Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: whocares on July 21, 2003, 10:35:25 AM
-
Hi,
as a new user of avast 4 home (on Win2k-SP4, 56k analog-modem :-)
1) is there an easy way to set the resident shield to scan all files of the default(write-scan) extension list on OPEN/READING ?
as I see it now, it scans only boot, Exe and OLE ..
(P.S.: OLE meaning what apart from office-like documents??)
Or do I have to copy & enter each item from the read list to the scan-on-open-list ?
I searched the board/FAQ a bit but couldn't find much..
Please point me, if I missed it:-)
Thanks in advance..
:)
-
I can only answer question 1 :
You have to put a asterix "*" without the "" in the > Standard shield > scanner advanced > scan files with these extension > *
Now AVAST will scan really ALL files.
I have it setup like this, and it does improves security alot, but the drawback is that it will make your system a little slower offcourse. But for me this little slowdown is woth the gain in safety.
If you have AVAST pro you can setup the resident scanner to scan and unpack ALL known archives also. Wich offers even more detection
Greets,
Waldo
-
Hi Waldo,
thanks, that occurred to me, but I'd rather have avast RS only scan potentially dangerous files (like in the scan-on-write default list), and not slow down my system by scannning all files on open..
If nobody here can find an easier solution, I'll just copy all the relevant filetypes into the scan-on-open-list :-)
btw what does {*} mean in the extension list ? is this to do something with CLS-IDs ?
:)
-
btw what does {*} mean in the extension list ? is this to do something with CLS-IDs ?
:)
I have no idea at all ! :) lol
But i do know (i've read it in the forums) that by putting it in, Avast scans everything.
Maybe some Avast support member can try to anwer these questions. I'm also intrested...
Waldo
-
but I'd rather have avast RS only scan potentially dangerous files (like in the scan-on-write default list), and not slow down my system by scannning all files on open..
I absolutely agree. Scanning all files on open is an overkill. This is the current default extension set - just copy and paste it to the appropriate box:
COM,EXE,DLL,SYS,SCR,OV?,VXD,386,BIN,BAT,CMD,DO?,XL?, PP?,HT*,HLP,CH?,{*},ASP,CLA*,CPL,CSS,INF,JS*,LNK,MS?,OCX,PDF,PIF,PO?, PRC,RTF,SHS,VB?,VSD,WS?,SWF,AD?,ASX,BAS,CRT,INS,ISP, MDB,MDE,PCD,PRF,REG,SCF,SCT,SHB,URL,EML,NWS
btw what does {*} mean in the extension list ? is this to do something with CLS-IDs ?
Exactly, it handles the extensions in the form {CLSID} that can be as dangerous as any other.
Vlk
-
Thanks VLK !!
that's what I (being lazy & not a good typist) wanted
Keep up the good works..
:)
btw: although I have set both prog and VDF-Updating to automatic AND was online for about 1 hour,
avast only downloaded a vps update just when I explicitly told it to check.. ???
in what intervals does avast check for an open inet-connections or , if PC is online, for updates ? ???
-
I absolutely agree. Scanning all files on open is an overkill. This is the current default extension set - just copy and paste it to the appropriate box:
COM,EXE,DLL,SYS,SCR,OV?,VXD,386,BIN,BAT,CMD,DO?,XL?, PP?,HT*,HLP,CH?,{*},ASP,CLA*,CPL,CSS,INF,JS*,LNK,MS?,OCX,PDF,PIF,PO?, PRC,RTF,SHS,VB?,VSD,WS?,SWF,AD?,ASX,BAS,CRT,INS,ISP, MDB,MDE,PCD,PRF,REG,SCF,SCT,SHB,URL,EML,NWS
Default !? If one doesn't write in the box the open is scanned for all of these extensions ?
Regards,rolando
-
No, that's the default set of "executable" (dangerous) extensions used elsewhere. If you don't write anything in the "Scan files for open" box, no files will be scanned just on open (which is not as bad as it sounds - they will be scanned on execution, so it's OK in fact).
-
Last week I've got a virus opening an HTM file (It was a download of a web mail ) . Could I avoided it if I had "HTM" in the open box ?
