To check the functionality of the plug-in virus detection capabilities and its default configuration, it is recommended to use the EICAR (European Institute for Computer Antivirus Research) test file. The test file consists of a text string 68 or 70 bytes long, it is not a virus, it cannot replicate and does not contain any payload, however, it is recognized by anti-virus software as a virus. You can download the test file from the EICAR website (http://www.eicar.org) or create it yourself.
To create the EICAR test file:
| • | Create a text file with the following string: |
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
Save the file with a .com extension (you can use any name, e.g. eicar.com), attach it to an email message and send it to any test email address. The received message should contain an attached text file with the _infected.txt suffix and the following contents:
Dr.Web for IBM Lotus Domino has detected that memo is infected with a virus.
Date: Mon Mar 31 18:37:47 2008
Sent from: Admin/smoke
Recipients: mail1/smoke
Subject: test message
Viruses: eicar.com ( EICAR Test File (NOT a Virus!) ) quarantined.
|
Do not use real viruses to check the functionality of anti-virus software! |
