I also have a decompression bomb that will not let me move, send to chest, or delete. the file name is D:\preload\BASE11.WIM\A2A9F4D2FD4A407F8CF6E547FC0BDBF4.
I know it was recommended to leave these files alone but I have a question. The reason I ran a scan in the first place was because my laptop has been acting funny. Today I had a black desktop (icons showing) until I restarted and then I was on the internet and over 57 browser windows were opening and I had to shut down in order to get it to stop. No other viruses or problems were found. Can these be related? Any other suggestions?
I’m not sure if this is a file of a folder but assuming it is a file then the .wim file type is Windows Imaging Format so I doubt that is associated with any ‘acting funny in your laptop.’
Sounds like a browser hijack or adware so I would suggest trying these tools.
If you haven’t already got this software (freeware), download, install, update and run it, preferably in safe mode and report the findings (it should product a log file).
MalwareBytes Anti-Malware, On-Demand only in free version http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe, right click on the link and select Save As or Save File (As depending on your browser), save it to a location where you can find it easily later.
Also this diagnostic tool:
Program & Tutorial - Also useful as a diagnostic tool - FileHippo Download - HiJackThis and post the contents of the HJT log file here. - HJT Information HiJackThis Tutorial.
Download and run HJT and post the contents of the log file (cut and paste) into this topic, you may need to split it over two or more posts depending on how large it is.
Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead.
Use SUPERantispyware, MBAM or Spyware Terminator to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete them.
Upon searching for info on a decompression bomb D:\preload\BASE11.WIM\A2A9F4D2FD4A407F8CF6E547FC0BDBF4. I found this post replied to by “tech”.
I followed the instructions as stated and ran each program as directed. I can find the file with avast, but I can’t do anything with it. It won’t delete, move, repair, or put it in the chest.
Do you have other info that might help and direct us to resolve the problem?
thanks Icefisher22
Now the .wim is a windows imaging format archive file so it is likely to be very large, especially if decompressed to be scanned, http://filext.com/file-extension/WIM.
Thank you for the quick replies. I was wondering if this was something that I need to be worried about and also how I go about deleting it if it is necessary? Or is this file part of the restoring procedure of Vista?
There is nothing to worry about. You shouldn’t delete it all it is saying is this is a very big file especially when unpacked.
If as GrizeBar mentions thai is in your recovery partition I would hope that it would protect against deletion, or there is a flay in its recovery process.
Thanks for every ones help. I have never heard of this malicious tactic before. Hoping to never encounter it again. It appears that it just needs to be left alone and never opened. It also sounds like something that would only be opened with an anti virus type program that goes looking for troubles in the computers and not a file that would ever be used by the system it’s self. Almost as if it is a file that the system doesn’t know about and would never ask to use it.
thanks again and happy new year.
Icefisher