Thanks,rolando
-
I think it would.
What virus did you get by opening an HTM file?
-
If you don't write anything in the "Scan files for open" box, no files will be scanned just on open (which is not as bad as it sounds - they will be scanned on execution, so it's OK in fact).
Hi Igor,
you've confused me there..
what's the difference between open and execute in case of files containing code and being able to "run" on doubleclick ?
and how do you "execute" e.g. a html or a vbs-file ? they are opened and processed by their respective applications, right ? ??? ???
-
"Open" means "acquire read or write access".
I know I'm a little twisted here, but when I read "open" (e.g. an executable), I personally understand something like "view it in some kind of viewer" - hexeditor, or F3 in an Nortron Commander-style program, such as Far, Total Commander etc.
"Execute" means "start the program".
As for the others, you are right - when you execute a HTML and VBS file, the respective application is executed and the file is passed to it as an argument to be "opened" inside the program. Therefore, scanning files on execute doesn't help here, since it is the application that will be scanned, not the "data" file.
-
I think it would.
What virus did you get by opening an HTM file?
It was VBS:REDLOF . My double click opened to me a blank page ! from then on the windows had only the colors white and red. You cannot see any written line in a window unless you didn't hit "Edit/select all "
when a red background allowed to see white characters !You could not write e-mails.But there is a post in this forum about this.
Regards,rolando
-
For sure the avast! ball turns in system tray.
Nice and not easy.
-
Well, you are right I am afraid... in this case (thanks to Microsoft I guess) the virus is able to "get out" of the browser, activate and spread. In the Pro version, it would be cought by the Script Blocker, but it is not available in the Home version.
If you were starting it by clicking a file, then setting "Scan file on open" on HTM* would really detect and deny it.
Hmm, maybe we should modify the default settings of the resident protection a little... :-\
-
Hmm, maybe we should modify the default settings of the resident protection a little... :-\
Second this motion... ;)
-
I have two defenses "script defender" and "Noscript", this has minimized the problems.But, inside at the IE, jscript code have to work ,of course, to build web pages (Htlm code and jscript code).
However the scan is performed when "HTLM" is written in the open box. The fact is that the scanner has not found the virus . Also when I scanned the hard disk it has found the virus inside at system restore folder but not in the *.htm file. However if a virus is found in a file that its extension is in the open box ,what happen ? There is an alarm or something is stopped ?
THanks a lot,rolando
-
when "HTLM" is written in the open box. The fact is that the scanner has not found the virus .
of course not ;D
use html, htm or best ht*
-
Well, if the scanner didn't find the virus during the hard disk scan, that's strange - if you still have the file, could you send it by e-mail?
The RedLof virus is vbscript in fact, not jscript. Of course, you want to run "reasonable scripts" in your browser (the Script Blocker of the Pro version is just another Resident Protectin provider - it scans the scripts run by the browser and blocks only the infected ones).
The rest of the post, unfortunatelly, I don't understand... What does it mean "The scan is performed when HTML is written in the open box"? What is an "extension in the open box"? An application can put whatever extension it wants to the open dialog... of course, it usually puts there the extensions is uses...
[Edit: or you don't mean an "open dialog", but the resident protection settings: "Scan files on open" box?]
Generally, if any virus is found, a big warning dialog is displayed (though in the Pro version, you can configure many other actions). You wouldn't overlook it...
-
I deleted the file quickly ! What are the extensions !? Of course >>>>>>>>>>>>>>>
COM,EXE,DLL,SYS,SCR,OV?,VXD,386,BIN,BAT,CMD,DO?,XL?, PP?,HT*,HLP,CH?,{*},ASP,CLA*,CPL,CSS,INF,JS*,LNK,MS?,OCX,PDF,PIF,PO?, PRC,RTF,SHS,VB?,VSD,WS?,SWF,AD?,ASX,BAS,CRT,INS,ISP, MDB,MDE,PCD,PRF,REG,SCF,SCT,SHB,URL,EML,NWS
<<<<<<<<<<<<<<<<<
And of course if you type them in Resident Protection "Scan files on open" box ,WHEN the file
that is processed has a virus......................................
