Hi everyone,
This is an experiment i did, i already send that same message to the avast support and virus team.

I tried to check the avast detection system, so I got the eicar test-file, which was detected with no problems. Then I tried to “cheat” avast.
I used: avast! Pro 4.5.518 with VPS 0447-0 (15/11/2004).

I opened the eicar.com test file in notepad, added a line break and the string “some random test” and save the file again, then I asked avast to scan it.

It passed without any warning, i was able to run the new eicar.com without any problems, and it was never detected.
I guess that avast signature detection is not so effective… :-[

Luiz Borges

PS: eicar test-file is available at www.eicar.com

It’s well known and published a lot of times that changes in eicar files could give any results… Including non-detection. eicar files are test files and, remember, real virus must be catch

I guess you’d better read the description on www.eicar.com more carefully ;D
The eicar test file must not be detected if you append some text to it - by definition. The only allowed piece that may be appended are white spaces (and they cannot be too many).

(The reason for this is that some real viruses used Eicar to mask themselves as “benign test file”).

I couldn’t say it better… Thanks Igor