Jump to content
Sign in to follow this  
Paul

Compression Bomb on my computer?

Recommended Posts

Paul

Just did a thorough scan of my hard drives. It found a "compression bomb". 

 

Anyone know the best way to get rid of it? 

 

 

Screenshot 2014-10-31 07.45.25.jpg

Share this post


Link to post
Share on other sites
KennyF

The web tells me that you just delete it and clear your internet temp folder then restart.

 

KonC

Share this post


Link to post
Share on other sites
Cipro

Delete

  • Like 1

Share this post


Link to post
Share on other sites
contraman

Delete

Don't you mean

Control/Alt/Delete ? :)

Share this post


Link to post
Share on other sites
Paul

Can I just delete everything in that folder? 

 

\Paul\AppData\Local\Temp\ 

Share this post


Link to post
Share on other sites
Cipro

Just let the AV delete it first, then after it's been neutralized you can nuke it from orbit, just to be sure.

Share this post


Link to post
Share on other sites
Paul

The image in my first post is all that it showed. Nothing was deleted, nothing was done at all. I just showed that and ended. Not sure why. I will see if I can create a scan just for that folder and see if it will do something more.

Share this post


Link to post
Share on other sites
Skywalker

Don't attempt to open it.  Delete it.  

 

A zip bomb, also known as a decompression bomb (or the 'Zip of Death' for the overly dramatic ones), is a malicious archive file designed to crash or render useless the program or system reading it. It is often employed to disable antivirus software, in order to create an opening for more traditional viruses. Rather than hijacking the normal operation of the program, a zip bomb allows the program to work as intended, but the archive is carefully crafted so that unpacking it (e.g. by a virus scanner in order to scan for viruses) requires inordinate amounts of time, disk space or memory. 

The classic zip bomb is a tiny zip file, most are measuered in kilobytes. However, when this file is unzipped its contents are more than what the system can handle (usually up to Petabyte, i.e 1000 Terabyte. Some go up to exabytes too). Yes, we're talking about stuffing exabytes of data into kilobytes. In my view, this ingenious little trick is the product of "pure hacker mentality". In essence, it's nothing like phishing or sessio hijacking or anything else that has put a bad name to "hackers". It's a simple creative solution, an exploited loophole which truly shows: "Where there's a will, there's a way". To understand how it works, we have to take a little detour to see how data compression works (WinZip, WinRAR etc.) 

Share this post


Link to post
Share on other sites
Cipro

The image in my first post is all that it showed. Nothing was deleted, nothing was done at all. I just showed that and ended. Not sure why. I will see if I can create a scan just for that folder and see if it will do something more.

 

Most AV will offer to take care of it; if yours doesn't, get better AV ;)

Share this post


Link to post
Share on other sites
Paul

Maybe my antivirus is already affected? It doesn't have the "apply" button (as you can see in the image above) to give me the option to delete it. 


Most AV will offer to take care of it; if yours doesn't, get better AV ;)

 

Maybe I should delete this and reinstall Norton. 

Share this post


Link to post
Share on other sites
Jeepney

Maybe my antivirus is already affected? It doesn't have the "apply" button (as you can see in the image above) to give me the option to delete it. 

 

Maybe I should delete this and reinstall Norton. 

Maybe you have to select that file first, (in that avast pic you posted)

then only other options will become visible?

Share this post


Link to post
Share on other sites
Cipro

Here is another one, famous and harmless if you don't use the password to unpack it, 

Share this post


Link to post
Share on other sites
Paul

Maybe you have to select that file first, (in that avast pic you posted)

then only other options will become visible?

 

I tried that too. 

 

It's a pain in the butt.

Share this post


Link to post
Share on other sites
Steve and Myrlita

Paul, 1st restart your comp in "Safe Mode" not with networking or even better, use Ububtu from a flash drive. This way, there is nothing locking the file down. Then manually go to that folder and delete the contents but not the folder itself. If you boot Safe Mode, also check your msconfig file run in admin mode. Make sure that in there as well as regedit doesn't try to point to it or regenerate it. When this is done, restart again but now use Safe Mode With Networking. Do Live Update on Norton. Then Full System Scan. Hope this helps you......

Share this post


Link to post
Share on other sites
Paul

Paul, 1st restart your comp in "Safe Mode" not with networking or even better, use Ububtu from a flash drive. This way, there is nothing locking the file down. Then manually go to that folder and delete the contents but not the folder itself. If you boot Safe Mode, also check your msconfig file run in admin mode. Make sure that in there as well as regedit doesn't try to point to it or regenerate it. When this is done, restart again but now use Safe Mode With Networking. Do Live Update on Norton. Then Full System Scan. Hope this helps you......

 

Scanning now. Norton found it and shows it has been resolved. will have to wait until it is finished to see, though. 

 

I have a license I have been paying, but haven't used since my last computer crashed. I just loaded avast on this one when I got it. Today, I removed it and installed Norton again. So far, seems good. I will go that route if this doesn't sort it, though, for sure. 

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use, Privacy Policy and Guidelines. We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue..