Turn On or Off Tamper Protection for Microsoft Defender Antivirus  

Page 1 of 4 123 ... LastLast
    Turn On or Off Tamper Protection for Microsoft Defender Antivirus

    Turn On or Off Tamper Protection for Microsoft Defender Antivirus

    How to Turn On or Off Tamper Protection for Microsoft Defender Antivirus in Windows 10
    Published by Category: Security System
    01 Sep 2020
    Designer Media Ltd

    How to Turn On or Off Tamper Protection for Microsoft Defender Antivirus in Windows 10


    Starting with Windows 10 version 2004, Windows Defender Antivirus as been renamed to Microsoft Defender Antivirus.

    Windows 10 includes Windows Security, which provides the latest antivirus protection. Your device will be actively protected from the moment you start Windows 10. Windows Security continually scans for malware (malicious software), viruses, and security threats. In addition to this real-time protection, updates are downloaded automatically to help keep your device safe and protect it from threats.

    Starting with Windows 10 build 18305, Microsoft introduced Tamper Protection.

    Tamper Protection is a new setting from Microsoft Defender Antivirus, available in the Windows Security app, which when on, provides additional protections against changes to key security features, including limiting changes which are not made directly through the Windows Security app.

    Starting with Windows 10 build 18323, you may see a new recommendation in the Windows Security app suggesting you turn this setting on if currently turned off.

    See also:

    This tutorial will show you how to turn on or off Tamper Protection for key Microsoft Defender Antivirus security features in Windows 10.

    You must be signed in as an administrator to turn on or off Tamper Protection.


    Microsoft Defender Antivirus tamper protection is turned on by default for all consumer Windows 10 devices. This feature protects devices from cyber attacks that try to disable built-security solutions, such as antivirus protection, in an attempt to gain access to your data, to install malware, or to otherwise exploit your data, identity, and devices. As Microsoft Defender antivirus automatically turns itself off when it detects another antivirus program, we are removing a legacy registry setting called DisableAntiSpyware. Intended to be used by OEMs and IT admins to disable Microsoft Defender Antivirus for the purpose of deploying another antivirus product during deployment, DisableAntiSpyware is not applicable to consumer devices and will be removed beginning with Microsoft Defender Antimalware platform versions 4.18.2007.8 and higher (see KB4052623 for details). This update will be rolled out to devices running Windows Enterprise E3 and E5 at a future date.

    Source: https://docs.microsoft.com/en-us/win...age-center#465




    Here's How:

    1 Open Windows Security, and click/tap on the Virus & threat protection icon. (see screenshot below)

    Turn On or Off Tamper Protection for Microsoft Defender Antivirus-windows_security_tamper_protection-1.jpg

    2 Click/tap on the Manage settings link under Virus & threat protection settings. (see screenshot below)

    Turn On or Off Tamper Protection for Microsoft Defender Antivirus-windows_security_tamper_protection-2.png

    3 Turn on (default) or off Tamper Protection for what you want. (see screenshot below)

    The registry key and DWORD value for this setting is located below, but you will not be able to manually change the TamperProtection DWORD value unless you take ownership of the Features key first.

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Features

    TamperProtection DWORD

    0 = Off
    5 = On


    Turn On or Off Tamper Protection for Microsoft Defender Antivirus-windows_security_tamper_protection-3.jpg

    4 When prompted by UAC, click/tap on Yes to approve.

    5 You can now close Windows Security if you like.


    That's it,
    Shawn



  1. Posts : 1,602
    W10 Enterprise
       #1

    Has this facility now been turned off as I can't find it, running 18362. The other issues is that no matter how I try I can't run WD Offline Scan.

    Got a little jumpy today having got a Virus warning after downloading netbeans IDE from the official apache site, Scanned it, did a hash check , both reported as ok and then getting a WD warning which had picked up, an thankfully quarantined, a trojan by the name of unwaders.A!ml virus.

    Turn On or Off Tamper Protection for Microsoft Defender Antivirus-virus-threat-180519.png

    So I decide to try a WD offline scan but ran into the issue of it not working. Anyone with any ideas as to why this would not be working?

    Also I have no idea what "Monegafeb.exe" detailed in the first line of "Affected items" is. Can't find anything in an online search either.

    The path "C:\Users\Tech1\AppData\Local\2d18139fc92404b986600c472cb5043a" is still in the hidden files but the Monegafeb.exe is not as it was, I assume quarantined by WD.

    Should the folder "2d18139fc92404b986600c472cb5043a" be there or do I get rid of it? There are 2 text documents in it, pacepotaro and sof.
      My Computer


  2. Posts : 68,661
    64-bit Windows 11 Pro for Workstations
    Thread Starter
       #2

    Hellp @techquest,

    Do you have the settings available in Settings like in the tutorial?

    If not, do you have a 3rd party AV installed?
      My Computers


  3. Posts : 1,602
    W10 Enterprise
       #3

    Hi Brink thanks for your input.

    Yes I see all that you have in the tut and have all on down to the Tamper on slide. But no matter what I try, the offline scan does not run. I have no third party protection on the system.
      My Computer


  4. Posts : 68,661
    64-bit Windows 11 Pro for Workstations
    Thread Starter
       #4

    If you haven't already, you might see if you may be able to use one of the other options to perform a Windows Defender offline scan.

    Windows Defender Offline Scan in Windows 10
      My Computers


  5. Posts : 1,602
    W10 Enterprise
       #5

    Thanks, yes I have tried all 3 options.

    Opt ONE (PS). C:\Windows\system32> Start-MpWDOScan
    C:\Windows\system32> just sits at this promt.

    Opt TWO (CMD). PS C:\Windows\system32> PowerShell Start-MpWDOScan
    PS C:\Windows\system32> just sits at this prompt


    Opt THREE. Get to point 5. and Yes to UAC but doesn't get 6. or beyond.
      My Computer


  6. Posts : 68,661
    64-bit Windows 11 Pro for Workstations
    Thread Starter
       #6

    Interesting. Are you able to run the offline scan if Tamper Protection is turned off? If so, could be a bug.
      My Computers


  7. Posts : 1,602
    W10 Enterprise
       #7

    Just tried your suggestion with Tamper Protection off but still the same trying all 3 options of # your2. As you say, interesting. Should I report this through the hub as a potential bug, do you think?
      My Computer


  8. Posts : 68,661
    64-bit Windows 11 Pro for Workstations
    Thread Starter
       #8

    Yeah, I would recommend to report it to be safe.
      My Computers


  9. Posts : 1,602
    W10 Enterprise
       #9

    Okay Brink, thanks for your input and help, they are much appreciated.

    Meanwhile I will flag it to the insider hub and see what they come back with, if they do at all that is, and post back here if there is any result.
      My Computer


 

Tutorial Categories

Turn On or Off Tamper Protection for Microsoft Defender Antivirus Tutorial Index Network & Sharing Instalation and Upgrade Browsers and Email General Tips Gaming Customization Apps and Features Virtualization BSOD System Security User Accounts Hardware and Drivers Updates and Activation Backup and Restore Performance and Maintenance Mixed Reality Phone


  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 13:46.
Find Us




Windows 10 Forums