Avast WEBforum

Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: am1432 on March 27, 2009, 04:35:46 AM

Title: "Unable to Scan Archive Files: Password Protected"?
Post by: am1432 on March 27, 2009, 04:35:46 AM
I get this message after doing scans on the High setting and choosing Thorough.

I tried to ask a friend about it, they had no idea since they have no experience with Avast, but on another forum I was told this was good.

AVG wouldn't install on my computer for some reason.

I was using Trend Micro before, but then someone said it wasn't great so when it expired I tried the free Avast out.

It ends up saying there's over 700 files when it shows the message, it's beside all of them in the grid/list thingy. Thing...I'm clearly very technical, right? haha

Anyone have any ideas?

I'd uninstalled Trend Micro using the Add/Remove Programs dealy and it said it'd successfully uninstalled. So now I'm just lost.

Scared of this Apr. 1 virus, I just bought this computer not long ago after my other one completely died, seemed like a virus last time so I'm totally paranoid now!

Any help would be much appreciate! =o)

I use Windows XP and downloaded Avast 4.8 if that matters.
Title: Re: "Unable to Scan Archive Files: Password Protected"?
Post by: Vladimyr on March 27, 2009, 05:13:36 AM
Hi am1432

If these files are archives (e.g. .cab .zip) there's probably nothing to worry about.
"Thorough" is very thorough but avast!, like any other anti-malware program, can't open/unpack them to check the contents if it doesn't know the password.
If you're "paranoid" about malware risk, best to cross-check by scanning with MBAM (http://www.malwarebytes.org/mbam.php) and/or SAS (http://www.superantispyware.com/superantispywarefreevspro.html) (both excellent and free).
Title: Re: "Unable to Scan Archive Files: Password Protected"?
Post by: am1432 on March 27, 2009, 06:54:04 AM
Hey Vlad =o)

Thanks bunches for the reply!

I'll try both of those links.

Also, how can I check what the end of the files are? Should I see it in the grid/list of the 700+ files but I just didn't look hard enough? Or is there something to do with a right click here?

I don't know tons about computers except that usually when something is difficult, the solution involves a right click! haha

Thanks again! =o)
Amanda
Title: Re: "Unable to Scan Archive Files: Password Protected"?
Post by: am1432 on March 27, 2009, 06:55:50 AM
Sorry, one more thing. Should *I* know the password? If so and I can actually sort that out, should it be entered into Avast so it will scan everything?

Title: Re: "Unable to Scan Archive Files: Password Protected"?
Post by: Tarq57 on March 27, 2009, 07:07:11 AM
"Unable to scan file" is just that, doesn't mean the file is infected.
If you maximise the scan results window and move the column header, you'll be able to see the file name and path, which will usually provide the reason (and usually the reassurance) why. For example: Spybot quarantined items. AdAware defs. System volume information.There is no way to enter a password for same, the programs will be "speaking" different languages, and usually no need for it, either.
So have a look, may need further investigation, but don't be alarmed.
Title: Re: "Unable to Scan Archive Files: Password Protected"?
Post by: am1432 on March 27, 2009, 08:00:24 AM
Tarq - Thanks bunches!

Most of them do say System Volume Information.

Ok, now I'm calming down. I had it scan everything except the CD drive (that's only useful if you want to make sure a CD doesn't have bad files, right? Or should I do that regularly?) nearly everything for C: did say that System... stuff in front of it.

Then the D: stuff is groups of things that are all pretty similar too.

You guys are rockin'! I was ready to cry before I came here thinking I had over 700 bad files and would need to replace the computer again in a week. Now I'll actually be able to sleep! haha

Will still try out the links just to be sure, but I definitely feel better already.

Thanks again!
Am =o)
Title: Re: "Unable to Scan Archive Files: Password Protected"?
Post by: Lisandro on March 27, 2009, 03:50:55 PM
If a virus is replicant (coming and coming again), you could follow the general cleaning procedure:

1. Clean your temporary files. You can use CleanUp (http://www.stevengould.org/downloads/cleanup/) or CCleaner (http://www.ccleaner.com/) for that.

