This just means a highly compressed file, that when unpacked to be scanned would be very large. However in that location it does seem strange and a google search on the file returns zero hits which is in itself suspicious.
What reason did avast give for not being able to delete it ?
However, deletion isn’t a good idea/habit to get into, even more so for a file that just can’t be scanned as it isn’t a clear indication of an infected file just because of it can’t be scanned, no matter how scary the name decompression bomb is. Though in this case it is suspicious and should be checked out.
Back up some in this thread, Daemon problems were mentioned in conjunction with “decompression bomb.” I remembered seeing that word flitting about on my system so did a search on it and found
cidaemon.exe in C:\WINDOWS\system32
cidaemon.exe in C:\WINDOWS\system32\dllcache
HandleCollector$Daemon.class in com/ms/wfc/util (twice)
Are these legitimate files?
Finally, with regard to decompression bombs. I have two that are legitimate files that brought down some music and a video of my fav Scottish pipe and drum group. I have unzipped them. Can I delete these two compressed files w/o losing what I unzipped?
I will begin by making it known that I am inexperienced at this. I downloaded the avast free home version 4.8 I believe. I do regular antivirus scans as well as boot scans. I have been told that I have 3 decompression bombs that avast is unable to scan. All three are movies I downloaded. I also have been noticing my PC slowing down and my internet explorer crashing with the usual error report asking me to send, not send, or debug. I have done some research and understand that a decompression bomb can be malicious but also avast has made some mistakes and at times detects some files that are not a problem. I think mine are a problem. I also have noticed fake antivirus icons popping up in my bottom bar. Avast is not catching these as viruses…but I did not download them. I don’t know if these are old and recently resurfacing or what. I am still learning a lot about this stuff and have limited knowledge of how to handle this stuff. I used to have spybot antivirus and I deleted all of its log files when avast said it was unable to scan them. I am not sure what else may be helpful info except that I have windows xp media center edition graphics is a NVIDIA geforce 6150 le and I am running an amd athlon 64 and as a side note I have been trying to gradually learn about Linux and switch…but have not found the best version for my system to work with. If anyone has any suggestions on that please feel free to educate me. My main concern however is with avast and my processor slowing down.
Well as explained inthis topic you have nothing to worry about.
The term decompression bomb is more scary than what it is actually reporting, that the file is highly compressed and if it were unpacked for scanning it would be exceptionally large (par for the course of a large movie file) and for that reason alone avast hasn’t scanned it, no other reason. How could it determine anything, malicious or otherwise, as it hasn’t scanned them.
Files that can’t be scanned are just that, not an indication they are suspicious/infected, just unable to be scanned.
So deleting those S&D files was wrong.
So I would say these files have nothing to do with your other issue with IE slowing down, that is likely to do with other undetected malware.
If you haven’t already got this software (freeware), download, install, update and run it, preferably in safe mode and report the findings (it should product a log file).
SUPERantispyware On-Demand only in free version. - 2. MalwareBytes Anti-Malware, On-Demand only in free version http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe, right click on the link and select Save As or Save File (As depending on your browser), save it to a location where you can find it easily later.
avast! found 3 files that couldn’t be scanned that are in an invalid folder. They also cannot be moved, deleted or repaired, claiming it’s a decompression bomb.
C:\FOUND.81\FILE0013.CHK(gzip)
C:\FOUND.81\FILE0014.CHK(gzip)
C:\FOUND.81\FILE0018.CHK(gzip)
Should I be concerned?
Thanks!
As has been said many time in this topic, no there is nothing to worry about it is just the files are just very large and the gzip format compresses then highly.
I have a new question about this topic though. I have 40 bombs and 285 “Unable to scan: file is password protected”
Should I be concerned with the amount of bombs I have? I download a lot of videos, I think that’s why I have so many. But Avast scanned them while they were being DL’d so they should be fine.
How can I remove the PW protection on those other 285 files so they can be scanned?
avast can’t scan files that are password protected, it doesn’t know the password.
There are many legitimate reasons why a file was password protected. For instance, Lavasoft Ad-aware and SpyBot store their data in a password-protected ZIP archives (to prevent other similar tools from messing up with them). It’s really nothing to worry about - it’s normal.
In AdAware and S&D, when you fix/remove things it keeps backup/recovery information so you can restore anything that was mistakenly fixed/removed, etc. After a reasonable time your system has suffered no adverse effects, you can get rid of the older recovery/backup points. This should reduce the number of protected files.
No. They could stay as they are. You can set the report options to “Infected” only files and no “errors”, than these files won’t be showed in the report.
If any infected file come “out” of the bomb or the passworded files, they will be caught by the avast resident. Don’t worry.
Can you schedule a boot-time scanning?
Start avast! > Right click the skin > Schedule a boot-time scanning.
Select for scanning archives.
Boot.
If infected files are found, it’s safer to send them to Chest instead of deleting them.
This way you can further analysis them.
By examining 1) the reason given by avast! for not being able to scan the files, 2) the location of the files, you can get an idea of what program they relate to. You may need to expand the column headings to see all the text.
Files that can’t be scanned are just that, not an indication they are suspicious/infected, just unable to be scanned.
Also, the packaging of the file could have some error, or use a non-standard pattern…
Access denied means, generally, that the file is in use by another process (program) and cannot be repaired/cleaned/moved/handled by avast!
avast can’t scan files that are password protected, it doesn’t know the password. There are many legitimate reasons why a file was password protected. For instance, Lavasoft Ad-aware and SpyBot store their data in a password-protected ZIP archives (to prevent other similar tools from messing up with them). It’s really nothing to worry about - it’s normal.
It is no different from the various answers given throughout this and other topics, they are just very large compressed files, which when uncompressed would be very large. So you only need to check the tvDebug.zip (whatever that is) file size to see that they are very large.
I would also suggest that you do some house keeping and remove some of the old log files within it (tvDebug.zip) as the ones shown in yo image date back to April. This would free up valuable free space and reduce the numbers reported as decompression bombs.
As has been said numerous times, Files that can’t be scanned are just that, not an indication they are suspicious/infected, just unable to be scanned.
I will begin by making it known that I am inexperienced at this. I downloaded the avast free home version 4.8 I believe. I do regular antivirus scans as well as boot scans. I have been told that I have 3 decompression bombs that avast is unable to scan. All three are movies I downloaded. I also have been noticing my PC slowing down and my internet explorer crashing with the usual error report asking me to send, not send, or debug. I have done some research and understand that a decompression bomb can be malicious but also avast has made some mistakes and at times detects some files that are not a problem. I think mine are a problem. I also have noticed fake antivirus icons popping up in my bottom bar. Avast is not catching these as viruses…but I did not download them. I don’t know if these are old and recently resurfacing or what. I am still learning a lot about this stuff and have limited knowledge of how to handle this stuff. I used to have spybot antivirus and I deleted all of its log files when avast said it was unable to scan them. I am not sure what else may be helpful info except that I have windows xp media center edition graphics is a NVIDIA geforce 6150 le and I am running an amd athlon 64 and as a side note I have been trying to gradually learn about Linux and switch…but have not found the best version for my system to work with. If anyone has any suggestions on that please feel free to educate me. My main concern however is with avast and my processor slowing down.