Hi all !
* * * * A silly question in my mind....I recently ran the "eicar_zip" test virus to test my antivirus. Well, it caught the virus, but now I can't delete the "eicar file". My antivirus keeps on finding the string in the system (XP). When I do a search for "eicar", nothing is found. I can't delete it if I can't find it !!
I'm using F-Prot 3.11b. This is what I get................

C:\Documents and Settings\user\Local Settings\Temp\Temporary Directory 1 for eicarcom2.zip\eicar_com.zip->eicar.com *Infection: EICAR_Test_File
Unable to remove the virus.
Could not delete the file.

Thanks all,
* * * * * * * * Billmac ???

* *Well. I'm answering my own question....
Using Win XP, go to control panel, folder options, then view. Check "show hidden files" and uncheck "hide protected op. sys. files". Now do your search !! And there it was...EICAR !!!

* * * * * * * * * * * * * * * * * * * *billmac.....doh !!

Just out of interest. *Having deleted the eicar test file, has it, or did it turn up in the System Restore, restore points when you do an all file scan?

Nope !!
* * * * * The test file dropped into Doc/usersettings/temp.....(hidden file). F-prot would find it, but when I searched that directory I couldn't find it.
*Eventually when I came to my senses, I discovered the Eicar was in a hidden folder !
I found it no where else in the system...including backup and restore files !! *;)
* * * * * * * * * * * * * * * * *
* * * * * * * * * * * * * * * * * * * * * * *bill