Windows Defender: A perplexing Issue


Recommended Posts

My windows security icon in the system tray shows an exclamation mark, but upon bringing up window settings it says there are no actions that can be taken (images wind1 and wind2). Furthermore, when I try to scan anything with Windows Defender it says "Page not available: Your IT administrator has limited access to some of the areas of this app, and the item you tried to access is not available" (wind3). I've double-checked in user settings and it shows that I'm the only admin. How can I fix this?

 

System:

i7 8750H

8 Gigs Memory

GTX 1060

250 Samsung SSD

Windows 10 (build 19041.685)

wind1.JPG

wind2.JPG

wind3.JPG

winbuild.JPG

Link to comment
https://www.neowin.net/forum/topic/1403214-windows-defender-a-perplexing-issue/
Share on other sites

  On 13/12/2020 at 12:50, Nick H. said:

I see that you're running Windows 10 2004. Have you considered updating Windows to 20H2? There may be simpler solutions to the issue, but you may as well have an up-to-date system while you're at it. ;)

Expand  

Updated. The issue persists.

In regedit ... can you look at the key --- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender Security Center\App and browser protection

 

....and see if there is an entry "UILockdown" ... if so, change the value to 0 or delete the "UILockdown" entry.

 

Do you have any other security software installed...like McAfee or whatever?

Did you install any 3rd-party anti-virus/security programs? Change any group policy settings recently? Install a Windows "optimization"  program that tweaks the registry?  Are you using a Windows account to logon to the PC?

  On 13/12/2020 at 13:32, Jim K said:

In regedit ... can you look at the key --- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender Security Center\App and browser protection

 

....and see if there is an entry "UILockdown" ... if so, change the value to 0 or delete the "UILockdown" entry.

 

Do you have any other security software installed...like McAfee or whatever?

Expand  

I'm using Avast Antivirus. I'll try your fix and get back with result.

  On 13/12/2020 at 13:34, Superuser said:

Did you install any 3rd-party anti-virus/security programs? Change any group policy settings recently? Install a Windows "optimization"  program that tweaks the registry?  Are you using a Windows account to logon to the PC?

Expand  

1. Avast Antivirus

2. I don't recall doing that. Unless any of the Windows updates or application silently did something in the background.

3. No optimisation program whatsoever. The only third-party app protection is Avast Antivirus.

3. It's my own login which is connected to my MSN/Live account.
 

  On 13/12/2020 at 13:35, Nick H. said:

Also, have you tried logging in as the hidden administrator account and seeing if you can access the options from there?

Expand  

I... haven't. Will try it and let you know.

  On 13/12/2020 at 13:32, Jim K said:

In regedit ... can you look at the key --- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender Security Center\App and browser protection

 

....and see if there is an entry "UILockdown" ... if so, change the value to 0 or delete the "UILockdown" entry.

 

Do you have any other security software installed...like McAfee or whatever?

Expand  

Nope. No such key. There's only one REG_SZ that says "Default" and has no assigned value.

  On 13/12/2020 at 13:35, Nick H. said:

Also, have you tried logging in as the hidden administrator account and seeing if you can access the options from there?

Expand  

Same issue with the hidden administrator account.

Check Group Policy settings for App and browser control

 

Type Group Policy in search  ->  Edit group policy -> Under Computer Configuration expand Administitive Templates ->  Windows Components -> Windows Security ->  Click on App and browser protection

 

You should see 2 entries, Prevent users from modifying settings +  Hide the app and browser protection area

 

Highlight one and click "policy settings" ->  Click Next Setting -> Are either of these Enabled or Disabled as opposed to Not Configured?

 

You could try and reset all group policy settings back to default.

 

https://www.tenforums.com/tutorials/68549-reset-local-group-policy-editor-settings-default-windows-10-a.html

  On 13/12/2020 at 18:13, Riggers said:

Check Group Policy settings for App and browser control

 

Type Group Policy in search  ->  Edit group policy -> Under Computer Configuration expand Administitive Templates ->  Windows Components -> Windows Security ->  Click on App and browser protection

 

You should see 2 entries, Prevent users from modifying settings +  Hide the app and browser protection area

 

Highlight one and click "policy settings" ->  Click Next Setting -> Are either of these Enabled or Disabled as opposed to Not Configured?

 

You could try and reset all group policy settings back to default.

 

https://www.tenforums.com/tutorials/68549-reset-local-group-policy-editor-settings-default-windows-10-a.html

Expand  

Both of them say "not configured".

  On 13/12/2020 at 14:24, zakyr said:

1. Avast Antivirus

2. I don't recall doing that. Unless any of the Windows updates or application silently did something in the background.

3. No optimisation program whatsoever. The only third-party app protection is Avast Antivirus.

3. It's my own login which is connected to my MSN/Live account.
 

I... haven't. Will try it and let you know.

Expand  

I would uninstall Avast to see if that is the problem. Personally, I would keep it off my PC even if it is not the issue.

Avast has probably changed a registry setting [due to having its own mitigation methods], have a look in these 2 places [pictures below]. Does Avast allow Defender to run on demand or disables it completely?

