Why inSync directories should be excluded from anti-virus scans?
Ideally, any of the inSync server related paths should not be scanned. Most of the anti-virus locks the frequently accessed files to scan them which may cause database corruption. When data is uploaded to the data folder, references for actual data are stored under database files. If an anti-virus locks database files, inSync server may not be able to update the database due to which it loses some of the references. In some scenarios, anti-virus tends to delete/quarantine database/data/database log files as they are frequently accessed and modified, considering those as malware activities. This in turn leads to storage corruption.
To address this situation, inSync has an inbuilt mechanism to ensure anti-virus scans are reported via an alert, which has to be configured. The mechanism inSync uses to find out whether an anti-virus is scanning inSync folders is by placing a file called detectav.exe. This is not a malware; however, some applications may report this as one.
My anti-virus application is reporting a malware in the inSync folder. What is the cause?
Detectav.exe is placed by inSync on all the inSync Server folders. This file checks if the inSync Server binaries, configuration database, Storage path are being scanned by an anti-virus.
How to resolve this issue?
To resolve this issue
- You must exclude the inSync folders from the anti-virus scan.
The following table lists the paths that you must exclude from your anti-virus scan
|C:\ProgramData\Druva\||Contains configuration database and log folders.|
|All storage directory||Contains the storages that you have configured with inSync.|