Test Mac For Virus



Anti Malware Testfile

Intended use

Additional notes:

  1. This file used to be named ducklin.htm or ducklin-html.htm or similar based on its original author Paul Ducklin and was made in cooperation with CARO.
  2. The definition of the file has been refined 1 May 2003 by Eddy Willems in cooperation with all vendors.
  3. The content of this documentation (title-only) was adapted 1 September 2006 to add verification of the activity of anti-malware or anti-spyware products. It was decided not to change the file itself for backward-compatibility reasons.
  • These two independent organizations test Mac anti-malware detection rates in their labs, and report the test results. AV-Comparatives; AV-TEST; When considering anti-malware, look at the latest ratings, and then look at the ratings over the last 2-3 years to get an idea for their track record.
  • In order to test always-on malware protection for each app, we downloaded 26 malware samples from a Mac security site representing most malware targeting the Mac from 2018 until the first quarter.
  • To do this: Open System Preferences Open the App Store preference Make sure that Automatically check for updates and Install system data files and security updates are checked.
  • Test after test, Avast's antivirus for Windows performs well for malware detection. And we've included its antivirus in our list of recommended security app options before. While the Mac does.

01 – RanSim Free Ransomware Simulator Tool. How vulnerable is your network against.

Who needs the Anti-Malware Testfile

(read the complete text, it contains important information)
Version of 7 September 2006

If you are active in the anti-virus research field, then you will regularly receive requests for virus samples. Some requests are easy to deal with: they come from fellow-researchers whom you know well, and whom you trust. Using strong encryption, you can send them what they have asked for by almost any medium (including across the Internet) without any real risk.

Other requests come from people you have never heard from before. There are relatively few laws (though some countries do have them) preventing the secure exchange of viruses between consenting individuals, though it is clearly irresponsible for you simply to make viruses available to anyone who asks. Your best response to a request from an unknown person is simply to decline politely.

A third set of requests come from exactly the people you might think would be least likely to want viruses „users of anti-virus software“. They want some way of checking that they have deployed their software correctly, or of deliberately generating a „virus incident in order to test their corporate procedures, or of showing others in the organisation what they would see if they were hit by a virus“.

Reasons for testing anti-virus software

Obviously, there is considerable intellectual justification for testing anti-virus software against real viruses. If you are an anti-virus vendor, then you do this (or should do it!) before every release of your product, in order to ensure that it really works. However, you do not (or should not!) perform your tests in a „real“ environment. You use (or should use!) a secure, controlled and independent laboratory environment within which your virus collection is maintained.

Using real viruses for testing in the real world is rather like setting fire to the dustbin in your office to see whether the smoke detector is working. Such a test will give meaningful results, but with unappealing, unacceptable risks.

Since it is unacceptable for you to send out real viruses for test or demonstration purposes, you need a file that can safely be passed around and which is obviously non-viral, but which your anti-virus software will react to as if it were a virus.

If your test file is a program, then it should also produce sensible results if it is executed. Also, because you probably want to avoid shipping a pseudo-viral file along with your anti-virus product, your test file should be short and simple, so that your customers can easily create copies of it for themselves.

The good news is that such a test file already exists. A number of anti-virus researchers have already worked together to produce a file that their (and many other) products „detect“ as if it were a virus.

Agreeing on one file for such purposes simplifies matters for users: in the past, most vendors had their own pseudo-viral test files which their product would react to, but which other products would ignore.

The Anti-Malware Testfile

This test file has been provided to EICAR for distribution as the „EICAR Standard Anti-Virus Test File“, and it satisfies all the criteria listed above. It is safe to pass around, because it is not a virus, and does not include any fragments of viral code. Most products react to it as if it were a virus (though they typically report it with an obvious name, such as „EICAR-AV-Test“).

The file is a legitimate DOS program, and produces sensible results when run (it prints the message „EICAR-STANDARD-ANTIVIRUS-TEST-FILE!“).

