Anti-Virus Exclusions

IMPORTANT: We recommend that you exclude the entire installation directory. If you need to exclude individual files, they are listed below.

Check that the following anti-virus settings are excluded in the anti-virus console:

  • <installation directory>\logView.exe

  • <installation directory>\LsiAgent.exe

  • <installation directory>\lsicins.exe

  • <installation directory>\LsiCol64.exe

  • <installation directory>\LsiDataCore64.exe

  • <installation directory>\LsiMods64.exe

  • <installation directory>\LsiWebCom.exe

  • <installation directory>\LsiSupervisor\<installed SysTrack version>\LsiSupervisor.exe

  • <installation directory>\MDB\collect.lastKnownGood

  • <installation directory>\MDB\collect.sqlite3

  • <installation directory>\msedge.exe

  • <installation directory>\Utilities\LsiClientTrayApp.exe

  • <installation directory>\Utilities\lsinotify.exe

  • <installation directory>\Utilities\LsiOverride.exe

  • <installation directory>\Utilities\LsiPowerOverride.exe

  • <installation directory>\Utilities\LsiUser.exe

  • <installation directory>\Utilities\LsiWakeup.exe

  • <installation directory>\Utilities\lsiwebhookbroker.exe

  • <installation directory>\Utilities\message.exe

Log Files

Exclude log files (*.log) in:

  • C:\Program Files (x86)\SysTrack\LsiAgent\

SEP Configurations

For some SEP configurations, additional steps must be taken.

If the following options are turned on in the SEP policy, exceptions need to be made to the Application and Device Control settings.

  • Block ApplicationsClosed from running.

  • SysTrackClosed agent and associated utilities must be allowed to run to collect data.

Consideration should also be made for other security scanning tools where exclusions are required to prevent interaction with SysTrack files and modules.

Product .dlls that Attach to SysTrack

Some anti-virus and security product .dlls attach to SysTrack.

When a dll injects into an exe, it inflates its memory-addressing space, potentially modifying where / when our code is executed, or outright modifying our code.

This may cause collection issues, strange / unintended behavior, features not working, or application crashes. We normally test Windows Defender's interaction with our product. However, we cannot test every anti-virus and security product you might use for interactions.