When I do a system restore in Windows 10 1607 (Anniversary Update), I get this error:
Based on the error, it looks like Windows Defender isn't playing well with System restore -- and lo and behold, when I disable Windows Defender, the System Restore works!
However, I don't have the option to remove Windows Defender -- the clients don't want that.
This is not an uncommon problem, and there are a few solutions out there.
Here's what I've tried:
(1)
The error says "System Restore could not access a file." Maybe the problem is that a file is corrupted? Windows Defender touches every file (I think), and maybe when it touches the corrupted file, it passes out like a scared goat.
So I ran the utility "System File Checker", but it didn't find any corrupted files. Can I trust the utility?
(2)
Success with this problem was found by turning off something called App & Browser control. The problem here is that I can't do that, because that's in the Defender Security Center, which isn't on the Anniversary Update (1607), it's on the Creator's Update (1709).
It seems that Windows Defender isn't near as configurable in 1607 than in 1709, and clients also don't want to update to 1709. OUCH. Am I missing a Windows Defender configuration that allows System Restore in 1607? I see that you can get it to not touch certain files or folders, but I don't know what file/folder System Restore would be in, as it's not really a file.
(3)
Write a script that temporarily disables Windows Defender. I actually haven't tried this because I'm not sure where to start. I would insert the script into my program, which is in C#. It would go like this:
turn off Windows Defender
run the code that does the restore point, and after it's done and the machine is restarted,
turn Windows Defender back on.
After all that, here are some specific questions:
(1) how to write a script that toggles Windows Defender
(2) is there a way to configure Windows Defender in 1607 such that it allows System Restore to work?
(3) any other ideas would be appreciated.
