EICAR test file for checking Kaspersky applications' behavior

Support

General

General articles

EICAR test file for checking Kaspersky applications' behavior

Latest update: September 13, 2023 ID: 7399

EICAR-Test-File is not a threat, it was created to imitate the detection of a threat by antivirus software. It is a 68-byte file with the .com extension which displays a text message.

Earlier, different files were created by cybersecurity software vendors to demonstrate how their solutions behave upon detection of a threat. Later, the vendors have agreed upon developing a standard simulator which consists of a simple line of text. This allows any user to initiate a detection manually, e.g. by copying the text to a file from the documentation.

The resulting EICAR file looks like this:

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

Cybersecurity software normally detects it as EICAR-Test-File.

You can download the eicar test file as follows:

The eicar.zip archive via HTTPS / HTTP from the Kaspersky server.
The eicar.com executable file via HTTPS from the official eicar.org website.

You can also copy this line of code and save it to a text file on your computer.

Did you find this article helpful?

What can we do better?

Thank you for your feedback! You're helping us improve.