I was thinking tonight about anti-virus programs used today. And with the many malware attacks that aim to cripple your anti-virus solution, how can one test if its working or not.
To get past that fale sense of security; because what we don’t know will hurt us. That said I suggest using a test virus (known virus saved on a CD or USB, or using the EICAR anti-virus test file
The EICAR Standard Anti-Virus Test File is a non-destructive test file that was developed for this purpose: To safely test anti-virus programs for proper operation, without having to actually expose the system to a destructive program. All anti-virus programs should detect to, and respond to, EICAR as a virus. However, is it not malicious.
You can download the EICAR test file directly from EICAR here and run it. Your anti-virus should immediately react.
You can also just create a new txt file with the following EICAR test string:
X5O!P%@AP[4PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
Here is a screen cap of my test results:
ClamAV Ubuntu:
virus-test.txt: Eicar-Test-Signature FOUND
———– SCAN SUMMARY ———–
Known viruses: 1190795
Engine version: 0.97.3
Scanned directories: 0
Scanned files: 1
Infected files: 1
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 13.777 sec (0 m 13 s)