Jump to content

Eset Endpoint Security delete registry keys added by LGPO


mag
Go to solution Solved by Marcos,

Recommended Posts

Hello

I use LGPO for Non-Administrators in Windows 10 Enterprise. After apply the LGPO, all rules are working fine for some times (not more than an hour). Then some rules stop working (like disable cmd, regedit, control panel). I have determined that few keys in the Windows registry have been deleted (those keys were created by appling LGPO), such as:
- key NoControlPanel=1 w HKEY_USERS\*\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer
- key DisableCMD=2 w HKEY_USERS\*\SOFTWARE\Policies\Microsoft\Windows\System
- key DisableRegistryTools=2 w HKEY_USERS\*\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

The above only happens with installed Eset Endpoint Security (version 8.1). Eset client delete those keys. What Eset exclusions should be to not conflict with my LGPO?

Link to comment
Share on other sites

  • Administrators
  • Solution

Currently there's nothing you could do to prevent this, however, there should be a module update probably this month which will temporarily quit deleting these policies. Later you will be able to create cleaner exceptions yourself, this option is not available in the Endpoint setup yet.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...