I am working on validating the incident response (IR) process. And to trigger the process via Antivirus alert (Critical/High), I am looking for an "open source" script (i.e. potentially non-malicious or the one that act as malicious without harming a system by performing various activities since this should be demonstrated on the end-user production system). I have taken sometime to research on the possible ways to trigger the IR process. However, none of the available "open source" solution looks suitable to trigger Antivirus alert (Critical/High).
Symantec Endpoint Protection (SEP)
Windows 7 Enterprise Edition