Microsoft Defender Antivirus (Защитник) — это встроенный антивирус в Windows 10/11 и Windows Server, который включен и настроен по умолчанию. В этой статье мы рассмотрим, как полностью отключить Защитник в Windows 11 или временно (приостановить).
В Windows 11 и 10 при установке стороннего антивируса, встроенный стандартный Защитника Microsoft должен отключаться. В некоторых случаях это не происходит автоматически и вам может потребоваться ручное отключение Microsoft Defender.
Содержание:
- Временная приостановка защиты Microsoft Defender в Windows 11 и 10
- Как полностью отключить Защитник Defender в Windows 11 и 10?
Временная приостановка защиты Microsoft Defender в Windows 11 и 10
В некоторых случаях вам может понадобится временно отключить защиту Microsoft Defender, не затрагивая важные системные службы. Например, запуск или установка какой-то системной программы или утилиты блокируется Microsoft Defender. Чтобы запустить такое приложение, нужно остановить защиту Windows Defender в реальном времени.
- Перейдите в следующий раздел настроек Windows 11: Settings -> Privacy and Security -> Windows Security -> Open Windows Security (или выполните команду быстрого доступа к настройкам
ms-settings:windowsdefender
);Если приложение службы безопасности Microsoft Defender не запускается, его можно восстановить (под капотом находится UWP приложение
Microsoft.SecHealthUI
). - Откройте раздел Virus and threat protection, и нажмите на кнопку Manage Settings в разделе Virus and Threat protection settings;
- Переведите переключатель Real-time protection в положение Off;
- Подтвердите приостановку антивирусной защиты в окно с подтверждением повышения привилегий UAC.
Чтобы восстановить защиту компьютера Windows Defender, нужно включить переключатель. Также защита в реальном времени Microsoft Defender будет включена автоматически после перезагрузки компьютера.
Ранее мы рассматривали, как управлять настройками антивируса Windows Defender с помощью PowerShell. В статье была рассмотрена PowerShell команда для отключения защиты в реальном времени:
Set-MpPreference -DisableRealtimeMonitoring $true
Однако это команда не отрабатывает, как вы ожидаете в Windows 11 и последних билдах Windows 10. Дело в том, что в Windows 10, начиная с билда 1903, по умолчанию включена новая фича Defender, которая называется Microsoft Defender Tamper Protection (Защита от подделок).
Tamper protection обеспечивает дополнительную защиту основных элементов безопасности Microsoft Defender. В частности, она блокирует несанкционированное изменение настроек антивируса, приостановку защиты в реальном времени, отключение облачной защиты. Это означает, что при включенной Защите от подделок вы не сможете отключить Real Time Protection в Microsoft Defender с помощью PowerShell.
Отключить Tamper Protection можно только вручную из графической панели управления Windows Security.
Перейдите в раздел настроек Virus and threat protection settings, промотайте список компонентов и измените переключатель параметра Tamper Protection на Off.
После отключение Tamper Protection вы сможете отключить защиту в реальном времени указанной выше командой PowerShell.
Как полностью отключить Защитник Defender в Windows 11 и 10?
В ранних билдах Windows 10 и в Windows Server 2016 можно было полностью отключить Windows Defender через параметр групповой политики Turn off Windows Defender Antivirus в разделе Computer Configurations -> Administrative Template -> Windows Component -> Windows Defender Antivirus редактора локальных групповых политик gpedit.msc. Или ключом реестра DisableAntiSpyware в HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender, соответствующий этому параметру GPO:
New-ItemProperty -Path “HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender” -Name DisableAntiSpyware -Value 1 -PropertyType DWORD -Force
Для отключение защиты в реальном времени использовалась политика Turn on behavior monitoring или параметр реестра DisableBehaviorMonitoring =1 в указанной выше ветке реестра.
Во всех билдах, начиная с Windows 10 1903, и в Windows 11 эти параметры GPO и ключи реестра нельзя использоваться для отключения Microsoft Defender, так как его настройки защищены новой опцией Tamper Protections (рассмотрена выше). Методы, используемые ранее для отключения Microsoft Defender Antivirus, не работают в Windows 11.
