Eicar Test files and Avast

[LAB]

I have seen quite a few posts concering Avast detecting the Eicar test files and if I am not mistaken, most of the people writing in were a little disappointed in that they said they had to actually download the file first and either scan it or try to open the file before Avast would detect it.

I am using the Home version w/Win98se and have never made any modifications to Avast but I decided to try and download the Eicar test files just to give me the satisfaction of knowing that Avast was installed correctly. To my suprise, no matter which Eicar file I clicked on, Avast came to life and told me the files were infected prior to  my download manager box popping up asking me where to save the file at.

Does this depend on the browser or operating system you are using? I am glad that Avast would not even allow me to download the files but was just curios to see why most people said they had to download the files first in order to get Avast to catch them. Any ideas??

[Super Trooper]

I also had a play with the Eicar test virus files with Avast! home edition and found that the email virus was picked up straight away whatever the setting, but the the one that tests internet explorer was only picked up when the standard shield was set to 'high'.
I didn't have to download the file though and 'manually' test it, Avast! jumped on them straight away. I set mostly every setting to high now as it doesn't appear to make any performance difference between normal and high with my Barton XP2500  

Overall i'm well impressed with Avast! and recommend it to everyone I know!

 

[techie101]

ST,

The actions of Avast depend on the way the virus enters your system.

In general, Avast will monitor your computer and scan files upon exection or opening.

For email, the scan is immediate on the content of the message, but the attachments will be scanned if an attempt is made to open them.

Although Eicar is not a "harmful" virus, its' structure is that of a "virus" so Avast will act on it appropriately.

Glad you like the program.

I am puzzled by the fact that you have stated Avast did not pick up Eicar in IE until Standard Shield was set to HIGH.  I will forward this on the the Avast team for them.

Take Care,
techie

[LAB]

I know that I have Avast set on high also, but I use Netscape 7.1. I will change Avasts settings and try the test again to see if it works on both settings or just high and will post the results by tomorrow. Then we can see if it is just specific to IE or to both browsers.

[shgoh]

maybe you all are interested in these...

http://forum.avast.com/index.php?board=2;action=display;threadid=3113;start=0

http://forum.avast.com/index.php?board=2;action=display;threadid=3522;start=0

[LAB]

I know that I have Avast set on high also, but I use Netscape 7.1. I will change Avasts settings and try the test again to see if it works on both settings or just high and will post the results by tomorrow. Then we can see if it is just specific to IE or to both browsers.

I took Avast off of the "High Setting" and tried again. A rectangular box appeared at the bottom left of my screen showing Avast was detecting it, but my Windows working flag was waving for about 4 minutes and nothing was happening. I did a ctrl-alt-delete and the task manager showed that Ashserv was not responding. I let it go a while and finally had to end task to unlock my pc. Any reason why Ashserv would lock up??

[Lisandro]

I know that I have Avast set on high also, but I use Netscape 7.1. I will change Avasts settings and try the test again to see if it works on both settings or just high and will post the results by tomorrow. Then we can see if it is just specific to IE or to both browsers.

I took Avast off of the "High Setting" and tried again. A rectangular box appeared at the bottom left of my screen showing Avast was detecting it, but my Windows working flag was waving for about 4 minutes and nothing was happening. I did a ctrl-alt-delete and the task manager showed that Ashserv was not responding. I let it go a while and finally had to end task to unlock my pc. Any reason why Ashserv would lock up??

I'm becoming cetic about this freezing...
Are you really sure that there is not a little 'incompatibility' between ashServ and other Windows XP drivers... I tried to debbug it with Vlk's help but I cannot find a 'racional' way to do it. I cannot be on-line all the time and debbugers need it for some obscure Microsoft symbols need  

We want to help but we do not know how... How can we do more research about freezing and ashServ?  

[LAB]

It was SuperTrooper who is using XP, not I. I have Win98se but I was just trying to give a hand to see if IE was the culprit in his case or if it could be duplicated with Netscape 7.1. Avast detected the Eicar Test File as a virus prior to downloading with both standard shield set to high and standard in my case but for SuperTrooper, he said it only was detected on the high setting. The freeze up of Ashserv on my end might have just been a hiccup!  .

[shgoh]

if you use netscape...then you will love firefox!!!.....

[ylap]

I've tested my avast! home edition with Eicar. Avast! worker perfectly. It's the best free antivirus program i've ever had!  

[igor]

cochise: Try to disable the "Show detailed info on performed action" option of the Standard Shield provider...

[LAB]

cochise: Try to disable the "Show detailed info on performed action" option of the Standard Shield provider...

The box was not check marked but I think I might have found the problem. My brother had once told me that if you are having problems with Netscape download problems, to clear the cache. I cleared the Netscape cache file and tried it again and it worked fine. It does not freeze and when I clicked on the Eicar test file download link, Avast sounded off and told me a Virus was detected in C:\Windows\Temp before the download manager box appears.

The only question I had was that Avast gives you the option of permanently deleting the file or send it to the trash bin. If you choose the trash bin, the file never shows up there. If in a different circumstance, you find out that you deleted a non-virus file and needed to restore it from the trash bin, how would you be able to do that? Am I missing something on this or is it because the file was never actually downloaded onto my pc for Avast to move it to the trash bin.

[RejZoR]

You won't belive,but one of the best AVs on market has the same problem. And this AV is called NOD32. Doesn't help even if you enable scan all files. But hey,who needs archive scanning which is machine killing process? Files are scanned anyway when extracted. avast! has archive scanning as bonus,so you can enable it if you really really really need this function (NOD32 doesn't even have this option )

[Lisandro]

The only question I had was that Avast gives you the option of permanently deleting the file or send it to the trash bin. If you choose the trash bin, the file never shows up there. If in a different circumstance, you find out that you deleted a non-virus file and needed to restore it from the trash bin, how would you be able to do that? Am I missing something on this or is it because the file was never actually downloaded onto my pc for Avast to move it to the trash bin.

Igor, can you answer the cochise's question?
There are some forums discussing the options while 'repairing/cleaning' viruses but not conclusive: delete file on next boot seems no to work either...  :'(

Why does ashServ seem to freeze? (my original problem...)

[RejZoR]

I think they scheduled this bugfix for the next build.
Will there be any soon?