It is also short and simple – in fact, it consists entirely of printable ASCII characters, so that it can easily be created with a regular text editor. Any anti-virus product that supports the EICAR test file should detect it in any file providing that the file starts with the following 68 characters, and is exactly 68 bytes long:

X5O!P%@AP[4PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

The first 68 characters is the known string. It may be optionally appended by any combination of whitespace characters with the total file length not exceeding 128 characters. The only whitespace characters allowed are the space character, tab, LF, CR, CTRL-Z. To keep things simple the file uses only upper case letters, digits and punctuation marks, and does not include spaces. The only thing to watch out for when typing in the test file is that the third character is the capital letter „O“, not the digit zero.

You are encouraged to make use of the EICAR test file. If you are aware of people who are looking for real viruses „for test purposes“, bring the test file to their attention. If you are aware of people who are discussing the possibility of an industry-standard test file, tell them about www.eicar.org, and point them at this article.

Download Anti Malware Testfile

In order to facilitate various scenarios, we provide 4 files for download. The first, eicar.com, contains the ASCII string as described above. The second file, eicar.com.txt, is a copy of this file with a different filename. Some readers reported problems when downloading the first file, which can be circumvented when using the second version. Just download and rename the file to „eicar.com“. That will do the trick. The third version contains the test file inside a zip archive. A good anti-virus scanner will spot a ‚virus‘ inside an archive. The last version is a zip archive containing the third file. This file can be used to see whether the virus scanner checks archives more than only one level deep.

Once downloaded run your AV scanner. It should detect at least the file „eicar.com“. Good scanners will detect the ‚virus‘ in the single zip archive and may be even in the double zip archive. Once detected the scanner might not allow you any access to the file(s) anymore. You might not even be allowed by the scanner to delete these files. This is caused by the scanner which puts the file into quarantaine. The test file will be treated just like any other real virus infected file. Read the user’s manual of your AV scanner what to do or contact the vendor/manufacturer of your AV scanner.

IMPORTANT NOTE
EICAR cannot be held responsible when these files or your AV scanner in combination with these files cause any damage to your computer. YOU DOWNLOAD THESE FILES AT YOUR OWN RISK. Download these files only if you are sufficiently secure in the usage of your AV scanner. EICAR cannot and will not provide any help to remove these files from your computer. Please contact the manufacturer/vendor of your AV scanner to seek such help.

Download area using the standard protocol HTTP
– Sorry, HTTP downoad ist temporarily not provided. –
Download area using the secure, SSL enabled protocol HTTPS
eicar.com
68 Bytes
eicar.com.txt
68 Bytes
eicar_com.zip
184 Bytes
eicarcom2.zip
308 Bytes

How to delete the test file from your PC

We understand (from the many emails we receive) that it might be difficult for you to delete the test file from your PC. After all, your scanner believes it is a virus infected file and does not allow you to access it anymore. At this point we must refer to our standard answer concerning support for the test file. We are sorry to tell you that EICAR cannot and will not provide AV scanner specific support. The best source to get such information from is the vendor of the tool which you purchased.

Please contact the support people of your vendor. They have the required expertise to help you in the usage of the tool. Needless to say that you should have read the user’s manual first before contacting them.

When you think of computer security, you probably think of antivirus (aka anti-malware). And you probably associate antivirus with Windows, because Macs have a reputation for being more secure than Windows. As a Mac user, you probably wonder whether your Mac needs anti-malware software, and if so, how to choose the right software. Let’s look at the data to find answers.

Note: This page contains affiliate links. As an Amazon Associate, I earn from qualifying purchases. Please see Affiliate Disclosure.

In a hurry? If you want a free option, consider Avast Security for Mac. If you want a paid option, consider Bitdefender Antivirus for Mac. If you want more options, here’s the Mac anti-malware that has the best test results from AV-Comparatives and AV-TEST:

BitDefender For Mac: Protect Your Device Against Threats

BitDefender For Mac gives you protection against Mac malware. Quick to install and light on your computer resources. The only free antivirus that you will ever need.

We may earn a commission if you click this link and make a purchase at no additional cost to you.

The Threats

Early in my IT career, I removed countless pieces of malware from consumer and business Windows PCs. I’ve seen firsthand the damage malware can do. I hope you haven’t been a victim of malware!

