The Resident Shield component gives your computer continuous protection. It scans every single file that is being opened, saved, or copied, and guards the system areas of the computer. Normally, you do not even notice the process, as it runs "in the background", and you only get notified when threats are found; at the same time, the Resident Shield blocks activation of the threat and removes it.

The Resident Shield is loaded in the memory of your computer during startup, and it is vital that you keep it switched on at all times.

What the Resident Shield can do:

• Scan for specific kinds of possible threats 
• Scan removable media (flash disk etc.) 
• Scan files with specific extensions or without extensions at all 
• Allow exceptions from scanning – specific files or folders that should never be scanned

For more information regarding AVG Resident Shield please refer to documentation available here.

When AVG detects a virus in a file, it attempts to remove such file with the access rights of the user who executed the test, or tried to access the file. In case this is not possible due to limited permissions (e.g. you can open the file but can not modify it or delete it), AVG can attempt to remove the file under different user account with higher permissions.

When you select the option "Remove threat as power user", you are asked to enter Windows user name and password for a different user account. In typical situation, administrator user name and password can be used, however this depends on the user accounts you have available on your computer.

To check under which user account are you logged into Windows and which other accounts are available, you  can refer to the FAQ topic 1196.

To exclude a directory from Resident Shield scanning, please proceed as follows:

• open AVG -> Tools -> Advanced settings
• in the left pane select Resident Shield -> Exceptions 
• use the "Add Path" button to choose the directory to be excluded 
• confirm the changes using the OK button

The whole computer scan may be launched in diverse ways. Please select the more pleasant one:

1. Launch the complete test by clicking on the "Computer scanner" button

• Please open the AVG program.
• Click on the "Computer scanner" button from navigation panel located on the left hand side.
• Then please click on the "Scan whole computer" option.
• Now the complete test of your computer is running.

2. Launch the complete test from "Tools" menu

• Please open the AVG program.
• Click on the "Tools" menu located at the top of window.
• Select the "Scan computer" option from the menu.
• The complete scan of your computer will start immediately.

Note:
Automatic daily test plan is part of default AVG configuration. It is therefore usually not necessary to run the test manually, unless you disabled the default test plan. To check whether the automatic daily test is enabled, please proceed as follows:

• Open AVG program.
• Click on the Computer scanner in the left part of the window.
• In the list of Scheduled scans, there will be displayed the time of the next scan.
• In case the Scheduled scan is set to Disabled, double-click on it and tick the option Enable this task.

The AVG test may report a warning - potentially dangerous object on some files, which may be infected or pose a potentional threat. Typical examples of such detection are hidden files, cookies, suspicious registry keys, password protected documents or archives, etc.

Note:
In case some file is reported as Information, you can find more information about such detection in FAQ topic 1618.

Warning does refer to a file that cannot be scanned (password-protected archive), or to potentially suspicious files (hidden files, cookies, etc.). Such files do not present any direct threat to your computer or security. Information about these files is generally useful in case there is an adware or spyware detected on your computer. If there are only Warnings detected by an AVG test, no action is necessary.

This is a brief description of the most common examples of such objects:

• Hidden files
  The hidden files are by default not visible in Windows, and some viruses or other threats may try to avoid their detection by storing their files with this attribute. If your AVG reports a hidden file which you suspect to be malicious, you can move it to your AVG Virus Vault and send it to us for analysis.
• Cookies
  Cookies are plain-text files which are used by websites to store user-specific information, which is later used for loading custom website layout, pre-filling user name, etc. More information is available in the FAQ dedicated to this detection.
• Suspicious registry keys
  Some malware stores its information into Windows registry, to ensure it is loaded on startup or to extend its effect on the operating system.
  

If you wish, you can adjust the AVG test settings in such way, that only the warnings you are interested in are reported:

• open AVG User Interface
• click on Computer scanner
• click "Change scan settings"
• alternatively, you can change these settings in menu Tools - Advanced settings

More information about the files detected by AVG is available in the FAQ section covering viruses.

Settings of the item "Removable device scan" are available in the Advanced settings of AVG, under the "Scans" item.

When you choose the "Removable device scan" item the dialog allows you to specify parameters for scan of removable devices. It is needed to check the "Enable removable device scan" checkbox to activate this feature. If you do this, upon every connection of any removable device to your computer (for example USB flash drive) this device will be automatically scanned for viruses and/or spyware. If you disconnect the removable device during the scan, the scan will be interrupted (and will start again after next connection of the removable device).

The priority of the scan process defines how fast will the scan run, and how much system resources will it use. In other words, you can set the scan to run as fast as possible while slowing down your computer noticeably, or you can choose that you wish the test to run using as little system resources as possible, while prolonging its run time.

There are three options for the test priority in AVG:

• Fast scan = shortest scan time, highest usage of system resources
  The Fast scan does not leave any time gaps between reading files on the computer, and the scanning runs in multiple threads to utilize even multi-core processors. The Fast scan is recommended when the computer is not used or no other demanding application is running at the same time.
  
