Author Topic: Avast Free + EICAR testfile (Read 8137 times)

igor · « **Reply #15 on:** March 09, 2012, 11:59:10 AM »

OK. It's the Explorer extracting the ZIP content into a temporary folder (most likely at the moment when the download is finished and you "open" the archive) - and that extraction is being scanned by the FileSystem Shield.

Anyway, WebShield doesn't scan HTTPS connections, so these detections are kind of side-effects of something else (such as someone actually extracting the archive).

Pindakaas · « **Reply #16 on:** March 09, 2012, 12:04:07 PM »

Quote from: igor on March 09, 2012, 11:59:10 AM

OK. It's the Explorer extracting the ZIP content into a temporary folder (most likely at the moment when the download is finished and you "open" the archive) - and that extraction is being scanned by the FileSystem Shield.

Anyway, WebShield doesn't scan HTTPS connections, so these detections are kind of side-effects of something else (such as someone actually extracting the archive).

Oh , when i open the zip folder , there is a MS-DOS application in it , called eicar , if i right click the eicar application , i only see , open , copy , cut , remove , and properties , i click open then the popup comes.

That's all good ?

igor · « **Reply #17 on:** March 09, 2012, 12:06:09 PM »

Yes, that's as expected - "open" means "execute" - so it's the basic scan performed when a program is starting.

Pindakaas · « **Reply #18 on:** March 09, 2012, 12:39:42 PM »

ok i guess all is good then , that a ssl zip file with a ms dos application in it is detected.

ok thanks !

Author Topic: Avast Free + EICAR testfile (Read 8137 times)

igor

Re: Avast Free + EICAR testfile

Pindakaas

Re: Avast Free + EICAR testfile

igor

Re: Avast Free + EICAR testfile

Pindakaas

Re: Avast Free + EICAR testfile