This article will serves as a guide for when an in-house application or files without digital signatures are being blocked by the security agent.
For WFBS On-Premise
- Real-time Scan Exclusion: Configuring Real-time Scan Exclusions
Behavior Monitoring Exclusion:
- Log in to the WFBS web console.
- Go to Devices, then choose the group that will be configured.
- Click Configure Policy > Behavior Monitoring.
- Under Exceptions, enter the full program path, then click Add to Approved List.
- Click Save.
For WFBS Services
Supported System Variables
- For Worry-Free Business Security Standard and Advanced: Supported System Variables
- For Worry-Free Business Security Services: Supported System Variables
Wildcard exclusions are available for the following versions:
- Worry-Free Business Security Standard and Advanced 10 and later builds
- Worry-Free Business Security Standard and Advanced 10 SP1 and later builds
- Worry-Free Business Security Services
For more information about the use of wildcards in the exception lists, you may refer to Wildcard Exceptions.
- Download the process explorer.
- Extract the file and run it as an Administrator.
Unload the WFBS agent to prevent the application from being deleted, rename, or quarantine.
- Right-click the Trend Micro system tray icon and select Exit Security Agent.
- Check if the Trend Micro Services has already been stopped via Services.msc.
- Run the affected application.
- On the process explorer, look for the running affected application and double-click it.
- Copy the path of the application and exclude it on Real-Time Scan and Behavior Monitoring feature.
You may refer to User Guide: New Request on how to submit a threat-related support case to Trend Micro Technical Support.
Once the file has been verified to be normal and non-malicious, it will be whitelisted to prevent false detection.