WHAT happen ? 1) the virus is blocked or 2) there is only an alarm ?
You have replied that there is only a big warning.
Correct ?
Regards,rolando
-
Ah, no.
A big warning appears and the access to the infected file is denied (blocked).
-
Thanks.
Of course my bad English doesn't help.
This
Generally, if any virus is found, a big warning dialog is displayed (though in the Pro version, you can configure many other actions). You wouldn't overlook it...
And this
Ah, no.
A big warning appears and the access to the infected file is denied (blocked
are a bit different.......................
Then about my virus I could expect, IF it had been diagnosed, "a big warning" (and with Pro a block).
Since it had not been found even with hard disk scan it could not be found during an "open scan".
thanks a lot.
-
Sorry, I guess I wasn't very clear. I thought you were thinking that you didn't see any announcement, so you might have overlooked the detection - therefore I emphasized the big warning dialog which you definitelly wouldn't have overlooked. The blocking is performed simultanesouly.
In Pro version, you can modify the "Show warning dialog" action to something else (Delete, Move somewhere else, Move to Chest, .... The access to the file is always denied, however.
I'm rather worried about the file itself - if it wasn't detected, it's bad... I wish we could take a look at the file :(
-
Hi rlndsgrb,
you could test your Shield & Mainscanner with the harmless testfile
eicar.com from www.eicar.com
so that you can see what happens when avast catches a nasty ;)
-
hi,
I've tried yesterday but it doesn't work...
This is the false virus,that I've written in a file *.com
(as in the instruction). I've scanned it having no virus from Avast. Maybe it have not to be copied but written...
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
have you tried ?
-
You put this string into a .com file, scanned with avast! and didn't get any virus warning?
-
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
string looks rigth too me..
Make sure you paste this into a basic texteditor like notepad, save it as "all files" with .com-extension.
in explorer make sure that you have ALL extensions and filetypes including system files shown, and then check that it has indeed
.com -extension and not
.com.txt
-
hi,
not so easy whocares .
I have Avast! and AVG installed. But AVG is unchecked in startup table (WinME). In this condition,without any avg processor running,the AVG Resident shield is active !!! And gave me the warning . (of course also avast! Resident protection is active...). There was a kind of competition between
the two in the first time that didn't allow the two AV to work fine.. Then I have disabled AVG and Avast has given the alarm.
Now Avast! give a warning also if I delete "COM" from "scan file on open" box....
-
the AVG Resident shield is active !!! And gave me the warning . (of course also avast! Resident protection is active...). There was a kind of competition between
the two
As you found out now, and every AV-Setup-Program tells you:
Chaos, Mayhem & destruction is imminent, if you have several AV-Monitors avtive/running at the same time. ;D ;D
several AV-Progs use services or other not so immediately obvious methods to start the AV-shields; so you have to really understand your AV-prog before you install a second On-Demand-Scanner/Monitor ;)
Read here, too:
http://www.avast.com/forum/index.php?board=2;action=display;threadid=701
-
I have installed AVG a few days ago.I was said that
unchecking the start tab was enough. One in this forum with the same installation..........
The right way is not to uncheck the start tab ,but make a normal installation and adjust the settings to disable the AVG resident shield.
Can an "ALWIL Team member" says something about this ?
Thanks a lot,rolando
-
I'm afraid ALWIL Team is not very familiar with AVG :)
If you want to make sure that AVG resident shield is disabled, you can check by trying to start the EICAR test file. Personally, I would think that removing the AVG startup items should be enough, but of course, you may not overlook anything...
-
Thanks.
I've seen how it works. AVG uses two drivers VxD for the Resident Shield and e-Mail . I 'd disable and enable those VxD then adjust the settings..........I prefer Avast! and I've uninstalled AVG.
About EICAR test ..........As I've reported in a preceding post , EICAR.com is checked (and there is the alarm) both if there is "COM" in "Scan file on open" box or without "COM"........(when I double click on it). I don't see why.
