Skip to content

Testing Anti-Virus/Malware Solutions with an EICAR test file

I’ve been working on adding virus scanning to our SaaS at work. When a user uploads a file, I need it to be scanned, and appropriate action taken if a virus/malware is found. But how do you test if the solution is working correctly? I’d need a file with a virus in it to test with.

Thanks to the European Institute for Computer Antivirus Research (EICAR), there is no need to use a real, potentially dangerous file to test your implementation with.

Instead, creating an EICAR test file contains a signature that anti-virus/malware software detects as a virus, while not posing risk to your systems.

All you need to do is create a file with exactly this string in its contents:


Your antivirus solution should recognize this file as malicious.

NOTE: When you create this file, if you’re running antivirus on your computer (you are….right?) it will get immediately flagged and quarantined or deleted. You may have to restore the file or otherwise identify that this file shouldn’t be deleted if you need it for testing.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.