

How to Test the Working of your Antivirus – EICAR Test - aravivek07

Have you ever wondered how to test your Antivirus software to ensure it’s proper working? Well here is a quick and easy way to test your antivirus. The process is called EICAR test which will work on any antivirus and was developed by European Institute of Computer Antivirus Research. This process can be used by people, companies and antivirus programmers to test the proper functioning of the antivirus/antimalware software without having to deal with the real computer virus which can cause damage to the computer. Here is a step-by-step procedure to test your antivirus.<p>1. Open a notepad (New Text Document.TXT) and copy the following code exactly onto it, and save the notepad.<p>EICAR Test code
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
2. Rename the file from New Text Document.TXT to myfile.com<p>3. Now run the antivirus scan on this myfile.com file.<p>If the antivirus is functioning properly on your computer, then it should generate a warning and immediately delete the file upon scanning. Otherwise you may have to re-install your antivirus.<p>NOTE: Most antivirus will pop-out a warning message in the Step-1 itself
You can also place the myfile.com file in a ZIP or RAR file and run a scan on it so as to ensure whether your antivirus can detect the test string in the compressed archive. Any antivirus when scanning this file will respond exactly as it will do for a genuine virus/malicious code. This test will cause no damage to your computer even though the antivirus will flag it as a malicious script. Hence it is the safest method to test the proper functioning of any antivirus.
======
jurjenh
You need to enter the following in the test file

    
    
      X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
    

ie ignore the "EICAR Test code" bit.

Anyone familiar with disassembly want to give a quick breakdown of what the
code does? Never mind, wikipedia has a handy link to exactly that:

<http://thestarman.pcministry.com/asm/eicar/eicarcom.html>
[http://archive.cert.uni-
stuttgart.de/bugtraq/2003/06/msg0025...](http://archive.cert.uni-
stuttgart.de/bugtraq/2003/06/msg00251.html)

