Reg add should just use reg.exe
I have added "REG.EXE" in the exclusion list. but the AD GPO can't be applied. How can I identify the "core process" that tries to change the registry setting on the target client? Is there any possibility to search for this process in the EPO logs? May be there is a "blocking" entry with the name of that process taht tries to change the setting?
If I deactivate the the whole rule entry, the GPO can applied. But I don't want deactivate the whole rule.
Have you not look at this log on a problem machine?
"C:\documents and Settings\All Users\Application Data\McAfee\DesktopProtection\AccessProtectionLog.txt"
I have checked the log and found the "Winlogon.exe" process. Then I excluded this process and the GPO can be applied without problems.
Thanks for your help.