Jump to content
Login new information ×
Login new information

What is EICAR test virus? Kaspersky Lab server

hacker7

By hacker7
in Security & Privacy Center

Recommended Posts

hacker7

hacker7

Posted
Posted
Bildresultat för What is EICAR test virus?

 

 

EICAR is a 68-byte .com file detected as "EICAR-Test-File". This IS NOT a virus. The test file simply displays a text message and returns the control to the operating system. 
 

Some time ago certain developers of antivirus software started adding such test files to their packages. Antivirus software detects it as a virus although it is not a virus. Such test “viruses” are designed to satisfy the curiosity of users who do not have “live samples” of a virus, but want to see the reaction of antivirus software to a virus detection (how it informs the user, what actions it prompts and etc.).

Later antivirus software vendors came to an agreement about developing a uniform standard "virus simulator" which should consist of text messages only. The latter allows any user to create such a "virus" manually (for example, by copying it from the documentation). The resulting .com file looks like this:

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* 

If you copy and paste this text or enter it by command "copy con test.com", and execute the resulting .com file, it will output the message EICAR-STANDARD-ANTIVIRUS-TEST-FILE! and return the control to the operating system. That's it. A lot of antivirus software will detect it as "EICAR-Test-File"

Download eicar.zip from the Kaspersky Lab server.

 

 

Source https://support.kaspersky.com/viruses/general/459

Link to comment
Share on other sites
  • Replies 8
  • Views 2k
  • Created
  • Last Reply
hacker7

hacker7

Posted
  • Author
Posted

Eset smart blocking it!

 

59c28100b2cae_Skrmklipp.PNG.d11d66cc4c32860df56d72f83e115454.PNG

Link to comment
Share on other sites
Pete 12

Pete 12

Posted
Posted

Lots of anti-virus ignore this test-file , malwarebytes , Malwarebytes AntiRootkit ,  Hitman Pro, Windows Defender , etc.          B)

They just dont "see " this file , wonder what it means for these scanners , are they reliable enough.....................???  :rolleyes:

 

ESET , Zemana and Windows anti-malware ( monthly updated by MS) " captured " the file.............( makes me happy , coz using these good scanners !)

 

btw; used Malwarebytes 2.2.1.1043  ( which did not found it) , someone tried to catch it with Malwarebytes 3.2.2 ( latest version )................??

Did this test again with latest Malwarebytes Premium 3.2.2.2029 ; did not found it either............!! 

 

btw ; what a dissappointing  ( sh** ) result of Malwarebytes.....!  :(

 

 

Link to comment
Share on other sites
Pequi

Pequi

Posted
Posted

It's 16 bit DOS. You can make the extension .com or .exe, and run it in DOSBOX - Well I can, I don't use a resident AV.
It won't run under XP 32 bit (unless you tweak the registry) or Win > Vista, or Linux.

I sometimes put it in my signature when I send messages ... makes people's AV's go crazy. Other than that, it's harmless.
;)

Link to comment
Share on other sites
Holmes

Holmes

Posted
Posted

Yes this is a test file to let you know your antivirus is doing what its supposed to be doing I have downloaded it before and used it I think its harmless.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...