How well is your AV sw working?

[Xairbusdriver]

The European Institute for Computer Antivirus Research (EICAR) has a file that can be used to test the capabilities/effectiveness of most Anti-Virus software, including Xprotect. The link below has some scary text but I had no trouble with Sophos Home Edition trapping and deleting the four versions of the file. I have not disabled the Sophos app to see how well Xprotect does. I will leave that as an exercise for the reader.

<Test File Download site>

[sandbox]

ClamX 2.3.4
.
Desktop/eicar.com: Eicar-Test-Signature FOUND

----------- SCAN SUMMARY -----------
Known viruses: 1899042
Engine version: 0.97.6
Scanned directories: 0
Scanned files: 1
Infected files: 1
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 8.727 sec (0 m 8 s)
.
.
Desktop/eicar.com.txt: Eicar-Test-Signature FOUND

----------- SCAN SUMMARY -----------
Known viruses: 1899042
Engine version: 0.97.6
Scanned directories: 0
Scanned files: 1
Infected files: 1
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 8.782 sec (0 m 8 s)
.
.
Desktop/eicar_com.zip: Eicar-Test-Signature FOUND

----------- SCAN SUMMARY -----------
Known viruses: 1899042
Engine version: 0.97.6
Scanned directories: 0
Scanned files: 1
Infected files: 1
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 8.720 sec (0 m 8 s)
.
.
Desktop/eicarcom2.zip: Eicar-Test-Signature FOUND

----------- SCAN SUMMARY -----------
Known viruses: 1899042
Engine version: 0.97.6
Scanned directories: 0
Scanned files: 1
Infected files: 1
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 8.713 sec (0 m 8 s)
>/

QUOTE(Xairbusdriver @ Feb 26 2013, 05:24 PM) <{POST_SNAPBACK}>

The European Institute for Computer Antivirus Research (EICAR) has a file that can be used to test the capabilities/effectiveness of most Anti-Virus software, including Xprotect. The link below has some scary text but I had no trouble with Sophos Home Edition trapping and deleting the four versions of the file. I have not disabled the Sophos app to see how well Xprotect does. I will leave that as an exercise for the reader.

<Test File Download site>

[kimmer]

Even though xABD had already tested Sophos, I had to try it -- and it worked. Was a fun experiment and now I know how Sophos will act if a virus ever heads my way.

[Xairbusdriver]

Part of the success is that this file has been around for many years, so it should be in any detection app's definitions list. But is does give you an idea of what you might see, as kimmer says. Whether you'll remember that if/when you get a real, in-the-wild virus, remains to be seen. If you're one of the first to get the malware, it won't be in that definitions list yet...

QUOTE

Even though xABD had already tested Sophos, I had to try it

I've never mentioned this before, but I also recommend you not jump off cliffs...

[sandbox]

I was an early adopter of AV software when a client required it. I choose Sophos back in OS 8.6 days, after using Norton. Through the years I've tested many offerings, and as my devises have increased so has my cost. I keep ClamAV around for inspecting single items. Just Control-Click a file and it checks it quickly. These days I use "F Secure" which is arguably one of the highest rated AV software with a Mac option. I get 5 devises for about $40 bucks per year. Kaspersky cost about $66 bucks for the same offering with less options and a lower rating. Sophos is far more expensive, and with less options.
For what it' worth you can check out this pdf.
http://www.av-comparatives.org/comparative...t-november-2012

[Xairbusdriver]

WOW! A huge collection of PDFs there! There are a couple of links to tests in <this post> last month.

[sandbox]

I've just had Roadrunner Lightning installed which comes with free AV from McAfee. It should satisfy anyone's security requirements and I can drop another added expense. http://brighthouse.com/tampa-bay/shop/inte...unner-lightning