Win11 > Security > Virus & Threat > Ransomware > Allow Picard

Microsoft Windows 11 Professional (x64) Build 22631.3447 (23H2)

Just got this “mini-pc” device yesterday.

I use the File Rename option for Picard’s loaded file meta data updates, on “Save”. It failed with the error, “couldn’t find location” (or location didn’t exist). So, I created the specific folder under %USERPROFILE%\Music[flac in this instance]
Didn’t help. It just appended the next Picard naming character (artist name).

Forgot how I came to the conclusion, but I went to the Security settings and allow the app to have access to that “protected folder”. (Paraphrasing. i dont rem if that’s what it called it).

Bah! It’s always something w/ a new installation. updates. who knows when. lol.

Maybe it showed in a pop-up notification, that Picard had been blocked. Likewise, was Spotify. Oddly, only those two apps that instance. And I’ve never known about that error before. Not error. System configuration option i guess.

(hmm. I wonder if I’ve never seen that error, because I don’t typically put things in that folder. This was actually a temp solution, for some tunes here prior to setting up whatever else)

New device: the Secure Boot option was not enabled in the BIOS on this device. Enabling it results in the … mismatch hash… i’m sorry i forget the error! you know what i mean.

Ugh. what a pain in the @$#! I’ve never had that before. Not sure if it’s super critical to have that, but it seems like it should be enabled.

E.g. Not sure if I can re-install Windows, or do the “Reset” to try to get it to recognize the Secure boot bit?

On the contrary, I usually disable it for a Linux system, but I think that’s the recommended way for that O/S. But that doesn’t help me with Windows 11.

Yes, that’s Windows 11’s “Controlled folder access”, which can be controlled in the security settings under “Ransomware protection”. It limits write access to some folders, by default specifically your user’s folders for documents, pictures, videos and of course music.

You can disable the feature (but Windows will start complaining about the security settings then) or add and remove protected folders.

There will be a notification when an application tried to write a file in one of the protected locations and was denied. But this notification is easily missed, and from the perspective of the application it just fails to write due to lack of permission. Once you have missed the notification it is difficult for the user to find how to unblock, unless you know in advance what is causing the issue and how to handle it. IMHO this feature, while well-meant, is badly implemented in Windows.


Thank you for this explanation, @outsidecontext

Some more details can be found here:

and here from a third party website:

1 Like

Thank you. My concern became more that of the Secure Boot option being disabled in the BIOS, and how that may or may not impact this issue because I’ve used “new” installs of Win 11 multiple times, and Picard with those installations and had never encountered this prior.

Whether this has exposed a bigger issue that I should tend to.

That is, I always ensure the Secure Boot is enabled. It was an oversight when this particular O/S was setup. I wouldn’t have expected an OEM device to come w/ secure boot disabled.