When the Ransomware module is enabled in WFBS, the Behavior Monitoring falsely detects some applications as suspicious/malicious, and blocks it. This article provides the options you can follow to avoid the issue.
To solve the Behavior Monitoring issue, choose from any of the following options:
To add full path of the application to the Exception list of WFBS, do the following:
- Login to the WFBS web console.
- Go to Security Settings, then choose the group that will be configured.
- Click Configure Settings > Behavior Monitoring.
- Under Exceptions, type the full program path, then click Add to Approved List.
- Click Save.
Adding the full program path of an application to the Trusted Program List excludes them both under Behavior Monitoring and Real time scan. To add an application to the Trested Program list, do the following:
- Login to the WFBS web console.
- Go to Security Settings, then choose the group that will be configured.
- Click Configure Settings > Trusted Program.
- Under Trusted Program List, type the full program path then click Add to Trusted Program List.
- Click Save.
An application can be submitted to Trend Micro support for verification and whitelisting. Once the application has been verified to be normal, it will be whitelisted to avoid further detection.