Test ESET LiveGuard Advanced functionality
To test ESET LiveGuard Advanced functionality with and ability, follow the steps below:
Users with ESET management console
ESET Cloud Office Security users
FAQ
Is this actual malware?
No, this EdtdTestFile.exe is just a dropper of Eicar (a standard malware test file). This event is being detected during analysis in a sandbox in ESET LiveGuard Advanced.
How can I be sure?
Here are the source codes of the test files:
•Windows executable
#include <fstream> #include "tchar.h" #include "windows.h"
int main() { std::ofstream dropped; dropped.open(_T("eicar.com")); dropped << "X5O!P%@AP[4\\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*"; dropped.close(); ::MessageBox(nullptr, _T("EDTD test file has been executed.\n2020.4.15 10:34"), _T("EDTD test file"), MB_OK); return 0; } |
•Linux binary
#include <fstream> #include <iostream> #include <stdio.h>
int main() { std::ofstream dropped; dropped.open("eicar.com"); dropped << "X5O!P%@AP[4\\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*"; dropped.close(); std::cout << "EDTD test file has been executed." << std::endl; getchar(); return 0; } |