Windows Defender: A perplexing Issue


Recommended Posts

My windows security icon in the system tray shows an exclamation mark, but upon bringing up window settings it says there are no actions that can be taken (images wind1 and wind2). Furthermore, when I try to scan anything with Windows Defender it says "Page not available: Your IT administrator has limited access to some of the areas of this app, and the item you tried to access is not available" (wind3). I've double-checked in user settings and it shows that I'm the only admin. How can I fix this?

 

System:

i7 8750H

8 Gigs Memory

GTX 1060

250 Samsung SSD

Windows 10 (build 19041.685)

wind1.JPG

wind2.JPG

wind3.JPG

winbuild.JPG

Link to comment
https://www.neowin.net/forum/topic/1403214-windows-defender-a-perplexing-issue/
Share on other sites

  On 13/12/2020 at 12:50, Nick H. said:

I see that you're running Windows 10 2004. Have you considered updating Windows to 20H2? There may be simpler solutions to the issue, but you may as well have an up-to-date system while you're at it. ;)

Expand  

Updated. The issue persists.

In regedit ... can you look at the key --- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender Security Center\App and browser protection

 

....and see if there is an entry "UILockdown" ... if so, change the value to 0 or delete the "UILockdown" entry.

 

Do you have any other security software installed...like McAfee or whatever?

Did you install any 3rd-party anti-virus/security programs? Change any group policy settings recently? Install a Windows "optimization"  program that tweaks the registry?  Are you using a Windows account to logon to the PC?

  On 13/12/2020 at 13:32, Jim K said:

In regedit ... can you look at the key --- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender Security Center\App and browser protection

 

....and see if there is an entry "UILockdown" ... if so, change the value to 0 or delete the "UILockdown" entry.

 

Do you have any other security software installed...like McAfee or whatever?

Expand  

I'm using Avast Antivirus. I'll try your fix and get back with result.

  On 13/12/2020 at 13:34, Superuser said:

Did you install any 3rd-party anti-virus/security programs? Change any group policy settings recently? Install a Windows "optimization"  program that tweaks the registry?  Are you using a Windows account to logon to the PC?

Expand  

1. Avast Antivirus

2. I don't recall doing that. Unless any of the Windows updates or application silently did something in the background.

3. No optimisation program whatsoever. The only third-party app protection is Avast Antivirus.

3. It's my own login which is connected to my MSN/Live account.
 

  On 13/12/2020 at 13:35, Nick H. said:

Also, have you tried logging in as the hidden administrator account and seeing if you can access the options from there?

Expand  

I... haven't. Will try it and let you know.

  On 13/12/2020 at 13:32, Jim K said:

In regedit ... can you look at the key --- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender Security Center\App and browser protection

 

....and see if there is an entry "UILockdown" ... if so, change the value to 0 or delete the "UILockdown" entry.

 

Do you have any other security software installed...like McAfee or whatever?

Expand  

Nope. No such key. There's only one REG_SZ that says "Default" and has no assigned value.

  On 13/12/2020 at 13:35, Nick H. said:

Also, have you tried logging in as the hidden administrator account and seeing if you can access the options from there?

Expand  

Same issue with the hidden administrator account.

Check Group Policy settings for App and browser control

 

Type Group Policy in search  ->  Edit group policy -> Under Computer Configuration expand Administitive Templates ->  Windows Components -> Windows Security ->  Click on App and browser protection

 

You should see 2 entries, Prevent users from modifying settings +  Hide the app and browser protection area

 

Highlight one and click "policy settings" ->  Click Next Setting -> Are either of these Enabled or Disabled as opposed to Not Configured?

 

You could try and reset all group policy settings back to default.

