Antivirus real-time scan exclusions

  • 16 March 2022
  • 1 reply
  • 113 views

Badge
Hi

Is it safe to exclude any folders from antivirus real-time scanning on an on-prem SysAid server?

I've had a search for antivirus exclusions for SysAid but haven't really found much

SysAid agent mentions white listing "\Program Files\SysAid"

Patch Management mentions white listing "C:\ProgramData\GFI"

I didn't find anything specific for an on-prem server


The reason I ask is that we've been having an issue where SysAid seemed to freeze randomly every half an hour (it would be come unresponsive for about 3 minutes when people tried accessing it via a web browser).
There would be a CPU usage spike at the same time, task manager showing the System process spiking.

I thought I'd try excluding C:\Program Files\SysAidServer\ and C:\ProgramData\GFI\ from real-time scans on the server to see what would happen

It seems to have fixed the issue, but I'm just concerned that if someone uploads an infected file, or something, it could infect the server and then spread to other things.

Cheers 🙂

1 reply

Userlevel 5
Badge
Hi brendan2,
Reach out to our lovely customer team to help with further investigation why this is happening to your SysAid
live chat or our Helpdesk

Cheers,
Maayan

brendan2
Hi

Is it safe to exclude any folders from antivirus real-time scanning on an on-prem SysAid server?

I've had a search for antivirus exclusions for SysAid but haven't really found much

SysAid agent mentions white listing "\Program Files\SysAid"

Patch Management mentions white listing "C:\ProgramData\GFI"

I didn't find anything specific for an on-prem server


The reason I ask is that we've been having an issue where SysAid seemed to freeze randomly every half an hour (it would be come unresponsive for about 3 minutes when people tried accessing it via a web browser).
There would be a CPU usage spike at the same time, task manager showing the System process spiking.

I thought I'd try excluding C:\Program Files\SysAidServer\ and C:\ProgramData\GFI\ from real-time scans on the server to see what would happen

It seems to have fixed the issue, but I'm just concerned that if someone uploads an infected file, or something, it could infect the server and then spread to other things.

Cheers 🙂

Reply