You are not logged in.

Wednesday, July 23rd 2014, 3:38am

Dear visitor, welcome to Avira Support Forum. If this is your first visit here, please read the Help. It explains in detail how this page works. To use all features of this page, you should consider registering. Please use the registration form, to register here or read more information about the registration process. If you are already registered, please login here.

  • "Electrolytez" started this thread

Date of registration:
Apr 13th 2010

  • Send private message

1

Tuesday, April 13th 2010, 11:15pm

Need HELP! Hidden Objects Detected!!! What does it mean?

What does it mean and how do I find out where it is and how to get rid of it? Is it dangerous? Here is my log from the report. I also run Avira with Malwarebytes.

Scanning for 1996575 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Version information:
BUILD.DAT : 10.0.0.597 36208 Bytes 3/18/2010 15:42:00
AVSCAN.EXE : 10.0.2.3 433832 Bytes 3/24/2010 16:31:00
AVSCAN.DLL : 10.0.2.2 45928 Bytes 3/24/2010 16:31:00
LUKE.DLL : 10.0.2.3 104296 Bytes 3/24/2010 16:31:01
LUKERES.DLL : 10.0.0.1 12648 Bytes 3/24/2010 16:31:01
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 20:00:58
VBASE001.VDF : 7.10.1.0 1372672 Bytes 11/19/2009 20:01:06
VBASE002.VDF : 7.10.3.1 3143680 Bytes 1/20/2010 20:01:24
VBASE003.VDF : 7.10.3.75 996864 Bytes 1/26/2010 20:01:30
VBASE004.VDF : 7.10.4.203 1579008 Bytes 3/5/2010 15:06:42
VBASE005.VDF : 7.10.4.204 2048 Bytes 3/5/2010 15:06:42
VBASE006.VDF : 7.10.4.205 2048 Bytes 3/5/2010 15:06:42
VBASE007.VDF : 7.10.4.206 2048 Bytes 3/5/2010 15:06:43
VBASE008.VDF : 7.10.4.207 2048 Bytes 3/5/2010 15:06:43
VBASE009.VDF : 7.10.4.208 2048 Bytes 3/5/2010 15:06:43
VBASE010.VDF : 7.10.4.209 2048 Bytes 3/5/2010 15:06:43
VBASE011.VDF : 7.10.4.210 2048 Bytes 3/5/2010 15:06:43
VBASE012.VDF : 7.10.4.211 2048 Bytes 3/5/2010 15:06:44
VBASE013.VDF : 7.10.4.242 153088 Bytes 3/8/2010 15:30:48
VBASE014.VDF : 7.10.5.17 99328 Bytes 3/10/2010 15:28:58
VBASE015.VDF : 7.10.5.44 107008 Bytes 3/11/2010 17:13:36
VBASE016.VDF : 7.10.5.69 92672 Bytes 3/12/2010 14:38:15
VBASE017.VDF : 7.10.5.91 119808 Bytes 3/15/2010 14:25:22
VBASE018.VDF : 7.10.5.121 112640 Bytes 3/18/2010 14:25:41
VBASE019.VDF : 7.10.5.138 139776 Bytes 3/18/2010 14:54:59
VBASE020.VDF : 7.10.5.164 113152 Bytes 3/22/2010 06:44:46
VBASE021.VDF : 7.10.5.182 108032 Bytes 3/23/2010 14:28:58
VBASE022.VDF : 7.10.5.199 123904 Bytes 3/24/2010 18:47:27
VBASE023.VDF : 7.10.5.217 279552 Bytes 3/25/2010 20:01:07
VBASE024.VDF : 7.10.5.234 202240 Bytes 3/26/2010 18:17:35
VBASE025.VDF : 7.10.5.254 187904 Bytes 3/30/2010 14:23:04
VBASE026.VDF : 7.10.6.18 130560 Bytes 4/1/2010 14:54:12
VBASE027.VDF : 7.10.6.34 136192 Bytes 4/6/2010 14:21:23
VBASE028.VDF : 7.10.6.44 232448 Bytes 4/7/2010 14:41:46
VBASE029.VDF : 7.10.6.60 124416 Bytes 4/12/2010 14:14:31
VBASE030.VDF : 7.10.6.61 2048 Bytes 4/12/2010 14:14:31
VBASE031.VDF : 7.10.6.69 108032 Bytes 4/13/2010 18:12:31
Engineversion : 8.2.1.210
AEVDF.DLL : 8.1.1.3 106868 Bytes 2/19/2010 08:35:13
AESCRIPT.DLL : 8.1.3.24 1282425 Bytes 4/1/2010 16:58:41
AESCN.DLL : 8.1.5.0 127347 Bytes 2/26/2010 16:10:21
AESBX.DLL : 8.1.2.1 254323 Bytes 3/17/2010 14:25:51
AERDL.DLL : 8.1.4.3 541043 Bytes 3/17/2010 14:25:48
AEPACK.DLL : 8.2.1.1 426358 Bytes 3/19/2010 14:55:05
AEOFFICE.DLL : 8.1.0.41 201083 Bytes 3/17/2010 14:25:45
AEHEUR.DLL : 8.1.1.16 2503031 Bytes 3/26/2010 23:04:57
AEHELP.DLL : 8.1.11.3 242039 Bytes 4/1/2010 16:58:39
AEGEN.DLL : 8.1.3.6 373108 Bytes 4/1/2010 16:58:38
AEEMU.DLL : 8.1.1.0 393587 Bytes 11/8/2009 15:38:26
AECORE.DLL : 8.1.13.1 188790 Bytes 4/1/2010 16:58:37
AEBB.DLL : 8.1.0.3 53618 Bytes 11/8/2009 15:38:20
AVWINLL.DLL : 10.0.0.0 19304 Bytes 3/24/2010 16:31:00
AVPREF.DLL : 10.0.0.0 44904 Bytes 3/24/2010 16:31:00
AVREP.DLL : 10.0.0.8 62209 Bytes 3/24/2010 16:31:01
AVREG.DLL : 10.0.1.2 52072 Bytes 3/24/2010 16:31:01
AVSCPLR.DLL : 10.0.2.3 83304 Bytes 3/24/2010 16:31:01
AVARKT.DLL : 10.0.0.13 227176 Bytes 3/24/2010 16:31:00
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 3/24/2010 16:31:00
SQLITE3.DLL : 3.6.19.0 355688 Bytes 3/24/2010 16:31:01
AVSMTP.DLL : 10.0.0.17 63848 Bytes 3/24/2010 16:31:00
NETNT.DLL : 10.0.0.0 11624 Bytes 3/24/2010 16:31:01
RCIMAGE.DLL : 10.0.0.26 2631528 Bytes 3/24/2010 16:31:00
RCTEXT.DLL : 10.0.46.0 97128 Bytes 3/24/2010 16:31:00

