About process exclusion method in Trend Micro Security for Mac (TMSM)

Modified:2019-07-17

This is a method to exclude a specific process from the inspection of TMSM in the TMSM client.
This page shows how to exclude Google Drive File Stream (GDFS) processes from inspection as an example.
With regard to the exclusion of GDFS, it has been confirmed that the following settings under Mac OS 10.14.5 have no effect(currently asking for measures)

All the methods described here are not supported.
Please do it at your own risk.

————————————————————
▼ Advance preparation
————————————————————
Download a shell script to unload the TMSM agent.
【Download URL】
TMSM_load.zip
【File name】
TMSM_load.zip
【File after decompression】
load.sh
unload.sh

————————————————————
▼ Process exclusion
————————————————————
Then exclude the process from the operation of the TMSM agent.
Since process exclusion can not be performed from the server, you need to execute it on the TMSM agent.

Exclude the following processes:

1: /Applications/Google Drive File Stream.app/Contents/MacOS/Google Drive File Stream
2: /Applications/Google Drive File Stream.app/Contents/Frameworks/Google Drive File Stream Helper.app/Contents/MacOS/Google Drive File Stream Helper
3:



    

  1. Unload the TMSM agent.

      

    1. Start the terminal.

      2. 

    2. Execute the su command and enter the password.

      <mymac %> sudo su
<mymac %>

      

      3. 

    3. Enter the path for “unload.sh” and execute it.
      ※It is convenient to drag “unload.sh” to the terminal console and execute it.

      4. 

    

    2. 

  2. Execute the following command to add the Google Drive File Stream process to the exclusion list.

    <mymac %> sudo /usr/libexec/PlistBuddy -c "Add :RealtimeScan:exception_processes: string /Applications/Google Drive File Stream.app/Contents/MacOS/Google Drive File Stream" /Library/Application\ Support/TrendMicro/common/conf/TmAntiMalware.conf.plist
<mymac %> sudo /usr/libexec/PlistBuddy -c "Add :RealtimeScan:exception_processes: string /Applications/Google Drive File Stream.app/Contents/Frameworks/Google Drive File Stream Helper.app/Contents/MacOS/Google Drive File Stream Helper"  /Library/Application\ Support/TrendMicro/common/conf/TmAntiMalware.conf.plist
<mymac %> 

    

    3. 

  3. Open the following file.

     /Library/Application\ Support/TrendMicro/common/conf/TmAntiMalware.conf.plist

    

    4. 

  4. Check that the following is registered in the exception_processes section of RealtimeScan.

    1: /Applications/Google Drive File Stream.app/Contents/MacOS/Google Drive File Stream
2: /Applications/Google Drive File Stream.app/Contents/Frameworks/Google Drive File Stream Helper.app/Contents/MacOS/Google Drive File Stream Helper
3:

    

    5. 





The work is complete. 
Restart the computer or execute load.sh in step 1 to start TMSM Agent.