I have installed Avast and discovered it suffers from the same problem that GFI did, that it can't scan for the Netsky.P virus inside the password protected zip files that the virus creates to email itself around.
The infected zip files are being picked up by Nortons on the desktop which doesn't seem to have any problems scanning the zip files.
As the files as password-protected, they are not possible to be scanned - that's why they are password protected, right?
You may try to bruteforce the password, but that will work only until the virus writers realize that 4 digits password is simply too short - and I guess you'd rather avoid scanning one single file for 1000 years... So, the antivirus programs use only some kind of heuristics (e.g. "password protected zip file with a single file inside the archive, having .exe or .src extension, within a certain range of sizes", etc.).
One other product I've tried had the option to delete password protected zip files, but this product doesn't give you that option. Defeating the password protection on zip files is not hard and some antivirus programs do, namely Nortons and Trend that I personally know do from experience.
I don't think it's nice to delete
all password-protected archives; there are certainly good reasons to send such a file. So, the heuristics mentioned above should be tuned to provide reasonable protection without much false alarms. But of course, it's will never be 100%.
With Avast, I have it set to notify me for untestable email, but it does not do this in the case of infected password protected zip files, it just passes them through complete with the virul payload.
...
That's why I always recommend that people should use different antivirus products for email servers and the desktops for just this sort of thing.
Even though this recommendation may have a reason, it's void in this case. The desktop protection would detect the virus as soon as it's unpacked from the archive and block it; the zip archive itself is harmless, of course.