When Microsoft unveiled the Developer Preview of Windows 8 two weeks ago one of the items to get the most attention was it's included unmanaged anti-virus solution.I was interested in what capabilities it might have and how it would present itself to users who stumble across something malicious.
Naturally I installed it on a virtual machine and to a spare disk on a full workstation in my lab. What to test first?
If there is one thing guaranteed to be safe and still be an effective test it would be EICAR.
According to the EICAR website the EICAR test file allows someone to safely trigger a "virus incident in order to test their corporate procedures, or of showing others in the organisation what they would see if they were hit by a virus."
That's perfect. I need a detection, but I prefer not to handle live malware. Safely testing live malware samples is scary dangerous.