 

https://www.tenforums.com/tutorials/68549-reset-local-group-policy-editor-settings-default-windows-10-a.html

  On 13/12/2020 at 18:13, Riggers said:

Check Group Policy settings for App and browser control

 

Type Group Policy in search  ->  Edit group policy -> Under Computer Configuration expand Administitive Templates ->  Windows Components -> Windows Security ->  Click on App and browser protection

 

You should see 2 entries, Prevent users from modifying settings +  Hide the app and browser protection area

 

Highlight one and click "policy settings" ->  Click Next Setting -> Are either of these Enabled or Disabled as opposed to Not Configured?

 

You could try and reset all group policy settings back to default.

 

https://www.tenforums.com/tutorials/68549-reset-local-group-policy-editor-settings-default-windows-10-a.html

Expand  

Both of them say "not configured".

  On 13/12/2020 at 14:24, zakyr said:

1. Avast Antivirus

2. I don't recall doing that. Unless any of the Windows updates or application silently did something in the background.

3. No optimisation program whatsoever. The only third-party app protection is Avast Antivirus.

3. It's my own login which is connected to my MSN/Live account.
 

I... haven't. Will try it and let you know.

Expand  

I would uninstall Avast to see if that is the problem. Personally, I would keep it off my PC even if it is not the issue.

Avast has probably changed a registry setting [due to having its own mitigation methods], have a look in these 2 places [pictures below]. Does Avast allow Defender to run on demand or disables it completely?

 

Actually check all keys under Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WindowsDefenderSecurityCenter and HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender Security Center\App and browser protection

 

Look for any UILockdown with a value of 1 below.

 

Unless as above uninstalling Avast solves it.

 

Dont edit any keys unless you are comfortable doing it and write down what you did so you can change it back if needed, you may bork something so having a back up is crucial!

 

Have you tried the Avast forum to see if others have the same issue, it could well be by design...

 

 

key1.png

key2.png

 

  On 14/12/2020 at 12:57, Riggers said:

Avast has probably changed a registry setting [due to having its own mitigation methods], have a look in these 2 places [pictures below]. Does Avast allow Defender to run on demand or disables it completely?

 

Actually check all keys under Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WindowsDefenderSecurityCenter and HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender Security Center\App and browser protection

 

Look for any UILockdown with a value of 1 below.

 

Unless as above uninstalling Avast solves it.

 

Dont edit any keys unless you are comfortable doing it and write down what you did so you can change it back if needed, you may bork something so having a back up is crucial!

 

Have you tried the Avast forum to see if others have the same issue, it could well be by design...

 

Expand  

 

Values as they appear in registry. Didn't change anything.

 

1.JPG

2.JPG

One more registry key to try which I didn`t mention also stops Windows Defender. It should be empty and have just (Default).

Have you tried uninstalling Avast, preferably in Safe Mode with their Clean Up utility? This looks like something a third party AV would do!

 

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Policy Manager

 

You can also open powershell and insert   Get-MpPreference   which should have UILockdown : False    (near the bottom)

 

Worth a look :)

  • 2 weeks later...

 

  On 15/12/2020 at 18:40, Riggers said:

One more registry key to try which I didn`t mention also stops Windows Defender. It should be empty and have just (Default).

Have you tried uninstalling Avast, preferably in Safe Mode with their Clean Up utility? This looks like something a third party AV would do!

 

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Policy Manager

 

You can also open powershell and insert   Get-MpPreference   which should have UILockdown : False    (near the bottom)

 

Worth a look :)

Expand  

Yup. UILockdown is False. Also, the registry entry you mentioned is empty.

I guess I'll have to try uninstalling Avast then. But I'm baffled as to why Avast would disable WD all of sudden when they'd both been working alongside just fine beforehand.

I would consider not using Avast it's such a bad piece of software now.

