Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
EICAR test file
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
{{Short description|Computer file to test antivirus software}} {{use dmy dates |date=July 2022}} The '''EICAR Anti-Virus Test File'''<ref>{{Cite news|url=http://securitywatch.pcmag.com/security-software/312184-is-your-antivirus-working|title=Is Your Antivirus Working?|work=PCMAG|access-date=2017-04-17|language=en}}</ref> or '''EICAR test file''' is a computer file that was developed by the [[EICAR (Research institute)|European Institute for Computer Antivirus Research]] (EICAR) and [[CARO|Computer Antivirus Research Organization]] to test the response of computer [[antivirus]] programs.<ref>{{cite web |url=https://www.itprotoday.com/windows-server/how-test-smartscreen-filter-and-windows-defender-detection-scenarios |title=How To: Test the SmartScreen Filter and Windows Defender Detection Scenarios |last=Hay |first=Richard |publisher=IT Pro Today |date=2016-09-12 |access-date=2019-07-03}}</ref> Instead of using real malware, which could cause real damage, this test file allows people to test anti-virus software without having to use a real [[computer virus]].<ref>{{Cite news|url=https://www.zdnet.com/article/360-total-security-anti-virus-first-impressions/|title=360 Total Security Anti-virus first impressions: Refreshingly subtle but thorough|last=Hess|first=Ken|work=ZDNet|access-date=2017-04-17|language=en}}</ref> Anti-virus programmers set the EICAR string as a verified virus, similar to other identified signatures. A compliant virus scanner, when detecting the file, will respond in more or less the same manner as if it found a harmful virus. Not all virus scanners are compliant, and may not detect the file even when they are correctly configured. Neither the way in which the file is detected nor the wording with which it is flagged are standardized, and may differ from the way in which real malware is flagged, but should prevent it from executing as long as it meets the strict specification set by EICAR.<ref>{{cite web |url=https://www.amtso.org/wp-content/uploads/2018/05/AMTSO-Use-and-Misuse-of-Test-Files-in-Anti-Malware-Testing-FINAL.pdf |title=The Use and Misuse of Test Files in Anti-Malware Testing |date=2012-02-24 |publisher=[[Anti-Malware Testing Standards Organization|AMTSO]] |access-date=2019-07-03}}</ref> The use of the EICAR test string can be more versatile than straightforward detection: a file containing the EICAR test string can be [[Data compression|compressed]] or [[archive]]d, and then the antivirus software can be run to see whether it can detect the test string in the compressed file. Many of the [[AMTSO]] Feature Settings Checks<ref name="auto">{{Cite web|url=https://www.amtso.org/security-features-check/|title=AMTSO Security Features Check Tools|website=AMTSO}}</ref> are based on the EICAR test string.<ref name="auto"/>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)