skip to primary navigationskip to content
 

Incorrect report that Endpoint Security is disabled on Windows 10

Windows Security Center intermittently incorrectly reports that Endpoint Security is disabled when running on Windows 10.

McAfee Technical Articles ID:   KB91830
Last Modified:  25/11/2019


Environment:

McAfee Endpoint Security (ENS) Threat Prevention 10.7.x, 10.6.1 July Update and later, 10.5.5 and later
Microsoft Windows Security Center (WSC)
Microsoft Windows 10

Problem:

The WSC intermittently incorrectly reports that ENS is disabled. WSC can prompt to enable Windows Defender.

Solution:

McAfee is actively working with Microsoft toward a solution to this issue. Microsoft has provided workaround instructions to alleviate the symptom until a fix is available.

This issue will be addressed in a future release of ENS.

Workaround:

ENS is enabled and functioning, but not being reported in the WSC. You can disable Windows Defender to avoid a conflict until a permanent solution is available.

Microsoft has provided the procedure below for McAfee customers to disable the Windows system toast notifications for Security and Maintenance. This action avoids alerting users to resulting false positive "antivirus disabled" messages.
 

Use Group Policy settings to disable Windows Defender Antivirus:
(For more information, see https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/use-group-policy-windows-defender-antivirus.)

  1. On your Group Policy management system, open the Group Policy Management Console, right-click the Group Policy Object (GPO) you want to configure, and click Edit.
  2. In the Group Policy Management Editor, go to Computer configuration.
  3. Click Administrative templates.
  4. Expand the tree to Windows componentsWindows Defender Antivirus.
  5. Enable the setting Turn off Windows Defender Antivirus.
  6. Deploy the updated GPO as you normally do.

Use Group Policy settings to disable Windows system toast notifications for Security and Maintenance on Windows 10 1803 and earlier:

  1. On your Group Policy management system, open the Group Policy Management Console, right-click the GPO you want to configure, and click Edit.
  2. In the Group Policy Management Editor, go to User configuration.
  3. Expand the tree to PreferencesWindows Settings.
  4. Click Registry.
  5. From the Action drop-down list, select NewRegistry Item.
  6. Fill in the New Registry Properties:
     

Action

Update

Hive

HKEY_CURRENT_USER

Key Path

Software\Microsoft\Windows\CurrentVersion\Notifications\

Settings\Windows.SystemToast.SecurityAndMaintenance

Value name

Enabled

Value type

REG_DWORD

Value data

00000000

  1. Click OK.
  2. Deploy the updated GPO as you normally do.

Use Group Policy settings to disable all Windows system toast notifications for Security and Maintenance on Windows 10 1809 and later:
(For more information, see https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-security-center/wdsc-hide-notifications.)

  1. On your Group Policy management system, open the Group Policy Management Console, right-click the GPO you want to configure, and click Edit.
  2. In the Group Policy Management Editor, go to Computer configuration.
  3. Click Administrative templates.
  4. Expand the tree to Windows componentsWindows SecurityNotifications.
  5. Open the Hide all notifications setting and set it to Enabled. Click OK.
  6. Deploy the updated GPO as you normally do.

UIS Service Desk


  Phone padded  01223 332999

UIS Service Status

Phone padded  Service status line: (01223) 463085
Website  Sign up for SMS/email status alerts
Website  Read major IT incident reports

UIS bITe-size bulletin


A regular newsletter aimed at the University's IT community, highlighting service and project news from UIS.

Sign up >  |  Back issues

RSS Feed Latest news

Lecture capture: Panopto planned maintenance on Saturday 4 January

Dec 09, 2019

Lecture capture recordings will be unavailable during the evening of Saturday 4 January 2020 because Panopto is undergoing an upgrade.

Major upgrade to the phone system during 28–29 December

Dec 09, 2019

The University phone service will be disrupted on Saturday 28 and Sunday 29 December while we perform the annual upgrade of the system's core software.

View all news