 

What I do is use a 3 month trial of Bitdefender Total Security and then sign-up again and repeat using the same email but just move the period in it, you can do this with a Gmail address.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Posts

    • Samsung Galaxy S25+ 512GB is $220 off for powerful AI and a pro-grade camera by Paul Hill Are you in the market for a premium Samsung phone? If so, check out the Samsung Galaxy S25+ with 512GB of storage. It’s on Amazon right now for just $899, down 20% from its $1,199.99 list price, representing a significant $220.99 saving. This unlocked device is marked as the number 1 new release by Amazon in the Cell Phones category. If you’re interested, act fast as it’s a limited-time deal. The Galaxy S25+ comes packed with AI features under the umbrella of Galaxy AI. Capabilities include Multiple Tasks with One Ask which brings Google Gemini integration for multi-app commands, Now Brief which proactively gives you information you need to start the day, Audio Eraser to remove distracting sounds from your videos, and advanced portrait features. Powering these features is the Qualcomm SM8750-AB Snapdragon 8 Elite (3 nm) processor which handles all sorts of tasks efficiently including gaming, translation, and photo editing. Alongside the processor is 512GB of storage and 12GB of RAM. The S25+ uses a 6.7-inch QHD+ ProScaler Display which delivers vibrant visuals thanks to its use of Dynamic AMOLED 2X with 3,120 x 1,440 resolution and 120Hz refresh rate. Regarding camera setup, the S25+ has an AI camera with 50MP main sensor, 12MP ultrawide, and 10MP telephoto with OIS. There is also a 12MP front camera. This camera setup is capable of 8K video recording, which is impressive. Finally, you get long battery life with the 4,900 mAh and 45W fast charging support so you don’t need to wait long for it to recharge. If you’re an Android user looking to upgrade to a flagship phone without paying the full price, this deal is for you. If you have an eligible phone to trade in, there is an option to do so to claim up to $725 on the upgrade with Amazon.com Gift Card credit. If you’re excited by AI, but your current phone doesn’t support many AI features, this phone could also be a smart choice. Its display is also great for media consumption, and the processor is robust. Finally, if you have a lot of files to store, the 512GB of storage should be ample. Samsung Galaxy S25+ (Icyblue): $899 (Amazon US) / MSRP $1,199.99 This Amazon deal is US-specific and not available in other regions unless specified. If you don't like it or want to look at more options, check out the Amazon US deals page here. Get Prime (SNAP), Prime Video, Audible Plus or Kindle / Music Unlimited. Free for 30 days. As an Amazon Associate, we earn from qualifying purchases.
    • Sniffnet 1.4.0 by Razvan Serea Sniffnet is a network monitoring tool to help you easily keep track of your Internet traffic. Whether you want to gather statistics, or you need to inspect more in depth what's going on in your network, this app will get you covered. Sniffnet is a technical tool, but at the same time it strongly focuses on the overall user experience: most of the network analyzers out there are cumbersome to use, while one of Sniffnet's cornerstones is to be usable with ease by everyone. Furthermore, Sniffnet is completely free and open-source, dual-licensed under MIT or Apache-2.0: if you are interested you can find the full source code on GitHub. Last but not least, this application is totally developed in Rust: a modern programming language to build efficient and reliable software, emphasizing performance and safety. Sniffnet key features choose a network adapter of your PC to inspect select a set of filters to apply to the observed traffic view overall statistics about your Internet traffic view real-time charts about traffic intensity keep an eye on your network even when the application is minimized export comprehensive capture reports as PCAP files identify 6000+ upper layer services, protocols, trojans, and worms find out domain name and ASN of the hosts you are exchanging traffic with identify connections in your local network discover the geographical location of the remote hosts save your favorite network hosts inspect each of your network connections in real time set custom notifications to inform you when defined network events occur choose the style that fits you the most, including custom themes support ... and more! Sniffnet 1.4.0 changelog: New features Import PCAP files (#795 — fixes #283) Enhanced