How can you test that your antivirus software is working? Whether you’re just using Windows’ own built-in antivirus, Windows Defender, or a third party solution such as Avast, Norton or Kaspersky etc, how do you know that it IS actually doing its job?
Anti-virus software is just like any other program installed on your computer in that it can fail, things can go wrong with it. And although it may seem that all’s well, it isn’t.
Fortunately, there is a simple and safe way to test if your antivirus is working.
The EICAR Antivirus Test File.
The European Institute for Computer Antivirus Research (EICAR) has developed a test “virus” to test your antivirus program.
It’s not actually a virus at all. It doesn’t do anything. Rather it’s a string of text that most antivirus applications are aware of. It’s included in their virus definition files specifically for the purposes of testing.
If your antivirus is working correctly, it should respond to the presence of this file as if a virus or malware had really infected your machine. If it does, then you’re good to go, if it doesn’t, then you may have issues.
Download The EICAR Test File.
The first thing to do is to try to download the EICAR file.
When you get to the EICAR webpage, you’ll find that there are four files that you can try to download to your machine.
They each test a slightly different aspect of your AV software.
- Is the standard EICAR test file
- Is the same file, but with a different file name
- Is the same file but it’s zipped (compressed)
- Is the same zipped file but it’s been zipped again.
What Do The Four Files Do?
They test whether or not your antivirus is monitoring files that are being downloaded to your computer. The first one is the standard file which all AVs should pick up on immediately.
The second is the same but has been renamed. This tests whether your antivirus is looking inside the files being downloaded and not just scanning file names. Again you’d normally want this file to be blocked immediately.
The third file has been compressed (or zipped). Any decent AV should be looking inside compressed files for possibly malicious files. Again you’d want to see it being blocked.
And finally, the fourth file has been compressed again. In effect giving two layers of compression, which makes it more difficult for your antivirus.
Testing Your Anti Virus Is Working
To start testing your antivirus, left-click once on the first file eicar.com (68 bytes). When you do, one of two things should happen.
- You’ll see a pretty much blank page except for a line of text at the top. This is the EICAR test file that you want to download.
- Or with some anti-virus programs, they block you immediately. Not allowing the download page to even open.
If You Can’t Download The File.
If your AV blocks any attempt to reach the download page of the EICAR files (like Avast has above), then that’s good. You now know that it’s working and monitoring what you’re doing. And so, if you should stray towards a website that’s known to harbour malware, it will block, or at least warn you.
If you want to try downloading any of the other three files, feel free, but most likely they’ll also be blocked. And so, for you my friends, the test is over. You can rest easy that everything is working as it should.
If, on the other hand, you do get to the download page, try to download the file by right-clicking on it and then, on the menu that opens, left-clicking SAVE AS.
Save the file to your Desktop or Download folder.
If you’re not sure how to do that click How To Save A File On A PC
As soon as you try to save the file onto your computer, you should get a message or warning from your AV that the file is dangerous.
Most antivirus software will then move the file to the quarantine area or simply delete it.
Either way, it’s a pass. Your antivirus must be working just fine because it has scanned the file, and blocked it.
Now try downloading the other three files. Most likely your AV will block them all.
What Should You Do If You Can Save The File?
If you find that you can indeed save the EICAR file onto your computer, then you may have a problem. Open your antivirus program and check for any red flags, any error messages, and make sure you can update it. If you can’t clear the problem, then maybe you should consider moving to another security application since, clearly, your current one isn’t working properly.
If it all appears to be working fine, then there is one other reason that you were able to download the files. There is a possibility that the makers of your security software simply haven’t told their program to be on the lookout for the EICAR file. Since the file itself is not malware, then AV programs wouldn’t normally flag it up, unless they have been specifically instructed to do so.
Personally, if this was the case with my software, then I’d be looking to move to another application as soon as I could. If I’d bought the software and still had some time left then I’d probably see out the license, but if it were free or the license was due for renewal, then I’d be moving sooner rather than later.
Testing Your Antivirus – Conclusion.
Testing your antivirus like this is NOT a test of how good (or bad) your software is. It’s simply a quick and safe way to check that it is actually working and doing what it’s supposed to be doing.
Monitoring the webpages that you visit to shield you from known malware sites and inspecting any files that are downloaded onto your computer from the Internet is something that should happen, but without testing, you really can’t be sure that it is happening.