Author Topic: Decompression Bomb? (Read 2637 times)

Karizma · « **on:** May 21, 2009, 04:04:08 AM »

Hello, my avast just finished scanning and had a result popup saying..

C:WINDOWS\Internet Logs\tvDebug.Zip\tvDebug_2009-05-20-02-12-35.log

Unable to scan. The file is a decompression bomb.

I don't know what it is but it doesn't sound that good.. Should I delete it or leave it alone?

Thanks

Tarq57 · « **Reply #1 on:** May 21, 2009, 04:09:25 AM »

Hi. Leave it alone. All it means is that is has an unusually high packing ratio. It may be infected, but the chances are it is not.
The terminology is old, and a bit alarmist these days.
Try scanning it with another demand scanner like MBAM or Superantispyware.

DavidR · « **Reply #2 on:** May 21, 2009, 05:55:10 PM »

Decompression Bomb, a file that is highly compressed, which could be very large when decompressed. This used to be a tactic long ago to swamp the system, also see http://forum.avast.com/index.php?topic=15389.msg131213#msg131213.

The name really is the most dangerous thing about this and I wish they would change it or simply not report it, a real PITA.

Files that can't be scanned are just that, not an indication they are suspicious/infected, just unable to be scanned.

Author Topic: Decompression Bomb? (Read 2637 times)

Karizma

Decompression Bomb?

Tarq57

Re: Decompression Bomb?

DavidR

Re: Decompression Bomb?