If you are running Sophos Central, the exclusions below should be added for the following AZT folders, files, and processes.
| File or Folder name | Type | Exclusion | Comment |
| C:\Program Files\Aria | File or folder (Windows) | Real-time and scheduled | ARIA AZT |
| C:\ProgramData\Aria | File or folder (Windows) | Real-time and scheduled | ARIA AZT |
| C:\Windows\System32\drivers\AztAgent.sys | File or folder (Windows) | Real-time and scheduled | ARIA AZT |
| C:\Windows\System32\drivers\NetworkPolicyEnforcer.sys | File or folder (Windows) | Real-time and scheduled | ARIA AZT |
| C:\Program Files\Aria\bin\TrustUtil.exe | Process (Windows) | Real-time and scheduled | ARIA AZT |
For additional details on adding Sophos exclusions, visit: https://docs.sophos.com/central/customer/help/en-us/ManageYourProducts/GlobalSettings/GlobalExclusions/index.html#exploit-exclusions
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article