antivirus question
By daeckardt
@daeckardt (6237)
United States
July 17, 2011 7:31am CST
I ran my antivirus program last night and it found one infection. It also suggested I restart the computer and run the program again before going into windows. While scanning it stopped at one file and listed several options on what to do with the file including delete, remove to vault, repair, and ignore. When I hit delete or remove to vault it gave the message "file is a decompression bomb". My question to you is what does that mean and what do I do about it? Can anyone help with this? Thanks in advance.
1 person likes this
10 responses
@makatas (1098)
• Greece
18 Jul 11
Try to use a scan-only antispyware software like Malwarebytes AntiMalware of SUPERAntispyware.
These two programs do not run constantly on the background like an antivirus does, but they can provide a cure to something not treated well from your antivirus. You can use them to scan the hard drive, and they are really strong too!
1 person likes this
@daeckardt (6237)
• United States
18 Jul 11
Someone else had suggested the malwarebytes and I did download that, but it is constantly telling me that it blocked access to some ip address and I have not been able to access some sites (it is possible that monkeybizs is down, but when I looked at one of the ip addresses that was blocked it was for the host of that site). I will see if having run that did get rid of the problem that the antivus kept telling me about. Can I use both of those at the same time? Thanks for the response!
@fabsprecious (1565)
• United States
20 Jul 11
This is the first I ever heard of that "file is a decompression bomb". I mean I have ran my antivirus and it has found infections and/or viruses, but I normally have the option to either delete or repair, but I have never seen that one before. That is definitely new to me.
If you do find something out, please let me know, now I am actually curious.
Sorry I couldn't be much help!!!
1 person likes this
@fabsprecious (1565)
• United States
25 Jul 11
Thanks for sharing that's actually interesting to know, hopefully I won't run into that situation.
@hardworkinggurl (37063)
• United States
17 Jul 11
I did a little search and this is what I find:
"Generally, there is not need to be worried about. Decompression bomb is just something that unpacks to an unusually big amount of data even though it's rather small (i.e. has a high compression ratio, for example). It's nothing to worry about, you are just informed that avast! will not try to unpack the archive (you may not even know that it's an archive, but it seems like it is) because it may take VERY long to process...I'd suggest to ignore these files.
But you can change values into avast4.ini file to configure how avast should work with these files."
You can read more here:
http://forum.avast.com/index.php?topic=40437.0
Says there is not much to worry about, but take a look at the link for further information.
@daeckardt (6237)
• United States
17 Jul 11
Actually, it is more a matter of I didn't wake up until late. I looked at all the responses before even going into mylot. I just woke up and posted the discussion but was still tired since I only slept a short time last night so I went back to sleep until almost 11am. The information was a real life saver because I was panicking from that message from the antivirus. Thanks for the response!
@hardworkinggurl (37063)
• United States
17 Jul 11
Maybe she is not getting response notifiers. As no one really is. The server issue from Friday has caused a delay with notifiers.
1 person likes this
@ravisivan (14079)
• India
17 Jul 11
The ideal thing will be to delete the file. If it cannot be deleted use anti virus better version. If still that doesn't work reformat the disk. It will save a lot of problems.
1 person likes this
@daeckardt (6237)
• United States
17 Jul 11
I thought the same thing, but it was the backup to some websites we were trying to save. According to the avast forum listed in one of the later responses, the antivirus will not open the file to examine it, but that it isn't necessarily a malicious file. Thanks for the response.
@kkarun (100)
• India
18 Jul 11
i suggest The remove to vault option,if you know the location of the file then go there make sure it is not executing currntly from process tab or from "tsklist" command. then edit its extetion to some other like txt . which anti virus are you using. make sure you update your antivirus database ok man
1 person likes this
@daeckardt (6237)
• United States
18 Jul 11
I use avast. I tried to remove, and everything else, but nothing happened. The only option that allowed the scan to continue (I ran the scan after rebooting) was to hit ignore. The antivirus definitions update automatically (there was a popup that said that just now). Thanks for the response!
@sahz90 (17)
• Pakistan
17 Jul 11
a decompression bomb is a file that unpacks to an enormous amount of data, thus flooding the unpacking engine, its quite ahrd to detect reliably, so its possible that it gives some false alarms ocassionaly, most antiviruses can detect whether the file is a decompression bomb and so can avoid unpacking them. download malwarebytes antimalware,update it and scan ur computer and then follow the instruction for the removal of the bomb.
@daeckardt (6237)
• United States
17 Jul 11
I will give that a try. According to the link provided in the following response, it is probably nothing to worry about since one person who responded to the same question stated that even his tax return file prompted that message. Thanks for the response!
@rajeshfgh (1629)
• India
17 Jul 11
But, after that message did it delete or quarantine that file? Anyway, viruses can be very unpredictable and so the anti-virus might also have no clue how to clean it.
The best way according to me, which is very effective, is to start the computer in safe mode and run a virus-check. The safe mode uses minimal OS files and so it is really effective in cleaning viruses.
1 person likes this
@daeckardt (6237)
• United States
17 Jul 11
It wouldn't let me do anything but ignore the file. I will try to run the check in safe mode and see what happens. Thanks for the response.
@raj_gupta (311)
• India
17 Jul 11
A decompression bomb...hmmm, that's a new to me. Anyways, I'll say if your current antivirus program can't remove it, switch to some other program and update that one and then scan the system again.
@daeckardt (6237)
• United States
17 Jul 11
I was told that avast was one of the best. When I was using avira, it said the same file was a problem, even though it was the backup to files that I had downloaded and saved from a website that I have.
@Porkchopchop (324)
• Hong Kong
17 Jul 11
Do you know the route of the problem file? If yes, then try to delete the file by yourself instead of using the anti-virus software! (But remember, dont open it) After deleting it, try to scan your computer again to see if there is other infection exists in your computer.
1 person likes this
@daeckardt (6237)
• United States
17 Jul 11
I'm not sure the route of the file, but I do know it was the backup file for a website that I help run. According to the avast website, it is just a small file that when it is extracted takes up a lot of space and that avast won't open it and that it was nothing to worry about.
@daeckardt (6237)
• United States
17 Jul 11
I don't know about getting another antivirus program. I was told that avast was pretty good and to go with that. Some information I was given on a decompression bomb was that it was just a large file that was compressed really small and that makes sense because it was a zipped backup file of a website.