TrendMicro Antivirus Alert with Knime 2.12.2 / Win 8.1

Upon trying to open Knime 2.12.2 recently, I received an alert from my TrendMicro antivirus software stating an "Unauthorized File Encryption" threat by knime.exe.  What's going on here?  I suspect TrendMicro is registering a false-positive threat identificatoin, but would like to know more before taking action.

Can anyone provide some insight or experience with a same or similar problem?


I'm running Knime 2.12.2 64 bit on a Windows 8.1 64 bit PC with TrendMicro OfficeScan Agent Version 11.0.3113 and Smart Scan Agent Pattern 12.327.00.




"Unauthorized file encryption" means that the program is attempting to encrypt one of your files. Of course KNIME doesn't do anything like this (except if you designed a workflow to do so). The knime.exe we ship is definitely not infected by some virus, but I cannot say anything about the file on your computer, obviously. We have already reported this as a false positive at Trend Micro. Until they fix it you can add an exception for KNIME (if this is possible, I don't know Trend Micro) or disable the ransomware detection.

Dear KNIME developers,

with the recent release KNIME Analytics 3.2.0 (64-bit Windows version; downloaded on 2016-07-20) same happend again:

TrendMicro OfficeScan throws "Unauthorized File Encryption" warning then stops knime.exe and locks it in quarantine. The warning was triggered when trying to install some additional KNIME extensions.

System details:
 - Windows 7 Professional 64 bit
 - TrendMicro agent version 11.0.4778 Service Pack 1
 - TrendMicro virus pattern 12.655.00

Maybe white-listing of knime.exe must be renewed at TrendMicro.


Kind regards


Trend Micro better fix their scanner. We are not performing any kind of file encryption. This is extremly annoying.