I am seeing, day after day, some repeating statements in Log Viewer > Warning; an example is as follows:
AAVM - scanning warning: x_AavmCheckFileDirectEx[UNI]: C:\documents and settings\all users\ Documents\miscDocument.doc (C:\ documents and settings\all users\ Documents\miscDocument.doc) returning error, 00000005.
This is mystical gibberish to me. Please read the “tea leaves” for me.
Does this mean that any file identified in these lines, e.g., “miscDocument.doc ,” is an infected file?
What is the plain meaning of error number 00000005?
In this line item in the Log Viewer, what is the significance of having any expression placed in parentheses ( ) following the infected item?
In this line item in the Log Viewer, why is it, that the expression stated within those parentheses is the same path\filename that appears in this line immediately preceding the parenthetical expression?? Why is this path\filename duplicated?
What is the significance of any expression that immediately precedes the path\filename and follows the phrase, “scanning warning:”, e.g., “x_AavmCheckFileDirectEx[UNI]:” ?? Please include explanation of the significance of any expression in these square brackets, e.g., [UNI]?? And what does “UNI” signify when stated within the square brackets??
Please supply a list of other expressions that might appear within the square brackets and the meanings of each.
What is the significance of the expression itself (that appears in this line) “x_AavmCheckFileDirectEx[UNI]:” ??
The Errors list posted at http://forum.avast.com/index.php?topic=5719.0 by PK last year, does not include any error numbers beginning with zeroes (0)s. May we have the complete list of errors and their meanings, please?
A clear answer to each of these questions will, IMHO, be helpful to all newbies. Your kind consideration will be appreciated.
I think it was unable to scan it(If I am wrong correct me please)
yeah it’s this. Some files cannot be scanned when in use or access was denied by the system for hundreds of possible reasons. Nothing to do with malware.
Windows file system error 5 (00000005) = Access is denied.
These are windows generated errors and all avast is doing is reporting why a file can’t be scanned (many AVs don’t bother to tell you) - avast obviously can’t do anything about that whilst windows is running, but there is the boot-time scan.
There are many legit reasons why this is the case, but for this location and file, it seems a little strange why access would be denied on this file. If as has been mentioned the file was in use, I believe there would be a different error code.
Personally I keep my nose out of the logs as for the most part the content is verbose and not to helpful to a user, more so for a developer. Only if I experience a problem with avast or hard errors are displayed to the screen do I look in the logs.
So are you getting any errors displayed to the screen or other avast problems ?
Thanks for your contributions. Helpfully intended comments are always welcome.
I guess, I will just have to settle for answers to 2 only. I always wonder, given that there are so MANY files that are locked by the OS and never are scanned by A-V - - how high a confidence can we have, that these unscanned files (often deep in the kernel of the OS, but not always) are locked by the OS, and not by some smart malware? How can it be proven that these files are not harboring spyware/virus/rootkit, or all of the above?
Yeah - these uncertainties make my head hurt, too.
Thanks again, for helping where you could.
Remember that as well as getting the access denied error, you should also be getting the file name, location, etc. of the file that can’t be scanned. With that information you can search google, etc. and get an idea if it is legit and also why it might be legitimately denied.
I think it would certainly make a difference as those error codes are related to windows (explorer), unless you were using bootcamp then I would expect OS X Lion would have its equivalent codes (or possibly the same for common errors).
I actually have never opened Bootcamp on the Mac, nor tried to add a boot-to-Windows® option. I need to go on to upgrade to OS X Yosemite more than I need to run Windows apps. Trying to make sure my machine is cleaned, prior to starting that upgrade. Yep; it looks like we have no way to be sure we aren’t infected. There have been hundreds of these “unable to scan” items. And at every startup, I see dozens of errors and dozens of each of those kinds of errors flowing by, in the All Messages log, things including “unable to load NetBios data from” (IPv4 of the LAN gateway) “on Port 2048” (sometimes) or Port 137 or 138, “to Port 137” or 138; and lots and lots of repetitions of “unable to connect [any of many cryptically-named software objects] to function buttonPressed” (something very much like that; memory fades a bit at this time of night); there are many, many other examples. Just too many, there is not enough time in the day outside of work, to be Googling around on the off chance that Google could find anything rewarding and meaningful on a tenth of them.
Well, as Avast is one of the major A-Vs for Mac, I do wish that Avast support could explicate these things for us, give us their product’s programmed-in criteria for announcing each kind of error message. One would think, they must have produced a set of guidelines. Surely, their coders must be working from a document to guide the coding.
I guess it’s like in the great old folksong about the lady who “walks the night in a long, black veil” – – it looks like, “nobody knows, and nobody sees, and nobody cares, but me…” Good night, Mrs. calabash, wherever you are.