Для полного отключения компонентов Windows Defender нужно загрузить ваш компьютер в безопасном режиме. Для этого:
- Запустите утилиту
msconfig
; - Перейдите на вкладку Boot;
- Выберите опцию Safe boot -> Minimal в разделе настройки параметров загрузки;
- Нажмите OK и перезагрузите компьютер;
- Ваш компьютер загрузится в безопасном режиме;
- Теперь нужно открыть редактор реестра (
regedit.exe
), перейдти в ветку HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services и отключить запуск следующих служб:- Sense
- WdBoot
- WdFilter
- WdNisDrv
- WdNisSvc
- WinDefend
Для этого нужно изменить значение параметра Start на 4;
Измените параметр Start для всех указанных служб вручную или воспользуйтесь скриптом PowerShell:
$regpath='HKLM:\SYSTEM\CurrentControlSet\Services'
Set-ItemProperty -Path ($regpath+"\WinDefend") -Name Start -Value 4
Set-ItemProperty -Path ($regpath+"\Sense") -Name Start -Value 4
Set-ItemProperty -Path ($regpath+"\WdFilter") -Name Start -Value 4
Set-ItemProperty -Path ($regpath+"\WdNisDrv") -Name Start -Value 4
Set-ItemProperty -Path ($regpath+"\WdNisSvc”) -Name Start -Value 4Чтобы включить Microsoft Defender в Windows, нужно установить следующие дефолтные значение параметра Start в ветке каждой службы:
- Sense — 3
- WdBoot — 0
- WdFilter — 0
- WdNisDrv — 3
- WdNisSvc — 3
- WinDefend — 2
- Запустите msconfig и отключите безопасный режим, перезагрузите компьютер в обычном режиме;
- Отключите все четыре задания в разделе Microsoft –> Windows –> Windows Defender Task Scheduler (
taskschd.msc
);
Get-ScheduledTask “Windows Defender Cache Maintenance” | Disable-ScheduledTask
Get-ScheduledTask “Windows Defender Cleanup” | Disable-ScheduledTask
Get-ScheduledTask “Windows Defender Scheduled Scan” | Disable-ScheduledTask
Get-ScheduledTask “Windows Defender Verification” | Disable-ScheduledTask
Можно отключить задания планировщика с помощью PowerShell:
Запустите приложение Windows Security и убедитесь, что антивирус Microsoft Defender теперь отключен. Здесь должна появиться надпись Threat service has stopped. Restart it now (Служба работы с угрозами остановлена).
Итак, мы рассмотрели, как отключить защиту Microsoft Defender в Windows 10 и 11.
To remove Windows Defender using PowerShell, you can use the following command:
Set-MpPreference -DisableRealtimeMonitoring $true
This command temporarily disables real-time monitoring by Windows Defender. Please use it with caution and ensure you have adequate alternative security measures in place.
Understanding Windows Defender
What is Windows Defender?
Windows Defender is a built-in antivirus solution designed to protect Windows operating systems from malware and other security threats. It offers real-time protection, scanning capabilities, and numerous features to ensure users’ safety while using their devices. By default, Windows Defender operates in the background, scanning for threats and providing automatic updates.
Why Remove or Disable Windows Defender?
There may be several scenarios where you may find it necessary to remove Defender PowerShell or disable it temporarily. For instance, if you choose to install a third-party antivirus solution, it can conflict with Windows Defender, leading to performance issues or inaccurate readings. Additionally, some users may prefer to conduct specific operations without Defender’s interference, which can be sometimes perceived as overly aggressive in blocking potentially unwanted programs.
However, it is crucial to weigh the risks. Disabling Windows Defender can expose your system to vulnerabilities, increasing the likelihood of malware infections. Thus, it should be done with caution and ideally not as a permanent measure.
Understanding Microsoft.PowerShell.Commands.Internal.Format.FormatStartData
Prerequisites for Using PowerShell
Setting Up PowerShell
Before executing any PowerShell commands, you must access PowerShell in administrator mode. Click on the Windows start button, type «PowerShell,» right-click on the application, and select «Run as Administrator.» This step provides the necessary privileges to execute commands that affect system security settings.
