On Win10, the "anti-ransomware" feature Controlled Folder Access impedes accessing non-whitelisted softwares to certain folders.
Is there a way (API) to know if that feature is in place when you get an error in some file operation?, so far I could find none.
Specifically what I am after is adding in de Desktop a link/icon to the app during installation. As far as I know, innoSetup is not aware of this and throws an error so my idea is to create the link myself and, in case of error inform the user, but I'd like to confirm that the real cause of the problem is CFA.
You can find in registry if the feature is enabled or not:
In key
\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Windows Defender Exploit Guard\Controlled Folder Access
, there is a read-only propertyEnableControlledFolderAccess
equals to1
if anti-ransomware is enabled,0
otherwise.Subkey
AllowedApplications
lists full .exe path of applications already allowed.Subkey
ProtectedFolders
lists folders manually added by user (Documents, Pictures, Favorites, Videos and Music directories are defacto protected).