What's a "Decompression Bomb"?

Hi,

Anyone tell me what a “decompression bomb” might be? Sounds kind of windswept. :-\

Avast decided today to throw up the attached scan results. These two spreadsheets lay peacefully unused in their folder for months - old OpenOffice spreadsheets I created to store some icalcs auditing I did of system permissions.

Avast never bothered about them before and that makes it more curious. They weren’t compressed or encrypted and Avast scans everything every day. I haven’t changed the full scan default settings, have no exclusions, and the default file limit for moving to the virus chest is left at 16,384 KB. These ‘bombs’ were around 300 KB each.

Trouble is, having coughed them up to me as unscannable(?), Avast sulked and refused to do anything with them - move to prison, delete etc. So I decided to delete them myself. Avast then complained at them being in the recycle bin, so it wasn’t for changing its mind. :slight_smile:

Avast scans usually show additional info after file extensions in the scan processing path. Both these file extensions had “|>Content.xml” tagged to the end by Avast.

So was it my stuff actually in the spreadsheets, or the XML code Avast didn’t like? I know OpenOffice uses the XML structure but haven’t bothered to study it. If the engine starts, why open the hood…

Just like to learn. ::slight_smile:

Decompression bomb usually just means that Avast cannot scan it. It can,t take any action because it’s not flagged as suspicious or a virus. The usual answer is to ignore. The words " decompression bomb " are just weird terminology. If you search the forum you will find a few cases similar to this.

Thanks xtinguish.

Have found the old threads now. Seems just another unsolved mystery how all previous scans never bothered. Still, nothing lost but another brain cell ;D