Wednesday, April 23, 2014

Is your Anti-Virus working ?

If you are using Windows/Linux/Mac then you would have installed an Anti-Virus(AV). If not then better get one and setup. Its too easy for a machine to get infected and it has been reported that malware and viruses are on their all-time high.

Here are some reasons why you need Anti-Virus
  1. You connect to internet and download/install files 
  2. You exchange data with your colleagues or friends via pen-drives  
  3. You connect you machine to different Wi-Fi networks 
  4. You use shared folders or use torrent for file sharing 

 How to know if your Anti-Virus is working ? 
Any Anti-Virus product generally operates in three modes to give you full protection.  Here is gist that you need to know before you proceed

  1. Real time scanning (RTS) - In this more Anti-Virus product is active under the hood and constantly monitoring files that are open/written/closed/downloaded. AV product will scan them immediately and flag an alert if there is any virus detected
  2. On-Demand scanning - User initiates virus scanning whenever required. Generally available with right-click scan option on files/folder. This forces AV to re-scan all files that you think may be infected
  3. Scheduled scan - This is periodic AV scanning done to ensure nothing is missed out. A fallback and automated way to scan your machine once a week at given time 
There might be more scanning modes to provide more granular functionality depending on AV product you use.

To ensure your Anti-Virus is running you need to check if all above methods of scanning and making sure everything is setup correctly to avoid any data loss or issues.

Check 1: Is your Anti-Virus subscription active ? 
As you know there are paid and free AV products out in market and each of them has pros/cons. For a free product it may only function for certain period and then ask for registering/purchasing of product. For paid AV product, it may expire as per your subscription timeline and may not be fully functional. In either cases you need to ensure you have active protection. There might be more business conditions for any AV product to stop working or reduce its effectiveness and you may not notice it. Most of the products do show up alerts to warn user to renew or buy subscription.

Secondly, most of Anti-Virus vendor tie-up with laptop/desktop manufacturer to provide free AV for certain duration. Thus AV comes by-default with your new machine and is functional (You may need to signup for an account). However there is time limit and you need to renew/buy subscription to keep it running beyond it, else AV functionality is ineffective.

Open your Anti-Virus product and check if it shows RED or GREEN (most of AV vendors use these colors to indicate issue or non-issues). Check for subscription expiry and its validity. If all ok then great, else its time to renew your subscription. There should be links in AV products to buy or renew and all will be good after that. Do perform a full scan once you buy subscription to ensure nothing was infected in case your AV was non-functional.

Check 2: Download a dummy virus!  
Don’t panic! Its only to check if your AV is running Real-time scan and effectively detecting viruses. There will not be any damage if you download the one said in images below. Anything other than that should be strictly avoided. It’s a simple test that is also used by AV vendors to perform test in their environments.

Navigate to website shown below and visit 'Download anti-malware test file' page.

Scroll down a bit and copy text shown in box similar to below image.

Open notepad on your machine and copy this text and save file on your desktop. Give any name to it. Say 'SampleTest.txt'

If Real-time scan is functioning then it should detect this action of saving the file and prompt an alert or clean up the file immediately. That’s the PASS for you’re your AV. Be assured that AV you have installed is running and will catch any viruses if it finds. It’s a very simple test and you may use it anytime to double check if everything is fine.

In case your AV does NOT alert or delete the file (in few seconds) then that’s an issue. Close notepad and open same file again and double check if AV is detecting. If its not then something is wrong with your AV and you need to take action for it.

  • Uninstall and reinstall the product 
  • Buy other Anti-Virus vendor product 
Ensure that you run above test again after you install the AV product.

Check 3: Checking if on-demand scan is functioning (Optional) 
You can test On-Demand scan (Right click and scan file/folder) same way as above. Only difference is that you will need to explicitly turn RTS off (Be careful to turn is ON again once you do the test).  Switching off RTS will avoid cleaning up sampleTest.txt file immediately and will give you a chance to run 'Right click scan' option on file.

Check 4: Latest updates installed ?

Every AV product needs to Virus-Signature info to detect and clean viruses. This info is updated by AV vendors on daily(ideally) basis. Your AV product should download up-to-date signatures to give you max protection against latest viruses. Check for "Last update date" or similar option in your AV product and make sure its current. If not force an product update.

Check 5: Better and consistent way to test AV - Install 'McAfee Security Scan Plus'  (MSS+)

Another way to test AV (on Windows) is to install a small free product from McAfee (an Intel Company) named 'McAfee Security Scan Plus'.  You can download it from here.
Features -

  1. Checks for Anti-Virus and Firewall status on your machine periodically
  2. Alerts user if RTS is off or, virus-signatures info (info required by AV product to clean viruses) is old and need and update
  3. Alert user if AV is not installed or not active. Provides a purchase link to McAfee product if status is red 

Note - Its NOT a full Anti-Virus product. It is light weight application to help users to keep their Anti-Virus and Firewall up-to-date. Please read in details here.

Here are some screenshot

No comments:

Post a Comment

Transform your $15 router to $200 security router for FREE

Technology is evolving faster and there are more IoT devices at home/office than a few years back. Software Security companies are movi...