used time: 50:49 Minute(s)

The scan has been done completely.

10464 Scanned directories
405297 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
405297 Files not concerned
2593 Archives were scanned
0 Warnings
0 Notes
310733 Objects were scanned with rootkit scan
1 Hidden objects were found

Post a reply
Discussion is locked
You are posting a reply to: Avira (hidden objects)
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Avira (hidden objects)
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Depends On The Hidden Object/Process
by Grif Thomas Forum moderator / April 24, 2010 2:09 AM PDT
In reply to: Avira (hidden objects)

Avira has "some" ability to check for rootkits as well as other things. Still, Avira's warning about the hidden objects isn't unusual and doesn't necessarily mean there is malware on the machine . In addition, if you don't show the hidden objects, then you won't be able to see them.. Set up your Folder Options to show all hidden files and it will help some. Still, not all hidden objects will be displayed simply because they are designed to be so.. In some cases, those hidden objects/processes are malware. In most cases, they are not.

So.. to answer your other questions..

1. Should I be worried about this?
(YES, being cautious about all internet use is a good thing..)

2. Could I have gotten the virus from the website I opened? (because it popped out at exactly the same moment I opened it)
(Probably, although in this case, there's no guarantee you have a virus or any other malware.. Further checking is necessary.)

3. What should I do about it?
(Scan with other tools such as SuperAntispyware or Malwarebytes.)

4. Do you have any tips on how to keep my PC virus free?
(YES, Start by avoiding downloads from torrents and P2P video/music sites.. They are one of the largest "holes" for malware.)

5. Should I stop downloading at Kickass? (YES, definitely.)

6. I know this is out of the topic but I also play Cafe world, Treasure Isle and Medical Mayhem in Facebook..Could I have gotten the virus there? I've heard of Farmville Viruses too that's where I got the idea of getting a virus from applications.
(YES, although it's usually safe to play the games you've mentioned as long as you don't pass along personal information to other users, Facebook has a number of vulnerabilities and malware such as Koobface has been spread through such sites.)

Hope this helps.

Grif

Collapse -
thank you..
by merceeee / April 25, 2010 3:10 AM PDT

thanks Grif it did help..

Yes, I already stopped downloading P2P torrents, not much of a downloader anyway..I'll just wait for it to be shown on TV I guess its a lot safer..I also read something about the Koobface virus that's going around facebook..As much as possible, I don't click on links unless I know they're safe..A friend posted something about Obama and Hilary once and I just removed it from my wall because the video was really addressed to me spelling my name perfectly only to find out that it was a strain of koobface Virus..


Now going back, An antivirus is completely different from Super Antispyware right? Since I'm new at this and my computer was already programmed when I bought it from the store I don't really know the specific programs in my pc..How would I know if my computer has an anti-spyware program? Is it ok to install one even if I already have Avira?

Collapse -
Yes, Antivirus And Antispyware Are Different
by Grif Thomas Forum moderator / April 25, 2010 12:21 PM PDT
In reply to: thank you..

Although some of the tools overlap a little, most programs such as SuperAntispyware are specialized to detect the newest spyware and trojan variants. Antivirus programs tend to focus their searches on viruses which have different qualities than spyware.

Still, Avira is a good free antivirus program which has some ability to detect spyware.. And YES, it should be OK to install a spyware utility along with Avira.. As I stated, try installing either SuperAntispyware or Malwarebytes and run full system scans with them..

As to knowing what you already have installed on your computer, use Google to run a search of the names of the programs you have on your computer.. It will get you started in the quest to knowing what those programs are.

Hope this helps.

Grif

Collapse -
thank you but I need more help..
by merceeee / April 27, 2010 10:09 AM PDT

thanks Grif..I am currently checking the programs installed in my pc as of the moment and I think I'm far from being finished..I just want to be knowledgeable about the things in my pc..for safety purposes of course..However this morning when Avira scanned my PC it found 11 hidden objects and these are:


Start of the scan: Wednesday, April 28, 2010 05:59

Starting search for hidden objects.
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\parseautoexec
[NOTE] The registry entry is invisible.
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\parseautoexec
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\parseautoexec
HKEY_USERS\S-1-5-21-1409082233-790525478-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories\{00021493-0000-0000-C000-000000000046}\Enum\implementing
[NOTE] The registry entry is invisible.
HKEY_USERS\S-1-5-21-1409082233-790525478-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\savedlegacysettings
[NOTE] The registry entry is invisible.
C:\Documents and Settings\NetworkService\Cookies
C:\Documents and Settings\NetworkService\Cookies
[NOTE] The registry entry is invisible.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files
[NOTE] The registry entry is invisible.
C:\Documents and Settings\NetworkService\Local Settings\History
C:\Documents and Settings\NetworkService\Local Settings\History
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\COM3\regdbversion
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\RNG\seed
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\nextsqmreporttime
[NOTE] The registry entry is invisible.


