Environment
- Carbon Black Cloud Windows Sensor: All Supported Versions
- Microsoft Windows: All Supported Versions
- Citrix: All Versions
Objective
- Slow logon times with CBC sensor enabled
- Unstable Citrix Server Performance
Resolution
The following entries should be added into the registry for Citrix to exclude CBC processes
- REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\CtxHook" /f /t REG_SZ /v ExcludedImageNames /d "repmgr.exe,scanhost.exe,reputils.exe,repcli.exe,repux.exe,bladerunner.exe,repwsc.exe,repwav.exe,ctifile.sys,ctinet.sys,cbc_plugin_extension.ext.exe,osqueryi.exe,vhostcomms.exe"
- REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\CtxHook" /f /t REG_SZ /v ExcludedImageNames /d "repmgr.exe,scanhost.exe,reputils.exe,repcli.exe,repux.exe,bladerunner.exe,repwsc.exe,repwav.exe,ctifile.sys,ctinet.sys,cbc_plugin_extension.ext.exe,osqueryi.exe,vhostcomms.exe"
- REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\CtxHook64" /f /t REG_SZ /v ExcludedImageNames /d "repmgr.exe,scanhost.exe,reputils.exe,repcli.exe,repux.exe,bladerunner.exe,repwsc.exe,repwav.exe,ctifile.sys,ctinet.sys,cbc_plugin_extension.ext.exe,osqueryi.exe,vhostcomms.exe"
- REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\CtxUvi" /f /t REG_SZ /v UviProcessExcludes /d "repmgr.exe;scanhost.exe;reputils.exe;repcli.exe;repux.exe;bladerunner.ex;repwsc.exe;repwav.exe;ctifile.sys;ctinet.sys;cbc_plugin_ext;osqueryi.exe;vhostcomms.exe"
Related Content
