If you are running Trellix Endpoint Security, the exclusions below should be added for the following AZT folders, files, and processes.
File or Folder name | Type | Exclusion | Comment |
C:\Program Files\Aria | File or folder (Windows) | Real-time and scheduled | ARIA AZT |
C:\ProgramData\Aria | File or folder (Windows) | Real-time and scheduled | ARIA AZT |
C:\Windows\System32\drivers\AztAgent.sys | File or folder (Windows) | Real-time and scheduled | ARIA AZT |
C:\Program Files\Aria\bin\TrustUtil.exe | Process (Windows) | Real-time and scheduled | ARIA AZT |
If you do not set these exclusions, you will see alerts for the AZT Tamper countermeasure. Please note that this is NOT a critical alert and will have no impact on Trellix Endpoint Security.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article