Regards,rolando
-
Well, i meant to use Eicar to check whether the AVG Resident Shield is really disabled, but anyway:
"Scan file on open" means scanning the file when "opening the file for reading or writing". It means, for example, that it is scanned when you open the Eicar.com file in Notepad. Of course, if you doublelick (execute) the file, it is read (and scanned) as well.
However, even when you disable "Scan file on open", it is still scanned when you try to execute it (i.e. on doubleclick) - that's the first page of the Standard Shield settings - "Scanner (Basic)" - Scan executed programs. However, it wouldn't be scanned in this case if you open the file in Notepad.
-
Exact ! Thanks a lot,rolando.
-
I'm reading the Resident task settings instruction.
About "Blocker" ..........The block is related to a = (Virus found + extension condition satisfied + type of operation ) or the virus condition is not needed ?
If it is the last case what is the purpose ?
Thanks.
-
The virus condition is not necessary.
It's a behaviour blocker, that is a feature that can pinpoint suspicious behavior in this system. It's quite a historical thing (this method was quite popular back in the DOS days) and can be considered as a legacy feature in avast 4. By default, it's turned off...
Vlk
-
Thanks.
Legacy feature in avast!4 ....then not fundamental.
I've tried it : this feature has to have a memory of a preceding my answer because it doesn't ask again, then it isn't too heavy. I could try for some days.
Thanks a lot.
-
Sorry if I come back to Resident Protection > scan files on open / scan create-modify files .
The Eicar test has success (virus found!) only for "COM,EXE,CMD,BIN,DLL" and disregard every other extension . S0METIMES it fails also with these extension....?????!!!!!!!!! I don't get what is the changed condition (no one in my opinion ).
Regards
-
Why don't you say that Avast!,as other AV,scan only the
executable (exe,com,cmd,dll,bin)? It should be enough !
This isn't a bug , you have only tried to make the Standard shield GUI richer, with more panels to make a good impression on users ! Four panels instead of one !
About when it doesn't work properly.....it is a random bug (there is its trace in the Faultlog.txt in WinMe ) or may be after the famous Error 0x00046101.
-
If you look at the list of "executable" extensions posted at the start of this thread, you'll see that (exe,com,cmd,dll,bin) is not enough.
As for making the GUI richer just to "impress" the user - I really don't think that's the case. An ordinary user would rather get confused, instead of impressed. But it's simply the options that the Stardard Shield offers.
Page 1: here you configure what gets scanned when executed, i.e. when you start it as a program.
Page 2: here you configure what gets scanned when you open a (existing) file (open in the meaning "prepare to read or write") - for example, when loaded into Notepad. You can also configure the scanning of newly created or modified files (unlike the "scan files on open", this means that the file will be scanned after it is written to and closed).
Page 3: here you can configure what (suspicios) operations you want to be blocked - there is no scanning for viruses here, it's just blocking selected operations, no matter if the file is infected or not!
Page 4: here you can set exceptions (what files or folders should not be scanned at all) and some additional options (e.g. silent mode).
Do you really think any of the 4 pages are redundant?
If you have any error logs, could you please send them?
-
>Do you really think any of the 4 pages are redundant?
YES, because Page 2 doesn't scan all of the reported extensions,
but ONLY the executable (exe,com,cmd,dll,bin) are scanned (as other AV having only one page !).
Do you really scan on open EICAR.htlm and the other extensions ???????????????!!!!!!!!!!
Page 3, of course, often stops the process...could be used seldom..........
Page 4 I've tried...but I was not be able to exclude any scan....(may be my fault ,but it would be easy...) .
The Page Fault are below..........module unknown in c15c:1b10edbd...........
Data 06/29/2003 Ora 20:30
ASHSIMPL ha provocato un errore di pagina non valida nel
modulo <sconosciuto> in c15c:1b10edbd.
