Results 1 to 8 of 8

Thread: is your antivirus working??

  1. #1
    Junior Member
    Join Date
    Sep 2003
    Posts
    11

    is your antivirus working??

    To check whether your anti-virus software is running properly/updated
    follow these simple steps

    Step1 : Copy and paste the following line in notepad and try to save the
    file.

    X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*


    CASE A : If the antivirus software is running ok/updated it will detect
    the file and give a warning message. (In my case norton anti-virus detects
    it)and quarantines it (i.e access to the file is denied) or delets it.

    CASE B : If there is no message (detection) please check whether the
    anti-virus software is running. If not please run it and scan the
    saved file.

    CASE C: if CASE A, CASE B fails please report to the help desk at CC
    for updation/installation of the anti-virus software.

    PLEASE NOTE THAT THIS WON'T CAUSE ANY VIRUS PROBLEM IN THE SYSTEM

    did it work??just let me know.
    -----------------------------------------------------------------------------------------------
    THE BEST BARGAIN - teach me all what you know and i'll be ur SLAVE
    -----------------------------------------------------------------------------------------------

  2. #2
    Senior Member MadBeaver's Avatar
    Join Date
    Jul 2003
    Location
    Bath, Maine
    Posts
    252
    Norton picked it up (no problem!)
    Nice test.
    Mad Beaver

  3. #3
    Senior Member VicE$DoS$'s Avatar
    Join Date
    Nov 2002
    Posts
    209
    Hi dionjuan2004,

    There is an easier way to perform this test, Just download the zip file from here

    http://www.eicar.org/anti_virus_test_file.htm

    did it work??just let me know.
    To check whether your anti-virus software is running properly/updated
    Yeah of course it worked its the EICAR testfile! thats what it does! Even a very very out of date virus scanner will pick this up. I dont understand how you think it will help you find out if your AV is up to date. Best thing to do here would be to check the virus pattern file on the vendors website.

    PLEASE NOTE THAT THIS WON'T CAUSE ANY VIRUS PROBLEM IN THE SYSTEM
    If your doing it from home fair enough,
    If your doing it on a school, college or corporate network the Netadmins probably gonna ask you what the **** your doing.

    Remember just because the payload isnt malicious it doesnt mean its not causing hassle for someone.

    How to delete the test file from your PC (Eicars advice)

    We understand (from the many emails we receive) that it might be difficult for you to delete the test file from your PC. After all, your scanner believes it is a virus infected file and does not allow you to access it anymore. At this point we must refer to our standard answer concerning support for the test file. We are sorry to tell you that EICAR cannot and will not provide AV scanner specific support. The best source to get such information from is the vendor of the tool which you purchased. Please contact the support people of your vendor. They have the required expertise to help you in the usage of the tool. Needless to say that you should have read the user's manual first before contacting them.

    Cheer$
    V$D$
    I remember when Nihil was ickle. Does that mean I'm old?

  4. #4
    nothing to aDD ON VicE$DoS$'s reply

    Cheers
    antisecurityboy

  5. #5
    Senior Member Falcon21's Avatar
    Join Date
    Dec 2002
    Location
    Singapore
    Posts
    252
    So now, is your trojan cleaner working?
    Check this out: http://www.misec.net/trojansimulator/

  6. #6
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    ohhhhh.. ok

    First Falcon21.. nice link.. I admitt I hadn't seen a trojan simulator b4.. so handy.. will test it l8r..

    VicE$DoS$ excellent post there..

    Am I getting bored or is Eicars a standard newbies AV find?
    here is a great quote from a year or two ago..
    I wouldn't personally recommend it as if your current AV does not detect the virus it's
    not going to do a very good job of stopping it.Testing an on-access scanner this way would
    be dangerous to say the least if not totally foolhardy.If the said *new* virus uses mass
    mailing abilities then you run the gauntlet of spreading it unknowingly. You have little
    choice other than to scan *known* viruses or just by trusting the AV companies to get it
    right. There is of course the eicar string...however I don't place much faith in that.It
    would take a matter of minutes to write a program that detects EICAR every time but would
    not detect anything else. If you insist on trying out your AV software against real world
    viruses then may I suggest you ensure you don't have a current net connection on the test
    computer or any software or data you consider important
    found in this thread.. http://www.antionline.com/showthread...ighlight=EICAR

    this post is not to flame dionjuan2004.. I think a bad mood may colour my comments..

    cheers
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  7. #7
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Sorry to be boring, I have posted this elsewhere, but it is slightly relevant to the thread and it is PROACTIVE

    Please go to:

    http://www.diamondcs.com.au

    From the first page, select the "Products" link on the left side. On the next page, scroll down to the "Freeware" section.

    There are a lot of useful free tools but the one you are really interested in is RegistryProt. This will intercept any attempt to modify the Registry, and will catch at least 98% of stuff that gets past your firewall and AV.

    You need to understand the Registry to interpret the messages, but I usually give the advice to non-IT aware people to say "No" to everything, unless you are DELIBERATELY loading new software.

    All these free goodies come from our kind colleagues in Australia..........almost as good as Vegemite

    Hi Und3ertak3r, you might like to check them out again.There are some new free tools since last I was there.

    Cheers,


    Johnno

  8. #8
    Junior Member
    Join Date
    Sep 2003
    Posts
    11
    thanks VicE$DoS$ i really didnt knew this much.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •