eicar_zip virus test

Discussion in 'other anti-virus software' started by eyespy, Mar 11, 2002.

Thread Status:
Not open for further replies.
  1. eyespy

    eyespy Registered Member

    Joined:
    Feb 20, 2002
    Posts:
    490
    Location:
    Oh Canada !!
    Hi all !
            A silly question in my mind....I recently ran the "eicar_zip" test virus to test my antivirus. Well, it caught the virus, but now I can't delete the "eicar file". My antivirus keeps on finding the string in the system (XP). When I do a search for "eicar", nothing is found. I can't delete it if I can't find it !!
    I'm using F-Prot 3.11b. This is what I get................

    C:\Documents and Settings\user\Local Settings\Temp\Temporary Directory 1 for eicarcom2.zip\eicar_com.zip->eicar.com  Infection: EICAR_Test_File
    Unable to remove the virus.
    Could not delete the file.

    Thanks all,
                    Billmac o_O
     
  2. eyespy

    eyespy Registered Member

    Joined:
    Feb 20, 2002
    Posts:
    490
    Location:
    Oh Canada !!
       Well. I'm answering my own question....
    Using Win XP, go to control panel, folder options, then view. Check "show hidden files" and uncheck "hide protected op. sys. files". Now do your search !! And there it was...EICAR !!!

                                           billmac.....doh !!
     
  3. linney

    linney Registered Member

    Joined:
    Feb 17, 2002
    Posts:
    174
    Just out of interest.  Having deleted the eicar test file, has it, or did it turn up in the System Restore, restore points when you do an all file scan?
     
  4. eyespy

    eyespy Registered Member

    Joined:
    Feb 20, 2002
    Posts:
    490
    Location:
    Oh Canada !!
    Nope !!
              The test file dropped into Doc/usersettings/temp.....(hidden file). F-prot would find it, but when I searched that directory I couldn't find it.
     Eventually when I came to my senses, I discovered the Eicar was in a hidden folder !
    I found it no where else in the system...including backup and restore files !!  ;)
                                     
                                                 bill
     
Loading...
Thread Status:
Not open for further replies.