 

Actually check all keys under Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WindowsDefenderSecurityCenter and HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender Security Center\App and browser protection

 

Look for any UILockdown with a value of 1 below.

 

Unless as above uninstalling Avast solves it.

 

Dont edit any keys unless you are comfortable doing it and write down what you did so you can change it back if needed, you may bork something so having a back up is crucial!

 

Have you tried the Avast forum to see if others have the same issue, it could well be by design...

 

 

key1.png

key2.png

 

  On 14/12/2020 at 12:57, Riggers said:

Avast has probably changed a registry setting [due to having its own mitigation methods], have a look in these 2 places [pictures below]. Does Avast allow Defender to run on demand or disables it completely?

 

Actually check all keys under Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WindowsDefenderSecurityCenter and HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender Security Center\App and browser protection

 

Look for any UILockdown with a value of 1 below.

 

Unless as above uninstalling Avast solves it.

 

Dont edit any keys unless you are comfortable doing it and write down what you did so you can change it back if needed, you may bork something so having a back up is crucial!

 

Have you tried the Avast forum to see if others have the same issue, it could well be by design...

 

Expand  

 

Values as they appear in registry. Didn't change anything.

 

1.JPG

2.JPG

One more registry key to try which I didn`t mention also stops Windows Defender. It should be empty and have just (Default).

Have you tried uninstalling Avast, preferably in Safe Mode with their Clean Up utility? This looks like something a third party AV would do!

 

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Policy Manager

 

You can also open powershell and insert   Get-MpPreference   which should have UILockdown : False    (near the bottom)

 

Worth a look :)

  • 2 weeks later...

 

  On 15/12/2020 at 18:40, Riggers said:

One more registry key to try which I didn`t mention also stops Windows Defender. It should be empty and have just (Default).

Have you tried uninstalling Avast, preferably in Safe Mode with their Clean Up utility? This looks like something a third party AV would do!

 

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Policy Manager

 

You can also open powershell and insert   Get-MpPreference   which should have UILockdown : False    (near the bottom)

 

Worth a look :)

Expand  

Yup. UILockdown is False. Also, the registry entry you mentioned is empty.

I guess I'll have to try uninstalling Avast then. But I'm baffled as to why Avast would disable WD all of sudden when they'd both been working alongside just fine beforehand.

I would consider not using Avast it's such a bad piece of software now.

 

What I do is use a 3 month trial of Bitdefender Total Security and then sign-up again and repeat using the same email but just move the period in it, you can do this with a Gmail address.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Posts

