paul84 wrote:… test your AV by visiting www.eicar.org. Here you can download a very small text file called eicar …
1. create a folder
2. disable on-access scanning
3. populate the folder with three test files:
- eicar.com
- eicar_com.zip
- eicarcom2.zip
5. use Time Machine, backup to a local volume, wait for the backup to complete
6. Scan Local Drives, do nothing more than log detections
Issue
Scan Local Drives (ongoing) detects the test signature:
- on the Time Machine volume, in the .zip files
- on the Time Machine volume, not in the .com file.
Comparison
7. create a custom scan, targeting the folder and its three files
8. scan
— the custom scan detects the signature in all three files.
I'll post a follow-up after Scan Local Drives is complete.
This thread was automatically locked due to age.
