Exclude Malwarebytes and Trend Micro OfficeScan XG

Document created by rsullinger Employee on Aug 15, 2017Last modified by jyamada on Feb 7, 2018
Version 8Show Document
  • View in full screen mode

We've identified incidents where Trend Micro OfficeScan XG conflicts with Malwarebytes Endpoint Security and the Malwarebytes cloud platform.  In some incidents, Trend Micro OfficeScan XG blocks installations, updates, and other operations related to Malwarebytes.  To help prevent conflicts between Trend Micro OfficeScan XG and your Malwarebytes software, add mutual exclusions to the settings in both security software.

 

Set exclusions in Trend Micro

We have created content to help you with your Trend Micro OfficeScan XG exclusions.  Use the content below to add your Malwarebytes software to Trend Micro's exclusions.

 

  1. Download the Trend Micro exclusion files.
    The Trend Micro exclusion files include:
    • TrustedProgram.dat: Lists behavioral modules and globally whitelists trusted processes.
    • SHA1.txt: List of Malwarebytes processes, DLLs, and drivers to exclude.

  2. Open Trend Micro Office Scan XG.

  3. Go to Trusted Program List Settings, then add the file TrustedProgram.dat.

  4. Go to Predictive Machine Learning Settings, then open the file SHA1.txt.

  5. Copy and paste each line from the SHA1.txt file into the Predictive Machine Learning Settings.
    You must copy and paste each line one at a time.  There is no process to automatically input each line for you.

  6. Go to Behavior Monitoring Settings, then add the Malwarebytes files to the list of Approved Programs.

    To see which Malwarebytes software files to exclude, refer to the articles:

 

Set exclusions in Malwarebytes

Add Trend Micro OfficeScan XG to your Malwarebytes software's exclusions.  This section has instructions for both Malwarebytes Endpoint Security and the cloud console.

 

Here is a list of Trend Micro OfficeScan XG file paths you should exclude in your Malwarebytes software:

C:\Program Files (x86)\Trend Micro\*
C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe
C:\Program Files\Trend Micro\*
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\ProgramData\Trend Micro\*
C:\Windows\system32\drivers\tmactmon.sys
C:\Windows\system32\drivers\tmcomm.sys
C:\Windows\system32\drivers\TMEBC64.sys
C:\Windows\system32\drivers\tmeevw.sys
C:\Windows\system32\drivers\tmevtmgr.sys
C:\Windows\system32\drivers\tmlwf.sys
C:\Windows\system32\drivers\tmnciesc.sys
C:\Windows\system32\drivers\TMUMH.sys
C:\Windows\system32\drivers\tmusa.sys
C:\Windows\system32\drivers\tmwfp.sys
C:\Windows\system32\tmumh\*
C:\Windows\sysWOW64\tmumh\*
C:\Windows\system32\DriverStore\FileRepository\*
C:\Windows\appcompat\Programs\Install\*
C:\Windows\INF\Perf_iCrcPerfMonMgr\*
C:\Windows\system32\log\*

 

Malwarebytes Endpoint Security

  1. Open the Malwarebytes Management Console.

  2. Click Policy.

  3. Double-click any policy you want to configure.

  4. Check the box next to Startup Delay, then enter 60 seconds.

  5. In the Ignore List tab, add the Trend Micro OfficeScan XG file paths.

  6. To edit additional policies, repeat steps 3 - 5.

 

For more information on adding exclusions in the Malwarebytes Management Console, refer to the article Add exclusions to the Malwarebytes Management Console.

 

Malwarebytes cloud console

  1. Log in to the Malwarebytes cloud console.

  2. Click Settings > Exclusions.

  3. Click New, then add the Trend Micro OfficeScan XG file paths.

 

To see more detailed instructions for exclusions in the Malwarebytes cloud console, refer to the article Add exclusions to the Malwarebytes cloud console.

 

With mutual exclusions in place, your Malwarebytes software and Trend Micro OfficeScan XG should work alongside each other without conflicts.

 

Additional information

Attachments

    Outcomes