Most likely cause, explained here: KB69407
The On-Access Scanner messages window does not display when saving an EICAR test file, or any real malware, to a TXT file.
NOTE: Detection does take place and action is taken; that is, the offending file is still cleaned or deleted as appropriate, but the scanner fails to display the expected message window.
A secondary process, such as the Search Indexer service, has touched the file prior to the original scan request completing. That secondary process is running under the SYSTEM account, and therefore no pop-up appears to the user because the user is not the SYSTEM account. It is the secondary process that triggers the detection.
SolutionThis scenario occurs only outside normal operating parameters and is expected behavior. The file was detected and action taken because of the secondary process and not because of user action.