If the Eicar file is detected during download (i.e. the "Virus found!" window has the "Abort connection" button), then it's detected by the Web Shield provider. If you don't get this detection anymore, Web Shield is probably not scanning the traffic. This could be e.g. because
- you stopped/disabled it (check the status of this resident provider)
- your web browser configuration bypasses Web Shield somehow (what browser and operating system do you have? Do you use any proxy)?
- the Eicar test file is already in browser's cache, so it's not really downloaded from web anymore when you click the link (could happen if you previously downloaded these files with avast! disabled)
1) WebShield provider is on. All scanners are set to "high."
2) This is occuring in both IE and FireFox. (Didn't used to be a problem in either one, and the change seemed to be simultaneous)
3) XP Media Center
4) Don't know what a Proxy is
5) I clean my cache daily with ZoneAlarm Pro. So I believe I can rule that out.
Thanks for the replies. Maybe this is normal, but it didn't use to do this. I'm positive that I recall a time when if I clicked any one of the four test files, Avast would alert me, and I would click abort connection BEFORE I could save or run. And Avast would abort the connection. Now, it only detects the first one and says delete (also before I save or run). Then it proceeds to let me carry out the download if I wanted to (download box doesn't disappear)