Exclusion list for Antivirus of ProfileUnity Program Files and directories 6.8.5+ – Liquidware Customer Support

Problem:

Antivirus slows logon while scanning of ProfileUnity Program Files and directories.
Cause Slow down of the VM
Cause file corruptions

Resolution:

ProfileUnity Client Tools Installation Path

PHASE 1

Exclude the entire "C:\Program Files\ProfileUnity" folder, and all sub-folders and files. Each A/V solution has different ways for specifying recursion, ie C:\Program Files\ProfileUnity\* or C:\Program Files\ProfileUnity\**

Or you can list out all the binary files for your specific installation by running these 2 powershell cmds:

(Get-ChildItem -Recurse 'C:\Program Files\ProfileUnity\' -File -Include "*.dll","*.exe","*.cab","*.sys").FullName > $env:userprofile\Desktop\687R2_DllExeCabSys_List.txt

(Get-ChildItem 'C:\Windows\System32\drivers\' -File cb*.sys).FullName >> $env:userprofile\Desktop\687R2_DllExeCabSys_List.txt

(the second command gets the currently-installed filter drivers)

Filter Drivers

6.8.5 & 6.8.6

C:\Windows\System32\drivers\cbregistry20.sys

C:\Windows\System32\drivers\cbregistry.sys
C:\Windows\System32\drivers\cbfilter20.sys

6.8.7 & 6.8.7R2

C:\Windows\System32\drivers\cbregistry22.sys
C:\Windows\System32\drivers\cbfilter22.sys

C:\Windows\System32\drivers\cbprocess22.sys

These versions might update and you can find additional information here on post GA releases where a HotFix might have updated drivers

https://support.liquidware.com/hc/en-us/articles/360033876051-ProfileUnity-Hot-fix-List

C:\Windows\System32\drivers\cbregistry24.sys
C:\Windows\System32\drivers\cbfilter24.sys

C:\Windows\System32\drivers\cbprocess24.sys

**PHASE 2 - Continue only if performance has not increased to desired level!**

ProfileUnity on network shares:

\\<domainname>\netlogon\profileunity\:

Note:This is the current default deployment path. If unsure, check the ProfileUnity console under Administration (top right)->ProfileUnity Tools->Deployment Path.

7z\x64\7z.exe
7z\x86\7z.exe
LwL.ProfileUnity.Client.Startup.exe
LwL.ProfileUnity.Client.Startup.Update.exe
LwL.ProfileUnity.Client.Logoff.exe

User's home portability/vhdx directories:

\\profileserver\profiles\%username%\Portability (recursive)
- Exclude:*.7z, *.lou,*.lbr *.vhd *.vhdx and*.manifest files located inside.

DIA software storage location for DIA applications:

\\server\share\DIA_APPS\
- Exclude: *.vhd *.vhdx

ProfileUnity Temporary directories:

System Temp Directories:

c:\Windows\Temp\ProfileUnity
C:\ProgramData\Liquidware (recursive)

User Temp Directory

%temp%\ProfileUnity
This directory can be redirected to a fixed location like C:\PUTemp using ProfileUnity ADM GPO template.
KB: How to setup custom ProfileUnity Temp directory.

The FlexApp package and ProfileDisk mount directories:

C:\FADIA-T (recursive)
C:\ProfileDiskMounts
C:\Users\ProfileDisk

Users Local Portability Manifest Location

%USERPROFILE%\ProfileUnity (recursive)

For SMB cache mode and cloud for FlexApp Block level caching:

Block cache path = C:\DiskShadowData

Additional AV Application Specific Information

Trend Micro Apex One (formerly OfficeScan) Specific

Please refer the attached trendexclusions.docx and Zipped AV.zip for examples

Microsoft Windows Defender Specific

Please refer to attached Defender Exceptions.zip, which includes a GPO output of example path exclusions

Another consideration is Microsoft Defender 365 feature called "Attack Surface Reduction" (a.k.a. ASR) can block ProfileUnity from using elevation. When this is turned on, the default policy that is enabled causes this issue. Customers need to approve the the rules in the cloud portal for exclusions.

Example:

CrowdStrike

The full list provided in the CrowdStrike txt attachment below was generated using the powershell commands at the top of this article. It can be simpler to use a folder-level, recursive exclusion combined with 3 file-level exclusions instead of the 600+ file-level exclusions found in the txt file:

Program Files\ProfileUnity\** (all versions)
Windows\System32\drivers\cbfilter22.sys (6.8.7 and 6.8.7 R2)
Windows\System32\drivers\cbprocess22.sys (6.8.7 and 6.8.7 R2)
Windows\System32\drivers\cbregistry22.sys (6.8.7 and 6.8.7 R2)

When using Citrix VDA 7.1.4 or above.

Add C:\Windows\System32\vds.exe to the trusted program list.

See attached Files for examples specific to those AV's for exclusions.

https://www.liquidware.com/support/articles/13071453897229-Exclusion-list-for-Antivirus-for-FlexApp-One-files-and-directories

ProfileUnity Console executables on the PU Server:

"C:\Program Files (x86)\Liquidware Labs\ProfileUnity" and sub folders+files
"C:\Program Files\MongoDB" and sub folders+files

Product: ProfileUnity Client

Product Version: 6.8.5 and higher

MS Defender.zip
20 KB Download
TrendMicro.zip
200 KB Download
687R2_DllExeCabSys_List_CrowdStrike.txt
90 KB Download