Is this a virus/trojan?

I had Web Shield, Standard Shield, and Network Shield running when I visited a site that I probably should not have been visiting. :slight_smile: To be honest, I was hoping to find a website that would purposefully try to load a virus on my test machine so I could test avast with something other than eicar. Dumb, I know, but I’m not convinced that the eicar test means very much.

Anyway, I can find no evidence that a virus/trojan even attempted to get onto my machine. I’ve done scans with avast, Bit Defender, and Trend Micro Housecall, and nothing was found. However, I have a zero-byte file that came from that site and I can’t delete it. When I try to delete it I get a message that says the file is in use by another process. I can’t find any processes that would be using this file, especially since it’s an empty file. I tried booting into XP safe mode and the file was still locked.

Is that an indication of virus/trojan that’s doing a great job of hiding itself? As I recall, I started to download a file but the file download didn’t succeed. I suppose it’s possible that the file is simply corrupted.

What do you think?

I forgot to mention that I’ve also checked my system with Ad-Aware, Spybot S&D, and a2 trojan remover. None of my tests have shown anything interesting but I still wonder why Windows always reports that the file is being used by another process. Weird.

Where is the file located?

What is the file name?

What OS are you using?

–lee

The file is located in my download directory. I’m using fully patched Win XP Home. I don’t remember the name of the file exactly. I just selected a file at random and started to download it.

This was a warez site that I figured would be ripe ground for testing. The filename is that of one of the many cracked applications that they purported to offer.

You could use the “Advanced File Remover” feature in RejZoR’s avast! External Control available from eXcessive Software

That’s an excellent idea. Thanks!

The Advanced File Removed did the trick!

Thanks, everyone!

John