Turn On or Off Tamper Protection for Microsoft Defender Antivirus  

Page 3 of 4 FirstFirst 1234 LastLast

  1. Heimataerde
    Posts : 6
    Windows 10
       New #20

    RickC said:
    A late reply, I know, but from my own tests (changing the states of Defender components and refreshing the registry) it looks like a DWORD value of 4 indicates both Tamper Protection and Cloud-delivered protection have been set to OFF:

    Attachment 294695

    Hope this helps...
    I can also verify this.

    Has anyone found a way to alter this registry value? Possibly from the outside using chntpw and linux? I can't test this right now...
      My Computer
    Quote Quote

  3. Brink
    Posts : 68,994
    64-bit Windows 11 Pro for Workstations
    Thread Starter
       New #21

    Microsoft Defender Antivirus tamper protection is turned on by default for all consumer Windows 10 devices. This feature protects devices from cyber attacks that try to disable built-security solutions, such as antivirus protection, in an attempt to gain access to your data, to install malware, or to otherwise exploit your data, identity, and devices. As Microsoft Defender antivirus automatically turns itself off when it detects another antivirus program, we are removing a legacy registry setting called DisableAntiSpyware. Intended to be used by OEMs and IT admins to disable Microsoft Defender Antivirus for the purpose of deploying another antivirus product during deployment, DisableAntiSpyware is not applicable to consumer devices and will be removed beginning with Microsoft Defender Antimalware platform versions 4.18.2007.8 and higher (see KB4052623 for details). This update will be rolled out to devices running Windows Enterprise E3 and E5 at a future date.

    Source: https://docs.microsoft.com/en-us/win...age-center#465
      My Computers
    Quote Quote

  4. Heimataerde
    Posts : 6
    Windows 10
       New #22

    Brink said:
    Source: https://docs.microsoft.com/en-us/win...age-center#465
    There has to be some way to disable this, possibly from outside of Windows. Has anyone looked into this further?
      My Computer
    Quote Quote

  5. Brink
    Posts : 68,994
    64-bit Windows 11 Pro for Workstations
    Thread Starter
       New #23

    Heimataerde said:
    There has to be some way to disable this, possibly from outside of Windows. Has anyone looked into this further?
    Unfortunately, for security purposes, it's been hard coded to only be able to successfully keep Tamper Protection turned on/off via the Windows Security app.

    This way malware will not be able to disable it.
      My Computers
    Quote Quote

  7. dhon joe
    Posts : 5
    Windows 10 home
       New #24

    to take ownership of protected keys, go into SAFE MODE and then you can take ownership and set permissions to any key no matter how protected it is


    Kishvand said:
    Hello.. please don't say there is no way to disable this via registry..
    Found:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Features <TamperProtection>
    But cannot set it to 0 to disable
    Also could NOT set the ownership!
    However, even if I can set that key, it just turns it off, will not disable it,
    I want to disable it or set it gray so cannot change at all, must be another key?
    - - - Updated - - -

    Heimataerde said:
    I can also verify this.

    Has anyone found a way to alter this registry value? Possibly from the outside using chntpw and linux? I can't test this right now...
    you can alter this registry value by FIRST going into SAFE MODE and taking ownership of the Features tree and giving yourself full control permissions.

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Features
      My Computer
    Quote Quote

  8. dhon joe
    Posts : 5
    Windows 10 home
       New #25

    and then delete it

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Features
      My Computer
    Quote Quote

  9. wellyj
    Posts : 10
    Windows 11
       New #26

    Tamper protection is greyed out for me:
    Turn On or Off Tamper Protection for Microsoft Defender Antivirus-tp.png

    I've looked through gpedit and saw no mention of it and don't remember changing it either..

    I do have MDAG enabled.
    Does that reinforce Tamper protection?
      My Computer
    Quote Quote

  10. Anixx
    Posts : 41
    Windows 8.1
       New #27

    Brink said:
    Hello @Kishvand,

    I'm afraid this is a protected DWORD value for security purposes, and Windows will not let you easily change it manually without changing permissions.

    If you are the only administrator on the computer, you can set it to what you want in Windows Security, and standard user accounts will not be able to change it.
    What to do if I cannot start the Windows Security GUI?
      My Computer
    Quote Quote

  11. Brink
    Posts : 68,994
    64-bit Windows 11 Pro for Workstations
    Thread Starter
       New #28

    Anixx said:
    What to do if I cannot start the Windows Security GUI?
    Hello,.

    From our conversation below:

    Reset Windows Security app in Windows 11 Tutorial | Page 2 | Windows 11 Forum
    Last edited by Brink; 15 Mar 2024 at 09:03.
      My Computers
    Quote Quote

  13. Anixx
    Posts : 41
    Windows 8.1
       New #29

    Brink said:
    Hello,.

    From our conversation below:

    Reset Windows Security app in Windows 11 Tutorial | Page 2 | Windows 11 Forum
    Well, actually the posts above provided information on how I can disable temper limitatios using safe mode, which I actually did and uninstalled the defender service.
    I note though: deleting HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Features as advised above is impossible even in safe mode and even after taling ownership over it. Still, changing the value of the temper service is possible.
      My Computer
    Quote Quote

 

Tutorial Categories

Turn On or Off Tamper Protection for Microsoft Defender Antivirus Tutorial Index Network & Sharing Instalation and Upgrade Browsers and Email General Tips Gaming Customization Apps and Features Virtualization BSOD System Security User Accounts Hardware and Drivers Updates and Activation Backup and Restore Performance and Maintenance Mixed Reality Phone


  Related Discussions
How to Enable or Disable Real-time Protection for Microsoft Defender Antivirus in Windows 10 Starting with Windows 10 version 2004, Windows Defender Antivirus as been renamed to Microsoft Defender Antivirus. Windows 10 includes Windows...
I am unable to turn off Real-time protection (or any other settings ie Cloud-delivered protection, Automatic sample submission, etc) in Microsoft Defender Antivirus. When I click the toggle button to turn it from On to Off, it quickly reverts...
Source: https://techcommunity.microsoft.com/t5/Microsoft-Defender-ATP/Tamper-protection-now-generally-available-for-Microsoft-Defender/ba-p/911482 How to Turn On or Off Tamper Protection for Windows Defender Antivirus in Windows 10 ...
Defender Tamper Protection/1903
in AntiVirus, Firewalls and System Security

Moderators: This thread deals with Defender Tamper Protection setting and 1903. If this would be better served in a different location, please feel free to move the post. Just wondering if anyone who installed 1903 is having any unusual issue...
Source: Tamper protection in Microsoft Defender ATP - Microsoft Tech Community - 389571 How to Turn On or Off Tamper Protection for Windows Defender Antivirus in Windows 10
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 10:52.
Find Us




Windows 10 Forums