After installing Sophos, the Tasy Java Management System is slow

Hi Fundação,

Thanks for reaching out to the Sophos Community Forum. 

May I ask if you have already tried the steps in the Basic troubleshooting KBA? I suggest trying to find out if there is one specific component that's causing issues. Once you have narrowed this down, we can look at further exclusions for the specific scanning feature that has the greatest impact on performance.

Good morning, Kushal Lakhan.
Thanks for the feedback.
I performed the "Basic Troubleshooting KBA" as directed. After disabling "Real-time Scan" the problem no longer occurred.
I believe the problem is occurring in the verification of files while the Tasy software is running. In addition to this, computer utilization also improved after turning off "Real-time Scan".
We have already created some global exceptions with the software and servers directories, but the problem still occurs. In case you want to check the exceptions, I can forward them by DM.

You are welcome to send me a direct message with the exclusions that you have.

If "Real-time Scanning" has the biggest impact on performance, I'd suggest looking into Process Exclusions. This will exclude the application specified, as well as any files that the application accesses. 

If the issue is with one central server that needs to communicate with different devices on your network, disabling the option "remote file scanning" may also help, though I'd suggest considering the trade-off between protection and performance when doing so.

Good afternoon.
I DMed the deletions for review.
Thanks for the effort to help us.

Do you find that the SophosFileScanner.exe process, i.e., the "worker" (larger mem usage than the "host" SophosFileScanner.exe) is talking CPU time with real-time scanning enabled?  If so, this would suggest scanning is taking place of files.

If that's the case, I would disable tamper protection and create the DWORD LogLevel, set to 4, under the key: 
HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\Sophos File Scanner\Application
Then restart the Sophos File Scanner service.

The log file: C:\ProgramData\Sophos\Sophos File Scanner\Logs\sophosfilescanner.log, after a while of the problem taking place can be opened in Notepad++
I would search for all lines which start:

\t\t\t"path"

That is 3 tabs before the "Path".  These are scan responses. E.g.

The search results will give you an idea of what is being scanned if that is helpful.

Or I suppose you could tail the log in real-time with a filter:

gc "C:\ProgramData\Sophos\Sophos File Scanner\Logs\SophosFileScanner.log" -wait -tail 1 | where {$_ -match '\t\t\t\"Path"'}

or to filter out the log file, as it's constantly changing:

gc "C:\ProgramData\Sophos\Sophos File Scanner\Logs\SophosFileScanner.log" -wait -tail 1 | where {$_ -match '\t\t\t\"Path"' -and $_ -notmatch 'SophosFileScanner.log"'}

Good afternoon.
Thank you for all the guidance you gave us. This alternative helped us a lot to identify all the necessary directories. We had a very positive result with the correct settings.
Thank you very much!

Glad to hear it helped!

Out of interest, was it certain files being constantly changed in a couple of locations?  I am interested to know more if you can share.

Thanks

There were no changes to the files.
We just left a few directories behind.