Do you need antivirus (anti-malware) for your Mac (MacBook, iMac, or Mac Mini)? Unsurprisingly, makers of Mac security software are happy to tell you about all the malware that could be targeting your Mac. I try to base my advice on data rather than on marketing, so let’s look at the data.

Before we continue, allow me to define anti-malware. It’s software that prevents and/or removes malware (malicious software) from a device. The term antivirus is often used for software that’s anti-malware, because it fights not only viruses but other forms of malware.

Mac Malware Exists

Any software can be compromised, and macOS is no exception. Although there’s a lot less malware for macOS than for Windows, it does exist.

Whilst it is certainly true that the population of macOS malware is very tiny compared to that for Windows and Android, there have been instances of macOS malware getting into the wild.

Mac Security Test & Review 2019 (av-comparatives.org)

From 2012 to 2017, the number of macOS users who have experienced attacks from malicious and potentially unwanted programs grew, approaching 255,000 attacked users per year. However, starting in 2018, the number of attacked users began to decrease, and in the first half of 2019, it only amounted to 87,000.

The number of attacks on macOS users through malicious and potentially unwanted programs has been increasing annually since 2012, and in 2018 it exceeded 4 million attacks. During the first half of 2019, we registered 1.8 million attacks of this kind.

The vast majority of threats for macOS in 2019 were in the AdWare category.

Threats to macOS users (securelist.com)

Attackers will likely increase their focus on the operating system, but the platform is still far from a popular target … Currently, only 3% of WatchGuard’s network devices encountered malware targeting Mac OS. …

WatchGuard is not the only company to see an increase in malware tailored to the Mac OS. Security-software firm Malwarebyte noted an increase in Mac malware, detecting some 16 million instances in just April, four times more than the previous monthly record over the past year.

“The data does indicate there is a rise in the prevalence of threats,” … the rise is likely connected to increasing popularity.

For the most part, adware is driving the increase. WatchGuard noted that the most detected Mac malware program installed adware. For Malwarebytes, potentially unwanted programs (PUPs) accounted for the largest category of Mac detections, followed by adware. …

“Mac does have some nice security features, but they’re fairly easy to bypass,” …

While we have seen Mac malware, we have not seen a vulnerability be exploited in Mac software in the same way as on Windows.”

Malware Coming to a Mac Near You? Yes, Say Security Firms (darkreading.com)

Note that Mac malware is mostly potentially unwanted programs (PUPs) and adware, both of which are less dangerous than other forms of malware.

Security Software Built into macOS

Fortunately, Apple has included some anti-malware functionality in macOS:

  • Gatekeeper: checks software that you download from outside the App Store
  • XProtect (link is to PDF): detects and blocks the installation of known malware
  • Malware removal tool (link is to PDF): removes known malware

However, these don’t provide 100% protection. XProtect and the malware removal tool recognize malware based on lists provided by Apple, so they can’t recognize malware that Apple hasn’t yet added to the lists.

it’s certainly not an essential requirement to install antivirus software on your Mac. Apple does a pretty good job of keeping on top of vulnerabilities and exploits and the updates to the macOS that will protect your Mac will be pushed out over auto-update very quickly. … However, sometimes Apple doesn’t respond as quickly as Mac users might hope. In that case, there are some free antivirus apps that might give you some peace of mind.

Can Macs Get Viruses & Do Macs Need Antivirus Software? (macworld.co.uk)

Apple’s macOS includes some good security features that are helpful, but new malware easily bypasses them. In addition, they still don’t address the adware and PUP problem at all. Because of this, macOS cannot and should not be considered bulletproof.

The state of Mac malware (malwarebytes.com)

The effectiveness of Apple’s built-in anti-malware features has been questioned, however, and some security experts recommend strengthening the defenses by adding in a third-party antivirus package. There are many good reasons for this. Firstly, the approach taken by Apple might be adequate for well-established malware, but might not respond quickly enough to emerging threats. Secondly, you might want a broader base of malware evaluation. Thirdly, macOS is not immune to bugs.

