Support and Troubleshoot
      Back to home
      1. Knowledge Base
      2. Support and Troubleshoot

      Slowdowns and Connection Errors Caused by Security Software Blocking Actifile

      This article addresses performance issues and errors caused by security software blocking Actifile. It provides steps to exclude Actifile processes, folders, and URLs from scans.

      Problem

      When security software such as firewalls, antivirus (AV), endpoint detection and response (EDR), or intrusion prevention systems (IPS) blocks or disables Actifile, it can cause significant performance issues. This might include slowdowns, file encryption or decryption failures, and error messages like:

      • The underlying connection was closed. An unexpected error occurred.
      • The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.

      Root Cause

      Security applications may misinterpret Actifile processes or files as suspicious, resulting in them being blocked or scanned repeatedly. This can lead to:

      • High CPU usage as Actifile’s encryption and decryption tasks are interrupted or delayed.
      • Connection errors if SSL/TLS communication is disrupted.
      • System sluggishness due to resource conflicts.

      Solution

      To resolve these issues and ensure proper functionality of Actifile, follow these steps to configure your security software:

      Step 1: Exclude Actifile Processes

      Allowlist the following Actifile processes to prevent blocking or scanning:

      • AFAgentService.exe
      • AFUpdaterService.exe
      • AFAgentServiceManager.exe
      • AFContentDetector.exe

      Step 2: Exclude the Actifile Folder

      Exclude the following directory, including all subfolders, from security scans:

      C:\Program Files (x86)\Actifile Agent

      Step 3 (Optional – For Intrusion Prevention Systems)

      Add the following URLs (HTTPS, port 443) to the allowlist:

      • https://app.actifile.com
      • https://api.actifile.com
      • https://v2.agent-api.actifile.com
      • https://actifile-be-prod-20082024-e9aeafhegnbtd3a2.northcentralus-01.azurewebsites.net
      • https://actifileapp1.azurewebsites.net

      Step 4 (Optional – For Behavioral Threat Mitigation Systems)

      For tools like ThreatLocker:

      1. After installing Actifile, switch behavioral systems to learning mode.
      2. Add Actifile to the allowlist and ensure it isn’t ringfenced.

      Special Notes

      • If using a file hash to exclude Actifile executables, note that updates to the application will require updating the hash-based exclusion.
      • Adjust EDR settings to their highest exclusion level (e.g., “Performance Focus” in Sentinel One) to prevent performance issues.

      image-6

      Usage Example

      For BitDefender users, follow these steps:

      1. Add application or process exclusions.
      2. Exclude the folder from scans.