Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Community Blog

How to test run your antivirus program

Created: 07 Apr 2009 • 4 comments
riva11's picture
+9 9 Votes
Login to vote

There are many risks on internet, but if you have a good antivirus updated , you have reduced the risk of attack. But sometime is better to test if your antivirus program detecs viruses.

I found an interesting site that you can use to test run your antivirus / Antispyware program and check if you are really protected against these risks.
Antivirus researchers has created some test files that antivirus products "detect" as if it were a virus.  On THE ANTI-VIRUS OR ANTI-MALWARE TEST FILE page , you have only to download one of the different test files and see what will happen.
If you antivirus program works in the right way, the antivirus will show a message about a virus found with EICAR as virus description.

Please note the Eicar disclaimer :
Important note: EICAR cannot be held responsible when these files or your AV scanner in combination with these files cause any damage to your computer. YOU DOWNLOAD THESE FILES AT YOUR OWN RISK. Download these files only if you are sufficiently secure in the usage of your AV scanner. EICAR cannot and will not provide any help to remove these files from your computer. Please contact the manufacturer/vendor of your AV scanner to seek such help.

Link : Eicar - The AntiVirus or AntiMalware test file

Comments 4 CommentsJump to latest comment

Ajit Jha's picture

Eicar file are meant for testing purpose, it donot harms the user machines but in reality there are millions of virus which can't be even traced by AntiVirus even it is upto dated.

Regard's

Ajit Jha

Technical Consultant

ASC & STS

0
Login to vote
Vikram Kumar-SAV to SEP's picture

In todays world where thousand of virus and worms are daily written and distributed it is impossible for any antivirus to catch themas all antivirus are based on Signature scanning so first it has to hit one of their hot-spots or has to be submitted by any customer.

Vikram Kumar

Symantec Consultant

The most helpful part of entire Symantec connect is the Search button..do use it.

0
Login to vote
mon_raralio's picture

Heuristic scanning offers a new level of protection, but since it relies on the characteristics of the code within, some virus could and will pass through if it knows how to bypass that. What we could do as Symantec users at least is to have the files that is quarantined and tagged a generic name (Downloader, Trojan Horse, etc.) submitted to Symantec for proper evaluation. The problem is that most companies are reluctant to try this out as they could be forced to send infected files that also contain confidential data. They'd rather reformat infected PCs than to send out files to vendors for analysis. And I believe the EICAR test is a bit outdated. I mean, all the AV vendors have to do is add that to their definitions and it will be detected by default. You need to do more real world test like setting up a standalone PC with virtual workstations to have a virtual network and then see how it holds to infection using real virus safely.

“Your most unhappy customers are your greatest source of learning.”

0
Login to vote
Nel Ramos's picture

Good initiative...

The Eicar file could only prove that your AV is fuctioning at the time of test. This is ussually done if no alerts are detected over a long period of time in a network that is always virus infection active.

But needless to say, It will not test your AV of being foolproof since Eicar is just like training with a cat to fight a lion.

Just my thoughts.

Nel Ramos

0
Login to vote