Windows 10 Applocker blocking Microsoft.Windows.Search appx

  • Thread starter Thread starter CatDog1
  • Start date Start date
C

CatDog1

Guest
I have recently upgraded 2004 to see if we will have any issues on our environment figures applocker is blocking the windows search functionality.

I just dont know what to whitelist under applocker. i cant seem to find any path or exe for this search functionality.


Here is what i found under Eventlog


Applocker/Packed app-Deployment/


Log Name: Microsoft-Windows-AppLocker/Packaged app-Deployment
Source: Microsoft-Windows-AppLocker
Date: 6/16/2020 9:43:32 AM
Event ID: 8025
Task Category: None
Level: Error
Keywords:
User: computername
Computer: computername
Description:
Microsoft.Windows.Search was prevented from running.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-AppLocker" Guid="{cbda4dbf-8d5d-4f69-9578-be14aa540d22}" />
<EventID>8025</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x1000000000000000</Keywords>
<TimeCreated SystemTime="2020-06-16T14:43:32.4947610Z" />
<EventRecordID>100</EventRecordID>
<Correlation ActivityID="{8caad61e-43df-0008-04f7-aa8cdf43d601}" />
<Execution ProcessID="3592" ThreadID="2580" />
<Channel>Microsoft-Windows-AppLocker/Packaged app-Deployment</Channel>
<Computer>computername</Computer>
<Security UserID="S-1-5-21-2606090796-2652713439-152865812-4359" />
</System>
<UserData>
<RuleAndFileData xmlns="http://schemas.microsoft.com/schemas/event/Microsoft.Windows/1.0.0.0">
<PolicyNameLength>4</PolicyNameLength>
<PolicyName>APPX</PolicyName>
<RuleId>{00000000-0000-0000-0000-000000000000}</RuleId>
<RuleNameLength>1</RuleNameLength>
<RuleName>-</RuleName>
<RuleSddlLength>1</RuleSddlLength>
<RuleSddl>-</RuleSddl>
<TargetUser>S-1-5-21-2606090796-2652713439-152865812-4359</TargetUser>
<TargetProcessId>3592</TargetProcessId>
<PackageLength>24</PackageLength>
<Package>Microsoft.Windows.Search</Package>
<FqbnLength>119</FqbnLength>
<Fqbn>CN=MICROSOFT WINDOWS, O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US\MICROSOFT.WINDOWS.SEARCH\APPX\1.14.0.19041</Fqbn>
</RuleAndFileData>
</UserData>
</Event>



Any help will be much appreciated.



Cant seem to find any location or folder location related to this microsoft.search. I will need that to be able to create a rule under applocker.

More...
 

Similar threads

R
Windows 10 Windows 10 1809 Applocker issue - Calculator being blocked by default rule
Replies
0
Views
175
Rick Montrose Dangleton
R
E
Windows 10 Cant print anything.
Replies
0
Views
241
Emb1992
E
S
weird error
Replies
0
Views
113
ShipWrek1
S
S
Windows 10 Errors 7024 and 7031 every minute from Service Control Manager
Replies
0
Views
313
shwhjw
S
A
Windows 10 PC gets Kernel-Power error 41 bugcheck 278 while on use
Replies
0
Views
294
Antonis T
A
Back
Top