Fix: Defender Error ‘This app is turned off by group policy’

Kevin ArrowsApril 28, 2023
3 minutes read
Kevin is a certified Network Engineer

There is no need to install any anti-malware application on Windows 8 and newer versions of Windows, since Windows Defender is installed by default. This built-in security suite is enough to provide primary protection for your PC and also keep you safe online.

When trying to enable Windows Defender, you may get the following error: ‘This app is turned off by group policy’ and this is caused by two main reasons: If your PC is part of a domain and the domain controller assigned some policies, Windows Defender may get blocked. In other cases, if you’ve installed a 3rd party antivirus, it is like to block Defender and the block may remain active even if you’ve uninstalled the application. In such a condition, when you try to enable defender, you’ll get the error as shown in the image above.

This error is largely fixed by asking your system administrator to enable Windows Defender via Group Policy. You can also fix this by turning it on with the Local Group Policy Editor or applying a registry tweak.

Method 1: Enabling Windows Defender Using the Local Group Policy Editor

Before you proceed with this method, note that the Local Group Policy Editor is only available in Windows Enterprise and Pro Editions.

To fix this issue follow the steps below:

  1. Press the Windows Key + R, type in gpedit.msc in the Run dialog box and click OK to open the Local Group Policy Editor. (If gpedit) is not available on your system, then use this guide gpedit to install it.
  2. In the Local Group Policy Editor, navigate to Computer Configuration > Administrative Templates > Windows Components > Windows Defender.
  3. At this Group Policy path, look for the setting named Turn off Windows Defender and double click it. Select either the Not Configured or Disabled option to enable Windows Defender. Click Apply followed by OK.
  4. Close the Local Group Policy Editor and then restart the computer. After rebooting, try to enable Windows Defender, it should work.

Method 2: Remove Existing Anti-Malware Software

If you PC still has another antivirus installed or if one was just uninstalled, you should use the appropriate tool to remove all 3rd party antivirus and antispyware applications.

To fix this issue follow the steps below:

  1. Using your browser, download the removal tool from your antivirus software using the links below.
  1. Launch the downloaded utility and follow its prompts to completely remove the anti-malware application from your system.
  2. Reboot your PC.
  3. Try to enable Windows Defender now.

Method 3: Restart the Security Center Service

Restarting the Security Center Service can help in solving the problem.

To fix this issue follow the steps below:

  1. Press the Windows Key + R, type in services.msc in the Run dialog box and click OK to open the Windows Services Console
  2. In the Services console, search for ‘Security Center
  3. Right click on ‘Security Center’ and then click on Restart.

Method 4: Enabling Windows Defender From the Registry

It is important to note that you have to proceed with this method only after trying the above steps. Editing your registry can cause undesirable effects. Windows disables Defender  if it detects the presence of another anti-malware software. This can be enabled in the registry, but ensure that there are no conflicting softwares and Windows is not infected.

To fix this issue follow the steps below:

  1. Press the Windows Key + R, type in regedit in the Run dialog box and click OK to open the Windows Registry.
  2. In the Registry Editor, navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender
  3. If you see a registry entry named DisableAntiSpyware, double click to edit it and change its value to 0. It’s normal if you don’t find this registry key and you don’t have to do anything.

Method 5: Deleting Conflicting Registry entries

Some malwares may add malicious keys into the registry to block active antiviruses from running. You can find and delete them from the registry using these steps:

  1. Press the Windows Key + R, type in regedit in the Run dialog box and click OK to open the Windows Registry.
  2. In the Registry Editor, navigate to HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
  3. In this key, look for the following entries. MSASCui.exe, MpCmdRun.exe and MsMpEng.exe. If you find any of these entries, right click on it and select Delete. It’s normal if you don’t find these registry entries hence you don’t have to do anything.


Read Next

Kevin ArrowsApril 28, 2023
3 minutes read
Kevin is a certified Network Engineer
ABOUT THE AUTHOR
Photo of Kevin Arrows

Kevin Arrows


Kevin Arrows is a highly experienced and knowledgeable technology specialist with over a decade of industry experience. He holds a Microsoft Certified Technology Specialist (MCTS) certification and has a deep passion for staying up-to-date on the latest tech developments. Kevin has written extensively on a wide range of tech-related topics, showcasing his expertise and knowledge in areas such as software development, cybersecurity, and cloud computing. His contributions to the tech field have been widely recognized and respected by his peers, and he is highly regarded for his ability to explain complex technical concepts in a clear and concise manner.
Back to top button

Expert Tip

Fix: Defender Error ‘This app is turned off by group policy’

If the issue is with your Computer or a Laptop you should try using Restoro which can scan the repositories and replace corrupt and missing files. This works in most cases, where the issue is originated due to a system corruption. You can download Restoro by clicking the Download button below.

Download Now

I'm not interested