EICAR - Test Your Anti-Virus

The EICAR test file (official name: EICAR Standard Anti-Virus Test File) is a file, developed by the European Institute for Computer Antivirus Research, to test the response of computer antivirus (AV) programs. The rationale behind it is to allow people, companies, and AV programmers to test their software without having to use a real computer virus that could cause actual damage should the AV not respond correctly. EICAR likens the use of a live virus to test AV software to setting a fire in a trashcan to test a fire alarm, and promotes the EICAR test file as a safe alternative.

AV programmers set the EICAR string as a verified virus like any other signatures. A compliant virus scanner, when detecting the file, will respond in exactly the same manner as if it found genuinely harmful code. Its use can be more versatile than straightforward detection: a file containing the EICAR test string can be compressed or archived, and then the antivirus software can be run to see whether it can detect the test string in the compressed file. The file is simply a text file of either 68 or 70 bytes that is a legitimate executable file called a COM file that can be run by Microsoft operating systems and some work-alikes (except for 64-bit due to 16-bit limitations), including OS/2. When executed, it will print "EICAR-STANDARD-ANTIVIRUS-TEST-FILE!" and then stop. The test string was specifically engineered to consist of ASCII human-readable characters, easily created using a standard computer keyboard. It makes use of self-modifying code to work around technical issues that this constraint makes on the execution of the test string.

Source

Procedure

EICAR file basically is a harmless code which helps to test the efectiveness of your Anti-Virus. Do not worry if in any case that your Anti-Virus failed to detect it (EICAR file) as virus because it will not do any harm to your system even if it doesn't. Given that if your Anti-Virus failed to detect EICAR as threat (virus), then you have every reason to be worried about because chances will be that your current Anti-Virus doesn't works as it should be. The causes might varies but here are some safety tips which hopefully will help to fix your problem

-Anti-Virus malfunctioned. Go to the official site of your respective Anti-Virus and look for advice and support from the developers. You would probably try to re-install your Anti-Virus or perhaps considering changing your Anti-Virus to different vesion that are compatible. I would not encourage user to use any Beta version of  Anti-Virus as in my opinion Beta version are meant for testing purpose only.

-Your system is infected. Do a full system scan with Anti-Virus tool/software which works best in safe mode. If problem persist, the final measure would be to made a system recover of your system. We will provide a proper guide and tutorial on how to do a full scan on a system soon.

-Probably a no-brainer but a regular update on daily basis is essential to ensure the Anti-Virus keep our system protected to the latest threat and vulnerable. Most of the Anti-Virus check for updates automatically but some of it will require user to activate this feature from the setting. 

Here how you create the EICAR test file. 

1. Launch notepad. 

2. Copy the following code and paste it to the notepad

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

3. Save the file as "All Files" and name it as "EICAR.com" (without quotation) 

4. Run it and it should be detected as thread by your Anti-Virus.