When a legal application continually triggers Malicious Behavior/Detections by Behavior Monitoring policies, follow the steps below to collect the required debug information and contact Trend Micro Technical Support for further assistance.
In OfficeScan, the detection will keep on popping up whenever the application is launched. For example:
In the Worry-Free Business (WFBS) series, the application is terminated without an agent side notification, but it can still be checked in the Behavior Monitoring log. For example:
Collecting debug information from OfficeScan XG & XG SP1 / WFBS 9.0 & 10.10 / WFBS-SVC 6.0~6.3
Please contact Trend Micro Technical Support directly for further assistance.
Collecting debug information from WFBS-SVC 6.5 and later
- Use the Case Diagnostic Tool (CDT) and check “Collect AEGIS debug information”.
- Once debug mode is enabled by CDT, reproduce the issue and confirm when the detection was triggered again.
- Stop CDT debug mode and collect the compressed log package.
- Provide feedback to Trend Micro Technical Support.