EICAR test file:To check if Anti-Virus is working Properly & effectively

Well!!!what I feel Anti-Virus programs ensure computer security to (50-60)% but it is also essential to check whether it is working properly & effectively.Today in my post I will show you how it can be accomplished using "Eicar Test File" in few simple steps.

What is Eicar Test File?

Eicar Test File (EICAR STANDARD ANTI-VIRUS TEST FILE) developed by European Institute for Computer Anti-Virus Research(EICAR) inorder to test the effectiveness of Anti-Virus Programs.This file is just a sample virus of .com extension or can be placed in multilevel archive format to examine the realtime response of the Anti-Virus program and its effectiveness in scanning archive files.This file doesnot cause any harm to the PC and can be removed after testing.This file can only be run in Windows platform.

Why Anti-Virus Testing is essential?

1.This is really a  good question but at the same time some may find it foolish to ask....lol.Yeah!!! anti-virus program testing is indeed very much essential,I would try to explain it with a simple example....suppose by any means i get to know the anti-virus running on your PC,its verison and details about it.I will try to search for the vulnerability it has or find a zero day of my own...lol,then i may plant an exploit for it.This can surely make your anti-virus cripple and nonfunctional.All these things can be done silently without your knowledge.So,at this point if you would do this Eicar Test file testing then you can catch the flaw.

2.Now a days many Remote Administration Tools(RATS) have the functionality of crippling the Anti-Virus programs.So,this test can be done to catch that deformity.

3.You can use it to test the realtime capabilities of different anti-virus programs and select the best one among them.

Procedure:

Step 1:First dowload the file (Eicar.com)

Step 2:If your anti-virus is working properly then it will immediately detect it as shown below by my Anti-Virus(Avira Premium Security Suite)
You can also use the above file in Single Zip Archive or Multiple Zip Archive to check upto what level your anti-virus detects.This is a very good option.......and a must do one.
 Single Zip Archive (DOWNLOAD     Multiple Zip Archive (DOWNLOAD)

Note:The code in the file is X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*  ,you can copy this code to a .txt file and change the extension to .com

  How to edit the string?
 -You can edit it by using whitespace characters with the total file length not exceeding 128   characters.
-Whitespace characters allowed are the space character, tab, LF, CR, CTRL-Z.
-Only upper case letters, digits and punctuation marks, and does not include spaces.
-The third character is the capital letter "O", not the digit zero.

How to remove Eicar.com file from PC?

You can delete this .com file as you delete other files because it doesnot make any registry change when it is run.But sometimes when it is detected by the anti-virus program,the access to the file is restricted so you may not be able to delete it.At this point you can use UNLOCKER (Download) to resolve the restriction and delete it.

Source:www.eicar.org/

If  you find this post worthy to read then do drop a comment,it will be appreciated.
IF YOU LIKED THE CONTENT OF THIS BLOG THEN DO "VOTE" FOR IT........Click here to Vote!
Suggest Article

Subscribe to Posts....

Enter your Email-ID and get "Security Tips and Hacking Tutorials"alert in your inbox,we promise to keep your email private and safe.

comment 5 comments:

Prajith on August 18, 2010 at 8:08 PM said...

thanks for sharing . nice tips

JK on August 21, 2010 at 2:32 PM said...

Hi,good information, but from my personal experience I learned it that every known anti-virus program can pass this test, because it is a standard for testing anti-virus programs.

As an alternative you can use the PC Security Test (http://www.jkwebtalks.com/2009/01/find-out-how-virus-infects-your.html)which simulates different attacks on your computer and monitors the responses of your protection software.
So the users can easily control the efficiency of their protection software such as anti-virus programs, spyware scanners and firewalls.

Shekhar Sahu on August 21, 2010 at 5:19 PM said...

Let me try this, thanks for info

Satyajit (Admins,a.k.a Satosys) said...

@Prajith Thanks for visiting... :)

@JK welcome :).....yeah it is a standard test but the test using archive files of different levels which i have tested is not detected by all anti-Virus....Keep visiting.

@Shekhar Yeah do try it...and do drop your experience...Keep visiting... :)

rockey on January 7, 2011 at 1:36 PM said...

The world of the antivirus programs is changing daily. Everyday a new virus, worm, or trojan horse is encountered. So the requirements for latest antivirus programs keep increasing every now and then. These programs are now coming with the best defence mechanism against malware and many other features to protect your PC and be in competition with other products.

Post a Comment

This blog is "DoFollow",Use a "Real Name" rather than using "Keywords" otherwise comment will be rejected.

Delete this element to display blogger navbar

 
© 2013 SecurityHunk All Rights Reserved and Template by Fresh Blogger Templates