search cancel

How to create a test alert in ICSP and NNP using Eicar


Article ID: 168537


Updated On:


Symantec Products


You are looking at an article which is applicable to an earlier version of ICSP. The information in this article might be outdated, or invalid. To view the latest information about ICSP, see the ICSP online Help.



Often it is difficult to create a test alert to determine if your Norman Shark ICSP or NNP devices are functioning properly and are sending out alerts correctly.  This method allows you to transfer a non-malicious file that will still trigger an alerty by the ICSP and NNP devices.



First you need to download the Eicar test file from  For information about the Eicar Testfile please read the information supplied there. All you need to know is that the Eicar testfile is acually an ASCII file containing just this string:


If you manually copy it to an empty text file and save it as you create your own testfile (useful if you cannot download the file).  It is completely harmless, but every AV solution will create an Alert when finding this file.

2. Testing

NNP: Copy the Eicar test file through the monitored Network connection from one host to another.  Be sure to use a protocol that you are actually scanning.

ICSP: Put the test file on a USB Stick and scan it as usual.