How to set up exceptions for Safetica Client in your antivirus

To maintain proper functioning of Safetica Client, you may need to whitelist certain files, folders, and URLs in your antivirus software.

To ensure full compatibility and avoid possible conflict, we highly recommend keeping your system and antivirus software up to date and manually setting exceptions for the Safetica folders, processes, and URLs mentioned below.

In this article, you will learn more about:

Here you can find how to set the exceptions mentioned in this article in selected antivirus software:

 

Exceptions for files and folders

For all systems:

General format Windows format

%programfiles%\Safetica\

C:\Program Files\Safetica\

%programdata%\Safetica Client Services\

C:\ProgramData\Safetica Client Services\

%programdata%\STEventService\

C:\ProgramData\STEventService\

%programdata%\Installer\

C:\ProgramData\Installer\

%systemroot%\Temp\install_update.bat

C:\Windows\Temp\install_update.bat

%systemroot%\Temp\InstallLogs\

C:\Windows\Temp\InstallLogs\

%systemroot%\System32\drivers\dc2drv.sys

C:\Windows\System32\drivers\dc2drv.sys

%systemroot%\System32\drivers\fltenum.dll C:\Windows\System32\drivers\fltenum.dll

We are aware that exceptions for the %systemroot%\Temp folder are considered bad practise, but they are necessary for our existing product architecture.

For 64-bit systems:

General format Windows format

%systemroot%\SysWOW64\STAgent.dll

C:\Windows\SysWOW64\STAgent.dll

%systemroot%\SysWOW64\STEventService.exe 

C:\Windows\SysWOW64\STEventService.exe 

%systemroot%\SysWOW64\AgentConnectorProxy\ 

C:\Windows\SysWOW64\AgentConnectorProxy\ 

%systemroot%\SysWOW64\STInstallAgent.dll C:\Windows\SysWOW64\STInstallAgent.dll

 

For 32-bit systems:

General format Windows format

%systemroot%\System32\STAgent.dll

C:\Windows\System32\STAgent.dll

%systemroot%\System32\STEventService.exe 

C:\Windows\System32\STEventService.exe 

%systemroot%\System32\AgentConnectorProxy\ 

C:\Windows\System32\AgentConnectorProxy\ 

%systemroot%\System32\STInstallAgent.dll C:\Windows\System32\STInstallAgent.dll

 

 

Exceptions for URLs

For Safetica NXT:

Reason for exception URL
Connecting endpoints to NXT https://apim-saas-endpoint-pr-001.azure-api.net

 

For endpoints:

Reason for exception URL
Sending statistics from endpoints diagnostics.safetica.com
Sending statistics from endpoints http://link.safetica.com/Telemetry/

 

For Safetica ONE:

Reason for exception URL
Product updates https://getupdate.safetica.com
Definition updates http://s3.amazonaws.com/SES5_AWE_DB
Updates of website and application categories https://cloudapi.safetica.com
Sending statistics from endpoints http://link.safetica.com/Telemetry/

 

For WebSafetica:

Reason for exception URL
MDM communication https://mguard.safetica.com/
MDM communication https://mguard2.safetica.com/

 

Exceptions we recommend to add to Sentinel ONE when MS Teams does not launch correctly

For Safetica:

Value Mode
C:\Windows\System32\drivers\dc2drv.sys Interoperability
C:\Windows\SysWOW64\STEventService.exe Interoperability
C:\Program Files\Safetica Management Service\ Interoperability
C:\Program files\Safetica\ Interoperability

 

For MS Teams:

Value Mode
\Device\HarddiskVolume*\Program File*\Teams Installer\Teams.exe Interoperability
\Device\HarddiskVolume*\Users\*\AppData\Local\Microsoft\Teams\Update.exe Interoperability
\Device\HarddiskVolume*\Users\*\AppData\Local\Microsoft\Teams\current\Teams.exe Interoperability

 

 

 

What to do when setting exceptions does not help

If setting exceptions for folders, processes, or URLs in your antivirus or firewall does not solve your issue, please contact Safetica Support and submit the following information:

  1. The exact name and edition of your antivirus software - including the management console, endpoint application, etc.
  2. The version of your antivirus software.
  3. Screenshots and logs from your antivirus software from when the issue was detected or manifested itself.
  4. Export of your antivirus settings so that we can try reproducing the issue.
  5. The version of Safetica you are using.
  6. Logs from Safetica - STool etc.
  7. Your Safetica settings - DLP policies, Web control settings, etc.
  8. Issue description and how it manifests itself (e.g. a notification about something being detected, some files are deleted, etc.)
  9. Exact description of what the issue causes - whether injecting stops working, webpages can't load, DLP does not work, etc.