Registri:
EAX=040eff88 CS=016f EIP=1b10edbd EFLGS=00010246
EBX=040eff88 SS=0177 ESP=03ff0100 EBP=03ff0120
ECX=03ff01a4 DS=0177 ESI=81a5a394 FS=1c17
EDX=bff6682d ES=0177 EDI=03ff01cc GS=0000
Byte all'indirizzo CS:EIP:
BX=0043104c SS=0177 ESP=006ce5bc EBP=006ce5c4
ECX=00000000 DS=0177 ESI=00000000 FS=23f7
EDX=00000000 ES=0177 EDI=007f1950 GS=0000
Byte all'indirizzo CS:EIP:
8b 01 52 ff 50 0c 33 c9 85 c0 0f 9d c1 8b c1 8b
Immagine dello stack:
006ce9e0 007f1ba0 006cfa88 0040d154 006ce9e0 006ce5cc 007f1950 2c6f0000
bff613e2 0000016f 13e2424a 006ce5cc 41c10000 0177bff6 bff613e2 0000016f
**********************************************************************
REGARDS,rolando
-
Page 2 scans what it is set to scan - if not, it's a bug, but not a trick to "impress the user".
I have just checked and it works correctly for me (with one exception - if the file does not have any extension, then it is not scanned - that is a bug).
When I set Scan files on open and write HT* into the "Scan files with these extensions", eicar.html is detected when I try to access it (e.g. open it in Notepad, in Internet Explorer, view by Total Commander Lister, ...).
If I'm even more paranoid and write just * (i.e. an asterisk) into the "Scan files with these extensions", again, the eicar file is detected, no matter what extension it has (except for that "no-extension" problem I noted above).
On the other hand, if I leave the "Scan files with these extensions" empty, it doesn't scan anything on open (not even .COM) - so it works exactly as I would expect it to.
I don't understand how is it possible that for you, it scans only executable files - there's no such setting for "Scan files on open".
Now, let's try "Scan created/modified files". I turn it on and check "Default extension set" (using the "Show..." link I verify that HT* is inside the default set, i.e. HTML files will be scanned).
Now, I start Notepad and create a new file e.htm; I paste the eicar string into the window and save the file; at that moment, I get a eicar-virus warning. Again, as I expected.
What are your exact settings on the second page in the moment EICAR.html is not detected? (and how are you working with the file?)
Thanks for the crash log. Even though it's from an older version of avast than the current build (I think?) I would guess that the problem occurs somewhere in MS Jet drivers. You can try to change the database setting, as posted here:
http://www.avast.com/forum/index.php?board=2;action=display;threadid=440;start=0 (http://www.avast.com/forum/index.php?board=2;action=display;threadid=440;start=0)
Maybe updating the Jet drivers might help, too... ???
http://www.microsoft.com/downloads/details.aspx?FamilyID=fea50f92-923b-4f11-934d-5b6668598060&DisplayLang=en (http://www.microsoft.com/downloads/details.aspx?FamilyID=fea50f92-923b-4f11-934d-5b6668598060&DisplayLang=en)
-
I've tried again....and still doesn't work.
Of course I have all of those extensions typed in
the "scan open files" box . In the "scan/created-modif " there are the DEFAULT ( you know,there are so many extensions). I have nothing more to say....
Regards,rolando
-
Could you please copy & paste the content of your "Scan files with these extensions" box here?
How are you accessing the file (eicar.html, for example) - are you doubleclicking on it (i.e. starting the Internet Explorer) or something else?
Also, just for sure - do you have the latest build (235) of avast?
-
I have level 235.Below the copy/paste (I had added "HTLM" one more time !). The "scan created-modified files" has the its DEFAULT !!!!!!!!!!!!!!!!!!!!!!!
I open notepad and load eicar.htlm >>>>
and the virus is loaded.
Then I save it as eicar.htm >>>> and it is saved .
COM,EXE,DLL,HTLM,SYS,SCR,OV?,VXD,BIN,CMD,HT?,VB?,WS?,BAT
Regards.
-
Well, the only strange thing I see is the HTLM extension (did you mean HTML or is it on purpose a different extension?). Then, I would rather use HT* instead of HT?, to catch both HTM and HTML.
But if you do it exactly as written... HTLM in the box, loading the "infected" eicar.htlm should trigger the alarm.
If you scan the file from avast window (thorough scan) - does it detect it?
Maybe one thought: since htlm is unknown to Notepad... isn't it htlm.txt in fact (and .txt not showing)?
-
I did a very stupid thing !!!!!!!!!!!!!!!!!!!!
