Sometimes, OfficeScan or Apex One will falsely block Think-Cell from running in Excel. This is caused by Behavior Monitoring’s Anti-Exploit IAT protection.
If this is occurring, you can disable a feature of Anti-Exploit detection to allow Think-Cell to run.
Before moving forward with the steps, We would highly recommend that the Apex One agent's settings are configured to the Best Practice Guide for malware protection.
To resolve this issue:
- Add the following registry key on one of the affected agents to allow thinkcell to get allow through apex agent check:
Please add Wow6432node to the path if it is a 64-bit machine):
- Restart the agent.
In case you have issues when inserting a Think-Cell chart or try to open the internal datasheet of an existing chart, you may do the following:
- Ensure that the Apex One server is up-to-date. Check Trend Micro Download Center for the latest patch.
For Apex One as a Service concerns, please contact Trend Micro Technical Support.
- On the Apex One server, navigate to ..\TrendMicro\OfficeScan\PCCSRV\.
- Open the "ofcscan.ini" file.
- Under the "Global Setting" section, manually add the following key and set its value:
- Save the changes, and close the file.
- Open the Apex One web console and go to Agents > Global Agent Settings.
- Click Save to deploy the setting to agents.
The changes may take some time to be received by all agents. Performing a manual update will force the agents to get the configuration changes.
If the issue persists, refer to Troubleshooting Behavior Monitoring exploit detection issues in Apex One, OfficeScan, and Worry-Free Business (WFBS).