Systems and methods for an anti-virus detection module that can detect known undesired computer files in damaged archives that may be encrypted, compressed and/or password-protected are provided. According to one embodiment, a damaged or incomplete RAR, CAB or ZIP archive is received. Without decrypting or decompressing the contents, an anti-virus detection module identifies the archive as a RAR, CAB or ZIP archive by assuming each of multiple possible archive types in turn and searching all of or certain parts of the archive for content consistent with a current archive type. Based on the identified type, for each contained file, descriptive information is extracted from corresponding local file headers and a threat evaluation is performed by comparing the descriptive information to signatures of known malicious or undesired files. If the threat evaluation concludes a particular contained file is a threat, then appropriate defensive actions are taken in relation to the archive.