fi Important Performing this test may trigger an antivirus noti cation or incident alert.
fi Note Antivirus software is capable of corrupting the con guration or properties files used by Forcepoint which may affect performance. Forcepoint recommends to exclude the required directories and files from antivirus scanning prior to installation.
PROBLEM DESCRIPTION
Forcepoint recommends to exclude installation folders from Antivirus scanning
(http://www.websense.com/content/support/library/deployctr/v85/dic_av_exclude.aspx). In the event where antivirus is suspected to still be
a ffecting Forcepoint product functionality, is there a way to verify that the antivirus exceptions are working as expected?
RESOLUTION
https://support.forcepoint.com/KBArticle?id=000016264 1/3 1/8/2021 KB Article | Forcepoint Support To con firm antivirus exceptions are working, use the EICAR test: Note The files are not required to be named test, however for troubleshooting purposes, naming it test will make it easier to locate. . Navigate to respective Forcepoint product folder. Examples include:
Note The third character (X5O is a capital letter 'O', not a zero.)
. Save this file at test.txt in the respective product folder.
fication happens. . Wait for a minute and see whether test.txt disappears or an antivirus noti
. If test.txtfile does not disappear and no notification happens, rename test.txt to test.com. . Wait for a minute and see whether test.com disappears or an antivirus notification happens.
If the test.txt or test.com file disappears or an antivirus notification happens, the antivirus is still scanning the folder and the exceptions needs to be properly con figured by the antivirus administrator.
Not all antivirus solutions work with the EICAR test, though most of the popular antivirus solutions do. For a list, see the red results at Virus Total
EICAR test (https://www.virustotal.com/en/ file/275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f/analysis/1425909746/).