2. Schedule a boot time scanning with avast. Start avast! > Right click the skin > Schedule a boot-time scanning. Select for scanning archives. Boot. Other option is scanning in SafeMode (http://support.microsoft.com/default.aspx?scid=kb;en-us;315222) (repeatedly press F8 while booting).
If avast does not detect it, you can try DrWeb CureIT! (http://www.freedrweb.com/cureit/) instead.

3. It will be good if you download, install, update and run SUPERantispyware (http://www.superantispyware.com), MBAM (http://malwarebytes.org/mbam.php) or SpywareTerminator (http://www.spywareterminator.com).
If any infection is detected, better and safer is send the file to Quarantine than to simple delete them.
About legit antispyware applications or the bad ones see here (http://www.spywarewarrior.com/rogue_anti-spyware.htm#sites).

4. If you still detecting any strange behavior or even you're sure you're not clean, maybe it will be good to test your machine with anti-rootkit applications (http://www.antirootkit.com/software/index.htm). I suggest avast! antirootkit (http://files.avast.com/files/beta/aswar.exe) or Trend Micro RootkitBuster (http://www.trendmicro.com/download/rbuster.asp) for XP/Vista. For XP only: Panda (http://research.pandasoftware.com/blogs/research/archive/2007/04/27/New-Panda-Anti_2D00_Rootkit-_2D00_-Version-1.07.aspx).

5. Also, if you still detecting strange behaviors or you want to be sure you're clean, maybe making a HijackThis (http://www.bleepingcomputer.com/files/hijackthis.php) log to post here or this analysis site (http://www.hijackthis.de/#anl). Or even submit the RunScanner (http://www.runscanner.net/) log to to on-line analysis.

6. After you're clean, disable System Restore on Windows ME (http://support.microsoft.com/default.aspx?scid=kb;en-us;Q264887), XP (http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;310405) or Vista (http://support.microsoft.com/?scid=kb%3Ben-us%3B936212&x=6&y=13). System Restore is not available in Windows 9x and 2k. After disabling you can enable it again.

7. Use the immunization of SpywareBlaster (http://www.javacoolsoftware.com/spywareblaster.html).

8. Finally, when you're clean, check for insecure applications with Secunia Software Inspector (http://secunia.com/software_inspector/) to update insecure applications and avoid reinfection.
Title: Re: "Unable to Scan Archive Files: Password Protected"?
Post by: am1432 on March 27, 2009, 09:49:35 PM
Tech - Thanks!

That sounds wickedly complicated and over my head, but I'll see if I can sort it out anyhow! haha

Thanks for all the help everyone, I totally appreciate it! =o)
Am
Title: Re: "Unable to Scan Archive Files: Password Protected"?
Post by: DavidR on March 27, 2009, 10:32:42 PM
Don't look at the whole, take it a step at a time and ask questions if required.

Report progress/results at the end of each step
Title: Re: "Unable to Scan Archive Files: Password Protected"?
Post by: am1432 on March 28, 2009, 12:40:38 AM
I already have a question *doh*

I downloaded CCleaner.

Using the "Cleaner" part was simple enough, but I have no idea about the other options there.

"Registry" scared me when I did the scan and then it asked if I wanted to "backup the registry" when I clicked "Fix selected issues" -- so I panicked and hit Cancel instead. Is doing the Registry scan even something I should mess with or just never touch it again?

Thanks for the advice, David, step-by-step is theonly way I'll be able to manage this. I'm a tech nimrod when it comes to using these kinds of programs ='o(

But you all help tons! =o)

For the Spyware issue, a friend told me to use SpyBot Search & Destroy, and I did download it a week ago. Is it any good, or I should switch to one that was suggested before?
Title: Re: "Unable to Scan Archive Files: Password Protected"?
Post by: DavidR on March 28, 2009, 12:55:40 AM
All you were asked to do was clean temporary files using ccleaner, then that was it, move to the next step. Try not to ad additional steps to a long journey ;D Clearing out the temporary files frequently removes some malware and that is all we are trying to do in this step.

Leave the Registry, Tools and Options icons/sections alone for now, you should only be working in the Cleaner section.

