Update Microsoft makes it difficult to disable Windows Defender on Windows 10

Did you ever disable Defender?

  • No

    Votes: 20 34.5%

  • Yes

    Votes: 38 65.5%
  • Total voters
    58
SecurityNightmares

SecurityNightmares

Level 32
Verified
Jan 9, 2020
2,111
The second change came to light just recently. It appears that Microsoft disabled the Registry key DisableAntiSpyware which administrators could use to disable Microsoft Windows Defender.

Our colleagues over at Deskmodder note that third-party software such as Defender Control should still work. The equally excellent Configure Defender may work as well.

It is unclear at this point in time if the Group Policy options to disable Windows Defender still work.
Click to expand...

www.ghacks.net

Microsoft makes it difficult to disable Windows Defender on Windows 10 - gHacks Tech News

The August 2020 update for Microsoft Defender Antivirus introduced a change to the program that made it ignore a Registry key that administrators used to disable the security software.
www.ghacks.net
 
  • Like
Reactions: Protomartyr, DJ Panda, Nevi and 14 others
TairikuOkami

TairikuOkami

Level 30
Verified
Content Creator
May 13, 2017
1,908
In the term of security, it is a good idea. People disable AV and then complain about Windows, when they get infected and MS support has to handle it.

People, who do not like WD should already know, how to disable it by simply disabling its services. :)
 

Attachments

  • capture-08192020-210445.jpg
    capture-08192020-210445.jpg
    167.4 KB · Views: 187
  • Like
Reactions: Protomartyr, DJ Panda, Nevi and 12 others
C

ChoiceVoice

Level 6
Oct 10, 2014
256
well, if a simple registry change could disable it, it wouldn't be very effective against more advanced malware that would just turn it off. i stopped trying to turn it off with programs that do that kinda thing. it happened a couple of times that they screwed up defender so i couldn't turn it back on again later.
 
  • Like
Reactions: Protomartyr, Cortex and mlnevese
shmu26

shmu26

Level 85
Verified
Trusted
Content Creator
Jul 3, 2015
7,989
ChoiceVoice said:
well, if a simple registry change could disable it, it wouldn't be very effective against more advanced malware that would just turn it off. i stopped trying to turn it off with programs that do that kinda thing. it happened a couple of times that they screwed up defender so i couldn't turn it back on again later.
Click to expand...
If malware has a strong enough grip on your computer to do that to the registry, it is already in control of your computer. AFAIK any AV can be killed by means of registry changes.
 
  • Like
  • +Reputation
Reactions: ColonelMal, Protomartyr, Cortex and 8 others
shmu26

shmu26

Level 85
Verified
Trusted
Content Creator
Jul 3, 2015
7,989
The Cog in the Machine said:
Thank you for pointing this out. Is there a way to know for sure if it is completely disabled or not?
Click to expand...
I forget the exact name of the WD process that you can see in Windows task manager, or in whatever app you use to monitor running processes. I am running linux right now, so I can't check. Just make a note of it, on a system where it is running properly. If you see that process running on another system, then you know that WD is not disabled.
 
  • Like
  • Thanks
Reactions: ColonelMal, Protomartyr, Cortex and 4 others
Local Host

Local Host

Level 23
Verified
Sep 26, 2017
1,230
shmu26 said:
1 You can still do it from group policy, right?
2 They say that Configure Defender can do it. AFAIK the disable WD feature was removed from Configure Defender, because that feature caused Microsoft to flag it as malware.
Click to expand...
This only affects home users, you can still disable Windows Defender through Group Policy.
ChoiceVoice said:
well, if a simple registry change could disable it, it wouldn't be very effective against more advanced malware that would just turn it off. i stopped trying to turn it off with programs that do that kinda thing. it happened a couple of times that they screwed up defender so i couldn't turn it back on again later.
Click to expand...
Anti-Tamper prevents that, Microsoft reasoning is obviously that, but also to force third-party Anti-Virus vendors to use the proper APIs, instead of hacks.
The Cog in the Machine said:
When you install another security solution WD gets disabled right?
Click to expand...
Yes, but see above, some third-party Anti-Virus vendors were using hacks to disable Windows Defender instead of the proper APIs, those weren't working properly since Microsoft introduced Anti-Tamper.
 
  • Like
  • +Reputation
  • Thanks
Reactions: SeriousHoax, Protomartyr, Gandalf_The_Grey and 9 others
R

roger_m

Level 31
Verified
Content Creator
Dec 4, 2014
2,096
The Cog in the Machine said:
Is it safe to use?
Click to expand...
Yes it is. It doesn't install anything onto your system. You just run it and click Disable Windows Defender and when you exit it, it leaves nothing on your system. You can run it again and re-enable Windows Defender again if you ever need to.

I've found that on some systems, Windows Defender has eventually been enabled again, so I've had to run Configure Defender again. I just leave it the Downloads folder, so that it there if I need to run it again.
 
  • Like
  • Thanks
Reactions: learningexp, SeriousHoax, Protomartyr and 5 others

Similar threads

razorfancy
Q&A Windows Defender signature update and Windows 10 Game mode
Replies
5
Views
681
Microsoft
SeriousHoax
SeriousHoax
mazskolnieces
Microsoft Best Security Practices
Replies
19
Views
948
General Security Questions
Andy Ful
Andy Ful
Gandalf_The_Grey
Q&A Windows Antivirus: Performance- & Stability issues
Replies
6
Views
832
Microsoft
The Cog in the Machine
The Cog in the Machine
Top