Pages

Search This Blog

Sunday

Hands-on Project 3 - 2 (Practical 4)

Objectives: Test AV Software

Antivirus software is important yet free AV products may not offer the best protection. In this session, we will download a virus test file to determine how the AV software reacts. The file downloaded is not a virus but is designed to appear to an antivirus scanner as if it were a virus. We will need to have antivirus software installed on our computer to perform this session.

1) Check the antivirus settings on your computer. Click Start, click Control Panel, click Security, and then click Security Center.

2) The virus protection setting should be On. If it is not, click the Recommendations button and indicate that you want Windows to monitor the AV software.

3) Close all windows.

4) Open your Web browser and enter the URL www.eicar.org/anti_virus_test_file.htm.

5) Read the “Anti-virus or Anti-Malware test file” information carefully. The file you will download is not a virus but is designed to appear to an antivirus scanner as if it was a virus.

6) Click the file eicar.com, which contains a fake virus. A dialog box will open and ask if you want to download the file. Wait to see what happens. What does your antivirus software do? Close your antivirus message and click Cancel to stop the download procedure.

As you can see, the antivirus software help to Auto-Protect scan any file that is going to be downloaded for viruses and protect our computer by deleting the file straight away if the antivirus software detect viruses.

7) Now click eicar_com.zip. This file contains a fake virus inside a compressed (ZIP) file. What happened?

Our antivirus software is not able to detect the eicar_com.zip file for any viruses because the file is being compressed.

8) If your antivirus software did not prevent you from accessing the eicar_com.zip file, and when the File Download dialog box appears, click Save and download the file to your desktop or another location you want.

9) When the download is complete, click Close, if necessary.

10) Right-click point to the Start button and then click Explore.

11) In Windows Explorer navigate to the folder that contains the eicar_com.zip file.

12) Right-click the file eicar_com.zip and then click Scan for viruses on the shortcut menu (your menu command might be slightly different). What happened now?


As you can see, our antivirus software start to scan the 2 files in the eicar_com.zip file for viruses. The antivirus software found 1 risk. After that, the antivirus software deletes one file from eicar_com.zip and left the other file unchanged.

13) Return to the Web site and this time click eicarcom2.zip. This file has a double-compressed ZIP file with a fake virus. What happened?

Our antivirus software is not able to detect the eicarcom2.zip file for any viruses because the file is being double-compressed.

14) If your antivirus software did not prevent you from accessing the eicarcom2.zip file, and when the File Download dialog box appears, click Save and download the file to your desktop or another location you want.

15) When the download is complete, click Close, if necessary.

16) Return to Windows Explorer.

17) In Windows Explorer, navigate to the folder that contains the eicarcom2.zip file.

18) Right-click the file eicarcom2.zip and then click Scan for viruses on the shortcut menu (your menu command might be slightly different). What happened now?


As you can see, our antivirus software start to scan the 3 files in the eicarcom2.zip file for viruses. The antivirus software found 1 risk. After that the antivirus software deletes one file from eicarcom2.zip and left the other file unchanged.

19) Erase both files from your hard drive.

20) Close all windows.

Reflections
After doing this practical, I finally know that how the antivirus software reacts to different types of files. If the file is not compressed, the antivirus software will start to scan the file for viruses. However, when the file is compressed, the antivirus software will not be able to scan the file and we have to scan the file for viruses by ourselves. Thus, in future, I will download file that are not compressed so that my antivirus software will be able to scan the file.

6 comments:

  1. The site is really beneficial for everyone to know about this topic. I think if you read blog than you will get some more information from blog. This is really useful blog.
    ตัวสแกนไวรัส

    ReplyDelete


  2. mcafee.com/activate registered trademarks, company names, product names and brand names are the property of their respective owners, and mcafee.com/activate disclaims any ownership in such third-party marks. The use of any third party trademarks, logos, or brand names is for informational purposes only, and does not imply an endorsement by mfmcafee.com or vice versa or that such trademark owner has authorized mfmcafee.com to promote its products or services.

    ReplyDelete
  3. norton setup is an independent support and service provider for the most secure remote technical services for all norton products. Our independent support services offer an instant support for all software related errors in the devices, laptops, desktops and peripherals. We have no link or affiliation with any of the brand or third-party company as we independently offer support service for all the product errors you face while using the norton. If your product is under warranty, then you may also avail our support services for free from manufacturer’s official website norton.com/setup.

    ReplyDelete
  4. I would first like to thank the author for coming up with the insightful information every time. People if you are also looking for the best GOA Holiday Package, then reach out to Indian Travel Store as we are the best Travel Partners of yours.

    ReplyDelete