There are other tools in step 3 that can check your registry and they produce logs so you can copy and paste the contents of the log here and we can advise on actions to be taken.

When compared to the first two applications in step 3 it isn't up to the same standard though it does have resident protection which up to a point is helpful.
Title: Re: "Unable to Scan Archive Files: Password Protected"?
Post by: am1432 on March 28, 2009, 02:37:11 AM
David - Thanks for even giving me an image to work wit, awesome!

Ok, so I went for "Spyware Terminator" because it said it had real-time protection and scanning.

Downloaded that, now when I went to install it's giving me options and I don't know which to choose =o/

There's 3 options:

Scan for spyware - checks and removes

Protect against spyware - this is the real-time one

Protect against spyware and viruses - this one also says real time, but more than the 2nd did.

The last one sounds best but I figured I'd ask you guys since hopefully I have a bit of time to double check, and I'm totally lost trying by myself.

I don't know how you guys sort this all out, you're half magic or something ^5

** On closer inspection, looks like I'm an idiot and it was already installed but asking me what exactly I wanted to do with it *doh*
Title: Re: "Unable to Scan Archive Files: Password Protected"?
Post by: am1432 on March 28, 2009, 02:52:07 AM
Ok I was gonna post the Report from Spyware Terminator but it said it exceeded the character limit.

It found one cookie and said it was only a small threat, 1 block out of 5, a Firefox cookie.

Now I don't know what to do with it =o/

And apparently it also won't let me choose to do a virus scan using this because it needs 'WinClamAV'?

Do I care? Or because I'm using Avast I'm all covered?

** Again, nevermind. I worked it out with some perusing. Sorry =o/
Title: Re: "Unable to Scan Archive Files: Password Protected"?
Post by: Tarq57 on March 28, 2009, 08:38:54 AM
I haven't used ST for over a year (don't miss it, either) but I would recommend against installing Clam AV - not because there is anything wrong with it, but because its' detection rate isn't that flash compared to, say, Avast, - and I would strongly recommend against installing that little toolbar that installs as part of WebSecurityGuard.
Frankly, I would rather use Superantispyware and/or MBAM as on demand scanners that ST in realtime.
Title: Re: "Unable to Scan Archive Files: Password Protected"?
Post by: DavidR on March 28, 2009, 03:44:20 PM
Firstly you don't so much need real time protection but confirming your system is clean and IMHO both SAS and MBAM are better than ST at detection and removal of malware. Cookies are a very minor issue and not one of security.

If a log file is too large to paste it can be split over two or more posts, though I have no idea how it could be so big if it only found 1 cookie and if that is all that is in it then there is little benefit from posting it.

So bearing in mind what Tarq57 said you shouldn't choose option 3. I used ST for less than a week and was totally unimpressed, that was some time ago and you have to avoid installing the crawler toolbar and the AV if you decide to install it. Its only advantage over SAS and MBAM is this resident protection.

I would do the scans with both SAS and MBAM and report the findings and basically if nothing serious is found I would say move directly to step 7 & 8.
Title: Re: "Unable to Scan Archive Files: Password Protected"?
Post by: am1432 on March 28, 2009, 07:58:27 PM
Thanks David & Tarq!

I'm an ass then, I installed the ClamAV *and* the Crawler Toolbar =o/

So should I uninstall ST now and then install one of the other ones you guys mentioned? And when it uninstalls should it take ClamAv & Crawler Toolbar with it or I'll have to sort that out myself some other way?

I'll wait for instructions since I seem to have chosen the wrong things by just using my own best judgment. Yikes o_O haha

Thanks again, I'd be adrift in a sea of tears without you guys =o)
Am

** Also, the report log thing, it was wicked long, it showed like everything it'd scanned. I might be on the wrong track with which part you guys were saying was the report. I just clicked "Report" and then there was a massive amount of info there. Looked like all the files it'd scanned. I have no idea what I'm supposed to be looking for.
Title: Re: "Unable to Scan Archive Files: Password Protected"?
Post by: DavidR on March 28, 2009, 08:09:48 PM
You're welcome.