Ensuring Sufficient Privileges
PowerShell commands, particularly those that modify security settings, require administrative privileges. If you’re running PowerShell without these rights, you will likely encounter permission errors.
Mastering Microsoft.PowerShell.Commands.WriteErrorException
Removing or Disabling Windows Defender via PowerShell
Using PowerShell Command
To remove Defender PowerShell, one can easily disable Windows Defender’s real-time monitoring, which stops it from automatically scanning for threats. Here’s the command:
Set-MpPreference -DisableRealtimeMonitoring $true
Explanation:
- This command utilizes the `Set-MpPreference` cmdlet to adjust the settings of Windows Defender, specifically disabling its real-time monitoring feature.
- Setting `-DisableRealtimeMonitoring` to `$true` stops Windows Defender from actively scanning your files as they open.
Complete Removal of Windows Defender
Understanding the Limitations
It’s important to recognize that completely removing Windows Defender isn’t straightforward and is often not recommended. Windows Defender is an integral part of the Windows operating system’s security framework, and attempts to remove it can lead to system instability or errors. Moreover, certain editions of Windows, especially the Pro and Enterprise versions, may have Defender deeply integrated, making complete removal challenging.
Attempting to Uninstall Defender
If you still prefer to try to remove Defender, you can issue the following command:
Uninstall-WindowsFeature -Name Windows-Defender-Features
Explanation:
- This command aims to uninstall Windows Defender features from your system. However, its success may vary depending on your version of Windows. Generally, comprehensive removal may not happen due to built-in protection policies.
Invoke-PowerShell: Mastering Command Execution Effortlessly
Alternative Methods to Disable Windows Defender
Using Windows Settings
For users who prefer a graphical interface, you can disable Windows Defender through the system settings. Simply navigate to Settings > Update & Security > Windows Security > Virus & Threat Protection and turn off the relevant Real-time protection toggle. This method is simple and doesn’t require using PowerShell.
Using Group Policy
Using Group Policy can also provide a method to configure Windows Defender settings. To access Group Policy:
- Press Windows + R to open the Run dialog.
- Type `gpedit.msc` and press Enter.
- Navigate to Computer Configuration > Administrative Templates > Windows Components > Microsoft Defender Antivirus. From here, you can configure the desired settings to disable Defender.
Remotely Execute PowerShell: A Quick Start Guide
Verifying Windows Defender Status
Checking the Status of Windows Defender
To ensure that you’ve successfully disabled Windows Defender, you can use a PowerShell command to check its current status:
Get-MpPreference | Select-Object -Property DisableRealtimeMonitoring, DisableIOAVProtection
Explanation:
- This command retrieves the current preferences set for Windows Defender, specifically focusing on its ability to perform real-time monitoring and I/O (input/output) antivirus protection. The output will indicate whether these settings are disabled.
Confirming Successful Disabled State
If both properties show `True`, your attempt to remove Defender via PowerShell was successful. If they are still `False`, it implies that Windows Defender is still operational.
Get Folder PowerShell: A Quick Guide to Mastery
Re-enabling Windows Defender
Importance of Re-enabling Defender
After using another antivirus solution or diagnostic tasks, it is prudent to re-enable Windows Defender. Many threats evolve rapidly, and having an active antivirus program, even after temporarily disabling Defender, is essential for maintaining system integrity.
PowerShell Command to Re-enable
To re-enable Windows Defender and restore real-time monitoring, simply run the following PowerShell command:
Set-MpPreference -DisableRealtimeMonitoring $false
Explanation:
- Setting `-DisableRealtimeMonitoring` to `$false` instructs Windows Defender to resume its active protection against potential threats, ensuring that your system is once again safeguarded.
Mastering Counter PowerShell Commands in Minutes
Troubleshooting Common Issues
Common Errors Encountered
While trying to disable or remove Defender, you might encounter several common errors. Here are a few notable examples:
- Access Denied: This typically means you are not running PowerShell as an Administrator. Make sure to launch PowerShell with sufficient privileges.
- Command not recognized: Ensure that you are using the correct syntax. Typos can lead to PowerShell not recognizing your command.
