Decompression bomb in sxei_mm.dll (Execryptor packed, says VT)

[dominumds]

Hi there guys,
Today I did a full scan of my system and avast! had some problems scanning some files. A couple of them were password-protected rars, but there was one which returned "Error: this file is a decompression bomb. (42110)".
The file is sxei_mm.dll (part of the server-side anti-cheat sXe Injected) and seems to be encrypted with Execryptor https://www.virustotal.com/es/analisis/a71703fe1a45c6b2eb7c9d94a45a13dcf6acc62d20752340b1ccee7bef8871d5-1269051032.

Is this a FP or what? 

I can attach a sample of the file if it's needed.

[Jtaylor83]

You can't send a decompression bomb to Alwil because avast! can't scan files that's been unpacked with enourmous amounts of data.

Execryptor is a very strong packer/encryptor made by StrongBit. Programmers, including anti-cheat developers, use this type of packer/encryptor to protect their files from being modified or cracked. That's why the other AV vendors detects this file.

[DavidR]

@ dominumds

1. Well lets get this straight, I don't believe avast is saying this is infected, correct, just that it can't be scanned as when unpacked it would be excessively large.

- Decompression Bomb, a file that is highly compressed, which could be very large when decompressed. This used to be a tactic long ago to swamp the system, also see http://forum.avast.com/index.php?topic=15389.msg131213#msg131213.
 
The name really is the most dangerous thing about this and I wish they would change it or simply not report it, a real PITA.

2. No you can't attach it:
a. It is likely to exceed the maximum file size allowed to attach.
b. You can only attach files of the following type, .jpg, .png, .gif, .txt and .log.
c. Were it truly a suspect/infected file then the last place we would want it is in the forums.