Testing the Anti-Virus |
Testing the Anti-virus with EICAR file The EICAR (European Institute for Computer Anti-Virus Research) test file helps to test performance of anti-virus programs that detect threats using signature analysis. For this purpose, most of the anti-virus software vendors generally use a standard test.com program. This program was designed specially so that users could test reaction of newly-installed anti-virus tools to threat detection without compromising security of their computers. Although the test.com program is not actually malicious, it is treated by the majority of anti-viruses as if it were a threat. On detection of this file, Dr.Web reports the following: EICAR Test File (Not a Virus!). Other anti-virus tools alert users in a similar way. The test.com program is a 68-byte COM-file that prints the following line on the console when executed: EICAR-STANDARD-ANTIVIRUS-TEST-FILE! The test.com file contains the following character string only: X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* To make your own test file with the “threat”, create a new file with this line and save it as test.com.
|