"Object is locked skipped
", "Access Denied
", "Password Protected
" or "Encrypted
" notations in an anti-virus/anti-malware scan are not uncommon. Some files and services are locked
by the operating system or running programs during use for protection
, so scanners cannot access them. Other legitimate files, especially those used by security programs, may be obfuscated
or password protected
in order to conceal itself so they do not allow access. When the scanner finds such an object, it makes a note and then just skips to the next one. That explains why it may show with such notations but no action taken in certain anti-virus or anti-malware log scan reports. These are normal when using many security scanning programs so there is seldom a need for concern. Note: It is not unusual for an anti-virus or anti-malware scanner to be suspicious of compressed, archived, .cab, .rar, .jar, .iso, and packed files because they have difficulty reading what is inside them. These kind of files often trigger alerts by security software using heuristic detection because they are resistant to scanning (difficult to read). This resistance may also result in some scanners to stall (hang) on these particular types of files or just ignore (skip) them.
to complete an anti-virus or anti-malware scan depends
on a variety of factors
-- Using two security scanning engines at the same time can cause each to interfere with the other, cause systems hangs, false detections, unreliable results and other unpredictable behavior.
- The program itself and how its scanning engine is designed to scan: using a signature database vs heuristic scanning or a combination of both.
- Options to scan for spyware, adware, riskware and potentially unwanted programs (PUPS).
- Options to scan memory, boot sectors, registry and alternate data streams (ADS).
- Type of scan performed: Deep, Quick or Custom scanning.
- What action has to be performed when malware is detected.
- A computer's hard drive size.
- Disk used capacity (number of files to include temporary files) that have to be scanned.
- Types of files (.exe, .dll, .sys, .cab, archived, compressed, packed, email, etc) that are scanned.
- Whether external drives are included in the scan.
- Competition for and utilization of system resources by the scanner.
- Other running processes and programs in the background.
- Interference from malware.
- Interference from the user.
-- If the screensaver, hibernation or Sleep Mode are not turned off before scanning, those features can sometimes have odd effects when attempting to resume normal mode.
Malwarebytes Anti-Malware is designed
to remove malware as effectively with a Quick Scan as it will with a Full Scan which takes much longer to complete. Both scans use heuristics
that bypasses polymorphic blackhat packers & encryption, MD5 Hash
, check memory (loaded .exes and .dlls), unique strings, autostart load points and hotspots (everywhere current malware is known to load from) and multiple other malware checks which are not discussed in public to safeguard the program from malware writers who would use that information for nefarious purposes. The Quick Scan
looks at the most prevalent places for active malware so scanning every single file on the drive isn't always necessary. The Full Scan
only has the ability to catch more traces in rare circumstances.