Printed from www.pcpro.co.uk
8. Probe for viruses
Posted on 12 May 2008 at 15:07
Even if you have a security suite installed and have kept it bang up-to-date, it still isn't easy to tell if it's working properly. Self-testing here is actually a lot more straightforward than you might think. There's no need to start visiting the underbelly of the internet in order to find "live" virus files to squirt at your system. That would be foolhardy, dangerous and 100% not recommended by PC Pro or any other authority that's serious about system security. The only people who should play around with live virus files are security vendor research labs and antivirus application reviewers, both under strictly controlled conditions.
Instead, the first port of call - as recommended by Thomas Parson, manager of product development Symantec - should be EICAR (www.eicar.org/anti_virus_test_file.htm). This is the home of the industry-standard safe antivirus scanner-testing file, a dummy all antivirus scanners should be able to detect and treat as a real virus threat. If your antivirus solution doesn't kick in when you attempt to download this then something has gone very wrong indeed, and it's time to consider reinstalling or replacing your security software.
Safa reminds us that there are also a number of more proactive testing programs available, such as Spycar (www.spycar.org), which simulates spyware attacks and will score your security performance under perfectly safe conditions. The Spycar suite of tools mimics spyware behaviour in a benign format, but only works under the Windows OS because that's the platform most targeted by spyware developers.
There are also a number of free web-based antivirus scanners that are made available by assorted security vendors, and can be used to double-check the strength of the protection you have installed. If they find undesirables that your installed scanner has missed, perhaps you need to be asking the developer why. Try any of the following:
http://housecall.trendmicro.com
www.kaspersky.com/virusscanner
www.bitdefender.com/scan8/ie.html
www.pandasecurity.com/homeusers/solutions/activescan
http://onecare.live.com/site/en-US/default.htm
http://pestpatrol.com/pestscan/index.htm
http://support.f-secure.com/enu/home/ols.shtml
To scan a single suspicious file against all major AV engines, upload it to www.virustotal.com. King recommends Norman SandBox (www.norman.com/microsites/nsic) for "finding out what kind of malicious behaviour a program may be up to, such as connecting to IRC, installing a driver, and so on. This is very useful for researchers and techies".
advertisement
- Sky Player shows up in Windows 7
- Tweetlevel reveals most influential Twitterers
- Apple "refuses to repair smokers' Macs"
- Spotify arrives on Symbian
- Chrome OS and Android to "converge over time"
- Microsoft to pay News Corp to stay off Google
- Christmas sales surge knocks out eBay search
- Windows 8 set for 2012 release
- Q&A: Why Conficker was a victim of its own success
- App developers losing faith in Android
- ATI Radeon HD 5970: 42% more expensive in the UK
- Office 2010 Beta – 32-bit or 64-bit – The Choice is Clear
- Why Britain's watchdogs have fewer teeth than goldfish
- Tabbed documents: how to make Office 2010 great
- Outlook 2010 People Pane – does it spell death to Xobni
- Microsoft Outlook 2010 screenshots
- Co-Authoring in Word 2010 and SharePoint Foundation 2010
- Microsoft Outlook 2010 screenshots: Backstage view
- Flash 10.1: Developing for Desktop and Device
- Microsoft Office 2010 screenshots: Recover unsaved items
- Getting to grips with Microsoft's IT Health Environment Scanner
- Virtualise your servers
- The changing face of travel gadgets
- Build your own distributed file system
- The bulletproof Dell that costs an arm and a leg
- Microsoft Office 2010 Technical Preview: Q&A
- Lawnmowers, the TyTN II and one odd insurance request
- There'll never be a bulletproof OS
- How far can we trust apps?
- Five nice touches in Outlook 2010
advertisement
