User guide

ManualsBrandsKaspersky Lab ManualsSoftwareAnti-Virus 2010, 3u, 3Y

131

132

133

134

135

136

137

138

139

140

137

VALIDATING KASPERSKY ANTI-VIRUS

SETTINGS

After Kaspersky Anti-Virus has been installed and configured, you can verify whether the application is configured

correctly, using a test "virus" and its modifications. A separate test is required for each protection component / protocol.

IN THIS SECTION:

Test "virus" EICAR and its modifications ....................................................................................................................... 137

Testing the HTTP traffic protection ................................................................................................................................ 138

Testing the SMTP traffic protection ............................................................................................................................... 138

Validating File Anti-Virus settings .................................................................................................................................. 139

Validating virus scan task settings ................................................................................................................................. 139

TEST "VIRUS" EICAR AND ITS MODIFICATIONS

This test "virus" was specially developed by (The European Institute for Computer Antivirus Research) for the

testing of anti-virus products.

The test "virus" IS NOT A VIRUS, because it does not contain code that can harm your computer. However, most anti-

virus products identify this file as a virus.

Never use real viruses for testing the operation of an anti-virus product!

You can download this test "virus" from the EICAR's official website at http://www.eicar.org/anti_virus_test_file.htm.

Before you download the file, you must disable the computer‟s anti-virus protection, because otherwise the application

would identify and process the file anti_virus_test_file.htm as an infected object transferred via the HTTP protocol. Do not

forget to enable the anti-virus protection immediately after you download the test "virus".

The application identifies the file downloaded from the EICAR site as an infected object containing a virus that cannot be

disinfected and performs the actions specified for this type of object.

You can also modify the standard test "virus" to verify the operation of the application. To modify the "virus", change the

content of the standard "virus" by adding one of the prefixes to it (see table below). To modify test "virus", you can use

any text or hypertext editor, such as Microsoft Notepad, UltraEdit32, etc.

You can test the correctness of the operation of the anti-virus application using the modified EICAR "virus" only if your

anti-virus bases were last updated on or after October 24, 2003 (October, 2003 cumulative updates).

In the table below, the first column contains the prefixes that must be added at the start of the standard test "virus" string.

The second column lists all possible statuses that the Anti-Virus application can assign to the object, based on the results

of the scan. The third column indicates how the application processes objects with the specified status. Please note that

that actual actions performed on the objects are determined by the application's settings.

After you have added a prefix to the test "virus", save the new file under a different name, for example: eicar_dele.com.

Assign similar names to all modified "viruses".