We unfortunately have to use Google Chrome on our RDS servers and it seems Chrome regularly likes to run it's own "Software Reporter Tool" which scans for problems in Chrome and at the same time massively slows down our RDS server everytime it runs.
I haven't been able to find a way to remove it globally from Chrome but can I get Webroot to stop it from running? It appears to be just a single .exe file saved in each users roaming appdata. I looked for the MD5 but this seems to be different perhaps for different versions of the tool. So really need to block this file by name "software_reporter_tool.exe"?
Chris
I'm not certain, but you may be able to do it like this: https://www.webroot.com/En_US/SecureAnywhere/PC/Content/C5_Quarantine/CH5b_BlockingAllowingFiles.htm
We use a program called Cryptoprevent to block executables (and ransomware) from running from Appdata, you might want to look into that if you can't get Webroot to do it.
We use a program called Cryptoprevent to block executables (and ransomware) from running from Appdata, you might want to look into that if you can't get Webroot to do it.
The best way to block via Webroot is by MD5, however, there are cases where the file name will remain the same yet the md5 will change dependent upon versions of the .exe. We do not have a list of all MD5’s specifically related to Chrome so you would either need to know them or find out each MD5 associated to this file that exists in the environment as a whole. If the MD5 cannot be entered for the override because of this, you could essentially create a black list for the file path, however because the path is under the roaming appdata folder, you would essentially have to create a file path blacklist override for each user that uses Chrome. So if you have many users that use Chrome through this RDS server, you would then need to create many overrides as you will need one for each individual user.
It may make sense to use another tool or method if possible and easier.
I hope you find this information helpful!
Thanks for the suggestions, it seems perhaps getting webroot to block this may not be the best solution because when webroot blocks a file it then automatically performs a full scan which is kind of what I'm trying to avoid. I will have a look at some other tools I think.
We have also had serious issues with software_reporter_tool.exe on our RD server deployments. It eats resources like nothing else with 50+ users logged on using Chrome.
The only solution I've found is to create a dummy software_reporter_tool.exe...basically just make an empty .txt file, save it as "software_reporter_tool.exe", make it read-only, and copy over the real one. You can also push the dummy file into each user's respective Chrome directory with a logon script.
If there's a better solution, I'd love to hear it. I hate that stupid little program.
The only solution I've found is to create a dummy software_reporter_tool.exe...basically just make an empty .txt file, save it as "software_reporter_tool.exe", make it read-only, and copy over the real one. You can also push the dummy file into each user's respective Chrome directory with a logon script.
If there's a better solution, I'd love to hear it. I hate that stupid little program.
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.