Windows Defender: A perplexing Issue

[zakyr]

My windows security icon in the system tray shows an exclamation mark, but upon bringing up window settings it says there are no actions that can be taken (images wind1 and wind2). Furthermore, when I try to scan anything with Windows Defender it says "Page not available: Your IT administrator has limited access to some of the areas of this app, and the item you tried to access is not available" (wind3). I've double-checked in user settings and it shows that I'm the only admin. How can I fix this?

 

System:

i7 8750H

8 Gigs Memory

GTX 1060

250 Samsung SSD

Windows 10 (build 19041.685)

[Nick H. Supervisor]

Does Window 2 appear when you select the review button for App & browser control?

[zakyr]

  On 13/12/2020 at 12:32, Nick H. said:

Does Window 2 appear when you select the review button for App & browser control?

Expand  

Yes.

[Nick H. Supervisor]

I see that you're running Windows 10 2004. Have you considered updating Windows to 20H2? There may be simpler solutions to the issue, but you may as well have an up-to-date system while you're at it.

[zakyr]

  On 13/12/2020 at 12:50, Nick H. said:

I see that you're running Windows 10 2004. Have you considered updating Windows to 20H2? There may be simpler solutions to the issue, but you may as well have an up-to-date system while you're at it.

Expand  

Updated. The issue persists.

[Jim K Global Moderator]

In regedit ... can you look at the key --- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender Security Center\App and browser protection

 

....and see if there is an entry "UILockdown" ... if so, change the value to 0 or delete the "UILockdown" entry.

 

Do you have any other security software installed...like McAfee or whatever?

[Good Bot, Bad Bot]

Did you install any 3rd-party anti-virus/security programs? Change any group policy settings recently? Install a Windows "optimization"  program that tweaks the registry?  Are you using a Windows account to logon to the PC?

[Nick H. Supervisor]

Also, have you tried logging in as the hidden administrator account and seeing if you can access the options from there?

[zakyr]

  On 13/12/2020 at 13:32, Jim K said:

In regedit ... can you look at the key --- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender Security Center\App and browser protection

 

....and see if there is an entry "UILockdown" ... if so, change the value to 0 or delete the "UILockdown" entry.

 

Do you have any other security software installed...like McAfee or whatever?

Expand  

I'm using Avast Antivirus. I'll try your fix and get back with result.

[zakyr]

  On 13/12/2020 at 13:34, Superuser said:

Did you install any 3rd-party anti-virus/security programs? Change any group policy settings recently? Install a Windows "optimization"  program that tweaks the registry?  Are you using a Windows account to logon to the PC?

Expand  

1. Avast Antivirus

2. I don't recall doing that. Unless any of the Windows updates or application silently did something in the background.

3. No optimisation program whatsoever. The only third-party app protection is Avast Antivirus.

3. It's my own login which is connected to my MSN/Live account.
 

  On 13/12/2020 at 13:35, Nick H. said:

Also, have you tried logging in as the hidden administrator account and seeing if you can access the options from there?

Expand  

I... haven't. Will try it and let you know.

[zakyr]

  On 13/12/2020 at 13:32, Jim K said:

In regedit ... can you look at the key --- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender Security Center\App and browser protection

 

....and see if there is an entry "UILockdown" ... if so, change the value to 0 or delete the "UILockdown" entry.

 

Do you have any other security software installed...like McAfee or whatever?

Expand  

Nope. No such key. There's only one REG_SZ that says "Default" and has no assigned value.

[zakyr]

  On 13/12/2020 at 13:35, Nick H. said:

Also, have you tried logging in as the hidden administrator account and seeing if you can access the options from there?

Expand  

Same issue with the hidden administrator account.

[Riggers]

Check Group Policy settings for App and browser control

 

Type Group Policy in search  ->  Edit group policy -> Under Computer Configuration expand Administitive Templates ->  Windows Components -> Windows Security ->  Click on App and browser protection

 

You should see 2 entries, Prevent users from modifying settings +  Hide the app and browser protection area

 

Highlight one and click "policy settings" ->  Click Next Setting -> Are either of these Enabled or Disabled as opposed to Not Configured?