Resources for Further Help
If you continue to experience issues or have specific questions, resources such as the Microsoft documentation provide comprehensive guidance on using PowerShell for system management. Community forums such as TechNet and Reddit can also be beneficial for peer support and troubleshooting assistance.
Unlocking ServiceNow PowerShell: A Quick Guide
Conclusion
In this comprehensive guide, you’ve learned how to remove Defender PowerShell or disable Windows Defender effectively. It is crucial to handle such operations with caution, being fully aware of the implications on your system security. Windows Defender plays a vital role in protecting your computer from threats, so ensure you maintain an active security posture once you’ve completed your tasks.
Elevated PowerShell: A Quick Start Guide
Call to Action
If you found this article helpful, consider signing up for our newsletter for more PowerShell tips and guidance. Share this article with anyone who might benefit from learning how to manage Windows Defender effectively!
In this tutorial, I will explain how to disable Windows Defender using PowerShell. Windows Defender, now known as Microsoft Defender Antivirus, is a built-in security feature in Windows 10 and Windows 11 designed to protect your computer from malware and other security threats.
However, there are instances where you might need to disable it, such as when running certain applications or troubleshooting system issues. I will show you the steps to disable Windows Defender using PowerShell.
Note: Ensure you have administrative privileges on your computer. Disabling Windows Defender requires elevated permissions.
Now, let me show you step-by-step how to disable Windows Defender using PowerShell.
Step 1: Open PowerShell as Administrator
To disable Windows Defender, you need to run PowerShell with administrative privileges. Follow these steps:
- Press
Windows + Xand select Windows PowerShell (Admin) from the menu. - If prompted by User Account Control (UAC), click Yes to allow PowerShell to make changes to your device.
Step 2: Disable Real-Time Protection
Real-time protection is a key feature of Windows Defender that actively scans files and processes for malware. To disable it, use the following PowerShell command:
Set-MpPreference -DisableRealtimeMonitoring $trueThis command will turn off real-time protection, but Windows Defender will still be active in the background.
Read Install Snipping Tool in Windows 11 Using PowerShell
Step 3: Disable Windows Defender Antivirus
To completely disable Windows Defender Antivirus, you need to modify the system registry. Here’s how:
- Open PowerShell as Administrator.
- Run the following commands to disable Windows Defender services:
Set-MpPreference -DisableRealtimeMonitoring $true
Set-MpPreference -DisableBehaviorMonitoring $true
Set-MpPreference -DisableBlockAtFirstSeen $true
Set-MpPreference -DisableIOAVProtection $true
Set-MpPreference -DisablePrivacyMode $true
Set-MpPreference -SignatureDisableUpdateOnStartupWithoutEngine $trueStep 4: Disable Tamper Protection
Tamper Protection is a security feature that prevents unauthorized changes to Windows Defender settings. To disable it, follow these steps:
- Open the Windows Security app by searching for “Windows Security” in the Start menu.
- Navigate to Virus & threat protection > Virus & threat protection settings.
- Toggle off Tamper Protection.
Step 5: Modify the Registry to Disable Windows Defender Permanently
To disable Windows Defender permanently, you need to edit the Windows Registry. Here’s how:
- Press
Windows + R, typeregedit, and press Enter to open the Registry Editor. - Navigate to the following path:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender- Right-click on the Windows Defender key, select New > DWORD (32-bit) Value, and name it
DisableAntiSpyware. - Double-click on
DisableAntiSpywareand set its value to1.
Step 6: Restart Your Computer
After making these changes, restart your computer to apply the settings. Windows Defender should now be disabled.
Read Get an IP Address Using PowerShell in Windows
Re-enabling Windows Defender using PowerShell
If you need to re-enable Windows Defender, follow these steps:
- Open PowerShell as Administrator.
- Run the following command:
Set-MpPreference -DisableRealtimeMonitoring $false- Re-enable Tamper Protection via the Windows Security app.
- Modify the registry to delete the
DisableAntiSpywarekey or set its value to0. - Restart your computer.
Conclusion
In this tutorial, I explained how to disable Windows Defender using PowerShell. I have also shown how to re-enable Windows Defender using PowerShell as and when needed.
You may also like:
- How to Set Service to Automatic Using PowerShell?
