product icon

How to Manage Real-Time Protection when Tamper Protection is Enabled?

Windows Tamper Protection prevents apps from changing the built-in Microsoft antivirus settings, including real-time protection. When Tamper Protection is enabled, you cannot manage real-time protection in LogMeIn Central. You must turn off Tamper Protection on the host first.

Real-Time Protection. Tamper Protection. What's the difference?

Real-time protection is the built-in Windows antivirus solution that comes pre-deployed with Windows. LogMeIn Central allows you to manage the antivirus software on your hosts, whether it is the built-in solution or a third-party application.

Tamper Protection is another built-in Windows feature that was designed to block third-party software, like LogMeIn Central, from changing sensitive Windows system settings, such as the host's antivirus settings. When tamper protection is enabled on a Windows host, you cannot use LogMeIn Central to manage the host's bult-in antivirus software, that is, Windows real-time protection.

Okay, but then how do I manage a host's antivirus software with Tamper Protection enabled?

When a host uses Real-Time Protection as an antivirus solution, you simply don't. When Tamper Protection is enabled, Windows does not allow LogMeIn Central to enable Real-Time Protection.

However, when a host uses a third-party antivirus software and you want to manage that with LogMeIn Central, then the Tamper Protection setting of the host is irrelevant. Again, Tamper Protection blocks third-party apps from changing Windows security settings only, but it allows you to change other third-party apps.

What do the different Tamper Protection statuses mean?

In LogMeIn Central, the Tamper status column, on the Antivirus > Manage page shows you whether Tamper Protection is enabled on the host.
  • green lock - Tamper Protection is enabled on the host. LogMeIn Central cannot enable real-time protection on that host.
  • red lock - Tamper Protection is disabled on the host. LogMeIn Central can manage real-time protection settings on that host.
  • gray lock - Tamper Protection status is unknown or irrelevant. This means that a third-party antivirus software is installed on the host, therefore Tamper Protection has no effect on the host's antivirus settings.
    Note: For those computers that do not have the latest host version installed, Tamper Protection status is always unknown.
Tip: You can also view the Tamper Protection status of a host on the Computer Properties page:
Article last updated: 11 October, 2022