Recommended Antivirus Exclusions for Attix5 Pro
On a modern operating systems, it is likely that some form of threat management system is installed. While in the past, only antivirus and port/application-based firewall solutions were common on hosts, intrusion prevention systems (IPS) are increasingly becoming the norm. These can perform traffic and behaviour analysis, and block suspicious activity.
To a threat management system, Attix5 Pro’s behaviour can appear suspicious. If not excluded from threat management system monitoring, these applications can prevent Attix5 Pro from backing up successfully.
Installation Folders to exclude from AV/IPS systems
- C:\Program Files\BackupVault\Backup Client SE\ and all sub folders
- System State Folders for Windows 2008 (assuming C: is used by System State)
If any working folders or plug-in “dump” locations are moved, ensure that these are also excluded.
Processes to exclude from AV/IPS systems
- C:\Program Files\BackupVault\Backup Client SE\a5backup.exe (or a5backup64.exe on 64 bit systems)
- C:\Program Files\BackupVault\Backup Client SE\SERunner.exe
- C:\Program Files\BackupVault\Backup Client SE\SplitVHD.exe and SplitVHDX.exe
- Javaw.exe (Launched by SERunner.exe process)
TCP ports to exclude from AV/IPS systems
- 9091 for Remote Management
- 8011 for Exchange Agent Service for SIR Plus
- The other ports used by the Backup Client are randomly selected, but can be manually specified in the a5backup.properties file:
- service.rpc-server.localhost.port=port number 1-65535
- service.rmi.port=port number 1-65535
- service.port=port number 1-65535
The ports must be unique, and not clash with any existing services. Ensure the GUI is closed and that the service is stopped when editing the file.