That is a really interesting question, Vermon
There is a test-file included into the signature definitions of every Anti-Virus program. The file is developed by the European Institute for Computer Antivirus Research
) and can be downloaded from their official website at eicar.org
. With the said file, you can do a test for the two most important layers of defense any Anti-Virus should have:
- Real-time protection
- On-demand scanning
The file contains the following, non-malicious, single string:X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
You can re-create the file on your own, without downloading it from the EICAR site. Here’s how to do it:
- Make a new document on your computer with a text editor like Notepad.
- Copy and paste all of the characters from the string, that is posted above.
- Save the file with a .com extension, e.g. "Test.com". You will need to select “All Files” from “Types”,
at the bottom of the save dialog in Notepad in order to save the file with a .com extension.
If the real-time protection mode of your anti-virus program is working properly, it should automatically trigger an alert with a description “EICAR-test-file (not a virus)
You can also manually scan the file to see if your anti-virus on-demand scanning feature is working.