Posts Tagged ‘disable’

 ” Antimalware Service Executable ” was using 250MB ran and 20% CPU even though we had deployed the Reg Key to disable realtime scanning e.g. below
 

 
Looks like the App has a party anyway with these scheduled Tasks

 
 
 
How to Disable Windows Defender properly
 
You can’t disable these Services , you have to do via Registry
 

 
Boot machine into Safe Mode
 
Change Reg Key Below
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend\Start = Dword 4
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WdNisSvc\Start = Dword 4
 
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

outlook-security-popup

 

You will need to run the below as Administrator , if the use doesn’t have local admin you will need to change them to one then remove after  ;

  • Right-click on the Outlook shortcut holding the SHIFT key and choose Run as administrator
  • Go to File > Options > Trust Center > Programmatic Access
  • Set the programmatic access to Never warn me about suspicious activity (not recommended)

outlook-programmatic-access

 

IMPORTANT NOTE: If these option are greyed out, it usually means that you didn’t run Outlook with administrative rights.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\16.0\Outlook\Security
DWORD: ObjectModelGuard
Value: 2

As an alternative way, you can achieve the same result by altering your registry file in the following way:

  • Navigate through   (create the key if it doesn’t exist)
  • Add the following DWORD item:
    •  , with a value of 1.
    •  , with a value of 3.
    •  , with a value of 2.
    •  , with a value of 2.
    •  , with a value of 2.
    •  , with a value of 2.
    •  , with a value of 2.
    •  , with a value of 2.
    •  , with a value of 2.
    •  , with a value of 2.
  • Navigate through   (create the key if it doesn’t exist)
  • Add the following DWORD items:
    •  , with a value of 1.
    •  , with a value of 3.
    •  , with a value of 2.
    •  , with a value of 2.
    •  , with a value of 2.
    •  , with a value of 2.
    •  , with a value of 2.
    •  , with a value of 2.
    •  , with a value of 2.
    •  , with a value of 2.
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

There are three ways to forward mail from one user to another in Exchange

  1. Exchange Forwarding Most Common – Done by Administrator
  2. Inbox Rule – Done by User
  3. Hub Transport Rule – Done by Administrator

1 and 3 can be checked easily and there will be references of when this is done and not done usually in tickets , however users can enable Inbox rules by themselves then contact your later to disable the forward.

Here is how to check for forwarding or redirecting rules on mailbox in 365

 foreach ($i in (Get-Mailbox -identity %USERNAME%))
{ Get-InboxRule -Mailbox $i.DistinguishedName | where {$_.ForwardTo} | fl MailboxOwnerID,Name,ForwardTo }
  foreach ($i in (Get-Mailbox -identity %USERNAME%))
{ Get-InboxRule -Mailbox $i.DistinguishedName | where {$_.ReDirectTo} | fl MailboxOwnerID,Name,RedirectTo}

To Disable
Disable-InboxRule -Identity "%NAME OF RULE%" -Mailbox "%USERNAME"
 
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)