Sometimes, OfficeScan or Apex One will falsely block Think-Cell from running in Excel. This is caused by Behavior Monitoring’s Anti-Exploit IAT protection.
If this is occurring, you can disable a feature of Anti-Exploit detection to allow Think-Cell to run.
Before moving forward with the steps, We would highly recommend that the Apex One agent's settings are configured to the Best Practice Guide for malware protection:
To resolve this issue:
- Add the following registry key on one of the affected agents to allow thinkcell to get allow through apex agent check:
Please add Wow6432node to the path if it is a 64-bit machine):
- Restart the agent.
In case you have issues when inserting a Think-Cell chart or try to open the internal datasheet of an existing chart, you may do the following:
- Ensure that the Apex One server is up-to-date. Check Trend Micro Download Center for the latest patch.
For Apex One as a Service concerns, please contact Trend Micro Technical Support.
- On the Apex One server, navigate to ..\TrendMicro\OfficeScan\PCCSRV\.
- Open the "ofcscan.ini" file.
- Under the "Global Setting" section, manually add the following key and set its value:
- Save the changes, and close the file.
- Open the Apex One web console and go to Agents > Global Agent Settings.
- Click Save to deploy the setting to agents.
The changes may take some time to be received by all agents. Performing a manual update will force the agents to get the configuration changes.
If the issue persists, refer to Troubleshooting Behavior Monitoring exploit detection issues in Apex One, OfficeScan, and Worry-Free Business (WFBS).