Author Topic: Standard Shield (on-access module) question!  (Read 15006 times)

0 Members and 1 Guest are viewing this topic.

faffy

  • Guest
Standard Shield (on-access module) question!
« on: March 06, 2004, 01:14:16 PM »
I tried to enable zip scanning in the  Tasks -> Resident Protection -> Standard Shield -> Packers. I ticked ZIP in and downloaded the EICAR.ZIP file. No response from avast. I opened the zip file -> nothing. I unzipped the eicar.com to my desktop -> nada.  avast only reacted to the test virus when I wanted to execute the com file.  Is it supposed to behave like this? Then what's the point of the on-access scanner options?

Faffy

Offline RejZoR

  • Polymorphic Sheep
  • Serious Graphoman
  • *****
  • Posts: 9408
  • We are supersheep, resistance is futile!
    • RejZoR's Flock of Sheep
Re:Standard Shield (on-access module) question!
« Reply #1 on: March 06, 2004, 01:18:40 PM »
You need to set Standard Shield to High Sensitivity.
Visit my webpage Angry Sheep Blog

faffy

  • Guest
Re:Standard Shield (on-access module) question!
« Reply #2 on: March 06, 2004, 01:30:42 PM »
You are partially right,. If I set the Shield to High Sensitivity, avast did not let me download the com file. However, it allowed me to download the zip file even if I set the Standard Shield to High and added the zip extension to be scanned or changed the resident TASK to scan packers.

Faffy

Offline Lars-Erik

  • Avast Evangelist
  • Sr. Member
  • ***
  • Posts: 394
    • Lars-Erik Østerud
Re:Standard Shield (on-access module) question!
« Reply #3 on: March 06, 2004, 05:34:58 PM »
I think you need to add some lines about scanning archives as well (it's not active as default in Home edition). There was a thread on this here just a few days ago.
www.osterud.name - ICQ: 7297605 - AIM/Yahoo/Facebook/Skype/Astra: LarsErikOsterud

Culpeper

  • Guest
Re:Standard Shield (on-access module) question!
« Reply #4 on: March 06, 2004, 05:57:50 PM »
I tried to enable zip scanning in the  Tasks -> Resident Protection -> Standard Shield -> Packers. I ticked ZIP in and downloaded the EICAR.ZIP file. No response from avast. I opened the zip file -> nothing. I unzipped the eicar.com to my desktop -> nada.  avast only reacted to the test virus when I wanted to execute the com file.  Is it supposed to behave like this? Then what's the point of the on-access scanner options?

Faffy

I think it should have thrown up an alert when you scanned the zip file.  Did you also try right clicking on the zip file name in windows explorer and select scan file  (just to scan that one file)?
« Last Edit: March 06, 2004, 05:59:10 PM by Culpeper »

faffy

  • Guest
Re:Standard Shield (on-access module) question!
« Reply #5 on: March 07, 2004, 02:58:09 PM »
I think you need to add some lines about scanning archives as well (it's not active as default in Home edition). There was a thread on this here just a few days ago.
I read the thread you mentioned, that's the reason I started experimenting with the Standard Shield.

faffy

  • Guest
Re:Standard Shield (on-access module) question!
« Reply #6 on: March 07, 2004, 02:59:51 PM »
I tried to enable zip scanning in the  Tasks -> Resident Protection -> Standard Shield -> Packers. I ticked ZIP in and downloaded the EICAR.ZIP file. No response from avast. I opened the zip file -> nothing. I unzipped the eicar.com to my desktop -> nada.  avast only reacted to the test virus when I wanted to execute the com file.  Is it supposed to behave like this? Then what's the point of the on-access scanner options?

Faffy

I think it should have thrown up an alert when you scanned the zip file.  Did you also try right clicking on the zip file name in windows explorer and select scan file  (just to scan that one file)?

Well it did not warn me at all opening a virus containing zip file.

Obviously, if I scan the file with the scanner it says that I have a virus otherwise the software would not be worth much, would it?

Iso-G

  • Guest
Re:Standard Shield (on-access module) question!
« Reply #7 on: March 07, 2004, 04:04:11 PM »
Hello,

The following is my old evaluation data of avast! 4.1 carried out last year.
The original is in Japanese and it was already put on my web page last year.
"Memo of a Little Experiment", Nov. 28, 2003 ~Dec. 05, 2003

I don't know the exactly behavior of the today's latest avast!, but this data may be consulted for you.

Thanks,

Iso-G

Iso-G

  • Guest
Re:Standard Shield (on-access module) question!
« Reply #8 on: March 07, 2004, 04:10:52 PM »

Culpeper

  • Guest
Re:Standard Shield (on-access module) question!
« Reply #9 on: March 07, 2004, 04:55:08 PM »
I'm confused. You want Avast to know there is an infected embedded file within a zip file while it unzipps the zip file and before Avast scans the zip file?  I think Avast has the ability to scan within a zip file but I'm not sure it will prevent you from unzipping a zip file with an infected file.  I could be wrong.  I have been before and probably will in the future.  I normally scan individual zip files before opening them.
« Last Edit: March 07, 2004, 05:01:09 PM by Culpeper »

Offline RejZoR

  • Polymorphic Sheep
  • Serious Graphoman
  • *****
  • Posts: 9408
  • We are supersheep, resistance is futile!
    • RejZoR's Flock of Sheep
Re:Standard Shield (on-access module) question!
« Reply #10 on: March 07, 2004, 05:26:27 PM »
avast! extracts files into TEMP folder (these files are in encrypted form as in chest (quarantine)) and than scannes them. Anyways any virus is harmless even if its on your desktop. You just need to avoid running it (executable).
Visit my webpage Angry Sheep Blog

faffy

  • Guest
Re:Standard Shield (on-access module) question!
« Reply #11 on: March 07, 2004, 05:32:24 PM »
I am sorry I always find the argument that a virus is harmless until it is executed very weak and defensive. I have a virus protection on my machine not to have viruses on it, whether they are executed or not.  If I download a zip file from the net, I want my antivirus program to check it by default. I think it is not too much to ask, is it?

Faffy

Culpeper

  • Guest
Re:Standard Shield (on-access module) question!
« Reply #12 on: March 07, 2004, 05:46:41 PM »
I'm not disagreeing with you just saying I don't believe Avast will scan the inside of a zip file unless you ask it to.  I could be wrong and it might be a bug you discovered.

faffy

  • Guest
Re:Standard Shield (on-access module) question!
« Reply #13 on: March 07, 2004, 09:30:05 PM »
I'm not disagreeing with you just saying I don't believe Avast will scan the inside of a zip file unless you ask it to.  I could be wrong and it might be a bug you discovered.
The problem is that I asked it to scan inside zip files and yet it did not do that.

(Just a note: Bitdefender blocked the saving of all 4 eicar files by default.)

Faffy

Here is the link to the eicar files:http://www.eicar.org/anti_virus_test_file.htm

Culpeper

  • Guest
Re:Standard Shield (on-access module) question!
« Reply #14 on: March 07, 2004, 09:48:42 PM »
I downloaded both eicar zip files.  I was able to save them to a folder and unzip them without detection.  However, Avast detected the infected files when I scanned the "*.zip" files manually.  My Standard Shield is set to normal.
« Last Edit: March 07, 2004, 09:52:57 PM by Culpeper »