Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.



  • Please log in to reply
3 replies to this topic

#1 mypenry


  • Members
  • 211 posts
  • Location:Thailand
  • Local time:01:28 AM

Posted 04 March 2007 - 03:45 AM

HI , I am fairly new to computers, and have been running a-squared 2.5 beta Free for some
Time now without any problems but over the last two day’s after using the deep scan facility,
The program keeps alerting me to the same infection …. Its shows this …..

1. Heuristic.AchiveBomb in C:/ Program Files / EST / updfiles/upd64.ver
2. Heuristic.AchiveBomb in C:/ Program Files / EST / updfiles/upd341F.ver
3. and shown as unknown

and I put the two Infections in Quarantine and decided to seek help,

As far as I can see and understand the EST, is the
NOD32 program I have also installed..?

And I think may be every time NOD32 ( Version 2.7 ) updates, the a-squared deep scan shows
A new update file form NOD32..? As a infection for some reason, or may be
As a newbie, ive got it all wrong…?

Update ... to day I ran a second new deep scan and the two infections were found again
which ive yet again put back in quarntine , I can't understand how if the first time the infections
were put in quarantine, how come to day on this new second deep scan its found the
same two infections once again ...?

Could some please advise what to do next…? Or can comment on what
The deep scan findings mean..? , ive done a search but it’s a bit confusing for me….

Thanks ……

BC AdBot (Login to Remove)


#2 fozzie


    aut viam inveniam aut faciam

  • Members
  • 3,516 posts
  • Gender:Male
  • Location:Ossendrecht/The Netherlands
  • Local time:07:28 PM

Posted 04 March 2007 - 04:29 AM

In normal mode, run an online antivirus check from at least two and preferably three of the following sites and post the results.
Computer Associates Online Virus Scan
Panda's ActiveScan
Trend Micro Housecall
Windows Live Safety Center Free Online Scan
This scanner from Trend does not require an Active X to run.

1. Detects and removes malware ( viruses, worms, trojans, etc. )
2. Detects and removes grayware and spyware
3. Restores damage caused by malware to your system.
4. Notifies about vulnerabilities in installed programs and connected network services.
5. Multi-platform support for: Windows, Linux, Solaris.
6. Easy-to-use with the Microsoft Internet Explorer and Mozilla Firefox.

#3 HIPPO1023


  • Members
  • 85 posts
  • Local time:01:28 PM

Posted 04 March 2007 - 09:27 AM

About Heuristic.ArchiveBomb from Emsisoft(a-squared).

Archive Bombs are not really Malware, but can crash Malware scanners.

The idea behind is simple: A Malware writer creates an archive file such as zip that is very small, but contains very large files. If a file is filled with the same characters, a 1 GB file can be compressed down to a few bytes. A Malware scan engine that supports scanning of archive files would try to unpack the content to the harddisk to scan, but fill up the disk with unpacked data until the system crashes.

Other archive bombs are manipulated archive files, that let the scanner unpack and scan in an endless loop.

The a-squared scan engine detects such archive bombs with a heuristic scan module. In some rare cases, regular archives are flagges as archive bombs if the content looks very similar to archive bombs.

#4 quietman7


    Bleepin' Janitor

  • Global Moderator
  • 51,763 posts
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:28 PM

Posted 04 March 2007 - 01:31 PM

Also see: http://www.bleepingcomputer.com/forums/ind...mp;#entry419363
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users