fittan Posted October 26, 2018 ID:1277715 Share Posted October 26, 2018 Hi, I just converter from ES to EP. I was able to download and run EICAR test virus. Why doesn't EP detect it? And if it doesn't, how can I be assured that the real time scanning engine works? Thanks. Link to post Share on other sites More sharing options...
dcollins Posted October 26, 2018 ID:1277717 Share Posted October 26, 2018 You can check our response to why we don't detect EICAR here. It also includes some instructions on how to properly test Malwarebytes Link to post Share on other sites More sharing options...
AndrewPP Posted October 27, 2018 ID:1277828 Share Posted October 27, 2018 (edited) In addition to the above and elaboration for Endpoint Protection capabilities. 1. Run 'Windows script to display Malwarebytes Endpoint Protection Agent Health and Service Status' to show all services and inner detector services are running. https://support.malwarebytes.com/docs/DOC-2617 2. Download a relatively harmless potentially unwanted program (PUM) such as Ask Toolbar which is annoying but not damaging and double-click to start installation. https://en.softonic.com/download/ask-com-toolbar/windows The Real Time Protection (RTP) Payload Analysis detector will quarantine it. This will assure to you that protection is operational and detects an EXE program executable (PE) launch. Note, a PUP is detected by our same anti-malware 'rules' engine which detects viruses/malware. One of our many vectors.of protection. 3. Consider also, the Malwarebytes Excel Addin, for detailed checking of endpoint versioning and freshness. https://support.malwarebytes.com/docs/DOC-2672 4. Succinctly, technically, EICAR is an archaic/obsolete16-bit COM program which will not even execute in modern Windows workstation to display its message 'EICAR-STANDARD-ANTIVIRUS-TEST-FILE'. EICAR need to update this to a modern and relevant test. Using a PUP is a much more relevant test that Malwarebytes is operational. Otherwise more details on testing have been provided by DCollins. Edited October 28, 2018 by AndrewPP Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now