How to Test the Working of your Antivirus – EICAR Test

Replies

• 

  lovekiller

  my english is not good sorry........
• 

  Kaustubh Katdare

  Hmm, Good question indeed. I believe Antivirus catch every suspicious activity on the computer.
• 

  mayank1055

  😁 no. i havn't did any test but think nod is best protection for us
• 

  lovekiller

  mmmmmmmmmmm..................
• 

  Manish Goyal

  Make sure your anti-virus is fully updated and you have not found anything that should not be there like slow boot time
  
  anything suspicious
  
  all these indicate that anti virus is working correctly
• 

  lovekiller

  Open a notepad (New Text Document.TXT) and copy the following code exactly onto it, and save the notepad.
  X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
• 

  lovekiller

  rename that file to myfile.com
• 

  lovekiller

  Now run the antivirus on this myfile.com file
  
  NOTE: Most antivirus will pop-out a warning message in the Step-1 itself.
• 

  lovekiller

  If the antivirus is functioning properly on your computer, then it should generate a warning and immediately delete the file upon scanning. Otherwise you may have to re-install your antivirus.
• 

  optimystix

  EICAR is a standard test file for checking whether the antivirus solution work or not. It does so by checking if the antivirus can detect the EICAR test file and if it declares it as a virus(usually EICAR virus and it is SAFE so no need to worry) then it means that the AV is able to detect standard versions of malwares and is secure enough for personal use .
  
  Being a self standing term now, it stood originally for European Institute for Computer Antivirus Research.
  
  To download the EICAR test file visit this #-Link-Snipped-#
  scroll down and download the file.
  
  OR Try downloading the EICAR-test file from here - #-Link-Snipped-#
  it should detect the file as an virus(but its safe).
  
  #-Link-Snipped-#it DOES NOT mean that the antivirus is 100% foolproof and that it will detect all known and unknown viruses. remember, no AV is completely secure. To be safe from malware attacks, use a good AV program (free ones are one of the best) and keep them UPDATED REGULARLY. The mistake many people do is that they will install their AV program and seldom update it post installation. New malwares are added everyday and hence an update is required at least weekly if not everyday.
• 

  kaanstain

  i have 40 client on my workgroup, and also one server(winserver2008)
  i tried all the antivirus programs and my decision is that, Kaspersky is the best..
  Nod32 is terrible :S
• 

  neha1

  hiiiiiiiiiii i tried this but as soon as i saved the file,my antivirus popped a message"threat has been detected"..without scanning the file.and the file dissapeared not present even in recycle bin.......how is it possible??
  can u please explain the logic??
• 

  kaanstain

  The Anti-virus program move it to quarantine, so you can not find it in recycle bin, open your virüs program and disable protection, and from reports, restore it,
  don't forget if u don't disable protection, you will restore it, and it will delete it again 😁
  
  see u
• 

  optimystix

  neha1

  hiiiiiiiiiii i tried this but as soon as i saved the file,my antivirus popped a message"threat has been detected"..without scanning the file.and the file dissapeared not present even in recycle bin.......how is it possible??
  can u please explain the logic??

  like kaanstain mentioned above, the antivirus immediately detected the file as an virus (and it should; though its safe) and either deleted it (permanently without sending it to recycle bin) or quarantined it(depends on the option set by the user)
  
  if quarantined, open up your AV program , and go to quarantined files section and you can see the file over there.
• 

  HImanshu_Sharma

  hey there is also a website to test the antivirus directly..i forgot the name bt as i rememberd i'l tell you..
• 

  kaanstain

  the second way to understand that; you have virus or not..
  
  click start button-run-"cmd"
  
  close all web applications(internet explorer,mozilla,msn,some updates,skype.etc)
  
  to command promt write "netstat -n"
  
  if you see ip adresses, and if they are "established" write the ip somewhere and seach it by google,
  
  if it's a virüs, you can find its name, and you can solve with removal tools..
  
  the third way, write to command promt "arp -a"
  it monitors you to lan traffic, if you see local ip's there(for instance 192.168.1.12 , 10.0.0.5) it means your computer is sending and receiving data from the other computers.
  
  and fourth way, write to google "mrt.exe" download it from microsoft's site, and scan your computer with it, this is best way for new viruses.