- Change Windows 11 Desktop Background Color with PowerShell
- How to Install .NET Framework 3.5 Using PowerShell?
Bijay Kumar is an esteemed author and the mind behind PowerShellFAQs.com, where he shares his extensive knowledge and expertise in PowerShell, with a particular focus on SharePoint projects. Recognized for his contributions to the tech community, Bijay has been honored with the prestigious Microsoft MVP award. With over 15 years of experience in the software industry, he has a rich professional background, having worked with industry giants such as HP and TCS. His insights and guidance have made him a respected figure in the world of software development and administration. Read more.
Microsoft Defender is a built-in antivirus software that comes pre-installed on all Windows 10 and 11 editions. Users can manage the Microsoft Defender antivirus from the Windows Security app GUI or using the PowerShell command line. This guide explains how to use PowerShell to enable/disable Microsoft Defender on Windows, how to manage various settings, and scan the computer for threats and viruses.
How to Check the Microsoft Defender Status with PowerShell
Only Windows desktop operating systems (such as Windows 11 or 10) have Microsoft Defender antivirus pre-installed. Open an elevated PowerShell prompt and check the current status of Microsoft Defender with the command:
Get-MpComputerStatus
Or quickly check if Microsoft Defender is on, which protection settings are enabled, and when antivirus definitions were last updated:
Get-MpComputerStatus | Select-Object -Property Antivirusenabled,AMServiceEnabled,AntispywareEnabled,BehaviorMonitorEnabled,IoavProtectionEnabled,NISEnabled,OnAccessProtectionEnabled,RealTimeProtectionEnabled,IsTamperProtected,AntivirusSignatureLastUpdated
If Defender Antivirus is disabled, check the following service statuses on a computer:
- Microsoft Defender Antivirus Service (WinDefend)
- Windows Security Service (SecurityHealthService),
- Security Center (wscsvc)
Get-Service Windefend, SecurityHealthService, wscsvc| Select Name,DisplayName,Status
How to Disable or Enable Microsoft Defender Protection using PowerShell
In Windows 10 and 11, you can temporarily pause Microsoft Defender protection or turn it off completely.
How to Temporarily Disable (Pause) the Defender Antivirus Protection on Windows
There is a built-in security feature called Tamper protection that is enabled by default in all modern versions of Windows (starting with build 21H2). This feature prevents users from modifying Defender security features through PowerShell, registry settings, or Group Policy.
Check the Tamper Protection state:
Get-MpComputerStatus | select IsTamperProtected
Tamper Protection can only be disabled from the Windows Security UI. Go to “Virus & Threat Protection” > click “Manage Settings” > scroll down to “Tamper Protection” and move the slider to the “Off” position.
Tamper protection is off. Your device may be vulnerable.
Now disable Microsoft Defender real-time protection with PowerShell:
Set-MpPreference -DisableRealtimeMonitoring $true
Disable the cloud-delivered protection:
Set-MpPreference -MAPSReporting Disabled
This will suspend antivirus protection in Windows until the next restart.
To restore real-time protection, run:
Set-MpPreference -DisableRealtimeMonitoring $false
Turn on cloud-delivered protection:
Set-MpPreference -MAPSReporting Advanced
Permanently Turn Off Microsoft Defender on Windows 11 or 10
If you have a third-party certified AV solution installed on the computer, Microsoft Defender antivirus will automatically switch to passive EDR or block mode. But in some cases, you may to completely disable Microsoft Defender on a computer without installing third-party AV.
In earlier versions of Windows, the Microsoft Defender Antivirus can be disabled using the GPO option Turn off Windows Defender Antivirus (Computer Configuration > Administrative Templates > Windows Components > Microsoft Defender Antivirus) or with the DisableAntiSpyware = 1 registry parameter. However, these options no longer completely disable Microsoft Defender Antivirus in the latest Windows 10 and 11 builds.
The only way to completely disable Microsoft Defender is to restart your computer in Safe Mode and prevent the Defender services from starting.
