Can't remove virus/Scanning Errors

I’d like to thank you in advance for helping me. I’ve been reading the posts here for the past couple of weeks. I don’t understand a good deal of it. But, I am impressed with the dedication and kindness displayed. And, I figure, the more I read, the more I’ll understand.

I’m having a few issues with Avast. When I set the scan to Thorough and enable the option Scan Archives, there are consistently about 20 files that Avast reports unable to scan. The error messages follow:

  • Unable to Scan: GZIP file archive is corrupted
  • Unable to Scan: ZIP file archive is corrupted
  • Unable to Scan: Archive is password protected
  • Unable to Scan: Compressed file is too big to be scanned

The files that earn the GZIP file archive is corrupted message all appear to be Temporary Internet files. On the Results of Last Scan screen, I’ve tried the Action options Delete, Chest and Move. No dice. The only result is varying error messages.

The files that earn the “ZIP file archive is corrupted” message are all Java files. With the exception of two, they all bear the extension .MF. I have no idea what these files are for or whether they can be safely deleted. The two other Java files bear the extension .spi One indicates that it is a Charset Provider. The other an AudioFileReader

The Archive file that Avast indicates is password protected is:\temp\trz4\vpwue.exe
Is this file associated with Avast? I tried doing an internet search for “vpwue.exe” and came up blank. In general, is there a legitimate reason for Archive files to be password protected or should I always delete them?

What is the best course of action when Avast indicates that an Archive file is too big to be scanned? Are all archive files disposable? Are they simply backup files? Do they serve a function? If so, I need to manually replace them once they are eradicated? Or, will the system replicate them automatically? I’m guessing that the files Avast identifies as corrupted aren’t doing me any good anyway.

The most pressing problem that I am having involves a virus. Last night, Avast indicated that there are two files infected with the ZipPSW worm.

\Documents and Settings\Bob\Local Settings\Temp\trz4.tmp

and

\Documents and Settings\Bob\Local Settings\Application Data\Microsoft\Outlook\outlook.pst\Personal Folders
Top of Personal Folders\Deleted Items\Forum Notify\More Info.zip

I’ve tried running Avast six times to get rid of the darn thing, no luck. I’ve tried both of the options that are presented when Avast actually comes across the files. I’ve tried all of the Action options on the Results of Last Scan Screen. I’ve even tried rebooting thinking that maybe because at least one of them is a system file Avast needed me to reboot to Repair/Chest… Nopers.

What does this virus do? How do I get rid of it? How did the virus get past Avast in the first place? How do I prevent it from happening again? Removing Outlook is not an option. It isn’t my computer (my husband’s) and he needs Outlook to synch with his iPac.

Thank you for your assistance!

Anna

Anna,
Ok, I will try to sort things out for you one at a time.

See my post under PK…

Having computer trouble. Lost the entire completed reply.

techie

Hello,

The error messages follow: - Unable to Scan: Archive is password protected
It means archive is protected with a password, for instance some installation programs protect themselves this way. Some applications store files (viruses/private data/...) which a user should not execute or see. We warn you, avast! couldn't scan the archive - because password is unknown for us.
- Unable to Scan: Compressed file is too big to be scanned

Generally speaking this error says the archive is light corrupted and we couldn’t create a file because its uncompressed size (stored in archive header) is invalid, e.g. 20Kb archive (in most cases) will not unpack itself to 2Gb size. Avast shows you this error for every GZIP/BZIP2 corrupted archive.

If you weren’t persuaded the files are really corrupted (e.g. you got no error msg during unpacking), you can send me them for furter analyze.

The files that earn the "ZIP file archive is corrupted" message are all Java files.
Yes, java files are zipped - and some of them don't use CRC32 field in the header - so we (and winzip/winrar/... tools) give notice these internal files are corrupted. You can search for "java zip" string in this forum for more information.
The other an AudioFileReader
and if you unpack the archive manually, do you get an error ? If not, send me it .
The Archive file that Avast indicates is password protected is:\temp\trz4\vpwue.exe Is this file associated with Avast?
Yes, it is; "trz" means "trezor" in czech (="safe" in english).
What is the best course of action when Avast indicates that an Archive file is too big to be scanned?
Again, if you can unpack those archives without getting an error, send me that archive.
The most pressing problem that I am having involves a virus. Last night, Avast indicated that there are two files infected with the ZipPSW worm.

you can delete the archive, it contains one infected file.

Anna,
Ok, I will try to sort things out for you one at a time.

And, I figure, the more I read, the more I'll understand.
Yes, you will learn much. Most of the people here on the Forum devote a great deal of their time to helping other users.
When I set the scan to Thorough and enable the option Scan Archives, there are consistently about 20 files that Avast reports unable to scan. The error messages follow: - Unable to Scan: GZIP file archive is corrupted - Unable to Scan: ZIP file archive is corrupted - Unable to Scan: Archive is password protected - Unable to Scan: Compressed file is too big to be scanned
This is common. When Avast scans deeply, it will find files that it is unable to scan due to restrains in the scan engine. It will not scan into zip files or passworded files, or those in the System Restore. This does not mean that they are bad file.
The files that earn the GZIP file archive is corrupted message all appear to be Temporary Internet files. On the Results of Last Scan screen, I've tried the Action options Delete, Chest and Move. No dice. The only result is varying error messages.
Temporary Internet files are not needed and can be safely deleted manually. Do you use IE browser? If so, go into ToolsInternet Options/General and in the middle of the window, you will see the button to delete TIF.
The files that earn the "ZIP file archive is corrupted" message are all Java files. With the exception of two, they all bear the extension .MF.
Do you use any programs by ADOBE? The .mf extension can be either a Macro Text File set or a Frame Maker file set. Does Avast give the complete path to the file? If so, let me know what it is so I can best advise you.
The two other Java files bear the extension .spi One indicates that it is a Charset Provider. The other an AudioFileReader
The files you have can be either Software Update Utility or Scanner Graphics files. More than likely, you need these since they are usually associated with active programs.
The Archive file that Avast indicates is password protected is:\temp\trz4\vpwue.exe Is this file associated with Avast? I tried doing an internet search for "vpwue.exe" and came up blank.
Unfortunately, this file is not familiar to me. I will refer this to one of the Avast Team.
In general, is there a legitimate reason for Archive files to be password protected or should I always delete them?
A general question, and therefore a general answer. Archive files can be passworded dependent upon what they are. They should not always be deleted. You must determine what they are, and if you will need them.

BE RIGHT BACK TO FINISH…HAVE TO GO DO SOMEHTING.

OK…I see PK got back to you. Sorry, had to go pick up the kids at the bus.my Significant Other at the bus.

Glad you got the help you needed. The Avast Team is really great.

techie

Disregard…

Computer did it again.

Sorry,
techie