Jump to content

Eset Endpoint Security delete registry keys added by LGPO


mag
 Share

Go to solution Solved by Marcos,

Recommended Posts

Hello

I use LGPO for Non-Administrators in Windows 10 Enterprise. After apply the LGPO, all rules are working fine for some times (not more than an hour). Then some rules stop working (like disable cmd, regedit, control panel). I have determined that few keys in the Windows registry have been deleted (those keys were created by appling LGPO), such as:
- key NoControlPanel=1 w HKEY_USERS\*\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer
- key DisableCMD=2 w HKEY_USERS\*\SOFTWARE\Policies\Microsoft\Windows\System
- key DisableRegistryTools=2 w HKEY_USERS\*\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

The above only happens with installed Eset Endpoint Security (version 8.1). Eset client delete those keys. What Eset exclusions should be to not conflict with my LGPO?

Link to comment
Share on other sites

  • Administrators
  • Solution

Currently there's nothing you could do to prevent this, however, there should be a module update probably this month which will temporarily quit deleting these policies. Later you will be able to create cleaner exceptions yourself, this option is not available in the Endpoint setup yet.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...