| Most of this page uses content from Wikipedia. The original article was at EICAR test file. The page may have contained some inaccurate or outdated information, so please edit it so it contains better information.|
The list of authors can be seen in the page history. As with Malware Wiki, the text of Wikipedia is available under the Creative Common Attribution-ShareAlike 3.0 License.
Remove this template when most of the Wikipedia content has been removed or the Wikipedia information is outnumbered by non-Wikipedia information.
A compliant virus scanner, when detecting the file, will respond in exactly the same manner as if it found genuinely harmful code. Its use can be more versatile than straightforward detection - for example, a file containing the EICAR test string can be compressed or archived, and then the antivirus software can be run to see whether it can detect the test string in the compressed file.
The file is simply a text file of either 68 or 70 bytes that is a legitimate executable file called a COM file that can run by Microsoft Windows (except for 64-bit systems due 16-bit limitations). When executed, it will print "EICAR-STANDARD-ANTIVIRUS-TEST-FILE!" and then stop. The test string was specifically engineered to consist of ASCII human-readable characters, easily created using a standard computer keyboard. It makes use of self-modifying code to work around technical issues that this constraint makes on the execution of the test string.
The test file can be downloaded from EICAR's site.