• Slow scan = longest scan time, lowest usage of system resources
  The Slow scan leaves time gaps between reading individual files, so that other applications can access the data on the computer with minimal delay. The scanning itself also runs with lower priority, in single thread, and with lower memory demands.
• Automatic scan = both scan time and generated system load depend on current computer load
  In the Automatic mode, AVG is adjusting the scan priority and gaps between files based on current system load, thus minimizing the impact of the test on the system, while finishing the test in shortest possible time.

The scan priority can be set for both running and scheduled test:

• Running test
  Please adjust the slider in the window of currently running test (AVG User Interface -> Computer scanner -> running scan).
• Scheduled test
  In Computer scanner, please double-click on the scheduled scan and switch to the tab "How to scan". After setting the priority, please click the "Save" button to store the configuration.

To exclude some folder from one AVG test or from a test schedule, please proceed as follows:

• To edit excludes in one test:
• Open AVG User Interface by double-click on AVG icon on your desktop or in the tray notification area.
• Click on Computer scanner -> Scan specific files or folders.
• To edit excludes in test schedule:
• Open AVG User Interface by double-click on AVG icon on your desktop or in the tray notification area.
• Click on Computer scanner -> select Scheduled scan -> button Edit scan schedule.
• Switch to tab What to scan -> select Scan specific files or folders.
• Tick all drives you wish to be scanned.
• To exclude e.g. folder "C:\Program Files", please expand drive C:\ (using the + button, or by double-click on its icon) and un-tick the folder "Program Files".

• Alternatively, you can leave all drives and folders selected and add into the text box above the selection tree:
• ![path];
  e.g. !C:\Program Files; will disable scanning of the Program Files folder.
• In case you wish to disable recursion in some folders (so that the contents of that folder are scanned, but not subfolders), please type the following:
• -[path];
  e.g. -C:\Windows\System32; will scan all files in the System32 folder, but not its subfolders. All other folders in C:\Windows will be scanned completely.
  

AVG scan is able to detect files which may not be infected, but are suspicious. These files are reported either as Warning (described in FAQ 1215), or as Information. The severity Information can be reported for one of the following reasons:

• Run-time packed
  The file was packed with one of less common run-time packers, which may indicate an attempt to prevent scanning of such file. However, not every report of such file indicates a virus.
• Run-time packed recursive
  Similar to above, however less frequent amongst common software. Such files are suspicious and their removal or submission for analysis should be considered.
• Password protected archive or document
  Password protected files can not be scanned by AVG (or generally any other Anti-Malware program). For more information, see FAQ 790.
• Document with macros
  The reported document contains macros, which may be malicious.
• Hidden extension
  Files with hidden extension may appear to be e.g. pictures, but in fact they are executable files (e.g. picture.jpg.exe). The second extension is not visible in Windows by default, and AVG reports such files to prevent their accidental opening.
• Improper file path
  If some important system file is running from other than default path (e.g. winlogon.exe running from other than Windows folder), AVG reports this discrepancy. In some cases, viruses use names of standard system processes to make their presence less apparent in the system.
• Locked file
  The reported file is locked, thus cannot be scanned by AVG. This usually means that some file is constantly being used by the system (e.g. swap file).

If you wish, you can adjust the AVG test settings in such way, that only the information you are interested in are reported:

• Open AVG User Interface.
• Click on Computer scanner.
• Click Change scan settings.
• Alternatively, you can change these settings in menu Tools -> Advanced settings.

"Potentially Unwanted Programs" sometimes act very similarly to viruses or spyware. They are usually installed legitimately as a part of another program (often designated as an "AD-Supported program" – in which the End User License Agreement typically prompts the user to accept that, in addition to the desired program, an additional program (Potentially Unwanted Program) will also be installed).

AVG is able to detect some Potentially Unwanted Programs and remove the detected files.
NOTE: Removal of the Potentially Unwanted Programs can result in damage to the AD-Supported program which was installed with them.

It is also possible to create exception for files detected as Potentially unwanted. Such files included in exceptions will not be detected as threats any more.

Procedure how to add file to PUP exceptions is described here.

These files (for example documents or archives) are password protected, therefore it was not possible to check its content by the test. In case that you know the password and open the archive, the content is checked by the AVG Resident Shield immediately. This AVG component does not allow to open/launch the possibly infected code from such archive.

If you need to exclude a certain "Potentially unwanted program" from any detection by AVG (for example if you are using an Ad-sponsored program or utility, which could be dangerous, but could also be used with your knowledge), you can exclude it from AVG Resident Shield and AVG tests detection this way:

• Please open the AVG program -> "Tools" menu -> "Advanced settings" -> "PUP exceptions" -> push the "Add exception" button to add a new exception.
• Now find the file you want to exclude from AVG detection. If you are not sure that the file location is static, enable "Any location - do not use full path" function.
• Save the setting using the "Add" button.

These exceptions can be used for "Potentially unwanted programs" only. If you set the exception for a viral file (Trojan horse, I-Worm, Worm, W32...), this file will be still detected by AVG tests and the AVG Resident Shield.

These exceptions are not used for the AVG Email Scanner.

Note: These exceptions can be created for files only, not for folders.