Thursday, September 07, 2006

EICAR anti-virus test file changed into anti-malware test file.

I just sent out the following press release to several press agencies:
Munich and Brussels, 7 September 2006: The past two years has seen the emergence of spyware become a major threat to computer users around the world. With constant new threats coming through there have been several new products designed to detect, prevent and remove spyware and adware and any other unwanted software. Most of these new applications have been integrated into other security applications and most notably with anti-virus solutions.

A problem with the new combined applications is that customers want to know whether the software is working and protecting their computers. This used to be a problem in the early days of anti-virus software. In order to confirm the correct functioning of AV applications, EICAR developed and published the “EICAR Test File, which has been used ever since in nearly every AV product on the market.
However, it was labelled as an ‘Anti-virus Test File’ and the central distribution came from the site, so it was never seen as an anti-spyware test file.

To make sure customers are happy that their computers are protected EICAR updated the anti-virus test file and combined it with a new anti-spyware test file. This new Anti-Malware test file will enable product developers to add this detection file to their application to prevent confusion between the different sorts of viruses and spyware.

“This combined test file brings EICAR up to date with the new threats that are constantly being developed to attack computers” said Eddy Willems, Director of Press and Information “customers can now feel satisfied that they can see the activity of these threats as separate threats rather then all labelled under anti-virus”

EICAR has modified the contents of the central distribution site ( to include the new Anti-Virus and Anti-Malware test file, there is also a section at the top of the page to let people know the update has taken place.

The name and contents of the test file will not change. This means that the 68 character string will remain the same to allow backward-compatibility.

About Eicar:

The European Institute for Computer Anti-Virus Research (EICAR) was founded in 1991 and represents an independent and impartial platform for IT-Security experts in the field of science, research, development, implementation and management. The institute would like to inspire information exchange on a global basis as well as synergy building to enhance computer network and telecommunication-security. EICAR supports all kinds of initiatives in terms of technical solutions or preventive measures against writing and proliferation of malicious code like computer viruses or Trojan Horses, and against computer crime, fraud and the misuse of computers or networks, inclusive malicious exploitation of personal data. The institute is dealing with all kinds of technical, organisational, legal and psychological aspects in the context of IT-Security. EICAR is bundling expert know-how from leading scientists and academics as well as recognized researchers, official institutions and global players of the industry.
If you have any questions or would like to arrange interviews please contact our Director Information and Press: Mr Eddy Willems, (email: press at eicar dot org) or phone + 32 (0)2-461.01.70