Chapter 8. Verifying The Anti-Virus Operation - KAPERSKY ANTI-VIRUS 5.7 - FOR LINUX FILE SERVER Administrator's Manual

CHAPTER 8. VERIFYING THE
ANTI-VIRUS OPERATION
After Kaspersky Anti-Virus is installed and configured, you are advised to verify
the correctness of its operation using a test "virus" and its modifications.
This test "virus" was specially designed by
Computer Antivirus Research) for testing anti-virus products.
The test "virus" IS NOT A VIRUS because it does not contain code that can harm
your computer. However, most anti-virus products manufacturers identify this file
as a virus.
Never use real viruses for testing the operation of an anti-virus product!
You can download this test "virus" from the official website of the EICAR
organization at http://www.eicar.org/anti_virus_test_file.htm.
The file downloaded from the EICAR website or created as described above
contains the body of a standard test "virus". Kaspersky Anti-Virus will detect it,
assign it the Infected non-disinfectable status and apply the action defined by
the administrator for processing objects of this type.
To test the response of Kaspersky Anti-Virus when other types of objects are
detected, modify the content of this standard test "virus" by adding one of the
prefixes (see Table below).
Prefix
No prefix,
standard test
"virus"
CORR–
SUSP–
WARN–
Infected. Non-disinfectable object.
Corrupted.
Suspicious (unknown virus code)
Suspicious (modified code of a known virus)
(The European Institute for
Table. Modifying the test "virus"
Object type