EICAR test file

I done a test to see if Comodo can catch this file on my android. It is failed to catch all of them. How come? :-\

I done full scan after. Nothing.

CMS is supposed to catch only Android malware, so with .apk extension.
EICAR is not a good thing to test :frowning:

Oh that’s why! Thanks ;D :-TU

I found that ESET mobile security catch this file.

That shows their ignorance ;D

Or their sense of responsibility to protect against Windows viruses also as phones will get hooked up to Windows machine… :wink:

Wow :smiley: I can’t imagine Comodo pushing ~150 MB Windows viruses database into my phone.
To be serious - I think that security should go on the windows side. (in term of Windows viruses)

I have to agree.
Protecting an Android from Windows viruses it totally wrong.
Let Windows protect Windows and Android protect Android.
Just to make it perfectly clear, Android is Linux OS. NO Windows virus can affect it.

COMODO used to detect this https://play.google.com/store/apps/details?id=uk.co.extorian.EICARAntiVirusTest

I don’t know if things are changed.

I agree. I think the same should apply to CAVL too.

It would be interesting to see how CMS handles malware. Maybe a test file from Comodo.

:slight_smile:

How it handles it is flagging the infected .apk file and letting you decide how you wish to proceed. (Note - .apk files).

Bad idea. Linux systems are often used as gateways for Windows based LANs and having CIS installed on every client isn’t always a viable solution.

the only way I could see cms protecting from windows malware is to check in the cloud when files are added. if internet isn’t available then have cms make note of the file and check it in the cloud when internet becomes available again. make mobile and WiFi settings for checking files in the cloud

Which chew up data.
Mist do not have unlimited data on their phone.
Bad idea.

which is why I said this " make mobile and WiFi settings for checking files in the cloud".

this way users can specify to only use WiFi if they need to. if no WiFi is available then cms will make note of the file needing to be checked and then check the cloud when the user has WiFi. It’s not a perfect solution but it’s better than doing nothing

I beg to differ. When the phone is connected to a Windows environment, it gives full access to the phone memory and the SD potentially leading to data modification and loss. I should know. It happens here too frequently.

When the phone is connected to the system, it mounts two drives, one (usu. around 70 MB) for the phone memory and another for the SD card. During such times, it (the phone) grants full access to these drives and can potentially corrupt data and installed programs. There are viruses that encrypt all files and folders within an external drive, turning them to *.exe’s and preventing any possible chance of recovery (unless of course someone would be willing enough to decrypt them). It then creates an autorun file (which is usually ignored by phone users thinking it’s legit) and does more damage each time it’s plugged in, continuously re-encrypting the files (the files started gaining weight and I mean file size each instance it’s plugged in a Windows system which means if you plugged it in 3 times, you would have to decrypt it 3 times to get to the original file).

However, it is the duty of the Windows application to prevent such misfortunes, not the mobile security’s. What I wish to point out is that it is not true that no Windows virus can affect it. There will always be a vector for infection, data theft and loss.

regardless of who’s duty it is to protect what the more layers malware has to jump through the less chance users have of getting infected. if comodo can find a way to detect windows malware with cms without rendering the phone useless then they should do it. It’s not your job to hold doors open for people but we do if they’re coming behind us. if someone at work is having problems in another department and you have nothing to do you offer to help them out. not just stand there. so It’s doesn’t really matter who’s dirty it is in my book but that’s just me. I really don’t see how cloud scanning the way I suggested would hinder users

On the moral aspect of it, I have nothing against it. Implementation? It’s been done. I’m not arguing on that. But to detect and upload a Windows virus that gains in file size? No, I’m not going to recommend that. That “chews up data.” I’d rather it detects just the autorun, parses it, and then deletes/quarantines entries. Simple, effective, no data consumed. Any other windows virus that do not utilize an autorun cannot spread automatically and can be deleted easily from the phone. They’re also easy enough to detect. They have a different icon, and they are .exe’s. Something we only see in Windows.

But if you could suggest a better framework, or I’ve misunderstood, I truly wish to hear. :wink:

my idea can prevent over use of data as you can see by reading my replies

we are also talking data storage here, of which a phone’s is very valuable.
To use it to attempt to protect a Windows computer is, imo, ridiculous.
Phone protect phone only. Windows protect Windows.