Thanks for the reply.
@igor
I asked OP to add these information. As far as my confirmation, details as follows:
Inside of the zip archive:One or two infected file(s) (eicar / real malware) and one clean file (plain text file).
Detection Name:Eicar / Win32:Small-NEG [Trj]
Action:Delete / Move to chest.
- the "All archives" option in the File System Shield (which I wouldn't really recommend to use, but doesn't matter) only enables archive unpacking... so was also the ZIP extension added to "Scan when opening" or "Scan when writing"? (or was the "Scan all files" option checked in one of those windows?)
Firstly I checked "Scan all files", next added ZIP extension to "Scan when opening" option ("Scan all files" unchecked).
Now I uncheck both options, but alert continues...
It seems avast continues to scan added extensions even if I uncheck "Scan with custom extensions"
If I delete added extensions, avast stops to scan it.
Initial detection trigger:Accessing. No alert when copying (I didn't add extensions to "Write" section).
@bong2x
do mean like this (see picture)
Unfortunately not.
This related to on-access scan, not on-demand (right-click) scan.