![]() I created rules for both file types to allow everyone access to %OSDrive%\ProgramData\Microsoft\Windows Defender\Platform\*. exe files, but %ProgramData% was not as there was no need to prior to this. The %ProgramFiles% directory was whitelisted in my AppLocker policy for. ![]() Microsoft changed the location of the Windows Defender Antivirus service (MsMpEng.exe) and the Network Realtime Inspection service (NisSrv.exe) files starting with Windows 10 Version 1607 from %ProgramFiles%\Windows Defender to %ProgramData%\Microsoft\Windows Defender\Platform\. ![]() I came across this support article from Microsoft: It's definitely GPO as it only started happening after I made these recent GPO changes, and it's also not occurring to other Windows 10 machines in a different organizational unit that do not have all of the same policies applied as the pilot users do.Īnyone know what policy could be causing this? Any help would be greatly appreciated. I've tested this on multiple machines (including brand new ones) so I know this isn't related to a rootkit or virus. It looks to me like it's related to Windows SmartScreen, but I've verified that my SmartScreen policies are set to only warn and not prevent bypass. In Internet Explorer a message states that "This file contained a virus and was deleted." and in Chrome that a virus was blocked. Users can open downloaded files within their browser, but they cannot save them to any location in any browser (Internet Explorer, Google Chrome and Microsoft Edge). I've made several changes within Group Policy for our Windows 10 pilot users within the last 1-2 months, and one of them waited an entire month to inform me that they can no longer download any files.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |