How to Turn On or Off Microsoft Defender Antivirus in Windows 10  

Page 31 of 33 FirstFirst ... 212930313233 LastLast
  1. Chrysalis's Avatar
    Posts : 210
    Win 10 1809 LTSC
       #300

    Matthew Wai said:
    It works on Home if the commands are run via NSudo, which is used in my scripts for controlling Windows Update.
    My task does the same except its automated. Just add my task to task scheduler, when it sees in the log that windows defender real time has been turned on it will auto flip to off.
      My Computer


  2. Posts : 50
    Windows 10
       #301

    Matthew Wai said:
    It works on Home if the commands are run via NSudo, which is used in my scripts for controlling Windows Update.
    Where can I find your scripts?

    Do they work with Win10 HOME as well?
      My Computer

  3. Chrysalis's Avatar
    Posts : 210
    Win 10 1809 LTSC
       #302

    tobwen said:
    Where can I find your scripts?

    Do they work with Win10 HOME as well?
    Hi my post is here

    How to Turn On or Off Microsoft Defender Antivirus in Windows 10

    Sadly i couldnt attach the exported script for some reason, but I may try to attach it again later.
      My Computer

  4. Matthew Wai's Avatar
    Posts : 5,752
    Windows 10 Home 20H2
       #303

    tobwen said:
    Where can I find your scripts?
    Using CMD script and VBScript to control Windows Update

    tobwen said:
    Do they work with Win10 HOME as well?
    They work perfectly on my Windows 10 Home.

    Chrysalis said:
    Sadly i couldnt attach the exported script for some reason, but I may try to attach it again later.
    Write a tutorial if you find it useful.
      My Computer

  5. Brink's Avatar
    Posts : 57,895
    64-bit Windows 10 Pro for Workstations build 21390
    Thread Starter
       #304

    Chrysalis said:
    Sadly i couldnt attach the exported script for some reason, but I may try to attach it again later.
    If you haven't already, you might see if you can ZIP the script, and upload and attach the ZIP file instead.

    How to Upload and Post Screenshots and Files at Ten Forums
      My Computers

  6. Chrysalis's Avatar
    Posts : 210
    Win 10 1809 LTSC
       #305

    Matthew Wai said:
    Using CMD script and VBScript to control Windows Update

    They work perfectly on my Windows 10 Home.

    Write a tutorial if you find it useful.

    I did but I accept the post is somewhat messy.
    Brink said:
    If you haven't already, you might see if you can ZIP the script, and upload and attach the ZIP file instead.

    How to Upload and Post Screenshots and Files at Ten Forums
    Ok fingers crossed upload works as zip.

    RenewDisableDefenderRT.zip

    1 - extract zip.
    2 - Copy the "Defender-Realtime-Disable.cmd" to "C:\Program Files"
    3 - import task as follows in admin command prompt.

    schtasks /create /Ru SYSTEM /TN "RenewDisableDefenderRT" /XML RenewDisableDefenderRT.xml

    This task will auto deactivate defender real time whenever its enabled, if its already enabled you will need to manually deactivate it once first. The task is accessible in main task scheduler folder, from there it can be edited, disabled, or deleted.

    If you dont want to use "C:\Program Files" as the destination you can put the command file elsewhere but will need to edit the script path in the task to match.
    Last edited by Brink; 03 Apr 2021 at 20:42. Reason: attached uploaded file
      My Computer


  7. Posts : 31
    Windows 7/8.1/10
       #306

    Doesn't work for me. MsMpEng.exe is still running.

    - - - Updated - - -

    Chrysalis said:
    I did but I accept the post is somewhat messy.


    Ok fingers crossed upload works as zip.

    RenewDisableDefenderRT.zip

    1 - extract zip.
    2 - Copy the "Defender-Realtime-Disable.cmd" to "C:\Program Files"
    3 - import task as follows in admin command prompt.

    schtasks /create /Ru SYSTEM /TN "RenewDisableDefenderRT" /XML RenewDisableDefenderRT.xml

    This task will auto deactivate defender real time whenever its enabled, if its already enabled you will need to manually deactivate it once first. The task is accessible in main task scheduler folder, from there it can be edited, disabled, or deleted.

    If you dont want to use "C:\Program Files" as the destination you can put the command file elsewhere but will need to edit the script path in the task to match.
    How do you manually deactivate "it" first and how to undo this operation?

    - - - Updated - - -

    Anolin said:
    Yep, it's called Defender Control and can be found at Simplify Your computer Usage
    Thank you. Why aren't others using this? This works great unlike the other suggestions.

