Skip to main content

How can we help you?

Druva Documentation

Antivirus recommendations for inSync


Antivirus or third party encryption programs may sometimes lock actively used files or folders of other applications. Specifically anti-virus programs are known to lock files while running a real time or on-access scan.

If any such third party application locks inSync application files or folders which contain configuration or logs, it may result in corruption or unexpected behavior. Hence, Druva highly recommends you to add exclusions for inSync application and configuration paths.

Click the following links to view the antivirus recommendations for the respective component:

  1. inSync On-Premises
  2. inSync Cloud
  3. inSync Client

Antivirus Recommendations for inSync On-Premise

This section provides answers to some FAQs on Druva’s antivirus recommendations for inSync On-Premises. FAQs are followed by some recommendations from Druva to avoid issues caused by antivirus applications.


Why inSync directories should be excluded from antivirus scans?

Ideally, paths related to inSync server must not be scanned. Most antivirus applications lock the frequently accessed files to scan them. This may cause database corruption. When data is uploaded to the data folder, references for actual data are stored under database files. If an antivirus application locks the database files, inSync server may not be able to update the database causing loss of references.

In some scenarios, antivirus application tends to delete/quarantine the database/data/the database log files that are frequently accessed and modified, assuming them as malware activities. This leads to storage corruption.

To address such a situation, inSync has an inbuilt mechanism that reports antivirus scans via an alert. inSync uses detectav.exe utility to detect whether an antivirus application is scanning inSync folders. Even though detectav.exe is not a malware, some applications may report it as one.

My antivirus application is reporting a malware in the inSync folder. What is the cause?

Check if your antivirus application is reporting detectav.exe placed by inSync on all the inSync Server folders as malware. This file checks if the inSync Server binaries, configuration database, Storage path are being scanned by an anti-virus.

Antivirus recommendations

For an inSync On-Premises deployment:

  • You must exclude the inSync folders from the antivirus scan.
  • Exclude the folder and processes specified for inSync, inSync storage node, and inSync Edge Server in the tables below
Antivirus recommendations for inSync Master Server
Folders to be excluded C:\ProgramData\Druva or C:\inSyncServer4
C:\Program Files\Druva
Storage Folders (Data,DB & Log location) (Only present if we have local storage configured) 
Processes to be excluded  inSyncBynamo.exe
Antivirus recommendations for inSync Storage Node
Folders to be excluded C:\ProgramData\Druva
C:\Program Files\Druva
Storage Folders / Directories
Processes to be excluded  inSyncNodeMaster.exe
Antivirus recommendations for inSync Edge Server
Folders to be excluded C:\ProgramData\Druva
C:\Program Files\Druva
Processes to be excluded  inSyncEdgeServer.exe

Antivirus Recommendations for inSync Cloud

In case of Cloud, there are three identities from where you need to set the exclusions.

  • AD Connector Server
  • Cloud Cache Server
Antivirus Recommendations for AD Connector Server
Folders to be excluded C:\inSyncADConnector
C:\Program Files\Druva
Processes to be excluded  inSyncADConnector.exe
Antivirus Recommendations for CloudCache Server
Folders to be excluded C:\Program Files\Druva
Data folder Path (Contains the Data component configured on CloudCache Server)
Processes to be excluded  inSyncCacheServer.exe

Antivirus Recommendations for inSync Client

  On Windows On Mac On Linux
Folders to be excluded

C:\Program Files\Druva (For 32 bit machines)
C:\Program Files (x86)\Druva (For 64 bit machines)


C:\Program Files (x86)\Druva\inSync
C:\Program Files (x86)\Druva\inSync
C:\Program Files (x86)\Druva\inSync\amd64
C:\Program Files (x86)\Druva\inSync\amd64
C:\Program Files (x86)\Druva\inSync

/Users//Library/Application Support/inSync
/Users//inSync Share




*The above processes are hidden, however, you can run "ls -al" in the terminal and see the process.


/home/<user name>/.inSync

/home/<user name>/inSync Share

Processes to be excluded 

inSync.exe:- C:\Program Files (x86)\Druva\inSync

inSyncAgent.exe:- C:\Program Files (x86)\Druva\inSync

inSyncCPHwnet64.exe:- C:\Program Files (x86)\Druva\inSync\amd64

inSyncUSyncer.exe:- C:\Program Files (x86)\Druva\inSync\amd64

inSyncUpgrade.exe:- C:\Program Files (x86)\Druva\inSync

inSyncDecommission:- /Data/Application/druva/insync/contents/resources/insync/contents.MacOS

inSync:- /Data/Application/druva/insync/contents/resources/insync/contents.MacOS

The above processes are hidden, however, you can run "ls -al" in the terminal and see the process.


For any further queries, contact Druva technical support