I misplaced HTLM for HTML in the extension of the
file.........so EICAR.htlm instead of EICAR.html !!!!
SORRY,I have to pay to you a coffe !!!
REGARDS,Rolando.
ps- also if the wrong ext. had to match with HT* in the box.
-
I did a very stupid thing !!!!!!!!!!!!!!!!!!!!
I misplaced HTLM for HTML in the extension of the
file.........so EICAR.htlm instead of EICAR.html !!!!
Which I told you 2 pages ago ;) ;)
-
I realize when it happen, you DON' T !
-
I realize when it happen, you DON' T !
Okayy..
I'm sure I DON't realize what you want to say.. ;)
-
Normal.
-
An endless story...............This is the log of the scan of the same folder with the files eicar.com,eicar.cmd,eicar.html .
C:\Documenti\IEcasino\EICARFOLDER\EICAR.com [L] EICAR Test-NOT virus!! (0)
C:\Documenti\IEcasino\EICARFOLDER\EICAR.htlm [L] EICAR Test-NOT virus!! (0)
C:\Documenti\IEcasino\EICARFOLDER\EICAR.cmd [L] EICAR Test-NOT virus!! (0)
Infected files: 3
Total files: 3
Total folders: 1
Total size: 210.0
*
* Task stopped: Thursday, July 31, 2003 8:15:37 PM
* Run-time was 32 second(s)
*
*
* avast! Report
* This file is generated automatically
*
* Task 'Simple user interface' used
* Started on Friday, August 01, 2003 3:57:41 PM
*
Infected files: 0 ???????????????
Total files: 2 ???????????????
Total folders: 1
Total size: 140.0 ????????????
*
* Task stopped: Friday, August 01, 2003 3:57:42 PM
* Run-time was 1 second(s) ??????????? :D
*
*
* avast! Report
* This file is generated automatically
*
* Task 'Simple user interface' used
* Started on Friday, August 01, 2003 4:03:42 PM
*
C:\Documenti\EICARFOLDER\EICAR.com [L] EICAR Test-NOT virus!! (0)
C:\Documenti\EICARFOLDER\EICAR.cmd [L] EICAR Test-NOT virus!! (0)
Infected files: 2
Total files: 3
Total folders: 1
Total size: 140.0
*
* Task stopped: Friday, August 01, 2003 4:03:52 PM
* Run-time was 10 second(s)
*
*
* avast! Report
* This file is generated automatically
*
* Task 'Simple user interface' used
* Started on Friday, August 01, 2003 8:14:28 PM
*
C:\Documenti\EICARFOLDER\EICAR.com [L] EICAR Test-NOT virus!! (0)
C:\Documenti\EICARFOLDER\EICAR.cmd [L] EICAR Test-NOT virus!! (0)
Infected files: 2
Total files: 3
Total folders: 1
Total size: 140.0
*
* Task stopped: Friday, August 01, 2003 8:14:40 PM
* Run-time was 12 second(s)
*
*
* avast! Report
* This file is generated automatically
*
* Task 'Simple user interface' used
* Started on Friday, August 01, 2003 8:29:42 PM
*
C:\Documenti\EICARFOLDER\EICAR.com [L] EICAR Test-NOT virus!! (0)
C:\Documenti\EICARFOLDER\EICAR.cmd [L] EICAR Test-NOT virus!! (0)
Infected files: 2
Total files: 3
Total folders: 1
Total size: 140.0
*
* Task stopped: Friday, August 01, 2003 8:29:54 PM
* Run-time was 12 second(s)
*
:D
-
You mean that the results are not always the same? What was the type of the scan - was it always the same (Thorough / Normal / Quick)?
-
They are folder scan Standard . The folder is EICARFOLDER with the same 3 virus files .
If you see in the preceding post ( I will type an "?" on it ) the scan (in my opinion)
has not been performed but Avast! says "no virus " and give a wrong number of files !
Below there is the scan of the hard drive (the file eicar.html is not find as virus file !),
and other folder scans correct.
The behaviour of Resident Shield is still worst with iecar.html . Now it is working fine .
Regards,rolando.