Now I took your advice a checked the hidden objects in the internet and I found out that it was a trojan..however Avira didnt detect this trojan ( probably because it was hidden right?) I remember a few months ago a friend of mine used a flash disk in my pc without my knowledge (I was using Avast at that time) and it detected a virus but I couldnt delete it..A friend of mine said that I should use Avira so I did and when I scanned again no virus was found..I read from another forum about the recycler? its like when you delete files from the recycle bin the files may not be deleted in the hard disk?and can be restored? =(

1. How will I take care of this problem?
2. Will this affect my computer? (everything seems to go well)
3. Should I be worried about this? ( Actually I already am..)


help me..thanks..

Collapse -
I read through your posts and thought
by Brechan / April 27, 2010 6:34 PM PDT

I would jump in.
1) Take Grif's advice and install either Malwarebytes AntiMalware or Super AntiSpyware, either of these (small) programs will rid you of the trojan.
2) Running either program will not adversely affect your computer; not running the program, will allow the trojan to continue infecting other areas of your system.
3) Yes. definitely be worried when trojans are found in your system.
http://en.wikipedia.org/wiki/Trojan_horse_(computing)

Collapse -
thanks for jumping in Brechan..
by merceeee / April 27, 2010 7:51 PM PDT

I will be installing Malwarebytes soon but Im still going through all the programs in my pc one by one..do you have a quicker way of knowing if I already have anti-spyware?

Collapse -
here is the link to downloads.com
by Brechan / April 28, 2010 6:20 AM PDT
Collapse -
I See Nothing Indicating A Trojan
by Grif Thomas Forum moderator / April 28, 2010 7:53 AM PDT

The entries you have shown are fairly normal..

As mentioned by a couple of us now, run the spyware/trojan removal tools we mentioned.. If anything is found, tell us the specific items found and we'll discuss it from there.

Hope this helps.

Grif

Collapse -
Finally installed it..
by merceeee / April 28, 2010 1:12 PM PDT

Hi Grif and Brechan..I was finally able to install Malwarebytes in my pc..I ran a quick scan and here was the result..


Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Database version: 4049

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

4/29/2010 11:02:41 AM
mbam-log-2010-04-29 (11-02-41).txt

Scan type: Quick scan
Objects scanned: 103304
Time elapsed: 3 minute(s), 29 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


This is ok right?
Finally I can breathe well..=)
Thanks you guys! Will be following your threads..
As they say knowledge is power..
I still have to learn a lot of things when it comes to computers! =)
Thanks again..=)

Collapse -
All is well
by Brechan / April 28, 2010 1:55 PM PDT
In reply to: Finally installed it..

I usually run a 'Deep Scan' when I first install this program; it tends to look in all your 'hidden' system files as well, but a quick scan is good to.

Glad to see all is well 'under-the-hood' Happy

B.

Collapse -
(NT) Agreed ! Good Job
by Grif Thomas Forum moderator / April 29, 2010 1:09 AM PDT
In reply to: All is well
Collapse -
thanks brechan and Grif..
by merceeee / April 29, 2010 1:18 AM PDT
In reply to: Agreed ! Good Job

oh I ran a full scan a few hours ago after reading Brechan's advice here's the result..=)

Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Database version: 4049

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

4/29/2010 7:11:47 PM
mbam-log-2010-04-29 (19-11-47).txt

Scan type: Full scan (C:\|D:\|E:\|)
Objects scanned: 150388
Time elapsed: 22 minute(s), 57 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


thanks you guys! =)
Hope you never get tired of helping people who don't know much about computers like me..
You guys rock! Thanks Again..=)

Popular Forums
icon
Computer Help 47,885 discussions
icon
Computer Newbies 10,322 discussions
icon
iPhones, iPods, & iPads 3,188 discussions
icon
Security 30,333 discussions
icon
TVs & Home Theaters 20,177 discussions
icon
HDTV Picture Setting 1,932 discussions
icon
Phones 15,713 discussions
icon
Windows 7 6,210 discussions
icon
Networking & Wireless 14,510 discussions

Tech for the holiday

Find recipes for July 4 with these foodie apps

The Fourth of July means fireworks, fun and food. If you're planning on a barbecue this weekend, we've got the apps to help you find holiday-inspired recipes.