Do you know that your anti-virus solution is working ? You could try to test your anti-virus program against the EICAR (European Expert Group for IT-Security) test file to see if it reacts the way it should. All you need to do is create the testfile and scan it with your virus scanner. If the scanner detects something it is working as intended, if it does not you should consider changing immediately to a more reliable one.
Creating the file is pretty simple. Just create a new text file and paste the following line of code into it: X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
Save the file and rename it to test.com. When executed it displays the message EICAR-STANDARD-ANTIVIRUS-TEST-FILE. No harm will be done to your system if you accidentally execute the file. To test your virus scanner right-click the file and select to test it with your software.
You could also pack it and test it or send it to your email account to test the interaction between virus scanner and email client. After the test finishes you do know if your virus scanner is working as intended and able to detect viruses on your system. This does not necessarily mean that it will detect every virus that exists but it means that it is working.
Related posts:
Free 1 Year 3 Computer CA Anti-virus 2008 LicenseOnline Virus Scan
Free Kaspersky Anti-Virus for 1 year
Anti Virus Software Removal Tools Overview
KlamAV: Outstanding KDE front-end for Linux anti-virus
Kaspersky Anti-Virus KAVRemover
Say no to Drugs Virus
Virus Total Uploader
10 Responses to “Test your Anti-virus program”
Trackbacks/Pingbacks
-
[...] Test your Anti-virus program [...]
But this doesn’t really test you virus scanner for other viruses. This is a popular file that virus scanners detect and it isn’t even a virus. So virus makers make sure this test file is always found. If your virus scanner finds this file, it just means that it can detect an EICAR test file. Doesn’t mean it will detect most other viruses.
Max that is why i wrote: This does not necessarily mean that it will detect every virus that exists but it means that it is working. :)
indeed – the eicar standard anti-virus test file is not meant to show how good a scanner is at detecting viruses (that would require hundreds of thousands of files, not just one), instead it is meant to show whether or not your anti-virus product is installed properly and/or functioning properly…
i must say, however, that the advice to switch to a different product if your current one doesn’t detect the file is a little wrong-headed… your current product could be missing it precisely because it’s not installed properly or has become broken somehow… the eicar standard anti-virus test file is supported by practically ALL anti-virus vendors so if your product fails to detect it the chances are better that there’s something wrong with your installation of the product than there being something wrong with the product itself…
Interesting, I guess it couldn’t hurt. I use Avast with Adaware, Spywareblaster and Search and Destroy. Am I missing anything? OH and sypware doctor too.
Great post! Those of you who administer e-mail servers may be interested in the GTUBE (Generic Test for Unsolicited Bulk Email).
http://spamassassin.apache.org/gtube
It is the spam filter equivalent to EICAR.
I figured I would test out my anti-virus software (NOD32) with the technique
So I created a text file, entered the line of code, and saved the text file.
Next to rename it, I right clicked it to try and rename, and straight away NOD32 flashed up a warning, telling there was a problem and that the file was moved to quarantine.
So score 1 for NOD32, it did not even require the file to execute, simply me attempting to rename it…with it containing dangerous code. :o)
so did antivir 7 free edition
Avira Antivir didn’t even allow me to open the file.. :(
.. but rather deleted it quickly :)
Thx for this info…
This seemed to work well for me even though I use ccleaner and avg for most of my needs.