I have NOD32 current version installed. If I e-mail myself the eicar test file, NOD does not show it as a virus. The e-mail scanner is working because it shows the file has been scanned. The other anti virus programs I've used show as a virus as the e-mail is sent & received. Do I not have something set right?
Did you actually attach the file? Couldn't it be that you merely copied its content to the email body?
I copied the text string into Outlook & sent the e-mail to myself. No reaction from NOD. If I click on the eicar.com.txt file NOD picks up right away as a virus.
Of course, antivirus programs should not react to that string only. It must be sent as an attachment, that's how all AV vendors agreed on: Any anti-virus product that supports the EICAR test file should detect it in any file providing that the file starts with the following 68 characters, and is exactly 68 bytes long: X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
Marcos, I guess I'm confused (Not unusual for me!) If I open Outlook & copy that string & send it to myself using Avast, Kaspersky or GData it flags it as a virus. It does not with NOD. Am I missing something here?
For example...if I copy-paste EICAR 68 characters in text editor and try to save as .txt file I have NOD32 warning...but when I copy-paste in the message body and try to send email then no warning at all and mail was sent (with other AV I've tried I can't send email)...btw I can't check if NOD32 detect it when receive because my ISP block that email.
If you merely copy the string into the email body it won't be detected because only a file with that specific string that is exactly 68 bytes long is supposed to be detected per the eicar standard as all AV vendors have agreed on. If this condition is not fulfilled there's no reason to detect it. By simply copying the string into the email body you break this condition.