First of all, LeDoc please try to keep it down a little bit. The title "HUGE security hole" is IMHO inadequate for this issue.
avast's on-access scanner will detect viruses in files with any filenames because it is fully in Unicode. Version 4.0 used to be in ANSI and could've suffered from similar problems, but with the addition of support for East-Asian variants of avast in 4.1 it was not possible any more to ignore those strange-looking filenames...
To analyse the problem, check the Last Scanned File entry for the Standard Shield. Does it show the file?
Also executing a MS-DOS program such as eicar.com is not completely representative -- that's because Windows emulates DOS-mode for the program and doesn't really use non-ANSI characters in that case (because MS-DOS mode is of course not Unicode compliant). A better test would be to e.g. put the .COM extension to the list of extensions to be scanned on-open and just opening the file in Notepad, or getting an EXE virus for Win32...
Hope this helps.
Vlk