The definition of eicar is quite strict, it should not be more than 68 bytes long for example (I think).
If the file has been accidentally padded during transfer or has incurred some other form of file translation it won't work.
So it may sound daft but the first thing to do is to be sure the eicar sample is good
Verify that the same eicar file you are using is detected within other products on other OS (Windows for example)
If it is detected then you should look to the VirusScan On-Access configuration and also exactly how you are testing.
Finally, see if an On-demand scan of the same file on the same Ubuntu 9.10 Desktop detects the eicar file or not.
Thank you Rackroyd for your advice !
- There are no problems with eicar
- The eicar is good it work fine on other OS ( windows Seven , XP ...)
- I have also submit the case to the engineer Team of McAfee online Support .
- We tested together the issue and they also checked the configuration of VSE for linux 1.6 (so there are nothing wrong with the configuration)
Do you have anothers solutions?
Since you have a support case open I suggest you work on that front to find the root cause.
My support case has been opened since 10/19/2011 12:35:47 PM.
But until now I didnot get any feedback. That is the reason why I am sharing now my issue with McAfee Community!
Or are there a problem if I also submit my issue here ?
Hm, what is the support case ID ?
If you have the McAfee support case ID you can speak with support or customer services about its current status and why it's been open 10+ days without a reply..
Please bear in mind this forum isn't for formal product support, it's populated by subject matter experts and customers who wish to participate, correspondence is optional.
Submission of a question here does not guarantee an answer, but we try to help.