*
* Task stopped: Friday, August 01, 2003 8:41:25 PM
* Run-time was 13 second(s)
*
*
* avast! Report
* This file is generated automatically
*
* Task 'Simple user interface' used
* Started on Saturday, August 02, 2003 9:31:31 AM
*
c:\Documenti\EICARFOLDER\EICAR.com [L] EICAR Test-NOT virus!! (0)
c:\Documenti\EICARFOLDER\EICAR.cmd [L] EICAR Test-NOT virus!! (0)
c:\Recycled\Dc8.com [L] EICAR Test-NOT virus!! (0)
c:\Recycled\Dc10.cmd [L] EICAR Test-NOT virus!! (0)
c:\Recycled\Dc11.bat [L] EICAR Test-NOT virus!! (0)
c:\Recycled\Dc12.dll [L] EICAR Test-NOT virus!! (0)
c:\Recycled\Dc13.exe [L] EICAR Test-NOT virus!! (0)
c:\Recycled\Dc14.sys [L] EICAR Test-NOT virus!! (0)
c:\Recycled\Dc18.com [L] EICAR Test-NOT virus!! (0)
Infected files: 9
Total files: 68240
Total folders: 6475
Total size: 3.1 G
*
* Task stopped: Saturday, August 02, 2003 9:45:06 AM
* Run-time was 13 minute(s), 35 second(s)
*
*
* avast! Report
* This file is generated automatically
*
* Task 'Simple user interface' used
* Started on Saturday, August 02, 2003 9:53:06 AM
*
C:\Documenti\EICARFOLDER\EICAR.com [L] EICAR Test-NOT virus!! (0)
C:\Documenti\EICARFOLDER\EICAR.cmd [L] EICAR Test-NOT virus!! (0)
C:\Documenti\EICARFOLDER\eicar.html [L] EICAR Test-NOT virus!! (0)
Infected files: 3
Total files: 3
Total folders: 1
Total size: 210.0
*
* Task stopped: Saturday, August 02, 2003 9:53:25 AM
* Run-time was 19 second(s)
*
*
* avast! Report
* This file is generated automatically
*
* Task 'Simple user interface' used
* Started on Saturday, August 02, 2003 9:55:56 AM
*
C:\Documenti\EICARFOLDER\EICAR.com [L] EICAR Test-NOT virus!! (0)
C:\Documenti\EICARFOLDER\EICAR.cmd [L] EICAR Test-NOT virus!! (0)
C:\Documenti\EICARFOLDER\eicar.html [L] EICAR Test-NOT virus!! (0)
Infected files: 3
Total files: 3
Total folders: 1
Total size: 210.0
*
* Task stopped: Saturday, August 02, 2003 9:56:06 AM
* Run-time was 10 second(s)
*
*
* avast! Report
* This file is generated automatically
*
* Task 'Simple user interface' used
* Started on Saturday, August 02, 2003 8:06:30 PM
*
C:\Documenti\EICARFOLDER\EICAR.com [L] EICAR Test-NOT virus!! (0)
C:\Documenti\EICARFOLDER\EICAR.cmd [L] EICAR Test-NOT virus!! (0)
C:\Documenti\EICARFOLDER\eicar.html [L] EICAR Test-NOT virus!! (0)
Infected files: 3
Total files: 3
Total folders: 1
Total size: 210.0
*
* Task stopped: Saturday, August 02, 2003 8:06:55 PM
* Run-time was 25 second(s)
*
*
* avast! Report
* This file is generated automatically
*
* Task 'Simple user interface' used
* Started on Sunday, August 03, 2003 4:40:59 PM
*
C:\Documenti\EICARFOLDER\EICAR.com [L] EICAR Test-NOT virus!! (0)
C:\Documenti\EICARFOLDER\EICAR.cmd [L] EICAR Test-NOT virus!! (0)
C:\Documenti\EICARFOLDER\eicar.html [L] EICAR Test-NOT virus!! (0)
Infected files: 3
Total files: 3
Total folders: 1
Total size: 210.0
*
* Task stopped: Sunday, August 03, 2003 4:41:21 PM
* Run-time was 22 second(s)
*