notifications (#830 — fixes #637) Donut chart reporting overall traffic statistics (#756 — fixes #687) Added support for ARP protocol (#759 — fixes #680) Identify and tag unassigned/reserved "bogon" IP addresses (#678 — fixes #209) Show data agglomerates in Inspect page table (#684 — fixes #601) Added Traditional Chinese (Taiwan) translation 🇹🇼 (#774) Added Indonesian translation 🇮🇩 (#611) A Docker image of Sniffnet is now available (#735) Improvements Added new themes A11y (Night) and A11y (Day) based on palettes optimized for Accessibility (#785 — fixes #786) Do not apply new notification thresholds while user is typing them (#777 — fixes #658) Show more information when domain name is short (#720 — fixes #696) Avoid directory traversal when selecting file name for PCAP exports (#776 — fixes #767) Add icon to window title bar (#719 — fixes #715) Update footer buttons and links (#755 — fixes #553) Handle errors to reduce the number of possible crash occurrences (#784) Updated some of the existing translations to v1.3: Portuguese (#690) Ukrainian (#692) Spanish (#805) Fixes Fix crates.io package for Windows (#718 — fixes #681) Fix crash when inserting characters longer than one byte in the text input for byte threshold notification setting (#747 — fixes #744) Remove pre-uninstall script on Linux (fixes #644) Fix typo in Russian translation (fixes #730) Minor fix to service determination algorithm in case of multicast and broadcast traffic Download: Sniffnet 64-bit | Sniffnet 32-bit ~15.0 MB (Open Source) Link: Sniffnet Home Page | Other operating systems | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • Anker announces global recall of five power bank models over fire safety risks by Aditya Tiwari The Chinese electronics brand, Anker Innovations, known for its mobile accessories and power banks has announced a voluntary global recall of five power bank models. The decision comes after the company spotted a potential fire hazard issue with lithium-ion battery cells from a particular vendor. Anker said that it put up a series of quality checks to detect manufacturing issues early in the production cycle, which include component level-audits and supplier testing. The company assured that "while the likelihood of malfunction is considered minimal, out of an abundance of caution, we have decided to initiate a voluntary global recall of several Anker power bank models." Here's the list of the Anker Power Bank models chosen for the global recall: Model A1257 - Anker Power Bank (10K, 22.5W) Model A1647 - Anker Power Bank (20,000mAh, 22.5W, Built-In USB-C Cable) Model A1652 - Anker MagGo Power Bank (10,000mAh, 7.5W) Model A1681 - Anker Zolo Power Bank (20K, 30W, Built-In USB-C and Lightning Cable) Model A1689 - Anker Zolo Power Bank (20K, 30W, Built-In USB-C Cable) If you think you own one of the affected power banks, you can check the model number located on the back or side of your power bank. After that, you can fill out the recall form to start the process and verify the serial number of your affected device. If your power bank is eligible for the recall, you can either get a replacement or receive a gift card for use on the Anker website. It's not offering any refunds in the US at the moment. Anker advises that you should stop using an impacted power bank immediately even if the device functions normally right now. A unit confirmed for the recall could pose the risk of overheating, melting, smoke, or fire. This is the second major recall from Anker in the same month after more than a dozen reports of fires and explosions. The company previously recalled over one million Anker PowerCore 10000 (A1263) power bank units, citing fire safety risks due to a potential issue with the Lithium-ion battery. These power banks were sold in the US from January 1, 2016 through December 31, 2022.
    • What learning curve !!?? Govt office employees never learn anything !! they're just there to not work !!
  • Recent Achievements

    • Collaborator
      Mighty Pen went up a rank
      Collaborator
    • Week One Done
      emptyother earned a badge
      Week One Done
    • Week One Done
      DarkWun earned a badge
      Week One Done
    • Very Popular
      valkyr09 earned a badge
      Very Popular
    • Week One Done
      suprememobiles earned a badge
      Week One Done
  • Popular Contributors

    1. 1
      +primortal
      566
    2. 2
      +FloatingFatMan
      189
    3. 3
      ATLien_0
      176
    4. 4
      Skyfrog
      112
    5. 5
      Xenon
      110
  • Tell a friend

    Love Neowin? Tell a friend!