- To boot Windows into the Safe Mode, run:
bcdedit /set {current} safeboot minimal shutdown -r -t 0
- Open the Registry Editor (regedit.exe) after booting into Safe Mode
- Then open the following registry keys one by one and change the value of the Start registry parameter in each key to 4
- Now turn off the Safe Mode Boot mode and restart Windows:
bcdedit /deletevalue {current} safebootSign into Windows with your account and check that Microsoft Defender is now disabled.
| Registry key | Parameter | Default Value | New value (disable defender) |
| HKLM\SYSTEM\CurrentControlSet\Services\Sense\ | Start | 3 | 4 |
| HKLM\SYSTEM\CurrentControlSet\Services\WdBoot\ | Start | 0 | 4 |
| HKLM\SYSTEM\CurrentControlSet\Services\WdFilter\ | Start | 0 | 4 |
| HKLM\SYSTEM\CurrentControlSet\Services\WdNisDrv\ | Start | 3 | 4 |
| HKLM\SYSTEM\CurrentControlSet\Services\WdNisSvc\ | Start | 3 | 4 |
| HKLM\SYSTEM\CurrentControlSet\Services\WinDefend\ | Start | 2 | 4 |
Uninstall Windows Defender on Windows Server 2019/2016 using PowerShell
Microsoft Defender is not pre-installed by default on Windows Server 2019/2016 platforms. It can be installed as an additional feature:
Install-WindowsFeature -Name Windows-Defender
If you want to uninstall Windows Defender on a Windows Server, remove the feature:
Uninstall-WindowsFeature -Name Windows-Defender
Manage Microsoft Defender Using PowerShell
Microsoft.SecHealthUI is a graphical UWP app that can be used for the management of Microsoft Defender on Windows 10 and 11 (available via Settings > Privacy & Security > Windows Security or with the ms-settings:windowsdefender command).
All of the Microsoft Defender configuration settings that are available in the Windows Security app can be performed using the PowerShell cmdlets of the built-in Defender module. List available cmdlets in this module:
Get-Command -Module Defender
You can get help about a specific cmdlet from the Defender module:
Get-Help Start-MpScan –Full
Or only list examples:
Get-Help Add-MpPreference -Examples
The following are the most common Microsoft Defender management tasks that you can perform from the PowerShell prompt:
Turn certain Microsoft Defender security options on or off
The following Microsoft Defender features are disabled by default:
- DisableCatchupFullScan.
- DisableCatchupQuickScan.
- DisableCpuThrottleOnIdleScans.
- DisableEmailScanning.
- DisableRemovableDriveScanning.
- DisableRestorePoint.
- DisableScanningMappedNetworkDrivesForFullScan.
- EnableFileHashComputation.
- EnableFullScanOnBatteryPower.
- EnableLowCpuPriority.
For example, enable automatic scanning of removable drives:
Set-MpPreference -DisableRemovableDriveScanning $false
Disable real-time scanning of archive files (files (RAR, ZIP, CAB):
Set-MpPreference -DisableArchiveScanning $True
Enable protect against unwanted programs (Potentially Unwanted Program — PUP, Potentially Unwanted Application — PUA):
Set-MpPreference -PUAProtection 1
Manage Microsoft Defender antivirus exclusions
- Add paths to the antivirus exclusions:
Add-MpPreference -ExclusionPath C:\Video, C:\install
- Remove a folder exclusion:
Remove-MpPreference -ExclusionPath C:\install
- Exclude process from real-time antivirus scanning:
Set-MpPreference -ExclusionProcess "word.exe", "vmwp.exe"
- Exclude specific file extensions from Microsoft Defender scan:
Set-MpPreference -ExclusionExtension *.mp3,*.MP4,*.wav,*.EDB
Disable Microsoft Defender user interface (UI)
Set-MpPreference -UILockdown $true
‘Virus and threat protection’ section will be hidden from the Windows Security UI.
Update Microsoft Defender signatures
Update-MpSignature
Update antivirus definitions from a shared network folder on your LAN. Download the necessary definition update files and set an UNC path as the default update source:
Set-MpPreference -SignatureDefinitionUpdateFileSharesSources \\DESKTOP-V20E3PO\Updates
Update the virus and malware definitions:
Update-MpSignature -UpdateSource FileShares Update-MpSignature
Run an on-demand antivirus scan
Start-MpScan -ScanType CustomScan -ScanPath ”C:\Program Files”
Perform a full computer scan:
Start-MpScan -ScanType FullScan
Or quick threats scan:
Start-MpScan -ScanType QuickScan
Run an offline scan by booting into an isolated WinPE environment.
