confused about results of avast scan, worried that computer may be infected

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

zeroplusalpha

Thread Starter
Joined
Oct 31, 2007
Messages
79
I apologise for my ignorance, I'm new here...

I just ran what I would consider a routine scan with Avast ( I do this about twice a week) and for the first time since installation it informs me of an alarmingly large number of files in c:\System Volume Information...and c:\WINDOWS\Temp... that it is unable to scan because "...Archive is password protected". According to the interface there were 0 files infected. but it took a whopping 29 mins to complete the scan.

I've been having trouble with a number of things since day one, and not really knowing what I'm doing I tend to be a little jittery about these things, but a few things concern me - checking my mail this morning my Yahoo mail account login timed out when I briefly left my desk, my Yahoo instant messenger signed out of its own accord randomly earlier on this evening, and when I visited youtube I couldn't seem to enlarge the clip I was intending to view.

Has my machine been compromised?
 
Joined
Sep 21, 2007
Messages
13,665
I would delete those passworded archives if you didnt create them.

Yahoo signing out could just be because your connection failed temporarily.
 

zeroplusalpha

Thread Starter
Joined
Oct 31, 2007
Messages
79
Thanks for the replies.

I haven't tried running Spybot, but I have Counterspy (expired) and a squared (trial) on my system, and both deep scans told me that my system was clean. Whilst I'm not really sure how indicative of my system's health it really is, I think it may just be something I missed.

I have visited the www.daniweb.forum site, but before I follow that up I want to make sure that those files don't contain anything vital - and the question still remains as how they are password protected and why avast is unable to scan them now.

On the Avast forum, common wisdom has it that protected archive files are usually associated with security programs - could this have something to do with the expired Counterspy?
 
Joined
Sep 21, 2007
Messages
13,665
if you want to be safe, then burn the passworded archives to CD, then delete them.
 

zeroplusalpha

Thread Starter
Joined
Oct 31, 2007
Messages
79
Am I allowed post the results of the scan (304 lines) on the forum to have someone look it over?

It's going to take a while, as I can't seem to copy/paste the information, which is a little annoying, but I can always type it into Notepad, and copy/paste from there.

Unless there's anyone who know how to do that from the Avast user interface...
 
Joined
May 30, 2007
Messages
61
I too am pretty noob but c:\System Volume Information cannot be accessed until you let it be.
 

zeroplusalpha

Thread Starter
Joined
Oct 31, 2007
Messages
79
uh...thanks...I am way noobier (that's a word. It is it is it is it is) than you.

I'm told that c:\System Volume Information is something to do with the System Restore function, I'll have a look around the forums to see if anybody can tell me exactly what it does, but would you happen to know how to access it (is it a file? Is it a directory?).

Or for that matter, why I can't access it now...
 

Byteman

Gone but Never Forgotten
Joined
Jan 24, 2002
Messages
17,742
Hi, Here's a very complete explanation of just about everything to do with System Restore:

This has nothing to do with restoring the computer back to factory specs, or formatting, or reinstalling... read the article.

http://www.bleepingcomputer.com/tutorials/tutorial56.html

Turning off System Restore is the method used to empty the Restore Points, which often contain malware, since Restore is not picky and will back up malware, if it is in certain locations on the hard drive.

System Restore Points do self-prune, but it takes time...

Nothing in Restore can get out to do any harm, unless someone uses a Restore Point and, since you may have to do that at some time, it's often best to empty the Points manually.

All you do then, is restart the computer, turn Restore back on, and create the first new Restore Point and Windows manages it after that.
 

zeroplusalpha

Thread Starter
Joined
Oct 31, 2007
Messages
79
Would it help if I included screenshots of what my AV actually reports (I've very recently learned how to do this. Five minutes ago, in fact, on this very site:eek::) )?

It doesn't seem to want me to paste it into Notepad.

The only drawback to this is it takes about half an hour for avast to run the scan...

Is it feasible to stay online whilst its doing so?
 

zeroplusalpha

Thread Starter
Joined
Oct 31, 2007
Messages
79
Actually, scratch that. The screen shot taken doesn't nearly show enough detail.

I'll try flushing System Restore, and I'll see what it says.

Many thanks.
 

Byteman

Gone but Never Forgotten
Joined
Jan 24, 2002
Messages
17,742
Usually we do see items scanned that are shown as locked- it's another account, where the user has a password to make their folders Private...

Here's how Kaspersky antivirus and online scanner treat archives that are passworded:

http://www.kaspersky.com/faq?chapter=170707921&qid=170325108

Your program is probably doing the same thing, with System Restore.

To be sure, we should have the log posted, no matter how long it is....

You can attach the log file if it's too many characters for a Reply.
 

zeroplusalpha

Thread Starter
Joined
Oct 31, 2007
Messages
79
Actually I have a question - what is exactly is contained in the archive files that the AV is checking?
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top