Export (0) Print
Expand All

Verifying your deployment by using the EICAR antivirus test file

 

Applies to: Forefront Protection for Exchange

Topic Last Modified: 2009-08-18

The procedure below provides instructions on testing your FPE deployment by using the EICAR antivirus test file.

To test your deployment
  1. Copy the following line into its own text file, and then name it EICAR.TXT:

    X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

    When done, you will have a 69-byte or 70-byte file.

  2. Attach this file to an Exchange message. Forefront Protection 2010 for Exchange Server (FPE) reports finding the EICAR-STANDARD-AV-TEST-FILE virus. If you have chosen either the Clean (the default) or Delete action, FPE also reports the attachment as being deleted. The infected attachment is removed from the test message or post, and it is replaced with a text file that contains something similar to the following string: "Microsoft Forefront Protection 2010 for Exchange Server found a virus and deleted this file."

importantImportant:
This is not a virus. However, because users often have the need to test that installations function correctly, the antivirus industry, through the European Institute for Computer Antivirus Research, has adopted the EICAR standard in order to facilitate this need.

It is recommended that you delete the EICAR file after installation testing is completed so that other users are not unnecessarily alarmed.

 
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft