I can not get Eicar out of my system, 1 file has been quarantined, I delete it out of quarantine and it reappears. System restore keeps restoring it...

Question: Do I have to track down this file in Windows and delete it ???

I thought deleting it via quarantine would delete the file itself, it appears not, unless system restore is the culprut...

Cheers.

Hello,

As you see, it's in the restore files. There are protected files.

Possible ways :

- Make a new restore point and then perform a clean disk
other options select suppress all restore points but last.

- Disable the restore service, reboot and then enable restore service and makie a restore point.

- Take full rights on System Volume Information and run a scan on this folder or select manually the file and delete it.
Then restrict the rights back.

Rgds,

be carful with system restore.
Why?
if you creat say a restore point manualy older than 5 days. Like say when you format your HD, then you will lose that restore point when you disable System restore and reboot. ;)

Evey file you ever downloaded to your little old desktop is stored in that system folder, NOT just system files.
Hope this helps

I use WinXP Home and I don't have this problem with eicar..

I uninstalled the beta, and then I downloaded and executed eicar...

Then I reinstalled the beta.. Nod32 found both the eicar and the copy in the restore directory.. I then stopped the scan and ran the scan again using clean.. For some reason I can't right click on a file to clean or delete the virus..

But, that took care of it...Eicar is gone...

Just to let you know..

Fixed, unticked "Quarantine" in Amon and ticked "Prohibit access and display warning panel with action selection".

The next time this sucker popped up, I deleted it ;D

Thanks for your help.

Cheers.