I would suggest uninstalling spyware terminator and installing both of the others.
Title: Re: "Unable to Scan Archive Files: Password Protected"?
Post by: am1432 on March 28, 2009, 08:17:07 PM
Will do, thanks tons, David! =oD
Title: Re: "Unable to Scan Archive Files: Password Protected"?
Post by: DavidR on March 28, 2009, 09:23:00 PM
No problem.
Title: Re: "Unable to Scan Archive Files: Password Protected"?
Post by: am1432 on March 28, 2009, 10:05:29 PM
I'm stuck on step 7 =o/

I can't find "Immunize" anywhere.

I downloaded the updates for it, but I can't see anything that says scan. It showed a list of cookies and I clicked "Protect against checked items" -- was that all it's supposed to do?

Sorry I'm such a pylon =o/

There's a special place in Heaven for you guys, I'm sure of it. Patience of fricken saints yas have, rockin'! <3
Am
Title: Re: "Unable to Scan Archive Files: Password Protected"?
Post by: Tarq57 on March 28, 2009, 10:15:27 PM
Click on the link (where the cursor is pictured) "enable all protection".
This isn't a scanner; it will prevent known bad sites and cookies from loading. Once the immunity has been applied, the program can (and should) be closed. It doesn't have to be active to provide the immunity.
Updates happen every week or so.
Pretty useful extra layer of protection, really, at no system cost.
Title: Re: "Unable to Scan Archive Files: Password Protected"?
Post by: am1432 on March 28, 2009, 10:18:59 PM
Tarq - I did click the 'Enable all protection' button when it installed like it told me to. That was 'Immunizing' it?

If not, I still can't find anything that says immunize.

I also did the whole dealy of cflosing it after I just finished looking for the bajillionth time for something with the word immunize.

Hoping I already immunized and I'm just a jackass for looking for the literal 'Immunize' button *doh*

Thanks tons for the reply! =oD
Am
Title: Re: "Unable to Scan Archive Files: Password Protected"?
Post by: Tarq57 on March 28, 2009, 10:28:18 PM
You're all good. "Enable all protection" (and similar phrases, such as "enable protection for unprotected items") equals immunise.
The category of protection provided falls under the generic description "immunity" though it doesn't use that terminology within the program.
An example of a program that does use "immunity" on the GUI is Spybot.
(Best not to have too many applications doing the same thing, though. It can start to slow down loading of pages.)
Title: Re: "Unable to Scan Archive Files: Password Protected"?
Post by: am1432 on March 28, 2009, 10:32:44 PM
Tarq - You broke it down into words I can understand, thanks bunches!!! ^5

Ok so then now that I've downloaded the things I was told to here, should I uninstall Spybot Search & Destroy?

As of right now I have that installed and apparently running because I see the little S&D dude in the tray. SAS is also there. Right now they seem friendly enough and pages aren't loaded slowly for me.

I hope they pay you guys for this stuff, it's solid gold! <3
Am
Title: Re: "Unable to Scan Archive Files: Password Protected"?
Post by: Tarq57 on March 28, 2009, 11:34:35 PM
It's your choice. My personal thinking is not to be in too much of a hurry to uninstall Spybot, it is fairly old tech, and the apps. such as MBAM and SAS do seem overall better equipped for finding and removing modern malware threats, but S&D is still under active development and has a helpful forum, too. The developer is clearly very well motivated and has been doing this for quite a while.

The "little dude in the tray" will be the Teatimer, which guards against some registry changes. This can be useful. Sometimes it can create a confliction or problem with some other applications. If you have anything like this happen, turning the Teatimer off would be a good first troubleshooting step.  If you have the "immunize" function in Spybot active, make sure that you remove it before uninstalling the program, if you choose to uninstall it.
(I have S&D installed, Teatimer and immunity off. Other Guards off. I keep it purely as a scanner.)
If you remove the immunity in S&D, you will notice that it also disables some of the SpywareBlaster entries, that should then be re-enabled.

