You can never tell whether your AV app is working, until something goes wrong. This harmless test will tell you if it's doing it's job:
- Open a text editor (e.g. Notepad).
- Copy-paste the following string (one line) into the editor:
X5O!P%@AP[4\PZX54(P^)7CC)7}$
EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* - Save the file as EICAR.COM on your desktop.
- Open a CMD window and try to execute this .COM file (or simply double-click the file on Desktop).
- At this point, your AV should report the file as suffering from the EICAR virus.
- To further test your AV, you can zip the file, send it as an email attachment, etc.
- Try sending it to GMail, to see wheteher Google's AV manages to identify it. Repeat with Yahoo, Hotmail etc.
Post a comment and let me know how your AV passed this test. Hopefully we can come up with some interesting results.
4 comments:
Step 3, as well:
"The the EICAR test string was detected in C:\DOCUMENTS AND SETTINGS..."
Avi, which AV were you using?
AVG Free 7.5.
Didn't work...
Yaniv:
Very interesting. So version 8 (to which I've just upgraded last week) catches it, and 7.5 doesn't?
Did you try saving the file and then actively scan it? It could be that your free version does not contain the "Resident Shield" component that my (licensed) version contains.
Try saving a file with that string, right-click it ans select "Scan with AVG"
Post a Comment