Mac Security Test & Review 2019 (av-comparatives.org)

In the book Cyber Smart, Bart R. McDonough says that there’s far less malware for Macs than Windows, but there are adware, spyware, and potentially unwanted programs (PUPs) that macOS doesn’t protect against, but anti-malware can protect against.

User Behavior

As is always the case with security, you need to account for the human user. Operating systems and third-party anti-malware can only do so much to protect you from yourself!

Generally speaking, a well-secured Mac that has regularly updated system software and apps, and some savviness from the user – including following some simple tips to help secure a Mac from malware and viruses like not downloading sketchy stuff from untrustworthy dubious websites and not installing browser plugins – is enough to prevent Macs from finding any malware, junkware, adware, ransomware, or any other nefarious stuff on their Mac, but nonetheless, infections can still happen.

ForHow to Install Malwarebytes on Mac to Scan for Malware & Adware (osxdaily.com)

Experienced and responsible Mac users who are careful about which programs they install, and which sources they obtain them from, may well argue – very reasonably – that they are not at risk from Mac malware. However, we feel that non-expert users, children, and users who frequently like to experiment with new software, could definitely benefit from having security software on their Mac systems, in addition to the security features provided by the macOS itself.

Mac Security Test & Review 2019 (av-comparatives.org)

Notice the mention of children in the last quote. You’ve probably noticed that your young kids are less experienced with navigating the Web than the average adult. Young kids are always exploring online, visiting a variety of websites, and installing games and other software. For these reasons, and because they don’t yet understand Internet safety, kids are likely to encounter malware.

How to Increase Your Security

There are many options when it comes to Mac anti-malware:

  • Don’t use any anti-malware (beyond what’s built into macOS)
  • Use free anti-malware
  • Use paid anti-malware
  • Run on-demand scans (which run only when you start them)
  • Run real-time scanning (which runs in the background as you use your Mac)

If after reading this far you’d like to install anti-malware software on your Mac, which should you use?

I mentioned earlier that I like to base decisions on data rather than marketing. Fortunately, some organizations test the effectiveness of Mac anti-malware. As much as I would love to conduct such testing on my own, unfortunately I don’t have the resources.

How to Find Mac Antivirus Ratings

These two independent organizations test Mac anti-malware detection rates in their labs, and report the test results.

When considering anti-malware, look at the latest ratings, and then look at the ratings over the last 2-3 years to get an idea for their track record.

Mac Antivirus with Best Test Results

Looking at the test results for the last 3 years from AV-Comparatives and AV-TEST, here’s the Mac anti-malware that has the best test results, in alphabetical order.

Bitdefender has consistently earned high ratings from multiple organizations over the years, and I recommend their products.

BitDefender For Mac: Protect Your Device Against Threats

BitDefender For Mac gives you protection against Mac malware. Quick to install and light on your computer resources. The only free antivirus that you will ever need.

We may earn a commission if you click this link and make a purchase at no additional cost to you.

Best Free Antivirus for Mac

You may be wondering, is it necessary to pay for Mac antivirus, or can I use free antivirus? Well, one of the products listed above, which tested well, as free:

Avast Free: Award Winning Antivirus And VPN

Avast Free is packed with the largest threat-detection network, machine-learning virus protection, and home network security that will not slow down your PC.

We may earn a commission if you click this link and make a purchase at no additional cost to you.

You may be able to find free versions of the best paid Mac antivirus software (listed below). It’s not clear whether these prevent and remove malware as well as the paid versions. It depends whether they use the same scanning engines as the paid versions (many do), and which features are included in the free versions.

Free products can do as well as paid products in detecting, preventing, and removing malware. Paid products generally include more features, such as web filtering, a VPN, etc. You can also pay to upgrade from the free Avast software to get more features.

Best Paid Antivirus for Mac

If we remove the free option, here are the best-paid antivirus products for Mac:

Avira Pro: Next-Generation Antivirus Protection

Avira Pro protects your devices from malware, spyware, ransomware, and adware. It lets you bank, shop, pay, and email with complete confidence.

We may earn a commission if you click this link and make a purchase at no additional cost to you.
Trend Micro for Mac: Advanced Online Protection

Trend Micro for Mac protects your device against online threats such as ransomware, spyware, malware, and evolving viruses.

