English flagItalian flagKorean flagChinese (Simplified) flagChinese (Traditional) flagPortuguese flagGerman flagFrench flagSpanish flagJapanese flagArabic flagRussian flagGreek flagDutch flagHebrew flag 
By N2H
RSS Twitter Stumble Digg Delicious

How To Test your Anti-Virus Software?



There are tonnes of free antivirus applications available on the internet and each of them claims to detect and remove malicious viruses from your computer. Generally, most of these softwares are available for free; but despite their claims to protect your PC, usually they are worthless. Unless you buy premium antivirus applications such kaspersky, Mcafee, ESET, etc, you won’t be 100% sure whether you are being protected by the malicious viruses or not.

However, there is one simple test to verify whether your anti-virus program is upto its mark or not. In this tutorial we will teach you how to create a fake (dummy) virus and then run it on your system to see if your antivirus detects anything or not. Here is what you have to do;

1. Go to Notepad and open it,

2. Copy paste the following code onto your notepad,

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

3. Save the file on the desktop (or any other directory you like) with any file name you like, for instance; fakevirus.txt. The file that you have just created is actually an EICAR test file, developed by the European Institute for Computer Antivirus Research, to test the response of computer antivirus programs.

fake virus

4. Now re-open the file. If your anti-virus displays a warning sign and closes the text file, then rest assured that it is working fine. Here is what my antivirus – kaspersky – displayed when it detected this file and neutralized it.

neutrallize all viruses kasperskyneutrallized eicar file kaspersky

Did your antivirus detected the dummy virus? In case you are interested in the details, you can read more about this here.

Reference: Wikipedia

buy themes from templatic

Filed Under: Security, Tips
Tagged:
RSS Twitter Stumble Digg Delicious


Related Posts

36 Comments and Counting...
Abraham on July 2nd, 2009 at 8:44 pm

Great post – I am using the same antivirus application, received the same warning sign.

Started following you on twitter!

Twitted by nymphoez on July 2nd, 2009 at 8:55 pm

[...] This post was Twitted by nymphoez [...]

Musab Zain on July 2nd, 2009 at 10:31 pm

Glad you liked it :)

Jaxon on July 24th, 2009 at 1:40 am

AVG free did not detect it, however it right clicking and scanning it did detect it, but it only detected it as the EICAR test file, did not delete or remove it.

Musab Zain on July 24th, 2009 at 9:46 am

Well my Antivirus – Kaspersky – automatically detected and then deleted it. You should better look for another good alternative…

klo on August 1st, 2009 at 8:20 pm

My antivirus didn’t even allow me to save it, when I pressed save it detected it and moved it to quarantine.

Musab Zain on August 1st, 2009 at 8:59 pm

Great! then your antivirus is working fine!

esa on August 12th, 2009 at 12:04 pm

fortunately my linux box doesn’t need this kind of crap.

Enjoy your bloatware. Good luck

SNEKUL on August 24th, 2009 at 5:56 am

Keep in mind, as a txt file, this file is absolutely nothing at all. Most A/V scanners are not going to trigger on the file unless it is executable…saving it as fakevirus.com will make it work. Additionally, I’ve seen some A/V scanners that intentionally will not trigger on this test file if it is a text file–otherwise, how could you copy it to another system without shutting down your own A/V?

orange on August 26th, 2009 at 6:06 am

yeah snekul is right….my AV didn’t recognize it as a text until i scanned it. But when I saved it as fakevirus.com it wouldn’t let me save it

US on September 3rd, 2009 at 12:16 pm

WoW… Bitdefender 2008 even didn’t allow to save this file and quarantined it… Thanx for such checking tool

Mike on September 6th, 2009 at 12:45 pm

If you read the Wikipedia article that you linked to, it specifically says the file has to be saved as a .com file.

Jamin on September 6th, 2009 at 6:22 pm

Yeah, that didnt work with symantec endpoint protection. Saved it as a .com and opened it up, even scanned it. That cant be good.

memememe on September 6th, 2009 at 6:58 pm

ESA, you are a fool. Linux can still get viruses you idiot, it’s just not as simple. Enjoy having your head in the clouds, it must be nice up there.