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\program files (x86)\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, Q:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+PFS,+SPR,

Start of the scan: Tuesday, April 13, 2010 13:47

Starting search for hidden objects.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Applets\SysTray\BattMeter\Flyout\381b4222-f694-41f0-9685-ff5bb260df2e
[NOTE] The registry entry is invisible.

The scan of running processes will be started
Scan process 'avscan.exe' - '75' Module(s) have been scanned
Scan process 'avscan.exe' - '30' Module(s) have been scanned
Scan process 'avcenter.exe' - '104' Module(s) have been scanned
Scan process 'firefox.exe' - '109' Module(s) have been scanned
Scan process 'mbamservice.exe' - '52' Module(s) have been scanned
Scan process 'mbamgui.exe' - '39' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '74' Module(s) have been scanned
Scan process 'avgnt.exe' - '73' Module(s) have been scanned
Scan process 'TimounterMonitor.exe' - '33' Module(s) have been scanned
Scan process 'DiscWizardMonitor.exe' - '33' Module(s) have been scanned
Scan process 'ezprint.exe' - '48' Module(s) have been scanned
Scan process 'lxcjmon.exe' - '37' Module(s) have been scanned
Scan process 'schedhlp.exe' - '23' Module(s) have been scanned
Scan process 'CVHSVC.EXE' - '61' Module(s) have been scanned
Scan process 'AVWEBGRD.EXE' - '43' Module(s) have been scanned
Scan process 'avmailc.exe' - '36' Module(s) have been scanned
Scan process 'sftlist.exe' - '71' Module(s) have been scanned
Scan process 'sftvsa.exe' - '28' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '34' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '38' Module(s) have been scanned
Scan process 'avguard.exe' - '78' Module(s) have been scanned
Scan process 'sched.exe' - '51' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!
Master boot sector HD3
[INFO] No virus was found!
Master boot sector HD4
[INFO] No virus was found!
Master boot sector HD5
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'Q:\'
[INFO] No virus was found!
[INFO] Please restart the search with Administrator rights

Starting to scan executable files (registry).
The registry was scanned ( '95' files ).


Starting the file scan:

Begin scan in 'C:\'
Begin scan in 'Q:\'
Search path Q:\ could not be opened!
System error [5]: Access is denied.


End of the scan: Tuesday, April 13, 2010 13:57
Used time: 10:42 Minute(s)

The scan has been done completely.

17785 Scanned directories
123200 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
123200 Files not concerned
1096 Archives were scanned
0 Warnings
0 Notes
340169 Objects were scanned with rootkit scan
1 Hidden objects were found

Michael_Mann

Moderator

Date of registration:
Oct 24th 2005

Version:
Avira Ultimate Protection Suite
Avira Free Unix/Linux
Avira Android Security

Operating System:
AmigaOS 3.9, Ubuntu 13.10+ & Windows XP SP3, win7 HEdit. 64b (sp1)

  • Send private message

2

Tuesday, April 13th 2010, 11:19pm

This ist the following entry: SysTray\BattMeter\Flyout
It belongs to the Software of win resp. your PC and this hidden entry is okay.
Meine PCs: Amiga 1200 und WinUAE. Dafür ist Virenfreiheit garantiert.
Links: Tipps & Tricks -- HiJackThis -- Video Anleitungen
I speak german and english only

This post has been edited 1 times, last edit by "Michael_Mann" (Apr 13th 2010, 11:19pm)


  • "Electrolytez" started this thread

Date of registration:
Apr 13th 2010

  • Send private message

3

Tuesday, April 13th 2010, 11:23pm

This ist the following entry: SysTray\BattMeter\Flyout
It belongs to the Software of win resp. your PC and this hidden entry is okay.


Oh wow, you guys reply really fast. Ok thank you very much. So how do I make it unhidden?

Michael_Mann

Moderator

Date of registration:
Oct 24th 2005

Version:
Avira Ultimate Protection Suite
Avira Free Unix/Linux
Avira Android Security

Operating System:
AmigaOS 3.9, Ubuntu 13.10+ & Windows XP SP3, win7 HEdit. 64b (sp1)

  • Send private message

4

Tuesday, April 13th 2010, 11:30pm

There is no chance.
The best is to inscribe the entry and compare it with the future scan results. If this is the only entry then your PC is always clean.
Meine PCs: Amiga 1200 und WinUAE. Dafür ist Virenfreiheit garantiert.
Links: Tipps & Tricks -- HiJackThis -- Video Anleitungen
I speak german and english only