Your antivirus software claims to be working all the time, monitoring every file you access for any potential threats - but is this really how it is? EICARgen can help you find out.
This tiny freebie has a single task: to generate the EICAR Anti-Virus Test File on demand. EICAR isn't an actual virus, not even executable code (it's just a few characters of text), but it is something which all antivirus programs should detect as a threat. And so, if you allow EICARgen to create its file, you should find this is detected by your antivirus tool immediately, or when you try to access it.
EICARgen is a console-based tool, and is easiest run from a shortcut. Configure it like this.
Right-click EICARgen.exe, select Create Shortcut, then right-click the shortcut and click Properties.
Click in the "Target" box and surround the path with quotes, like: "C:\Users\mike\Downloads\EICARgen_V2_1\EICARgen.exe"
At the end of that text, add a space, and the file type you'd like to create (zip, pdf, xls). Try zip, so it looks something like "C:\Users\mike\Downloads\EICARgen_V2_1\EICARgen.exe" zip
Double-click your shortcut, and wait to see what happens. Does your antivirus raise an alert immediately? Within a few seconds? What happens if you select the file? Try to unzip it?
Don't necessarily be alarmed if your software doesn't react in a hurry. Malware in an archive can't be launched directly, so it's reasonable to wait until it's extracted before jumping in. (Your antivirus settings may have a few tweaks to adjust this, but keep in mind that checking archives slows up the scanning process.)
If this zip/ pdf/ xls test isn't enough, EICARgen can also try to create a regular plain text EICAR file. Just pass it the name of the file you'd like to create, like "C:\Users\mike\Downloads\EICARgen_V2_1\EICARgen.exe" eicar.txt
If your antivirus package allows the file to be created at all, try scanning it manually, copying it, opening it - whatever you like.
Version 2.1 of EICARgen can create an Excel spreadsheet (.xls) with the EICAR test file embedded with OLE.
An interesting way to test how (or if) your antivirus software is working.