 

You could try and reset all group policy settings back to default.

 

https://www.tenforums.com/tutorials/68549-reset-local-group-policy-editor-settings-default-windows-10-a.html

[zakyr]

  On 13/12/2020 at 18:13, Riggers said:

Check Group Policy settings for App and browser control

 

Type Group Policy in search  ->  Edit group policy -> Under Computer Configuration expand Administitive Templates ->  Windows Components -> Windows Security ->  Click on App and browser protection

 

You should see 2 entries, Prevent users from modifying settings +  Hide the app and browser protection area

 

Highlight one and click "policy settings" ->  Click Next Setting -> Are either of these Enabled or Disabled as opposed to Not Configured?

 

You could try and reset all group policy settings back to default.

 

https://www.tenforums.com/tutorials/68549-reset-local-group-policy-editor-settings-default-windows-10-a.html

Expand  

Both of them say "not configured".

[Good Bot, Bad Bot]

  On 13/12/2020 at 14:24, zakyr said:

1. Avast Antivirus

2. I don't recall doing that. Unless any of the Windows updates or application silently did something in the background.

3. No optimisation program whatsoever. The only third-party app protection is Avast Antivirus.

3. It's my own login which is connected to my MSN/Live account.
 

I... haven't. Will try it and let you know.

Expand  

I would uninstall Avast to see if that is the problem. Personally, I would keep it off my PC even if it is not the issue.

[Riggers]

Avast has probably changed a registry setting [due to having its own mitigation methods], have a look in these 2 places [pictures below]. Does Avast allow Defender to run on demand or disables it completely?

 

Actually check all keys under Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WindowsDefenderSecurityCenter and HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender Security Center\App and browser protection

 

Look for any UILockdown with a value of 1 below.

 

Unless as above uninstalling Avast solves it.

 

Dont edit any keys unless you are comfortable doing it and write down what you did so you can change it back if needed, you may bork something so having a back up is crucial!

 

Have you tried the Avast forum to see if others have the same issue, it could well be by design...

 

 

[zakyr]

 

  On 14/12/2020 at 12:57, Riggers said:

Avast has probably changed a registry setting [due to having its own mitigation methods], have a look in these 2 places [pictures below]. Does Avast allow Defender to run on demand or disables it completely?

 

Actually check all keys under Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WindowsDefenderSecurityCenter and HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender Security Center\App and browser protection

 

Look for any UILockdown with a value of 1 below.

 

Unless as above uninstalling Avast solves it.

 

Dont edit any keys unless you are comfortable doing it and write down what you did so you can change it back if needed, you may bork something so having a back up is crucial!

 

Have you tried the Avast forum to see if others have the same issue, it could well be by design...

 

Expand  

 

Values as they appear in registry. Didn't change anything.

 

[Riggers]

One more registry key to try which I didn`t mention also stops Windows Defender. It should be empty and have just (Default).

Have you tried uninstalling Avast, preferably in Safe Mode with their Clean Up utility? This looks like something a third party AV would do!

 

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Policy Manager

 

You can also open powershell and insert   Get-MpPreference   which should have UILockdown : False    (near the bottom)

 

Worth a look

[zakyr]

 

  On 15/12/2020 at 18:40, Riggers said:

One more registry key to try which I didn`t mention also stops Windows Defender. It should be empty and have just (Default).

Have you tried uninstalling Avast, preferably in Safe Mode with their Clean Up utility? This looks like something a third party AV would do!

 

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Policy Manager

 

You can also open powershell and insert   Get-MpPreference   which should have UILockdown : False    (near the bottom)

 

Worth a look

Expand  

Yup. UILockdown is False. Also, the registry entry you mentioned is empty.

I guess I'll have to try uninstalling Avast then. But I'm baffled as to why Avast would disable WD all of sudden when they'd both been working alongside just fine beforehand.

[SnoopZ]

I would consider not using Avast it's such a bad piece of software now.

 

What I do is use a 3 month trial of Bitdefender Total Security and then sign-up again and repeat using the same email but just move the period in it, you can do this with a Gmail address.