.svg)
- Overview
- Macrium Reflect Application Files and Folders
Overview
When imaging a disk, Macrium Reflect performs a number of actions that some security software (EDR, XDR, Antivirus, etc) may think of as being malicious. For example, when imaging or cloning disks, Macrium Reflect reads certain parts of the disk that are not generally accessed by everyday applications. Macrium Reflect also writes very large files, which again is sometimes seen as being malicious by some security software.
This can often result in a false-positive, where the security software will attempt to interfere with legitimate Macrium Reflect processes. This can manifest in a number of ways, including causing backups to fail, stalling backup creation, and causing performance issues.
The most effective way to prevent these issues is to whitelist Macrium Software processes and file types in the security software to prevent it from attempting to interfere. The steps that are required to add items to a software whitelist will vary from vendor to vendor.
This article contains general items that can be added to a whitelist.
Whitelist Items
File Extensions
Below are all of the file extensions used by Macrium Reflect for backup creation. Excluding these in security software can prevent the software from attempting to scan the file while it is being created.
.mrimg
.mrbak
.mrbakx
.mrimgx
.tmp
Macrium Reflect Application Files and Folders
Where possible, we recommend whitelisting the following folders in their entirety:
C:\Program Files\Macrium\Reflect
C:\Program Files\Macrium\Common
If the above folders cannot be whitelisted, below are the main executable files that we recommend whitelisting:
C:\Program Files\Macrium\Reflect\Reflect.exe
C:\Program Files\Macrium\Reflect\ReflectBin.exe
C:\Program Files\Macrium\Reflect\RMBuilder.exe