Antivirus software is one of the most important software required in a computer. It must be updated regularly inorder to keep out the pesky viruses. But even after regular updates, how will you know whether your antivirus is working properly or not? Using real viruses for testing in the real world is rather like setting fire to the dustbin in your office to see whether the smoke detector is working. Such a test will give meaningful results, but with unappealing, unacceptable risks.
This is the reason why EICAR or European Institute for Computer Antivirus Research has come up with the EICAR test file inorder to test the response of computer antivirus (AV) programs. The file is simply a text file of 68 bytes and is a legitimate DOS program, which can be run on any Windows version. When executed, it will print "EICAR-STANDARD-ANTIVIRUS-TEST-FILE!" and then stop. The test file was created by some antivirus researchers and is specifically engineered to consist only ASCII human-readable characters, which can be easily created using any text editor.
All the antivirus programs out in the market have EICAR string set as a verified virus like any other signatures. A working antivirus will detect this file and will act exactly as if it found a genuine virus. The EICAR test file can be compressed or archived, and then can be used to see whether the antivirus software can detect the test string in the compressed file.
To create this file you only have to copy the following Eicar test string and using a text editor save the file with a .com extension.
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
But to make it more simple, you can download the file directly from EICAR server. They have provided the EICAR file in the .com format and also the archived or compressed format.
0 comments:
Post a Comment