I’ve been working on adding virus scanning to our SaaS at work. When a user uploads a file, I need it to be scanned, and appropriate action taken if a virus/malware is found. But how do you test if the solution is working correctly? I’d need a file with a virus in it to test with.
Thanks to the European Institute for Computer Antivirus Research (EICAR), there is no need to use a real, potentially dangerous file to test your implementation with.
Instead, creating an EICAR test file contains a signature that anti-virus/malware software detects as a virus, while not posing risk to your systems.
All you need to do is create a file with exactly this string in its contents:
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
Your antivirus solution should recognize this file as malicious.
NOTE: When you create this file, if you’re running antivirus on your computer (you are….right?) it will get immediately flagged and quarantined or deleted. You may have to restore the file or otherwise identify that this file shouldn’t be deleted if you need it for testing.