Bitdefender Exclusion Setup Guide for Windows Workstatus App (All Users)
Bitdefender Exclusion Setup Guide for Workstatus (All Users)
Objective
This document provides step-by-step instructions to allow the Workstatus application in Bitdefender Endpoint Security Tools (BEST) for all users using centralized policy (GravityZone).
Scope
Applicable for:
- Bitdefender Endpoint Security Tools (BEST)
- Managed environments using GravityZone
- Multiple users with same application path structure
Application Paths
Use wildcard (*) to support all users:
- C:\Users*\AppData\Roaming\Workstatus
- C:\Users*\AppData\Roaming\Workstatus\Workstatus.exe
- C:\Users*\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Workstatus.lnk
Step 1: Login to GravityZone Console
1.Open GravityZone Admin Console
2.Login with admin credentials
Step 2: Modify Policy
1.Navigate to Policies
2.Select the active policy applied to endpoints
3.Click Edit
Step 3: Add Antivirus Exceptions
1.Go to: Antimalware → Settings → Exceptions
2.Click Add Exception
3.Add the following paths one by one:
- C:\Users*\AppData\Roaming\Workstatus
- C:\Users*\AppData\Roaming\Workstatus\Workstatus.exe
- C:\Users*\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Workstatus.lnk
4.Enable:
- On-access scanning
- On-demand scanning
5.Click Save
Step 4: Add Advanced Threat Defense Exception
1.Go to: Advanced Threat Defense → Settings
2.Click Add Exception
3.Add:
C:\Users*\AppData\Roaming\Workstatus\Workstatus.exe
4.Save changes
Step 5: Allow Application (If Blocked by Application Control)
1.Go to: Network Protection
2.Open Application Blacklisting
3.Add Workstatus.exe as Allowed
Step 6: Apply Policy
1.Click Save
2.Assign policy to required groups/endpoints
3.Wait 5–10 minutes OR force update from client
Validation Steps
- Launch Workstatus application
- Ensure no antivirus block or warning
- Check Bitdefender logs (Events section)
Troubleshooting
Issue: Application still blocked
- Verify wildcard (*) is used correctly
- Confirm policy applied to endpoint
- Force update policy from endpoint
Issue: File quarantined
- Restore from Quarantine
- Add exception again
Best Practices
- Always use wildcard paths for multi-user environments
- Add exclusions before application deployment
- Use signed applications to avoid future blocking
Conclusion
After applying the above steps, Workstatus application will run smoothly for all users without being blocked by Bitdefender.
Updated on: 29/04/2026
Thank you!