Why Microsoft Defender re-enables itself after disabling it in the Group policy? All services are functional after reboot. Any way to disable it completely? Using latest build 22623.1250.
It is not a bug, it is a feature to keep you safe. Disable the services, but you might need to install 3rd party AV for that, Defender can not be easily fooled these days.
First disable Tamper protection from the GUI. Disable the relevant services in Safe Mode using the registry. The exact keys are documented elsewhere on this forum and it works. Here is the minimum required in Safe Mode - but first disable Tamper protection. Code: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Features] "TamperProtection"=dword:00000004 "TamperProtectionSource"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sense] "Start"=dword:00000003 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WdBoot] "Start"=dword:00000003 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WdFilter] "Start"=dword:00000003 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WdNisDrv] "Start"=dword:00000003 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WdNisSvc] "Start"=dword:00000003 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend] "Start"=dword:00000004
Very easy to turn off Simply with life sd, the folders of the defender on the computer are deleted Then in the search we enter "defender" and delete everything !!! Everything works for us after these manipulations.
1. Edit Group Policy 2. Administrative templates 3. Windows Components - Microsoft Defender Antivirus * Disable Microsoft Defender Antivirus you have to put Enabled - Protection in real time * Disable Protection in real time you have to put Enabled And then I use a program to disable Defender Control Defender Switch 2.01
maybe on a slow PC i see disable defender. On a fast PC there is no difference in performance anyways I run ESET
Remove the lines about the Tamper Protection from the registry file and try again. Tamper protection should be disabled in GUI before switching to Safe Mode.
Microsoft has to harden any trying change security service configuration … which is good, any stupid idiot with a script could kill Defender now I can say, its a reliable A\V, not that I care too much about A\V but those who are still using it, at least MS should do anything in their power - to not allow close this services easily.
I prefer to set them on Manual, except for the main service which has to be Disabled. If you wish, set the value to 4. In fact some of the services there are already set on Manual by default.
I totally fail to get why so many people have hate for Microsoft Defender. I cannot imagine running Windows without SOME kind of protection. And if you install any other antivirus of your choice, Defender is automatically turned off. So what's the big deal? I just don't get it, makes absolutely no sense to me.
Some people have old and possible unsupported hardware and run Windows 11 (or Windows 10) and want to keep it this way. Other people perform testing in virtual machines sharing limited resources and as such want to optimise the performance of the running VMs. Others only want to understand more about the implementation of various Windows components and as such try to find a way to disable Defender among other things. I am in complete agreement with you that for most people it is useful if not essential to have a running Antivirus, but there are other situations as I mentioned above.
Don't hate it but it's really annoying if you disable it & it just turns itself back on. This is especially true while I'm building a new WinPE for example and it removes useful tools during the build. Tools like Produkey... Also do I need it running using resources and scanning files while I'm integrating updates updating wim/esd's? Nope!