Computer‎ > ‎Programs‎ > ‎Avira Internet Security‎ > ‎

Hidden Objects

A hidden object could be a registry entry, a file, or a folder, that is just invisible to the operating system, but this includes rootkits which are used to hide malwares (in this case would be dangerous). A rootkit allows someone, either legitimate or malicious, to control over a computer system, without the the computer system user knowing about it. This means that the owner of the rootkit is able of executing files and changing system settings on your machine, as well as accessing log files or monitoring your activity.

Rootkits are program with malicious code whose purpose is to hide from security software and also the user, using a variety of advanced programming techniques. Rootkits hide their presence on the system, hiding their keys in the Registry (so the user cannot see them) and hiding their processes in Task Manager. They're also used, often as drivers, ie, system files for hardware operation, to hide from antivirus softwares. When dealing with these situations, the antivirus will "think" that the rootkit is a legitimate operating system service.

However, keep in mind that not all hidden objects are dangerous as there are legal programs which hide their own files and registry entries. Windows also has many hidden objects but there is no automatic way to tell which are harmless or not. It's worth highlight here that most hidden objects are harmless and you should not change or delete anything about the hidden object found, unless that requested to perform some procedure to check them.

The most important thing you should know here is that through analysis of hidden objects in your log, we can, sometimes, see signs of a rootkit infection, which helps detect and remove it.

If you have any questions about possible hidden objects that appear in your log, you must first click on Search, in Avira Forum, to look for cases of similar entries that have previously been identified as harmless. If this doesn't solve your problem, open a new thread and post your scan log, so that the support can be provided appropriately.