    Are there any cons to using this where it may cause you issues in not restartng the service when you want to?
      My Computers

  8. Chrysalis's Avatar
    Posts : 210
    Win 10 1809 LTSC
       #307

    Sammy888 said:
    Doesn't work for me. MsMpEng.exe is still running.

    - - - Updated - - -


    How do you manually deactivate "it" first and how to undo this operation?
    You open security dashboard and disable realtime protection, and to undo it you simply disable the task or delete the task.



    - - - Updated - - -




    Sammy888 said:
    Thank you. Why aren't others using this? This works great unlike the other suggestions.

    Are there any cons to using this where it may cause you issues in not restartng the service when you want to?
    Me personally its because its a closed source 3rd party program. Also I still want the application exploit protection, its just the real time file scanning I want disabled.


    ---

    Ok guys, I took the time to use the app to disable defender and do some tests, I have also been testing various group policy settings, the idea is to observe resource utilisation and performance, so people have an idea of the merits of the options available.

    So as stated if the app is used it succeeds in disable windows defender completely, if I check in process hacker, all antivirus services/drivers/processes are stopped.

    If the realtime is disabled in the settings security centre, the FS driver and main process stay running, however there is no increase in resource usage on filesystem activity, and if I move the eicar test file around nothing is detected. On demand scans remain available as a useful tool. So no observed differences vs fully disabling defender other than the process and driver are running.

    I then after reading documentation found out about the following in group policy.

    1 "monitor file and program activity on computer"
    2 "turn on behaviour monitoring"
    3 "scan all downloaded files and attachments"
    4 "turn on process scanning whenever real protection is enabled"

    As it turns out you can muzzle windows defender even without toggling the main settings in the security centre, this requires no tricks using scheduler, or dealing with 24 hour resets, it will stick.

    The first I listed above will stop real time file scanning. eicar wont be detected on copy/move. Performance is same as first two solutions.
    Number 3 will still scan files downloaded in edge (didnt test other browsers), and also attachments in outlook. So useful.
    Numbers 2 and 4 im not sure of performance impact, but I can confirm in powershell the group policies for both are been honoured.

    However what doesnt work in group policy is toggling cloud settings, I believe because this has a toggle in the security centre, it is likely protected by anti tamper. But not a big deal to toggle in there as it doesnt auto change back.

    I expect most in this thread do not care for this information as probably just want defender fully off, but I posted it as an extra option for people, just in case they not aware it can be tamed this way as well.
    Last edited by Chrysalis; 16 Apr 2021 at 13:19.
      My Computer

  9. atinfo's Avatar
    Posts : 139
    Windows 10 20H2 Enterprise (x64)
       #308

    Hello @Brink

    I have switched from non Windows AV to Windows AV (Windows Security)!

    I had disabled it. I have enabled it now, but I am wondering why its (Windows Security) tray icon is a white shield with a green overlay tick (all things good) on it instead of blue shield with a green tick on it! (SS below)
    How to Turn On or Off Microsoft Defender Antivirus in Windows 10-ss.png

    Is it out dated!? There is no offline installer to update it from Store or !

    "Windows version : 20H2 B 19042.685"
    "Windows Security version: 1.339.248.0"
      My Computer

  10. Brink's Avatar
    Posts : 57,895
    64-bit Windows 10 Pro for Workstations build 21390
    Thread Starter
       #309

    atinfo said:
    Hello @Brink

    I have switched from non Windows AV to Windows AV (Windows Security)!

    I had disabled it. I have enabled it now, but I am wondering why its (Windows Security) tray icon is a white shield with a green overlay tick (all things good) on it instead of blue shield with a green tick on it! (SS below)
    How to Turn On or Off Microsoft Defender Antivirus in Windows 10-ss.png

    Is it out dated!? There is no offline installer to update it from Store or … !

    "Windows version : 20H2 B 19042.685"
    "Windows Security version: 1.339.248.0"
    Hello mate,

    The new icon should be available starting with Windows 10 build 19577.
      My Computers


 
Page 31 of 33 FirstFirst ... 212930313233 LastLast

Tutorial Categories

How to Turn On or Off Microsoft Defender Antivirus in Windows 10 Tutorial Index Network & Sharing Instalation and Upgrade Browsers and Email General Tips Gaming Customization Apps and Features Virtualization BSOD System Security User Accounts Hardware and Drivers Updates and Activation Backup and Restore Performance and Maintenance Mixed Reality Phone


  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 23:30.
Find Us




Windows 10 Forums