« previous next »
Pages: [1]   Go Down

Author Topic: scanning archives  (Read 1828 times)

0 Members and 1 Guest are viewing this topic.

cubie

  • Guest
scanning archives
« on: January 05, 2008, 07:34:32 PM »
When I scan at any level, quick-thourgh, with the scan all archives, I receive many flags. 1. decompression bomb [zipfile from previous AV] and 2. some corrupted files from a Japanese Microsoft updater in MSOEv.6. Since I do multi-scanning with different AV and AS programs, I wonder about these flags, because they do not register with any other AV scan. Also transfer to the chest is consistently an error with these types of flags. These are not viruses/trojan, but could be malformed/malware or just in error. ???
Logged

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67185
Re: scanning archives
« Reply #1 on: January 05, 2008, 07:41:09 PM »
1. Decompression bomb is a file that may be rather small, but decompresses to an enormous amount of data (when processed as a packed archive). Such file are not malicious per se, but they may block an antivirus program when it tries to scan them.
This kind of files is rather hard to detect (and avoid) precisely - so, it is possible that there are some false alarms. It's not a big problem in this case, however - the "decompression bomb" announcement actually means something like "The file has a very high, maybe even suspicious, compression ratio and the AV is not going to scan the archive content".

I'd suggest to ignore these files.
But you can change values into avast4.ini file to configure how avast should work with these files.
Click 'Settings' in my signature for more info  ;)

2. By examining 1) the reason given by avast! for not being able to scan the files, 2) the location of the files, you can get an idea of what program they relate to. You may need to expand the column headings to see all the text.

Files that can't be scanned are just that, not an indication they are suspicious/infected, just unable to be scanned.
Logged
The best things in life are free.

cubie

  • Guest
Re: scanning archives
« Reply #2 on: January 05, 2008, 08:19:54 PM »
Thank-you, I see what you are implying. Many of the flags were password protected archive files. The ones that do worry me though are these "corrupted" Japanese MS updates. I do not have a Japanese translator installed, however many years ago(~8) I picked-up some maliciously sent pics of Japanese woman with a focus on butts. Good looking girls though!  ::)
Logged
Pages: [1]   Go Up
« previous next »