Controlled Folder Access is a ransomware protection service part of Microsoft's Windows Defender security suite for Windows 10. This service blocks applications from making changes to certain protected folder paths on your PC. While it is disabled by default, enabling this feature without adding your games and apps (such as Vortex) to the "Allowed apps" list will prevent them from functioning correctly and report errors when trying to write to files in these folders.
With this feature enabled, Windows Defender will prevent programs from making changes to the user profile files and folders (Documents, Pictures, Videos, Music, Desktop, etc). This can be problematic when using games or mods as a lot of popular applications store configuration settings, save games and more in the "Documents" folder of the user's profile.
When an application attempts to write to these files it will be met with an "access denied" error similar to the ones shown below.
Examples of errors created by Controlled Folder Access | ||
---|---|---|
In the case of games, this will often fail silently so you will only see the problem when your progress is lost or your new configuration settings have not been applied.
This feature causes problems with Vortex's deployment when the game has configuration or mod files stored in the user's documents folder. It has also been reported to interfere with xEdit and could have a wider impact on modding tools.
Note: This protection also blocks Microsoft apps such as Snipping Tool, Paint, etc.
When it comes to fixing this problem, there are two solutions; turning off Controlled File Access or adding your apps/games to the allowed apps listing in Windows Defender.
To find the options for this feature, you will need to open Windows Settings by clicking the "Settings" gear above the power button in the Start Menu.
Next, select "Update & Security" and in the left menu choose "Windows Security".
Click "Virus & threat protection", then at the bottom of that page select "Manage Ransomware Protection".
From here you have two options.
In the "Ransomware protection" window, flick the "Controlled folder access" switch to the "Off" position. You will have to accept the Windows security prompt to confirm the change.
You may need to restart any apps or games that are currently running to reflect the changes.
With "Controlled folder access" set to "On", you will see two options below the switch. "Protected folders" and "Allow an app through controlled folder access".
Select "Allow an app through controlled folder access", then accept the Windows security prompt.
Click "Add an allowed app" and choose "Browse all apps". You will then need to locate the EXE file for the app or game you are trying to unblock. e.g. Vortex's default install location would be C:\Program Files\Black Tree Gaming Ltd\Vortex\Vortex.exe
.
You may need to restart the app or game to reflect the updated settings.
If you are developing an app or game that uses the folders protected by Controlled folder access, you can detect the status of this feature in the registry.
In order to detect if the feature is enabled, you need to check HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Exploit Guard\Controlled Folder Access
the REG_DWORD "EnableControlledFolderAccess" reflects the enable state.
The feature protects the following folders by default:
%USERPROFILE%\Desktop
%USERPROFILE%\Documents
%USERPROFILE%\Pictures
%USERPROFILE%\Videos
%USERPROFILE%\Music
%USERPROFILE%\Favorites
If you wish to check for any custom folders the user is currently protecting, you can check HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Windows Defender Exploit Guard\Controlled Folder Access\ProtectedFolders
in the registry.