Troubleshooting Windows Defender
1. Microsoft Defender fails to launch automatically and reports an error when it is started manually from Action Center.
Reasons behind this issue might be malware infection, conflicting third-party applications, corruption in the system registry etc.
Methods of recovery:
- Device Restart: A simple device restart helps resolve the issue.
- Remove third-party antivirus software: If the device has any third-party antivirus or anti-spyware programs installed earlier, then you should remove them from the device.
- Perform device scan to check for malware: Check for any malicious activities on the device by performing a complete device scan. Use any of the on-demand scanners to scan the device.
- SFC scan: Use a System File Checker (SFC) tool to check if Microsoft Defender is corrupted. This tool repairs the system files if there are any corruptions found on checking.
- Check for conflicting third-party applications: Perform a clean boot on the device to verify that no third-party application conflicts with Microsoft Defender.
- Restart Windows Defender Security Center: Restart Windows Defender Security Center to resolve the issue.
- Navigate to Start > Run.
- Enter the command services.msc and press Enter.
- Search Security Center and right-click on it.
- Choose Restart.
- Remove conflicting Registry entries: Often, malware on the device insert malicious entries in the registry that might prevent Microsoft Defender from running. Deleting conflicting entries helps Microsoft Defender to launch successfully.
- Navigate to the Start menu > ‘Run’.
- On the Run command dialog box, enter regedit and click on Enter.
- Next, navigate to HKEY_LOCAL_MACHINE > Software > Microsoft > Windows NT > CurrentVersion > Image File Execution Options on the Registry Editor window.
- Search for the following entries MSASCui.exe, MpCmdRun.exe, or MsMpEng.exe.
- If these entries are found, right-click on them, and click Delete.
2. While opening Microsoft Defender, the device displays an error message “This app is turned off by Group Policy”.
Windows disables Microsoft Defender when it detects an additional antivirus or any other conflicting software. Hence, you must enable it manually.
- Enabling Microsoft Defender via Registry Editor.
- Go to the Start menu. Choose ‘Run’ from the menu.
- Type in the command regedit on the Run command dialog box and click Enter. It opens the Registry Editor.
- Go to HKEY_LOCAL_MACHINE > SOFTWARE > Policies > Microsoft > Windows Defender.
- For the entry named DisableAntiSpyware, change the value to 0. If this entry is absent, you may create it by right-clicking on the Windows Defender key and navigating to New > DWORD.
- Add the DWORD name – DisableAntiSpyware and value 0.
- Enabling Microsoft Defender via Group Policy Editor.
- Open the Start menu.
- Choose ‘Run’.
- On the Run command dialog box, type in gpedit.msc. Press Enter.
- Navigate to Local Computer Policy > Administrative Templates > Windows Components.
- Choose Windows Defender.
- Double-click Turn off Windows Defender from the right-side pane of the window.
- Configure it to Disabled.
- Click on OK.
- Restart the device.
3. Microsoft Defender Application Guard fails to run on touch-enabled Windows 10 Build 16193 devices and displays a solid black window while launching.
- Open Device Manager on the device.
- Under Human Interface Devices, uncheck the following options:
- HID-compliant touch screen
- Intel Precise Touch Device.
- Reboot the device and launch the Application Guard once again.
4. While trying to start Microsoft Defender, it fails to open by displaying an error message “An unexpected problem occurred”.
The device might have an outdated version of the Windows Operating System installed on it.
Updating the device helps you resolve the issue. You can check for OS updates from the device settings.
- Open the Settings app.
- Navigate to Update & Security section.
- Select Check for updates.