I have been using NOD32 on one XP Pro system and three Vista Ultimate systems for about six months at this point. I switched from Norton because I was tired of the overhead that could drag down even the most powerful systems. I have a couple of general questions about the "Access Denied" messages for cases when the files do not show up as "Locked". I have also read a thread (which I couldn't relocate today) which basically stated that we see these and the "Locked" messages because ESET chooses to show these cases while other AV providers just don't fess up that they can't scan these files. I'll buy this in general and I do appreciate the "full disclosure"; however, something seems amiss here in the case of the System Volume Information files which show up with "Access Denied", but not as "Locked". I'm sure I've read many times that AV scanners find issues in these volume recovery files after an infection, and in fact, the recommendation is often to turn off volume recovery and delete these files as part of the cleanup. Am I off base in saying that I see NOD32's inability to scan these files as unusual and a potential liability? My second question relates to finding a pointer to some list of "Access Denied" files that can be considered "normal". ..or, potentially building such a list through the people on this forum. When I scan through the files and registry hives that show up as "Locked", they generally seem quite logical. (Often system/process/application log files and consistent across my multiple Vista systems.) The bulk of the "non Locked" files showing "Access Denied" seem to be the System Volume Information files that I mentioned above. Others are the \user...\AppData\Local\Temporary Internet Files\AntiPhishing\... files that I imagine IE7 protects. On the Vista systems, there are also system32\Logfiles\WMI\RfBackup\ETWRTE*.etl files that always seem to show up with "Access Denied". I don't run Spybot or Spysweeper on my Vista systems, but on the XP system, Spybot's files show up as password protected and Spysweeper's files show up as locked. Has anyone tried to compile a general list so that we could all generally know what "normal" is?