1. Skip to navigation
  2. Skip to content
  3. Skip to secondary-content

Where You Are

  1. Labs
  2. Threats
  3. Virus and threat descriptions
  4. EICAR

EICAR

Name : EICAR
Category:Clean - Not Malware
Type:Other
Platform:W32

Summary

The EICAR Standard Anti-Virus Test file is a special file used to check and confirm the correct operation of security products.

Additional Details

EICAR is the European Institute of Computer Anti-virus Research (http://www.eicar.org).

The EICAR Standard Anti-Virus Test file is a special dummy file which is detected exactly as if it were a virus. It is used to test the correct operation of F-Secure Anti-Virus products; it is also detected by several other antivirus products in a similar manner.

When executed, the EICAR test file will simply display the text "EICAR-STANDARD-ANTIVIRUS-TEST-FILE!" and exit.


How to Create an EICAR file

To create an EICAR test file, use any text editor to create a file with the following single line in it:

  • X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

Save the file with any name using a COM extension; for example, EICAR.COM. Make sure you save the file in standard MS-DOS ASCII format. Now you can use this file to demonstrate what occurs when a virus is detected.