Did my first scan today and it found a compression bomb, 2 win32:malware-gen, and a win32:trojan-gen, and 8 “unable to scan: archive is password protected.”
k first what is a compression bomb? i dont much about this stuff but it sounds like its just a really full file or something(just leave it alone?).
second,(dumb question sorry ::)) when i move those 3 viruses to the chest, and then go to delete them, when it says “delete from chest,” it really means take them off my computer completely right? not just take them out of the chest?
and lastly those unable to scan ones, should i worry about them?
Firstly, a decompression bomb is simply a file with an unusually high compression. The technique used to be used a long time ago to swamp a computer, if the payload was viral. That’s quite a big “if”. Chances are it is not harmful, but the name suggests otherwise for the un-knowing.
File is password protected results are usually files created by another security program Avast has no way of knowing the password, and no way of accessing the file if it did know the password. Spybot springs to mind, because items in Spybots quarantine often return this type of scan result.
Following a scan, when the report is displayed, moving the column headers in the report window can allow the user to read the original file location or name, which can usually put any concerns to rest.
The Win32 detections are worth further investigation.
There is no need to delete them from the chest; they aren’t going to escape. If you could please post the full file names and original locations, that may be revealing.
Your question about deleting from the chest (which isn’t a dumb question) is correct. Delete from chest will remove them from your computer, but as I said, don’t be in a hurry to do this. The file/s may be harmful; they may be false positives; there is also a chance your computer may need further cleaning.
Very good, I’ll look a bit more into these, post some suggestions. Nothing obviously awry is leaping out from those results.
Does the “mouse recorder” mean anything to you? Anything you may have installed at some stage in the past?
I’ll post a few suggestions for further investigation tomorrow, got to go grab some zee’s.
The .old file is probably safe to ignore/delete.
The other two can be investigated if you want. (Is your computer running OK now?)
-Create a new folder on your C drive simply called “Suspicious”.
-Set it to be excluded from scanning. Left click the tray icon, select “standard sheild>customize>advanced” and add the path C:\Suspicious to the list of exclusions.
-Start Avast, open the virus chest, and right click and extract each of the files to the Suspicious folder.
-Open a browser, go to www.virustotal.com, and upload each file in turn for scanning. (Takes 1-3 minutes, usually). At the end of scanning there will be a list of ~46 results from the different AV’s scanning the file. You can only upload/process one file at a time.
-Post the URL (copied from the browser address bar) for each of the scans in your next post.
A second opinion scanner/cleaner is sometimes useful. Most users here, self included, use the free version of MBAM for demand scanning.
Get it here.