1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

confused about results of avast scan, worried that computer may be infected

Discussion in 'General Security' started by zeroplusalpha, Nov 1, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. zeroplusalpha

    zeroplusalpha Thread Starter

    Joined:
    Oct 31, 2007
    Messages:
    79
    I apologise for my ignorance, I'm new here...

    I just ran what I would consider a routine scan with Avast ( I do this about twice a week) and for the first time since installation it informs me of an alarmingly large number of files in c:\System Volume Information...and c:\WINDOWS\Temp... that it is unable to scan because "...Archive is password protected". According to the interface there were 0 files infected. but it took a whopping 29 mins to complete the scan.

    I've been having trouble with a number of things since day one, and not really knowing what I'm doing I tend to be a little jittery about these things, but a few things concern me - checking my mail this morning my Yahoo mail account login timed out when I briefly left my desk, my Yahoo instant messenger signed out of its own accord randomly earlier on this evening, and when I visited youtube I couldn't seem to enlarge the clip I was intending to view.

    Has my machine been compromised?
     
  2. lunarlander

    lunarlander

    Joined:
    Sep 21, 2007
    Messages:
    11,817
    I would delete those passworded archives if you didnt create them.

    Yahoo signing out could just be because your connection failed temporarily.
     
  3. grouse

    grouse

    Joined:
    Nov 1, 2007
    Messages:
    27
  4. CHAD27

    CHAD27

    Joined:
    Nov 1, 2007
    Messages:
    40
  5. zeroplusalpha

    zeroplusalpha Thread Starter

    Joined:
    Oct 31, 2007
    Messages:
    79
    Thanks for the replies.

    I haven't tried running Spybot, but I have Counterspy (expired) and a squared (trial) on my system, and both deep scans told me that my system was clean. Whilst I'm not really sure how indicative of my system's health it really is, I think it may just be something I missed.

    I have visited the www.daniweb.forum site, but before I follow that up I want to make sure that those files don't contain anything vital - and the question still remains as how they are password protected and why avast is unable to scan them now.

    On the Avast forum, common wisdom has it that protected archive files are usually associated with security programs - could this have something to do with the expired Counterspy?
     
  6. lunarlander

    lunarlander

    Joined:
    Sep 21, 2007
    Messages:
    11,817
    if you want to be safe, then burn the passworded archives to CD, then delete them.
     
  7. zeroplusalpha

    zeroplusalpha Thread Starter

    Joined:
    Oct 31, 2007
    Messages:
    79
    Am I allowed post the results of the scan (304 lines) on the forum to have someone look it over?

    It's going to take a while, as I can't seem to copy/paste the information, which is a little annoying, but I can always type it into Notepad, and copy/paste from there.

    Unless there's anyone who know how to do that from the Avast user interface...
     
  8. zeroplusalpha

    zeroplusalpha Thread Starter

    Joined:
    Oct 31, 2007
    Messages:
    79
    Sorry, I've been away this week.

    Can I bump this post?
     
  9. Popesture

    Popesture

    Joined:
    May 30, 2007
    Messages:
    61
    I too am pretty noob but c:\System Volume Information cannot be accessed until you let it be.
     
  10. zeroplusalpha

    zeroplusalpha Thread Starter

    Joined:
    Oct 31, 2007
    Messages:
    79
    uh...thanks...I am way noobier (that's a word. It is it is it is it is) than you.

    I'm told that c:\System Volume Information is something to do with the System Restore function, I'll have a look around the forums to see if anybody can tell me exactly what it does, but would you happen to know how to access it (is it a file? Is it a directory?).

    Or for that matter, why I can't access it now...
     
  11. Byteman

    Byteman Gone but Never Forgotten

    Joined:
    Jan 24, 2002
    Messages:
    17,742
    Hi, Here's a very complete explanation of just about everything to do with System Restore:

    This has nothing to do with restoring the computer back to factory specs, or formatting, or reinstalling... read the article.

    http://www.bleepingcomputer.com/tutorials/tutorial56.html

    Turning off System Restore is the method used to empty the Restore Points, which often contain malware, since Restore is not picky and will back up malware, if it is in certain locations on the hard drive.

    System Restore Points do self-prune, but it takes time...

    Nothing in Restore can get out to do any harm, unless someone uses a Restore Point and, since you may have to do that at some time, it's often best to empty the Points manually.

    All you do then, is restart the computer, turn Restore back on, and create the first new Restore Point and Windows manages it after that.
     
  12. zeroplusalpha

    zeroplusalpha Thread Starter

    Joined:
    Oct 31, 2007
    Messages:
    79
    Would it help if I included screenshots of what my AV actually reports (I've very recently learned how to do this. Five minutes ago, in fact, on this very site:eek::) )?

    It doesn't seem to want me to paste it into Notepad.

    The only drawback to this is it takes about half an hour for avast to run the scan...

    Is it feasible to stay online whilst its doing so?
     
  13. zeroplusalpha

    zeroplusalpha Thread Starter

    Joined:
    Oct 31, 2007
    Messages:
    79
    Actually, scratch that. The screen shot taken doesn't nearly show enough detail.

    I'll try flushing System Restore, and I'll see what it says.

    Many thanks.
     
  14. Byteman

    Byteman Gone but Never Forgotten

    Joined:
    Jan 24, 2002
    Messages:
    17,742
    Usually we do see items scanned that are shown as locked- it's another account, where the user has a password to make their folders Private...

    Here's how Kaspersky antivirus and online scanner treat archives that are passworded:

    http://www.kaspersky.com/faq?chapter=170707921&qid=170325108

    Your program is probably doing the same thing, with System Restore.

    To be sure, we should have the log posted, no matter how long it is....

    You can attach the log file if it's too many characters for a Reply.
     
  15. zeroplusalpha

    zeroplusalpha Thread Starter

    Joined:
    Oct 31, 2007
    Messages:
    79
    Actually I have a question - what is exactly is contained in the archive files that the AV is checking?
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - confused results avast
  1. UsherBhai
    Replies:
    1
    Views:
    6,386
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/646674

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice