Locked Files

Discussion in 'other anti-virus software' started by Kas, Apr 11, 2009.

Thread Status:
Not open for further replies.
  1. Kas

    Kas Registered Member

    Joined:
    Sep 29, 2008
    Posts:
    147
    Location:
    Bedfordshire - Rip-Off Britain
    I did an anti-virus check on my Windows XP Home using AVG in Safe Mode.

    No infections found, but a number of files were listed "not checked" because they were "locked files". They varied in description. On was "pagefile.sys" which I mentioned for a different reason on another thread.

    Questions
    =======
    Why are these locked files not accessible to an anti-virus scan ?

    They must be of SOME use, otherwise why are they there at all ?

    If data is one way only - IN, then I can see that an infection can go in, but not out. In effect it would be quarantined.
    If the data is only - OUT, then a virus cannot get in.
    If the data is two way - IN & OUT, then the virus can go into action and have a nice day.

    On the assumption that a locked file is an operating file with two way flow, then the virus specialists have a hay-day. All they do is program their little bugs to either enter a locked file or create their own locked file and NO anti-virus scan can touch them. A safe haven.

    Can anybody explain the purpose of locked files and their immunity to an anti-virus scan ?
    KAS
    :argh:
     
  2. Joeythedude

    Joeythedude Registered Member

    Joined:
    Apr 19, 2007
    Posts:
    519
    Its locked as its a file that windows uses "all the time" .
    Its part of your hard drive that's used as an extension of your ram.

    So AFAIK , an AV cannot scan it as windows is always using it & its basically meaningless for them to scan it anyhow as its changing all the time.

    Also if they deleted it, without stopping "paging" or something, it prob would crash your PC.

    You'll prob get a better explanation later :)
     
  3. Kas

    Kas Registered Member

    Joined:
    Sep 29, 2008
    Posts:
    147
    Location:
    Bedfordshire - Rip-Off Britain
    Not getting much attention on this one. Everybody has these locked files but nobody is putting forward any comments or showing any interest on the possible infection issue.

    In desperation, I asked COMODO the same questions as I could not find a contact Email address for AVG, giving them all the details of my system, all other AV and anti-malware programs I use and a screenshot of the "locked files - not tested" output.

    This is their reply, it is COMODO orientated ;-

    > Windows has the in-built security which won't let other
    > processes(software) to access the locked files. Also, Defense + monitors
    > most of the crucial windows files(which are defined in My Protected
    > Files/Folder). So, If anything unknown modifies these Protected
    > files/folder then you'll be alarmed.
    >
    > In this context, Locked file is a running process being locked by
    > another process. So, It's not that possible to create a locked file
    > intentionally.
    >
    > Department: PC Security Software
    > Priority: Default
    > Status: Closed

    KAS
     
Loading...
Thread Status:
Not open for further replies.