EICAR_Test virus
- Thread starter acme
- Start date
- Mar 15, 2011
- 13,070
EICAR test file is pretty harmless, design to test AV realtime protection since its in a temp folder then you may clean with CCleaner.
Do you download those files in multiple times? One at a time is enough to test it.
Do you download those files in multiple times? One at a time is enough to test it.
Last edited:
Did you purposely download the Eicar test file? If not, then it could be a virus. I know of malware which purposely includes the Eicar test string inside its code to confuse virus scanners and users into thinking that it is harmless.
- Apr 29, 2012
- 77
I haven't downloaded EICAR in years. It just pops up anytime
I changed antivirus to see if it does it again, so far it hasn't popped up. Somebody could have piggy backed EICAR and drove it around to create havoc 
- Jun 22, 2014
- 906
Yup, I got the same about a week ago.It was picked up by Unthreat but it was of no concern due to it being in the temp files which were sandboxed anyway.
Not a good ploy for malware to pose as a test virus as most AV`s will pick up on it.Maybe EICAR somehow got out in the wild and now is whirling around as a driveby ?
Had to get rid of Unthreat as it kept reverting to an expired trial version.Shady tactics,to be expected.
Regards Eck
Not a good ploy for malware to pose as a test virus as most AV`s will pick up on it.Maybe EICAR somehow got out in the wild and now is whirling around as a driveby ?
Had to get rid of Unthreat as it kept reverting to an expired trial version.Shady tactics,to be expected.
Regards Eck
- Apr 29, 2012
- 77
Yup, I got the same about a week ago.It was picked up by Unthreat but it was of no concern due to it being in the temp files which were sandboxed anyway.
Not a good ploy for malware to pose as a test virus as most AV`s will pick up on it.Maybe EICAR somehow got out in the wild and now is whirling around as a driveby ?
Had to get rid of Unthreat as it kept reverting to an expired trial version.Shady tactics,to be expected.
Regards Eck
I think I found out what happened. I did some digging into how it gets sent out every hour and saw an 'Emsisoft Anti-Malware' address attached to the malware link
Below ↓ shows it's gone after I uninstalled Emsisoft . The RED highlighted is the malware caught, then it stops. Don't know how that happened 
- Jun 22, 2014
- 906
Could be some sort self test otherwise it`s going to be a name change to Emsisoft Pro Malware ?
Who knows but interesting all the same.
Regards Eck
Who knows but interesting all the same.
Regards Eck
- Dec 20, 2014
- 46
Could be some sort self test otherwise it`s going to be a name change to Emsisoft Pro Malware ?
Who knows but interesting all the same.
Regards Eck
Interesting indeed.
But EICAR is harmless, so there's nothing to worry about
- Jun 22, 2014
- 906
No worries at all as they were only temp files that were sandboxed anyway but it`s more where the hell did they come from and that it happened to someone else as well ?
Regards Eck
Regards Eck
- Jun 22, 2014
- 906
It`s back, just after installing Bitdefender free the same detection.
No big deal though.
Regards Eck
No big deal though.
Regards Eck
Similar threads
- Locked
