Endpoint Protection

 View Only
Back to Library

How to test run your antivirus program 

Apr 07, 2009 05:13 PM

There are many risks on internet, but if you have a good antivirus updated , you have reduced the risk of attack. But sometime is better to test if your antivirus program detecs viruses.

I found an interesting site that you can use to test run your antivirus / Antispyware program and check if you are really protected against these risks.
Antivirus researchers has created some test files that antivirus products "detect" as if it were a virus.  On THE ANTI-VIRUS OR ANTI-MALWARE TEST FILE page , you have only to download one of the different test files and see what will happen.
If you antivirus program works in the right way, the antivirus will show a message about a virus found with EICAR as virus description.

Please note the Eicar disclaimer :
Important note: EICAR cannot be held responsible when these files or your AV scanner in combination with these files cause any damage to your computer. YOU DOWNLOAD THESE FILES AT YOUR OWN RISK. Download these files only if you are sufficiently secure in the usage of your AV scanner. EICAR cannot and will not provide any help to remove these files from your computer. Please contact the manufacturer/vendor of your AV scanner to seek such help.

Link : Eicar - The AntiVirus or AntiMalware test file

Statistics
0 Favorited
2 Views
0 Files
0 Shares
0 Downloads

Tags and Keywords

Comments

Migration User
Apr 24, 2009 09:58 PM

Good initiative...

The Eicar file could only prove that your AV is fuctioning at the time of test. This is ussually done if no alerts are detected over a long period of time in a network that is always virus infection active.

But needless to say, It will not test your AV of being foolproof since Eicar is just like training with a cat to fight a lion.

Just my thoughts.

Migration User
Apr 24, 2009 02:26 AM

Heuristic scanning offers a new level of protection, but since it relies on the characteristics of the code within, some virus could and will pass through if it knows how to bypass that. What we could do as Symantec users at least is to have the files that is quarantined and tagged a generic name (Downloader, Trojan Horse, etc.) submitted to Symantec for proper evaluation. The problem is that most companies are reluctant to try this out as they could be forced to send infected files that also contain confidential data. They'd rather reformat infected PCs than to send out files to vendors for analysis. And I believe the EICAR test is a bit outdated. I mean, all the AV vendors have to do is add that to their definitions and it will be detected by default. You need to do more real world test like setting up a standalone PC with virtual workstations to have a virtual network and then see how it holds to infection using real virus safely.

Migration User
Apr 20, 2009 12:35 AM

In todays world where thousand of virus and worms are daily written and distributed it is impossible for any antivirus to catch themas all antivirus are based on Signature scanning so first it has to hit one of their hot-spots or has to be submitted by any customer.

Migration User
Apr 08, 2009 09:49 AM

Eicar file are meant for testing purpose, it donot harms the user machines but in reality there are millions of virus which can't be even traced by AntiVirus even it is upto dated.

Related Entries and Links

No Related Resource entered.