So you have an anti-virus tool. Does it work? Here’s a basic test.
So you have an anti-virus tool. How can you test that it works?
This is a good question and it is wise to familiarize yourself with how your anti-virus software behaves when it detects a virus, before it really happens. One quick way to do this is to use the “EICAR” Anti-Virus Test File. This is a test file that will cause no damage to your system and still allow you to test if anti-virus tool is awake.
Here are some steps:
- Open a text editor (e.g. Notepad)
- Enter the following text in it:
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
- Save the file as “EICAR.COM” on your desktop.
- Open DOS and try to execute this .COM file (or simply double-click the file on Desktop)
If your anti-virus software is working properly, it will warn you that a virus has been detected when you attempt to run the .COM file.
To be double-sure, zip this file, and then try double-clicking on the ZIP file to see if your AV tool recognized viruses inside ZIP files. You can also send this file to yourself as an attachment, just to verify if your AV tool has command of email cleanliness.
This post is tagged Tips/Tricks
20 Comments
This is neat stuff, didn’t know there was a file for this purpose! Can you now tell me how I can test my credit card validation script without trying out my own number? :P
How cool! It worked!! (Panda antivirus came through!) Thanks for the info! Cheryl:)
worked like acharm….this site is amazing
Uh, I tried it and nothing happened. I use Norton AV. What do I do now?
Don, I guess it’s time to ditch Norton AV and get a free but still quite decent tool like AVG. Microsoft now recognizes AVG in it’s recent SP2 update to Windows, so it’s a very respectable one. http://www.grisoft.com
HTH! Shanx
Hi!
I tried what U said. It’s amazing. I couldn’t beleive,Norton could do this. Norton detected the ‘infected file’ and deleted it. And it could also scan thru the zipped file. Also, I tried sending the infected file to myself as an e-mail attachment. To my surprise, the file couldn’t be attached in Yahoo. It said that the file was infected and it couldn’t be attached.
I couldn’t even try zipping it (“virus found!”), nevermind seeing if a zip would be scanned!
My virus scanner is AVG 6 (free) so if you don’t have a virus scanner, or a good one, try it out. :) http://free.grisoft.com/freeweb.php/doc/2/
I was unable to zip or attach without my virus software throwing up a warning. Am using Avast 4.5 Home Edition, incomparable freeware with steel door security, broad coverage, frequent updates, and easy interface. Go to http://www.avast.com
Ok, but how do I know my scanner will detect the most recent threats? Sure it picks up a know pattern but will it pick up the latest attack strategy though up by someone? Does anyone know where I can get a buch of infected files with the most recent viruses (real and active or just the signatures). Google doesn’t seem to be helping me today :(
Rav, for that you should probably use some good anti-virus tool (check out http://www.grisoft.com for instance) and leave the auto-update on. Then the tool will check periodically for updates to virus definitions and download them automatically. Almost all decent anti-virus companies offer this feature these days.
I do have AVG installed, Trend Micro before that. How do I know AVG will work when the time comes? Or any other one for that matter. Just becuase it detects some standard file created a few years ago does NOT mean it will protect me from something more recent. Are their any other standard tests that were developed say with in the last 6 months? I am not asking for a guarantee. When a new virus threat comes out it would be nice if a good samaritan would put out a pseudo infected file so we can see if the lates virus gets cuaght and identified by our scanners. Just a thought, something for the community to think about.
how to delete and stop that ” osa.exe” file in startup ? cd rom drive ejecting problem. this problem is not a hardware problem. i thing this is virus problem. now i need the help what type of virus is hear that system?
Bharathi, that’s the Microsoft Office startup utility. If you don’t mind some unexpected results with your MS Office functionality, there are a couple of ways of getting rid of it:
(1) You can download a utility called “Hijack This” — don’t let the name scare you, it is a very reliable and yet FREE tool. Run it and it’ll show you all the software/utilities that are loaded when your system starts up. Disable OSA.EXE or any others you don’t need.
(2) Or, just download Spy Sweeper, it also allows you to add and remove startup options. It’s not free but it’s a fantastic anti-worm tool in general.
Thats the coolest and easiest test I have ever done. AVG in my opinion and several others believe it is the best. Thanks for the test and I hope that who ever made that can put more tests to see if AVG proves that it is better than Norton
My Virus tools is not detecting this EICAR.COM file .Plz suggect me .
The second i saved to my desktop i got a popup saying:
Real-time Scan
Trend Micro PC-cillin Internet Security has detected a virus, spyware application, or other Internet threat, and performed the action specified.
Infected file: C:\Documents and Settings\Administrator\Desktop\EICAR.COM
Virus name: Eicar_test_file
User name: Administrator
Scan action result: Unable to clean infected file. The file was quarantined. — -
Yay :D
it really worked well the moment i tryed to execute it avg popped up saying virus detected. that is really cool thanks.
This really made me feel safer with my virus software (Avira AntiVir http://www.free-av.com/ ). It actually detected right when I saved it (not even letting the program run; just knew that it was bad). It’s free, but it bugs you to upgrade to premium. I’d recommend it. Still blown away by how quick it was though…
it’s awesome………..
it’s working
but i’m using NOD32 av ………..
Is it good av?
it’s awesome. It’s working
but i’m using NOD32 av .Is it good av?
Incoming Links