    • PasteBar 0.7.0 by Razvan Serea PasteBar is a powerful yet free clipboard manager that revolutionizes how you copy, organize, and reuse information. Packed with smart features, it enhances productivity and simplifies your workflow by minimizing repetitive copy-paste tasks—so you can work faster and smarter. PasteBar offers powerful clipboard management with unlimited history, searchable copy records, and note support, making it easy to retrieve past clips. You can save and organize clips into custom collections, tabs, or boards for quick access through intuitive paste menus. Privacy is a priority, with local storage, passcode protection, and PIN-locked collections ensuring your data stays secure. The app also supports custom storage locations, giving you full control over where your clipboard history is saved. Beyond basic clipboard functions, PasteBar includes smart features like support for text, images, files, and code snippets—complete with syntax highlighting and Markdown formatting. A global search function, instant pasting, and dark theme enhance usability, while customization options let you tailor hotkeys, tray behavior, and text filters. Cross-platform compatibility (macOS & Windows) ensures seamless workflow integration, with added tools for web scraping, API data extraction, and multi-language support. Backup and restore capabilities provide extra peace of mind, making PasteBar a versatile productivity tool. PasteBar 0.7.0 changelog: Added backup and restore database and images Added custom data location to store application data in a folder of your choice instead of the default location Added keyboard shortcuts to improve navigation efficiency within the application Added long press on clip to activate clips organize Added "Trim Spaces" option for clips and "Auto Trim Spaces" option for History Capture Added Quick history window user options Added option to disable capturing and storing images from clipboard Implemented clipboard history filtering based on text length limits Added support for setting hotkeys with up to 3-key combinations Fixed update history items in quick paste window after delete operation in main window Added user setting for single-click keyboard focus in history Refactored terminology for history window split to open Updated to React 19 and React Compiler Auto-activate search in quick paste window when typing any letter or number Added single-click copy/paste option in user preferences Added persistent note icons for clips with descriptions Added detect and select language modal on first app run Fixed refresh native menu on history items delete Added history item preview max lines user setting Added protected collection with PIN access Added special copy/paste for history items context menu and settings Added global templates in user preferences for saved clips Press Delete key to delete single or multiple items with confirmation on second press Added customizable tray icon behavior on Windows as user settings Added user preference to copy only menu items to clipboard without auto-pasting Fixed enhance value preview logic to fix text overflow Updated French language translation from Jean-Michel Robert Added deleting menu folders with children by moving submenus up one level Fixed user preferences UI color bug for languages Added settings to preserve pinned and starred items when clearing clipboard history Added option "Show Always on Top" for main window Added support for notes matching in global search Added Turkish language translation by AlijonMurodov Updated Chinese translation by katelya77 Download: PasteBar | Portable | ~30.0 MB (Open Source) Download: PasteBar ARM64 | Portable ARM64 Links: PasteBar Website | Screenshot | MS Store Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • Well, it seems version 4.9 doesn't work well at least when trying to make a WinToGo USB. It ends very fast with an error. Had to use 4.8 instead.
    • Hundreds of printer models with weak password algorithms exposed, no firmware patch possible by Usama Jawad Many people don't think or care about it, but printer security is a pretty important avenue when it comes to evaluating your cybersecurity posture. Last month, it was found that the companion software for Procolored printers was distributing malware. Now, it has been revealed that hundreds of printer models all over the globe are susceptible to attacks targeting their admin credentials. Bleeping Computer has reported that CVE-2024-51978 is a one of the eight printer vulnerabilities recently discovered by security researchers. Combined, these allow authenticated and unauthenticated attackers to discover the default admin password, perform remote code execution (RCE), crash the printer, and leak other sensitive information. Severity ratings go from a score of 5.3 (medium) to 9.8 (critical), indicating that these are pretty severe vulnerabilities. The most dangerous vulnerability in there exposes the default admin password, and primarily affects Brother printers. This is because Brother utilizes a rather weak password generation algorithm that is highly dependent upon the device's serial number and a static salt table. Analysis of the code revealed that the first 16 characters of the serial number are appended with eight bytes from a static salt table, with the results being hashed with SHA256 and Base64-encoded. Finally, the first eight characters are then taken and some of them are replaced with special characters to form the password. The static nature of the password generation algorithm means that an attacker can chain various existing vulnerabilities to get access to your serial number and eventually your default admin password. It is important to note that not all printer models are affected by all of these flaws, but the default admin password exposure does affect 695 models. The breakdown for the number of printer model affected by the eight vulnerabilities is as follows: Brother: 689 Fujifilm: 46 Konica Minolta: 6 Ricoh: 5 Toshiba: 2 Brother has informed the security researchers that it cannot fully remediate the password generation vulnerability through a firmware patch. It can only fix the issue in its next printer models by patching the problem during the manufacturing process. This makes it crucial for customers of affected models to change their default admin password as soon as possible, which is good practice anyway.
    • Win11 being 2.3x faster than Win10, so that means without changing any hardware, Doom Eternal will run at over 2x the framerate? Or that any computational stuff will be done 2x faster just because of OS? Press X for doubt. I wonder where they pulled these metrics out of coz they make no sense. Not to mention my laptop with Ryzen 2500U that used to run Windows 11 simply CAN'T anymore because of BS arbitrary requirements Microsoft has imposed in Win11 that weren't there intiially. So, that laptop is now running Ubuntu or Fedora and runs at 1000000000000000000000x faster speeds because Windows 11 just doesn't work at all so it gets DNF.
    • “Ask Photos” is coming to more Google Photos users in the US by Paul Hill Google has announced several improvements to a Gemini-powered Google Photos feature called Ask Photos. The feature launched last year in early access and it was great for longer search requests, however, when users typed “Dog” or “Beach” looking for those types of pictures, Ask Photos underperformed. Now, Google has addressed this and is bringing the feature to more eligible users in the United States. The search giant said that users enjoyed asking queries such as “suggest photos that’d make great phone backgrounds” or “what did I eat on my trip to Barcelona?” and getting Gemini-powered responses to these complex questions. Unfortunately, simple searches like “beach” or “dogs” were generating less than optimal results and people complained. To remedy the situation, Google has brought the best of Google Photos’ classic search feature to Ask Photos to improve latency. Easy, short requests will be dealt with by the old search mechanism and when you ask complex queries, it will switch over to the Gemini-powered search results. Now that Google has addressed this main issue of simple searches by integrated functionality from the previous search model, the company feels more confident to open up beyond early access and deliver it to more users in the United States. To be eligible, you must be 18+, be in the US, have your Google Account language set to English (United States), and have Face Groups turned on. This feature is only available on Android and iOS. To start using it, open Google Photos and tap on Ask at the bottom, then press Try now and agree to the terms. If you do not see the Ask button, it means you’re not yet eligible. The feature also can’t be used on computers yet. Hopefully, Google will quickly expand this feature outside the US so that international users can try it out too.
  • Recent Achievements

    • Week One Done
      suprememobiles earned a badge
      Week One Done
    • Week One Done
      Marites earned a badge
      Week One Done
    • One Year In
      runge100 earned a badge
      One Year In
    • One Month Later
      runge100 earned a badge
      One Month Later
    • One Month Later
      jfam earned a badge
      One Month Later
  • Popular Contributors

    1. 1
      +primortal
      567
    2. 2
      +FloatingFatMan
      177
    3. 3
      ATLien_0
      169
    4. 4
      Michael Scrip
      127
    5. 5
      Xenon
      119
  • Tell a friend

    Love Neowin? Tell a friend!