New
#20
Microsoft Defender Antivirus tamper protection is turned on by default for all consumer Windows 10 devices. This feature protects devices from cyber attacks that try to disable built-security solutions, such as antivirus protection, in an attempt to gain access to your data, to install malware, or to otherwise exploit your data, identity, and devices. As Microsoft Defender antivirus automatically turns itself off when it detects another antivirus program, we are removing a legacy registry setting called DisableAntiSpyware. Intended to be used by OEMs and IT admins to disable Microsoft Defender Antivirus for the purpose of deploying another antivirus product during deployment, DisableAntiSpyware is not applicable to consumer devices and will be removed beginning with Microsoft Defender Antimalware platform versions 4.18.2007.8 and higher (see KB4052623 for details). This update will be rolled out to devices running Windows Enterprise E3 and E5 at a future date.
Source: https://docs.microsoft.com/en-us/win...age-center#465
to take ownership of protected keys, go into SAFE MODE and then you can take ownership and set permissions to any key no matter how protected it is
- - - Updated - - -
you can alter this registry value by FIRST going into SAFE MODE and taking ownership of the Features tree and giving yourself full control permissions.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Features
and then delete it
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Features
Tamper protection is greyed out for me:
I've looked through gpedit and saw no mention of it and don't remember changing it either..
I do have MDAG enabled.
Does that reinforce Tamper protection?
Hello,.
From our conversation below:
Reset Windows Security app in Windows 11 Tutorial | Page 2 | Windows 11 Forum
Last edited by Brink; 15 Mar 2024 at 09:03.
Well, actually the posts above provided information on how I can disable temper limitatios using safe mode, which I actually did and uninstalled the defender service.
I note though: deleting HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Features as advised above is impossible even in safe mode and even after taling ownership over it. Still, changing the value of the temper service is possible.