Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Test your AntiVirus program!


  • Please log in to reply
4 replies to this topic

#1 Quote

Quote

  • Banned
  • 173 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:59 AM

Posted 12 October 2012 - 05:51 AM

Hello,

Are you not sure if your AntiVirus program good works then you can test it self.
Step 1: Open Notepad
Step 2: Enter this text into it.
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H
Step 3: Save the file with a name like Google.COM and choose all files.
Step 4: When your AntiVirus works you will see something like this:
Posted Image
This file is safe for your computer, it is only to test your AntiVirus Program!

Good luck with testing.

Edited by Quote, 12 October 2012 - 05:51 AM.


BC AdBot (Login to Remove)

 


#2 Romeo29

Romeo29

    Learning To Bleep


  • Members
  • 3,194 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:127.0.0.1
  • Local time:08:59 PM

Posted 12 October 2012 - 09:48 AM

You can visit the EICAR website at http://www.eicar.org/ to download EICAR test virus. You can generate EICAR virus automatically using a program.
There is another project called Spycar at http://www.spycar.org/ which is newer than EICAR.

The benefit of downloading from EICAR site is that it tests your antivirus for features like scan website traffic, scan within compressed files in addition to traditional file scanning.

Edited by Romeo29, 12 October 2012 - 09:48 AM.


#3 Quote

Quote
  • Topic Starter

  • Banned
  • 173 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:59 AM

Posted 12 October 2012 - 10:40 AM

Thanks for the information!

#4 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 35,302 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:06:59 PM

Posted 12 October 2012 - 01:53 PM

This is my own personal opinion and it should not be construed as an official Bleeping Computer comment.

I am completely unimpressed by EICAR testing. This is an old test that should be passed by ANY antivirus. The real test is what is caught 'in the wild'. Those are the statistics one should be researching as in depth with as much information as you can retrieve. That should be the basis of one aspect of a pass/fail measurement for your current or potential replacement antivirus.

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+

#5 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:59 AM

Posted 13 October 2012 - 03:07 AM

The EICAR test file is not designed to test how good or how bad your AV scanner is at detecting malware. I use it to test a setup or configuration.

For example, in a corporate environment, I have configured the AV scanner to send an e-mail for each detected malware. This e-mail is processed on a server to automatically create a ticket for the helpdesk.
How do I test such a setup without endangering the corporate network? With the EICAR test.

The EICAR test file is actually a real DOS program (hence the .COM extension) that prints the text "EICAR-STANDARD-ANTIVIRUS-TEST-FILE!". A remarkable thing of this DOS program is that it is pure ASCII.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users