We may earn a commission if you click this link and make a purchase at no additional cost to you.

Mac Antivirus that Runs On-Demand Only, Not in Background

Anti-malware software usually runs in the background on your Mac, scanning files as you work with them. This is called real-time scanning or on-access scanning or background scanning. Most software also lets you run on-demand scans, meaning that the scan runs when you click the scan button. Some Mac anti-malware runs on-demand only; it doesn’t do real-time scanning.

The risk with on-demand only is that it’s completely reactive; it only catches malware when it scans. The rest of the time, you’re only protected by what’s built into macOS. If you’re not very tech-savvy, or you visit shady websites or install shady software (or you have kids who do), you should have real-time scanning.

I’m aware of 3 on-demand Mac malware scanners (anti-malware that runs on-demand only, not in the background):

These aren’t rated by AV-Comparatives or AV-TEST, and I wasn’t able to find test results from other sources. Bitdefender’s paid product, Bitdefender Antivirus for Mac, has good test results, but I don’t know how similar the scanner in the free product is to the paid ones. Bitdefender has consistently earned high ratings from multiple organizations over the years, and I recommend their products.

There’s no harm in installing more than one of these and running scans regularly (one after the other, not at the same time).

If you use Malwarebytes for Mac, don’t be alarmed if it’s scan runs very quickly (sometimes less than a minute). Malwarebytes says, “The reason is that Malwarebytes is performing what’s called a ‘quick scan.’ Rather than scanning the entire hard drive for files that are known to only be installed in specific locations, it simply looks for those things in those specific locations.”

Best Mac Antivirus for You & Your Family

I’ve shared a lot of info with you, but which Mac antivirus should you pick for yourself and your family?

I recommend that you install a third-party anti-malware, whether free or paid. If you want a free option, consider Avast Security for Mac. If you want a paid option, consider Bitdefender Antivirus for Mac.

If you’d like other options, here is the list of the most effective anti-malware as tested by AV-Comparatives and AV-TEST:

Bitdefender has consistently earned high ratings from multiple organizations over the years, and I recommend their products.

I recommend that at a minimum, you run an on-demand scan every week. If you’re not very tech-savvy, or you visit shady websites or install shady software, or your kids use your Mac, you should have real-time scanning enabled.

In case you missed that part about your kids using your Mac, I’ll repeat. You’ve probably noticed that your young kids are less experienced with navigating the Web than the average adult. Young kids are always exploring online, visiting a variety of websites and installing games, and other software. For these reasons, and because they don’t yet understand Internet safety, kids are likely to encounter malware. For their sakes, and yours, you want a good anti-malware with real-time scanning.

Let’s say you don’t share your Mac with kids, and you opt to do on-demand scans rather than real-time scanning, and months or years pass without your on-demand scans finding any malware. In that case, you’re probably fine to continue with on-demand rather than real-time scans. However, if your on-demand scans find malware, then I highly recommend that you start using real-time scanning.

Also, check out my Apple macOS Security and Privacy Guide.

Mac Test Virus Scan

Additional Resources

  • AV-Comparatives Test Results (av-comparatives.org)
  • The best MacOS antivirus software for home users (av-test.org)
  • Apple macOS Security & Privacy Guide (defendingdigital.com)

What You Should Do

  1. Choose and install a third-party anti-malware, whether free or paid. Choose one with good test results (see above). If you want a free option, consider Avast Security for Mac. If you want a paid option, consider Bitdefender Antivirus for Mac.
  2. At a minimum, run an on-demand scan every week. If you’re not very tech-savvy, or you visit shady websites or install shady software, or your kids use your Mac, you should have real-time scanning enabled.
  3. If you’re using on-demand only anti-malware, and your scans find malware, then start using real-time scanning.
BitDefender For Mac: Protect Your Device Against Threats

BitDefender For Mac gives you protection against Mac malware. Quick to install and light on your computer resources. The only free antivirus that you will ever need.

Best Virus Protection For Windows 10

We may earn a commission if you click this link and make a purchase at no additional cost to you.