Thought I’d post my fix here, considering I just had this happen for the second time with the latest update. Here’s a powershell script that might help someone else out
#Requires -RunAsAdministrator
$paths = @($env:LOCALAPPDATA, $env:APPDATA, "C:\Program Files")
$removed = 0
foreach ($path in $paths) {
Write-Host "Scanning: $path"
$acl = Get-Acl $path
$rules = $acl.Access | Where-Object {
$_.IsInherited -eq $false -and
$_.IdentityReference.Value -like "S-1-15-2-*"
}
if ($rules.Count -eq 0) {
Write-Host " No rogue AppContainer entries found."
continue
}
foreach ($rule in $rules) {
Write-Host " Removing: $($rule.IdentityReference.Value) | $($rule.FileSystemRights)"
$acl.RemoveAccessRule($rule) | Out-Null
$removed++
}
Set-Acl $path $acl
Write-Host " Done."
}
Write-Host ""
Write-Host "Verifying..."
$allClean = $true
foreach ($path in $paths) {
$acl = Get-Acl $path
$match = $acl.Access | Where-Object {
$_.IsInherited -eq $false -and
$_.IdentityReference.Value -like "S-1-15-2-*"
}
if ($match) {
Write-Host "STILL PRESENT at: $path"
$allClean = $false
} else {
Write-Host "CLEAN: $path"
}
}
Write-Host ""
if ($allClean -and $removed -gt 0) {
Write-Host "Fixed! Removed $removed rogue AppContainer ACE(s). Restart any affected apps (Discord, Opera, etc)."
} elseif ($removed -eq 0) {
Write-Host "Nothing to fix - no rogue AppContainer entries were found. Are you already clean?"
} else {
Write-Host "Something may still be wrong. Try running as Administrator if you haven't."
}