Antivirus / EDR Considerations
AppProfileSafe performs high-volume file I/O and registry operations during exports and imports. Antivirus (AV) and Endpoint Detection and Response (EDR) software may significantly slow down these operations or flag them as suspicious. This page provides recommended exclusions.
Why Exclusions Are Needed
During an export or import, AppProfileSafe reads and writes hundreds or thousands of files in rapid succession. Real-time scanning of each file operation adds latency that can multiply across the entire operation. Additionally, the pattern of bulk file copying and registry modification can trigger behavioral detection rules in EDR products, potentially blocking the operation entirely or quarantining the executable.
Recommended Exclusions
| Type | Path / Target | Reason |
|---|---|---|
| Process | AppProfileSafe.exe |
Main application — performs all export, import, and reporting operations (GUI and CLI) |
| Folder | %ProgramData%\IT-Consulting Kinner\AppProfileSafe |
Application data folder: configuration, logs, audit logs, reports, schemas, event pipeline queue |
| Folder | Export/import target folder (local or UNC) | Manifest data folder where exported files are stored. High I/O during operations. |
| Folder | Application definition folder (if customized) | XML definitions are read frequently during validation and operations |
Microsoft Defender Example
Add exclusions via PowerShell (run as administrator):
:: Process exclusion
Add-MpPreference -ExclusionProcess "AppProfileSafe.exe"
:: Folder exclusions
Add-MpPreference -ExclusionPath "%ProgramData%\IT-Consulting Kinner\AppProfileSafe"
Add-MpPreference -ExclusionPath "\\server\share\AppProfileSafe"For GPO-managed Defender, configure exclusions under Computer Configuration → Administrative Templates → Windows Components → Microsoft Defender Antivirus → Exclusions.
Microsoft Defender Example
Add exclusions via PowerShell (run as administrator):
:: Process exclusions
Add-MpPreference -ExclusionProcess "AppProfileSafe.GUI.exe"
Add-MpPreference -ExclusionProcess "AppProfileSafe.CLI.exe"
:: Folder exclusions
Add-MpPreference -ExclusionPath "%ProgramData%\IT-Consulting Kinner\AppProfileSafe"
Add-MpPreference -ExclusionPath "\\server\share\AppProfileSafe"For GPO-managed Defender, configure exclusions under Computer Configuration → Administrative Templates → Windows Components → Microsoft Defender Antivirus → Exclusions.
EDR Products
For EDR products (CrowdStrike Falcon, SentinelOne, Carbon Black, etc.), configure the same process and folder exclusions in the EDR management console. If the EDR blocks operations despite exclusions, check for behavioral rules that flag bulk registry writes or file copies — these may need separate policy exceptions.
If an EDR quarantines the AppProfileSafe executable, submit a false-positive report to the EDR vendor and add the executable hash to the allowlist.