Skip to main content

How to Fix Windows Defender Error ‘This app is turned off by group policy’

There is no need to install any anti-malware application on Windows 8 and newer versions of Windows, since Windows Defender is installed by default. This built-in security suite is enough to provide primary protection for your PC and also keep you safe online.
When trying to enable Windows Defender, you may get the following error: ‘This app is turned off by group policy’ and this is caused by two main reasons: If your PC is part of a domain and the domain controller assigned some policies, Windows Defender may get blocked. In other cases, if you’ve installed a 3rd party antivirus, it is like to block Defender and the block may remain active even if you’ve uninstalled the application. In such a condition, when you try to enable defender, you’ll get the error as shown in the image above.

This error is largely fixed by asking your system administrator to enable Windows Defender via Group Policy. You can also fix this by turning it on with the Local Group Policy Editor or applying a registry tweak.

Method 1: Enabling Windows Defender Using the Local Group Policy Editor

Before you proceed with this method, note that the Local Group Policy Editor is only available in Windows Enterprise and Pro Editions.
To fix this issue follow the steps below:
  1. Press the Windows Key + R, type in gpedit.msc in the Run dialog box and click OK to open the Local Group Policy Editor. (If gpedit) is not available on your system, then use this guide gpedit to install it.
  2. In the Local Group Policy Editor, navigate to Computer Configuration > Administrative Templates > Windows Components > Windows Defender.
  3. At this Group Policy path, look for the setting named Turn off Windows Defender and double click it. Select either the Not Configured or Disabled option to enable Windows Defender. Click Apply followed by OK.
  4. Close the Local Group Policy Editor and then restart the computer. After rebooting, try to enable Windows Defender, it should work.

Method 2: Remove Existing Anti-Malware Software

If you PC still has another antivirus installed or if one was just uninstalled, you should use the appropriate tool to remove all 3rd party antivirus and antispyware applications.
To fix this issue follow the steps below:
  1. Using your browser, download the removal tool from your antivirus software using the links below.
You can also use the AppRemover feature in the OESIS Endpoint Assessment Tool to remove multiple anti-malware products (not listed here).
  1. Launch the downloaded utility and follow its prompts to completely remove the anti-malware application from your system.
  2. Reboot your PC.
  3. Try to enable Windows Defender now.

Method 3: Restart the Security Center Service

Restarting the Security Center Service can help in solving the problem.
To fix this issue follow the steps below:
  1. Press the Windows Key + R, type in services.msc in the Run dialog box and click OK to open the Windows Services Console
  2. In the Services console, search for ‘Security Center
  3. Right click on ‘Security Center’ and then click on Restart.

Method 4: Enabling Windows Defender From the Registry

It is important to note that you have to proceed with this method only after trying the above steps. Editing your registry can cause undesirable effects. Windows disables Defender  if it detects the presence of another anti-malware software. This can be enabled in the registry, but ensure that there are no conflicting softwares and Windows is not infected.
To fix this issue follow the steps below:
  1. Press the Windows Key + R, type in regedit in the Run dialog box and click OK to open the Windows Registry.
  2. In the Registry Editor, navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender
  3. If you see a registry entry named DisableAntiSpyware, double click to edit it and change its value to 0. It’s normal if you don’t find this registry key and you don’t have to do anything.

Method 5: Deleting Conflicting Registry entries

Some malwares may add malicious keys into the registry to block active antiviruses from running. You can find and delete them from the registry using these steps:
  1. Press the Windows Key + R, type in regedit in the Run dialog box and click OK to open the Windows Registry.
  2. In the Registry Editor, navigate to HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
  3. In this key, look for the following entries. MSASCui.exeMpCmdRun.exe and MsMpEng.exe. If you find any of these entries, right click on it and select Delete. It’s normal if you don’t find these registry entries hence you don’t have to do anything.

Comments

Post a Comment

Popular posts from this blog

How to Format/Indent XML Files in Notepad++

Notepad++ is a free text and source code editor that is mostly used by programmers. It is an advanced alternate version of the default notepad which supports 50 programming, scripting and markup languages. It allows a user to edit codes within multiple tabs in a single window. However, it lacks the formatting for XML files or XML code. Users will find it difficult to edit or read the XML code without the correct format for code. How to Format/Indent XML Files on Notepad++ What is XML File? XML (stands for eXtensible Markup Language) which is a language designed to store and transport data. XML files are just plain text files that can’t do anything on their own. Custom tags are used in XML files to define objects and the data within each object. It defines a set of rules for encoding documents in such a format that both humans and machines could read. XML is similar to HTML but the difference is that HTML defines how data looks, while XML defines what data is. XML Code samp...
Post a Comment
Read more

How to Fix ‘The Local Security Authority Cannot be Contacted’ Error on Windows

This error appears when users try to login to other computers via a remote desktop connection. The problem prevents them from connecting and it displays the “The Local Security Authority Cannot be Contacted” error message. The problem often appears after an update has been installed on either the client or the host PC and it causes plenty of problems on many different versions of Windows. The Local Security Authority Cannot be Contacted There have been many unofficial fixes for the problem which were created by the users who had the same unfortunate experience. We have gathered the working methods in this article so make sure you follow it in order to resolve the problem. What Causes “The Local Security Authority Cannot be Contacted” Error on Windows? Pinpointing the correct cause for the problem is one of the most important steps when it comes to resolving one. That is why we have created a list of possible causes for the problem so make sure you check it out below: D...
Post a Comment
Read more

Fix: The Active Directory Domain Services is currently unavailable ‘Windows 7, 8 and 10’

The error Active Directory Domain Services is currently unavailable means that the system is not able to find and connect to your printer, hence the process is stopped and cannot proceed further. This process allows the computer to manage and allocate resources. If this error occurs, it means that there is most probably a problem with the permissions, drivers, UAC etc. We have listed down a number of solutions for you to check. Start with the first one and work your way down. Solution 1: Resetting Printer Spooler Settings The spooler service is a software program which is responsible for managing all print jobs being sent to the computer printer. The print spooler service is usually visible to users and they can also cancel a print job which is being processed. It also allows them to manage jobs which are currently on the waitlist. We can try restarting this service and check if this solves the problem. Press  Windows + R  to launch the Run application. Type ...
Post a Comment
Read more