SAS defaults to starting with Windows. The program claims this is recommended, because it is better able to protect itself from malware when running. (Seems reasonable. Never had a problem, myself.) Unless you have the realtime active, which means you've purchased it, I see little point in having it start with Windows, personally, but I just use it for demand scans (not that often) and update it only once a fortnight, or prior to scanning. This works for me, and may work for you, too. I treat MBAM in a similar fashion; updates for MBAM are a lot faster in my corner of the globe, so if I have any reason to run a demand scan, MBAM is usually the one I use first.

Of course Avast pay us for helping here, by giving us this excellent and problem free antivirus.  ;D
No cash changes hands.
It's actually quite clever of Avast to have provided this forum, where often the developers look and help too, and in the past, before I joined, the forum has developed this sort of aura of willing and non-judgmental help, with a lot of technical expertise. It has gained a reputation for being one of the best security forums on the net. My motivation (and I suspect others also) for helping here is that I had a lot of problems in the past when I started messing with computers (totally ignorant) and got a lot of free help, from several sites. There's a lot of very good quality free software around. Quite mind-blowing, really. So it's a kind of pay back for that. With the benefit of learning a heck of a lot from the folk who have seen and done a lot more, or different stuff than me. It has also become a bit of a hobby, for the interest value, and keeping up to date with what's going on with security and web stuff generally.

Other software producers have their own forums too, of course, and some of them are good. I guess the first few members of the Avast forum set the tone of the forum for all those that followed, and it's carried on. Pretty decent of them to set that example, doncha think?
Title: Re: "Unable to Scan Archive Files: Password Protected"?
Post by: am1432 on March 28, 2009, 11:42:12 PM
Tarq - Totally! I figured it was possibly people doing it for free, but then you guys answer so quickly and all even when i ask something else every hour, I was hoping you'd be paid for it!

As long as everyone here's happy, that's all that matters. One day I'll back some cookies and send yas some or something haha =o)

Thanks again for all the help, I'm gonna re-read what you just posted there a couple more times so it sinks in and then see what I'll do with the stuff, but happy I didn't spin off on my own and uninstall S&D! Rockin'!

You guys are totally dope, thanks again to everyone who gave me advice <3
Am
Title: Re: "Unable to Scan Archive Files: Password Protected"?
Post by: am1432 on March 31, 2009, 02:17:44 AM
Hey again Everyone =o)

Ok, so if I want to be pretty sure I don't have any infection from this Conficker deal, if I do everything that I was told to do here, should that be pretty much guaranteed?

I'm one of the paranoids who's not using the computer starting tomorrow afternoon, and from what I've my understanding is if I didn't have any infection, then it's turned off till Apr. 2, I should be safe, yes?

If there's anything else I should beyond what I've already installed to use, please gimme a run down fit for someone as techtarded as myself.

Thanks for all the help, everyone! <3
Amanda
Title: Re: "Unable to Scan Archive Files: Password Protected"?
Post by: Tarq57 on March 31, 2009, 02:36:31 AM
If scans come up clean, and if your browser is connecting normally to the sites intended (including the main security sites..browse to some of them) and if you are able to connect to Windows Update, and update your security apps, you almost certainly don't have it. And the "almost" is only there as a token.
Leaving the computer off until April 2 is probably not going to make any difference. If you had it (you don't) and just decided to leave it off on "the day" (which may not even be "the day"), the malware would just go "Activate" as soon as an internet connection fed it the signal. If the signal is to be released on April 1, it's still likely to be active on the 2nd, and 3rd...especially with the numbers of host sites the experts are talking about; believed to be over 50000.
But why don't you set your browser to prompt for running active scripts, in all zones, just to help with that little bit extra hardening? (If you use Firefox, "NoScript" does this for you.)
Try Googling "computer layered defence". Likely some worthwhile reading. You have a good basic defence. Don't be too paranoid.
Title: Re: "Unable to Scan Archive Files: Password Protected"?
Post by: am1432 on March 31, 2009, 03:02:44 AM
Thanks, Tarq, you rock! I just did the No Script dealy.

It's got a little yellow bar at the bottom, I'm leaving it there since I have no clue what to do with, it seems fine but if it isn't and someone sees this, instruct me please!

I so love this site! <3
Am