unable to scan: exception in polymorp viruses code?

Ok what does this mean? This is scanning a borland file for delphi called ibinstall.dll which is an interbase file.

Another one I saw is:

unable to scan: The file is a decompression bomb

I couldn’t find anything searching specific to what the error message actually means tho.

Decompression bomb is just something that unpacks to an unusually big amount of data even though it’s rather small (i.e. has a high compression ratio, for example). It’s nothing to worry about, you are just informed that avast! will not try to unpack the archive (you may not even know that it’s an archive, but it seems like it is) because it may take VERY long to process.
(quoted from Igor: http://forum.avast.com/index.php?topic=15389.msg131213#msg131213)

Decompression bomb is a file that may be rather small, but decompresses to an enormous amount of data (when processed as a packed archive). Such file are not malicious per se, but they may block an antivirus program when it tries to scan them.
This kind of files is rather hard to detect (and avoid) precisely - so, it is possible that there are some false alarms. It’s not a big problem in this case, however - the “decompression bomb” announcement actually means something like “The file has a very high, maybe even suspicious, compression ratio and the AV is not going to scan the archive content”.

I’d suggest to ignore these files.
But you can change values into avast4.ini file to configure how avast should work with these files.
Click ‘Settings’ in my signature for more info :wink:

Many programs (usually security based ones) password protect their files for legitimate reasons such as AdAware and Spybot Search & Destroy, there are others (and avast doesn’t know the password or have any way of using it even if it did know it).

However, this falls outside the usual reasons for not being able to be scanned, files that can’t be scanned are just that, not an indication they are suspicious/infected, just unable to be scanned.

A forum search for “decompression bomb” with quotes returns many hits this is just one of them http://forum.avast.com/index.php?topic=15831.0 or the one Tech suggests.
A forum search for “polymorphic viruses code” returns many hits these are just two of them
http://forum.avast.com/index.php?topic=15302.0 -
http://forum.avast.com/index.php?topic=15302.0 this is more commonly referred to error code 42100 so there may well be more picked up on a search for 42100

Check these out and others from a forums search and see if it matches, a little more information on your system may help.

Can you post the full path for the ibinstall.dll file?

So suppose I am working with large sets of uncompressed video renders (I usually compress to .rar old files) and these archives are not scanned I get the message not scanned because it is a decompression bomb.
How long would it take avast to scan if I set the ini to recognize these files. Of which there are only three, but I am under the impression that a virus can sometimes hide itself by pretending to be another file. I’m sure it’s unlikely that a virus programmer would know that I have a large set of BMP renders to hide in, but still for peace of mind I would prefer my whole computer to be scanned. But if I have an archive that is packed at 7GB how long would avast take to scan if the unpacked size was say 10 GB? Is that going to be something that adds an hour to the scan?

Also I have a few files that return bad pointers. I wonder if this is because I experimented with using NTFS file compression on one of my HDs and then decided against the whole HD being compressed and went to specifying individual directories which is much better. The files designated as having bad pointers still open though so I’m a bit confused.

Let me just say I’m amazed at being able to get support for the free home version… :o