Welcome to OCS Inventory NG community support, where you can ask questions and receive answers from other members of the community.

Please ask questions only in English or French.

Release 2.10.0 available

The official documentation can be found on http://wiki.ocsinventory-ng.org. Read it before asking your question.

Windows Defender - Controlled Folder Access


some of our clients generate the following Windows events.

The controlled folder access has C:\Program Files\OCS Inventory Agent\OCSInventory.exe changes to storage.
Detection time: 2021-03-15T07:42:54.452Z
Users: (unknown user)
Path: \Device\Harddisk0\DR0
Process name: C:\program files\OCS inventory agent\OCSInventory.exe
Security version: 1.333.438.0
Module version: 1.1.17900.7
Product version: 4.18.2102.3

Der überwachte Ordnerzugriff hat C:\Program Files\OCS Inventory Agent\OCSInventory.exe daran gehindert, Änderungen am Speicher durchzuführen.
Erkennungszeit: 2021-03-15T07:42:54.452Z
Benutzer: (unknown user)
Pfad: \Device\Harddisk0\DR0
Name des Prozesses: C:\Program Files\OCS Inventory Agent\OCSInventory.exe
Sicherheitsversion: 1.333.438.0
Modulversion: 1.1.17900.7
Produktversion: 4.18.2102.3

Is this normal?
Agent-Version :OCS-NG_WINDOWS_AGENT_v2.8.0.0
Thanks in advance.
Best regards
in OCS Inventory NG agent for Windows by (320 points)

2 Answers

0 votes
Best answer


Occasionally, an app that is safe to use will be identified as harmful. This happens because Microsoft wants to keep you safe and will sometimes err on the side of caution; however, this might interfere with how you normally use your PC. You can add an app to the list of safe or allowed apps to prevent them from being blocked.
by (21.7k points)
selected by
0 votes
Thank you. I have made an exlusion for the clients in the gpo.
by (320 points)
Powered by Question2Answer