Suggestion: Make Avast more proactive - please!

[DavidR]

@ claudiubotezatu
The webshield by default scans all  downloaded files including packers/archives.

[Para-Noid]

@ DavidR Thanks for restating what I pointed out in reply #1. All the user needs to do is after downloading "right" click on the file while
               it's in the download folder and run a scan. As I said the ultimate responsibility is on the user. 

[DavidR]

They don't really have to do that if they haven't changed the default settings, as it should have been scanned by the web shield during download. I've never been much on duplication of effort.

[Pondus]

and for those who want to test....there is the EICAR test file.... they also have a zip version   

-http://www.eicar.org/85-0-Download.html

[Para-Noid]

They don't really have to do that if they haven't changed the default settings, as it should have been scanned by the web shield during download. I've never been much on duplication of effort.

I agree. I just stated what I did to stress the right click option. I always leave the packers settings alone. avast knows what they are doing.
And you can't protect someone from themselves. 

[heroxx]

@ claudiubotezatu
The webshield by default scans all  downloaded files including packers/archives.

In that case my Avast installation is corrupt! Because that is NOT the way it works here on my machine!
And I have the same settings as DavidR in the message above!
And, as I have said: Neither does Avast on my machine scan files when extracting them from mail-attachments!

I would like very much, if someone who REALLY KNOWS the answer to these questions could reveal it to us. Because it doesn't seem very productive that some say "Avast works so and so" and others say "No - it works in another way".
We are wasting our time. So can someone employed by Avast - who knows the answer - please step forward - thank you!

Best regards,
H.R.

[true indian]

A simple reinstall can fix it...

Yes even I have noticed your explained condition...yesterday some rar file was downloaded on my Sister's computer and avast web shield didnt pick it up...but file system shield did pick it up while extracting the RAR File...The RAR was also tested on all my machines and avast behaved the same on All PC's

[heroxx]

A simple reinstall can fix it...

Yes even I have noticed your explained condition...yesterday some rar file was downloaded on my Sister's computer and avast web shield didnt pick it up...but file system shield did pick it up while extracting the RAR File...The RAR was also tested on all my machines and avast behaved the same on All PC's

Are you talking about the thorough uninstall-reinstall procedure explained in the quote below?
Or are you talking about the much more simple "Remove/Edit" under Programs in the Windows Control Panel? Because I tried that, and it didn't change anything when downloading and unpacking the infected zip file.

And what would the thorough reinstall help, if you yourself are saying, that Avast on all your machines also does NOT scan archive-files when downloading them....!?

I would suggest a clean reinstall:
- Download the latest version of avast, 7.0.1456 see below for download locations and save it to your HDD, somewhere you can find it again (if you didn't save your last download). Use that when you reinstall.

- Download the avast! Uninstall Utility, aswClear.exe find it here and save it to your HDD (it has uninstall tools for 5.x, 6.0.x and 7.0.x).

• 1. Now uninstall avast! (using add remove programs, if you can't do that start from the next step), reboot.
• 2. run the avast! Uninstall Utility from safe mode, first for 6.x if previously installed and then for 7.0, once complete reboot into normal mode.
• 3. install the latest version, reboot.

Download locations:
Pro AV:  - http://files.avast.com/iavs5x/avast_pro_antivirus_setup.exe
AIS:       - http://files.avast.com/iavs5x/avast_internet_security_setup.exe

[claudiubotezatu]

@ claudiubotezatu
The webshield by default scans all  downloaded files including packers/archives.

Hi DavidR,

Thank you for your answer!Indeed,the webshield by default scans all  downloaded files including packers/archives, the problem is ,if you use Avast Webshield you cannot use a third party firewall (PC Tools firewall plus in my situation);  Avast Webshield  will act as a proxy and all trafic will be redirected and bypass the firewall (or most of the firewalls)

So, for an AV (any Av not only Avast!) I prefer to do not install the Web Shield, yet I prefer to have any download (RAR,ZIP) scanned after the download is finished.

MSE is doing that.

Thanks,
Claudiu

[Chris Thomas]

The following text is more or less copied from a message of mine in a thread called 'Downloading zip-file: "No virus" Scanning again: "Threat found" Why?' on this URL: http://forum.avast.com/index.php?topic=107655.0 :

My experience is that Avast does NOT see the virus, neither when I download the zip file, nor when I unpack the zip-file. Only when I specifically ask Avast to scan the zip file. That doesn't seem like a good protection strategy to me!
This particular file was never intended to be run on my Windows machine. It was supposed to be put on my website's Linux web-server.

Even when I save a mail attachment with virus to my hard disk, Avast doesn't see the virus. I DON'T think that is optimal! (I extracted it more than a month after receiving it.)

And 2 days ago when Avast gave me a strange warning and an error message, I did a 3-hours boot scan, and there I discovered a virus that I must have received in January via a USB-stick. Also, NOT very trust-inspiring! But theoretically that might have been before the virus was known by Avast.

So all in all I would very much like Avast to be more proactive!

-Heroxx

Yes, Avast can. Just change the settings. Go to File System Shield Settings and tick mark all the packers under the Packers tab and if you are very sensitive about security, you can make the File System scanner scan all the documents by selecting 'Scan All Documents' at both the tabs opening and writing. Change the autosandbox thing to 'Ask'

Untick all exclusions.

Go to Sensitivity and move the Heuristics to 'High' and select 'Test whole files' and select 'PUP'

But don't blame me if your documents and apps are opening some milliseconds slower 

You can do that if all the Shields.

Edit : Added more info.

[DavidR]

@ claudiubotezatu
The webshield by default scans all  downloaded files including packers/archives.

Hi DavidR,

Thank you for your answer!Indeed,the webshield by default scans all  downloaded files including packers/archives, the problem is ,if you use Avast Webshield you cannot use a third party firewall (PC Tools firewall plus in my situation);  Avast Webshield  will act as a proxy and all trafic will be redirected and bypass the firewall (or most of the firewalls)

So, for an AV (any Av not only Avast!) I prefer to do not install the Web Shield, yet I prefer to have any download (RAR,ZIP) scanned after the download is finished.
<snip>

1. Not the case for my Firewall Outpost firewall pro (and there are others), if I set my application rules to block access to iexplore.exe (or any other program that may be connecting to the internet using HTTP) then when I try to connect to the internet using IE8 it is blocked. So it doesn't have a problem with the web shield proxy as clearly it is able to determine the process/program using the proxy and not just the proxy itself.

2. If you are downloading using either your browser or a download manager, most have the ability to have the AV scan downloads on completion.