Joe C on September 8th, 2009 at 1:40 pm

AVG, once saved to fakevirus.com, found it and dealt with it.

deralaand on September 12th, 2009 at 3:08 am

memememe, you are right, Linux can get viruses. When you run as root and/or give permission to install them.
I do have to agree with ESA though…Enjoy your bloatware. Good luck

Troy on September 12th, 2009 at 8:32 am

Avira detects it right away and asks what you want to do with it. Thanks for the tip, very helpful.

Yoko Vee on September 12th, 2009 at 1:31 pm

I’m running Leopard on a Macbook and the text file opened. It acted like any other text file I might save. Does this mean that I have no antivirus protection ?
Thanks in advance,
Yoko.

Musab Zain on September 12th, 2009 at 7:06 pm

@ Yoko Vee I have never used macbook, therefore I can’t tell you whether you have antivirus protection or not.

@ Troy Your Welcome!

eXa on September 12th, 2009 at 9:01 pm

@ Yoko Vee check if you have one of these: http://download.cnet.com/mac/antivirus-software/3150-2239_4-0.html?tag=mncol%3Bsort&rpp=30&sort= (there are 2 pages )

Sandy Clarke on September 26th, 2009 at 8:26 am

I am running Avast 4.8 Pro and it didn’t detect it until I changed he name to .com and had to run a scan on the file. Then it identified it as a virus with the the test file name…
Cheers,
Sandy

Anon on September 28th, 2009 at 1:53 am

Every anti-virus app since the 90s has been able to detect this, so this doesn’t check if its “upto its mark or not”.

Stumble thumbs-down from me.

Jots on September 30th, 2009 at 1:12 am

AVG picked it up only when i had that line of code on the first line of the notepad- it didnt pick it up when the code was halfway down the notepad like in the picture..

Chris on October 8th, 2009 at 11:14 pm

After reading the comments, it would seem that AVG Free did the best job! Detected it for what it was, when it was scanned. Constant popups, etc. are why I’ve switched to Common Sense 2009 AntiVirus.

Musab Zain on October 9th, 2009 at 2:59 pm

Well observed!

bloghyppo on October 13th, 2009 at 6:13 pm

hai..
nice post.. I thought my Kaspersky 2010 is not function.. or sleepy…
i try this test, is work..

thank you…

funny on November 8th, 2009 at 4:22 am

hey guys,
in my computer even the code doesn’t allow to copy. ;-)

Avi Singh on November 21st, 2009 at 11:08 am

When I save it as a txt file and reopens it, nothing happens then I manually scan it with my AVG then AVG removes the file and if I save that file as .com then reopen then it will automatically detect by AVG.

Musab Zain on November 21st, 2009 at 1:04 pm

AVG is not a good anti-virus, I guess!

josh on November 28th, 2009 at 6:59 am

worked with panda cloud av

Eric on December 11th, 2009 at 12:44 am

If your system is compromised, this string might not work. If your AV program doesn’t recognize it (.com or .txt) you might want to look a bit deeper.

@anon “Every anti-virus app since the 90s has been able to detect this, so this doesn’t check if its “upto its mark or not”.”
the command line has also been around for quite a while too, but that doesn’t negate its usefulness.

For the Linux Fanboys, welcome to the modern age. No one system is immune to viruses. Most non-Windows computers (Macs, Unix, Linux, BSD, etc) are not global targets. Simply because of the user base. Keep pushing those systems as super safe and immune; just wait to see the future.

It’s not the OS it’s the user…

Ash on December 17th, 2009 at 2:57 am

Saved as .txt Microsoft Security Essentials found & cleaned it without even re-opening it.

alex grinsk on December 23rd, 2009 at 1:02 am

AVG picked it up only when i had that line of code on the first line of the notepad- it didnt pick it up when the code was halfway down the notepad like in the picture..

Osama on December 25th, 2009 at 5:33 am

Thank u for the god tip . a have created this text file and once i save it Microsoft security essentials detect and make it as sever virus and remove it with high response and remove action

mando25 on January 2nd, 2010 at 4:59 am

i have norton and it didnt find anything wrong with the file and i dont know if i typed something wrong

mohammed on February 8th, 2010 at 1:54 pm

That is greatI use nod32 when I try to save the file it deleted it
thanks

Post a Comment