Advice Request Avast IS - EICAR question

[Windows Defender Shill]

I performed a EICAR test following the instructions from Avast test FAQ page Avast FAQ | Avast Antivirus: Testing whether Avast Antivirus protects your PC against malware

First part of the test was to test the Web Shield - It of course instantly blocked the download and it never got into the download folder.

Second part of the test (this where my question is) was to disable Web Shield and test the File System Shield by downloading EICAR again. With the Web Shield disabled the EICAR file was placed into the download folder with no reaction from Avast. Until I either scanned the file or attempted to execute it, at which point Avast did block it.

Should Avast have detected the file before a manual scan or execution attempt?

 

[kiric96]

this depends of every AV vendor, some state that doing an "on access detection" some times leads to consume more resources, other people say that while a threat is inactive in the disk doing nothing it is not a hazard to the system, so it can be there until some other program or the user try to open it.

for instance i think that you can change sensitivity of the scanning engine in avast settings (notice that your pc may slow down, this is due to the fact that the scanner will look for every single file you access with explorer.exe).

PDT:some products like eset do detect objects on access and it never slow down the pc, how they do, i dont know :v

 

[Windows Defender Shill]

this depends of every AV vendor, some state that doing an "on access detection" some times leads to consume more resources, other people say that while a threat is inactive in the disk doing nothing it is not a hazard to the system, so it can be there until some other program or the user try to open it.

for instance i think that you can change sensitivity of the scanning engine in avast settings (notice tho that your pc may slow down, this is due to the fact that the scanner will look for every single file you access with explorer.exe).

PDT:some products like eset do detect objecto on access and it never slow down the pc, how they do, i dont know :v

Yes that's what I'm thinking also.

But the Avast test FAQ page didn't say anything about executing or scanning the file, it gave me the impression it was supposed to be blocked after I clicked the download button.

 

[Syafiq]

I performed a EICAR test following the instructions from Avast test FAQ page Avast FAQ | Avast Antivirus: Testing whether Avast Antivirus protects your PC against malware

First part of the test was to test the Web Shield - It of course instantly blocked the download and it never got into the download folder.

Second part of the test (this where my question is) was to disable Web Shield and test the File System Shield by downloading EICAR again. With the Web Shield disabled the EICAR file was placed into the download folder with no reaction from Avast. Until I either scanned the file or attempted to execute it, at which point Avast did block it.

Should Avast have detected the file before a manual scan or execution attempt?

At the default settings, avast's web shield is set to scans anything that downloaded from the internet. But, the file system shield is set to scan only extension that set by the developer(to avoid performance slowdowns). Maybe the ".com" extension and ".txt" extension are not included on the list of extension.