I'm running Vista Ultimate and fearing an infection, I scanned with AVG, MBAM and SuperAntispyware...Nothing found.
Just to be sure, I re-scanned in "Safe Mode", and this went normally with both SAS and MBAM........However, firing up AVG (Never used AVG in safe mode before) I was warned that it could only work from a commandline, and I accepted the perameters shown in the GUI, and started the scan.
I left it running thinking it would take some time, but when I next checked, after 10 minutes or so, I saw the following in the commandline window:-
AVG 9.0 Anti-Virus command line scanner
Copyright (c) 1992 - 2010 AVG Technologies
Program version 9.0.870, engine 10.0.2410
Virus Database: Version 2410.1.1/5023 2012-05-26
C:\Boot\BCD Locked file. Not tested.
C:\Boot\BCD.LOG Locked file. Not tested.
C:\Documents and Settings\ Locked file. Not tested.
C:\pagefile.sys Locked file. Not tested.
C:\ProgramData\Desktop\ Locked file. Not tested.
C:\ProgramData\Documents\ Locked file. Not tested.
C:\ProgramData\Favorites\ Locked file. Not tested.
_e8b13dc3-a6d3-4b6f-8aff-10e26e012a65 Locked file. Not tested.
C:\ProgramData\Templates\ Locked file. Not tested.
C:\System Volume Information\ Locked file. Not tested.
C:\Users\admin\AppData\Local\History\ Locked file. Not tested.
C:\Users\admin\AppData\Local\Microsoft\CardSpace\CardSpace.db Locked file. Not t
C:\Users\admin\AppData\Local\Microsoft\CardSpace\CardSpace.db.shadow Locked file
. Not tested.
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Co
The programme seemed to have got stuck at the last line, since it was intermittently flashing, and Task Manager showed there was still some activity, and that the programme was "Running".
I also notice that every item had the entry "Locked File Not Tested"
Am I doing something wrong?
Do I have something to worry about?
Just tried to follow the path to the final item in the report and find that it doesn't seem to exist. I can get as far as >>C:\Users\admin\AppData\Local\Microsoft\Windows<<, but the options from there are at odds with the stated filepath.
The only options are >> "1033", "Burn", "Explorer", "Game Explorer", and "WER"<<
I do have my machine set to show hidden files and folders.
Hi BIG AL 43, Not sure what I'm supposed to be looking at in your link.
If it is this, it's not much help to me! :- •Locked file
The reported file is locked, thus cannot be scanned by AVG. This usually means that some file is constantly being used by the system (e.g. swap file).
If so, I'm totally confused.....how can something be using every file on my PC whilst AVG was scanning in safe mode?
I still suspect that I've done something wrong since both MBAM and SAS managed to access all files during their scans in safe mode.
Please be informed that locked files (folders) are also related with access rights. If you run command line scan (or manual scan from AVG User Interface), it is being run with rights of logged user. But to access some folders (for example System Volume Information) you need to have SYSTEM rights (and similar).
AVG Scheduled scan is run with SYSTEM rights (under SYSTEM account).
It is recommended to switch to latest AVG 2012 product line to improve the level of protection. See this FAQ for more information.
Hi Ondraploteny, thanks for your explanation!
I was just trying to do a deep scan with MBAM and SAS in safe mode and thought I would invite AVG to the party!
I didn't understand the content of the window that appeared, and just selected "continue" or something like that!
The reason for my paranoia was that I received in one day NINE emails from "The Windows Live Team" giving me nine different "security codes" which I had supposedly requested!
I immediately changed my Hotmail password and scanned with AVG, MBAM and SAS which returned nothing, hence the attempt at scanning in safe mode, just to be sure!
I will update my AV to AVG 2012, as soon as I feel confident that my machine is not compromised.
I have no evidence of any infection, so I'm hoping all is well.