Start-MpWDOScan
View threat history
Get-MpThreat
List of active and pass malware detections:
Get-MpThreatDetection
To remove all active threats:
Remove-MpThreat
Cyril Kardashevsky
I enjoy technology and developing websites. Since 2012 I’m running a few of my own websites, and share useful content on gadgets, PC administration and website promotion.
Windows Defender is the security software solution provided with every Microsoft’s Windows operating system. It helps defend the system against ransomware, spyware, Trojans, viruses or other malicious software. It has low system requirements and can be updated through Windows updates.
Even though it was meant for defending system against suspicious software it can cause trouble with task which is safe to do. You can disable windows defender using PowerShell or from the Windows’s Setting menu. We have given you all the required steps to do so. Follow them thoroughly to disable it with ease.
Disable Windows Defender Real-time Protection Using PowerShell
Step 1: Open Start menu by clicking the Windows Icon on the taskbar.
Step 2: In the Search box type PowerShell and wait for the results to show.
Step 3: Right click on PowerShell and click Run as administrator option.
Step 4: Once the PowerShell opens with administrator privileges type the following command
Set-MpPreference –DisableRealtimeMonitoring $true
Press Enter key to execute the command and to disable Windows Defender Anti-Virus Protection service.
Disable Windows Defender Completely Using PowerShell
Step 1: Open PowerShell with admin rights using the above steps.
Step 2: Type the command and press Enter afterwards
New-ItemProperty –Path “HKLM:\Software\Policies\Microsoft\Windows Defender” –Name DisableAntiSpyware –Value 1 –PropertyType DWORD –Force
This will completely disable defender for the corresponding system
On operating system based on Windows Client like Windows 10 or Windows 8.1 you will not be able to uninstall this feature. Option available to disable it by using registry key set to DisableAntiSpyware = 1 or by using Local Group Policy Editor.
Step 1: Open gpedit.msc from the Run dialogue box.
Step 2: In the console go to the following section
Computer Configuration > Administrative Templates > Windows Components > Microsoft Defender Antivirus;
Step 3: Find Turn off Windows Defender Antivirus parameter.
Step 4: Change its value to Enabled.
In the same way find Turn off real time protection parameter and change its value to Disabled.
Step 5: To update local group policy setting type the following command and press Enter.
gpupdate /force
To disable Windows Defender manually through registry or GPO in Windows 11 then you have to disable Tamper Protection feature. This feature prevents changes made to Windows Defender via PowerShell, registry setting or Group Policy option. This is enabled my default in Windows 11 or you can check this using PowerShell Command
Type the following command and press Enter
Get-MpComputerStatus | select IsTamperProtected
If it’s enabled then you can only disable it using Windows Security application.
To Disable Tamper Protection
Step 1: Open Windows Security app through Start menu.
Step 2: Find Virus and Threat Protection setting and then click on Manage Setting.
Step 3: Scroll down and find Tamper Protection and disable it.
Step 4: Confirmed the action at UAC prompt
Run the following command in the elevated PowerShell Session to uninstall Windows Defender.
Uninstall-WindowsFeature –Name Windows-Defender –whatif
Or use the DISM Tool
Dism /online / Disable-Feature /FeatureName:Windows-Defender /Remove /NoRestart /quiet
Now in case if you ever feel like enabling Windows Defender again then type the following command in PowerShell with administrative privileges and press enter.
Set-MpPreference –DisableRealtimeMonitoring $false
Using PowerShell you can manage your entire defender feature using several commands and it be advantageous for you. For now we have enlisted all the steps you need to disable windows defender using PowerShell. Disabling Windows Defender can be advantageous with your need and could also be dangerous because it will leave your system open to malicious attacks and other troubles. Therefore we suggest you use our Anti-Malware Tool which will help you to remove and protect against all malicious activities automatically. Its comprehensive solution provide you both online and offline protection.