Folder AVG Forums » Archive » Archive » AVG Free » AVG 9/8.5 Free Editions » Is This Normal For A "Safe Mode" Scan?
May 27, 2012 11:16 Is This Normal For A "Safe Mode" Scan? #204577
Reply with Quote | Quick Reply | Top
six-h

Avatar

Novice
Join Date: 23.7.2009
Posts: 65
I'm running Vista Ultimate and fearing an infection, I scanned with AVG, MBAM and SuperAntispyware...Nothing found.
Just to be sure, I re-scanned in "Safe Mode", and this went normally with both SAS and MBAM........However, firing up AVG (Never used AVG in safe mode before) I was warned that it could only work from a commandline, and I accepted the perameters shown in the GUI, and started the scan.
I left it running thinking it would take some time, but when I next checked, after 10 minutes or so, I saw the following in the commandline window:-

AVG 9.0 Anti-Virus command line scanner
Copyright (c) 1992 - 2010 AVG Technologies
Program version 9.0.870, engine 10.0.2410
Virus Database: Version 2410.1.1/5023 2012-05-26


C:\Boot\BCD Locked file. Not tested.
C:\Boot\BCD.LOG Locked file. Not tested.
C:\Documents and Settings\ Locked file. Not tested.
C:\pagefile.sys Locked file. Not tested.
C:\ProgramData\Desktop\ Locked file. Not tested.
C:\ProgramData\Documents\ Locked file. Not tested.
C:\ProgramData\Favorites\ Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\7f77aa739a701c438ed0043319ae07b6
_e8b13dc3-a6d3-4b6f-8aff-10e26e012a65 Locked file. Not tested.
C:\ProgramData\Templates\ Locked file. Not tested.
C:\System Volume Information\ Locked file. Not tested.
C:\Users\admin\AppData\Local\History\ Locked file. Not tested.
C:\Users\admin\AppData\Local\Microsoft\CardSpace\CardSpace.db Locked file. Not t
ested.
C:\Users\admin\AppData\Local\Microsoft\CardSpace\CardSpace.db.shadow Locked file
. Not tested.
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Co

The programme seemed to have got stuck at the last line, since it was intermittently flashing, and Task Manager showed there was still some activity, and that the programme was "Running".

I also notice that every item had the entry "Locked File Not Tested"

Am I doing something wrong?
Do I have something to worry about? :undecided:

edit:
Just tried to follow the path to the final item in the report and find that it doesn't seem to exist. I can get as far as >>C:\Users\admin\AppData\Local\Microsoft\Windows<<, but the options from there are at odds with the stated filepath.
The only options are >> "1033", "Burn", "Explorer", "Game Explorer", and "WER"<<
I do have my machine set to show hidden files and folders.
May 27, 2012 14:29 Re: Is This Normal For A "Safe Mode" Scan? #204601
Reply with Quote | Quick Reply | Top
BIG AL 43

Avatar

Moderator
Join Date: 19.6.2014
Posts: 0
six-h wrote
I also notice that every item had the entry "Locked File Not Tested"

Have a look @ FAQ #2677 http://free.avg.com/ww-en/faq.num-2677#num-2677.


AVG Forums Volunteer ModeratorAVG Forum member since - Nov. 27, 2004My total posts on the Old AVG Free Forum - 27,063
Alan
How-To Articles | FAQ | Free Support
May 27, 2012 16:06 Re: Is This Normal For A "Safe Mode" Scan? #204615
Reply with Quote | Quick Reply | Top
six-h

Avatar

Novice
Join Date: 23.7.2009
Posts: 65
Hi BIG AL 43, Not sure what I'm supposed to be looking at in your link.
If it is this, it's not much help to me! :confused: :-
•Locked file
The reported file is locked, thus cannot be scanned by AVG. This usually means that some file is constantly being used by the system (e.g. swap file).


If so, I'm totally confused.....how can something be using every file on my PC whilst AVG was scanning in safe mode?

I still suspect that I've done something wrong since both MBAM and SAS managed to access all files during their scans in safe mode.
May 28, 2012 15:41 Re: Is This Normal For A "Safe Mode" Scan? #204799
Reply with Quote | Quick Reply | Top
ondraploteny

Avatar

Administrator
Join Date: 27.3.2009
Posts: 6996
Hello six-h,

Please be informed that locked files (folders) are also related with access rights. If you run command line scan (or manual scan from AVG User Interface), it is being run with rights of logged user. But to access some folders (for example System Volume Information) you need to have SYSTEM rights (and similar).
AVG Scheduled scan is run with SYSTEM rights (under SYSTEM account).

It is recommended to switch to latest AVG 2012 product line to improve the level of protection. See this FAQ for more information.

In case you suspect an infection in your computer, please provide us with Gmer and Autoruns outputs in an archive (zip file) for closer analysis.

Thank you



AVG Team
How-To articles | FAQ | Free Support
May 28, 2012 17:21 Re: Is This Normal For A "Safe Mode" Scan? #204815
Reply with Quote | Quick Reply | Top
six-h

Avatar

Novice
Join Date: 23.7.2009
Posts: 65
Hi Ondraploteny, thanks for your explanation!
I was just trying to do a deep scan with MBAM and SAS in safe mode and thought I would invite AVG to the party!
I didn't understand the content of the window that appeared, and just selected "continue" or something like that!
The reason for my paranoia was that I received in one day NINE emails from "The Windows Live Team" giving me nine different "security codes" which I had supposedly requested!
I immediately changed my Hotmail password and scanned with AVG, MBAM and SAS which returned nothing, hence the attempt at scanning in safe mode, just to be sure!

I will update my AV to AVG 2012, as soon as I feel confident that my machine is not compromised.
I have no evidence of any infection, so I'm hoping all is well. :undecided:
May 29, 2012 13:29 Re: Is This Normal For A "Safe Mode" Scan? #204991
Reply with Quote | Quick Reply | Top
_malchys_

Avatar

Administrator
Join Date: 2.5.2012
Posts: 1875
Hello six-h,

Let us inform you that AVG Rescue CD scans your computer outside the running operating system so there will be no issue with locked files.

Do not hesitate to contact us again if we can be of further assistance.

Thank you.



AVG Team
How-To articles | FAQ | Free Support

July 11, 2012 19:35 Re: Is This Normal For A "Safe Mode" Scan? #212154
Reply with Quote | Quick Reply | Top
theblackdouglas

Avatar

Novice
Join Date: 11.7.2012
Posts: 1
Similar question..

Ok i ran the line scan in safe mode and as for this gentleman all the files were locked.

if I run it in normal mode then it will check all the locked files - am I correct?
July 17, 2012 12:09 Re: Is This Normal For A "Safe Mode" Scan? #212602
Reply with Quote | Quick Reply | Top
Pokornyz

Avatar

Administrator
Join Date: 29.11.2010
Posts: 8245
Hello theblackdouglas,

Locked files are scanned only using AVG Rescue CD.

But it is not necessary to scan locked files.

Thank you



AVG Team
How-To articles | FAQ | Free Support