• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

How to disable Windows Defender in Windows 10 1909

Status
Not open for further replies.
Joined
Oct 5, 2010
Messages
53 (0.01/day)
Hi. I'm using Win 10 Pro version, so I opened gpedit.msc, navigated to "Computer Configuration > Administrative Templates > Windows Components > Windows Defender Antivirus" to enable 2 policies: "Turn off Windows Defender Antivirus" and "Disable Realtime Protection".

In previous versions of Win 10 (before 1903) this completely settled the problem. However, in the latest Win 10 1909, the Defender process MsMpEng.exe is still running and periodically I get Windows notifications that "Windows Defender has performed a scan and found no threats". So, in all, these both policies in gpedit.msc have managed to disable the realtime protection, but Win Def still scans the PC periodically.

I'd like to disable Win Def so that even its process won't be running. Can it be done in gpedit.msc?
I also can't disable Win Def in services.msc (WinDefend service) because its configuration window is all greyed out. Can it be disabled in Sc.exe (the command line tool to manage services)? If so, how?
 
Joined
Jul 25, 2006
Messages
7,379 (1.43/day)
Location
Nebraska, USA
System Name Brightworks Systems BWS-6 E-IV
Processor Intel Core i5-6600 @ 3.9GHz
Motherboard Gigabyte GA-Z170-HD3 Rev 1.0
Cooling Quality case, 2 x Fractal Design 140mm fans, stock CPU HSF
Memory 16GB (2 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s) EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s) Samsung S24E650BW LED x 2
Case Fractal Design Define R4
Power Supply EVGA Supernova 550W G2 Gold
Mouse Microsoft Wireless 5000
Keyboard Microsoft Wireless Comfort 5050
Software W10 Pro 64-bit
Because it is ill-advised to run without an antimalware solution installed, I don't believe it is possible to disable Windows Defender without installing a 3rd party security solution. Plus, I note now it is called Microsoft Defender because it is much more than just a malware scanner for Windows, the OS. For example, the built in firewall is part of Microsoft Defender.

If you don't want Microsoft Defender, the antimalware scanner, running full time, simply install a 3rd party scanner. Microsoft Defender's scanner will happily step out of the way.

That said, I agree with Assimilator and would wonder why. I use Defender, with no problems or regrets.
 
Joined
Jul 16, 2014
Messages
3,781 (1.68/day)
Location
SE Michigan
System Name Dumbass
Processor AMD-9370BE @4.6
Motherboard ASUS SABERTOOTH 990FX R2.0 +SB950
Cooling CM Nepton 280L
Memory G.Skill Sniper 16gb DDR3 2400
Video Card(s) GreenTeam 1080 Gaming X 8GB
Storage C:\SSD (240GB), D:\Seagate (2TB), E:\Western Digital (1TB)
Display(s) 1x Nixeus NX_EDG27, 2x Dell S2440L (16:9)
Case Phanteks Enthoo Primo w/8 140mm SP Fans
Audio Device(s) onboard (realtek?) SPKRS:Logitech Z623 200w 2.1
Power Supply Corsair HX1000i
Mouse Logitech G700s
Keyboard Logitech G910 Orion Spark
Software windows 10
Benchmark Scores https://i.imgur.com/aoz3vWY.jpg?2
Joined
Oct 5, 2010
Messages
53 (0.01/day)
I know what files I download (from very trusted sources), what sites I browse, which emails don't trust, and if I'm unsure I use virustotal.com to check some files that I dl from less trusty sources. I assure you, I'm without any AV and didn't have a virus/malware running on the system in many years. I don't need AV, that's why I want it disabled.
 
Joined
Mar 13, 2014
Messages
4,487 (1.88/day)
Processor i7 7700k
Motherboard MSI Z270 SLI Plus
Cooling CM Hyper 212 EVO
Memory 2 x 8 GB Corsair Vengeance
Video Card(s) MSI RTX 2070 Super
Storage Samsung 850 EVO 250 GB and WD Black 4TB
Display(s) Dell 27 inch 1440p 144 Hz
Case Corsair Obsidian 750D Airflow Edition
Audio Device(s) Onboard
Power Supply EVGA SuperNova 850 W Gold
Mouse Logitech G502
Keyboard Logitech G105
Software Windows 10
I like Defender. I wouldn't think of disabling it. Some people say that you can use your rig online with no Antivirus program as long as you are careful but my experience has been different. I was on a reputable gaming site many years ago and had AVG Free running and clicked on a seemingly harmless flash video and picked up a virus. An AVG scan wouldn't remove it and for the first and only time even MalwareBytes couldn't remove it. I used MSconfig to stop it from running on startup but it just kept coming back. There was a tutorial online how to remove it but that didn't work either. I had to wipe the drive and reload the OS. I switched the antivirus program to another.

There are nasties out there even on reputable sites.
 
Joined
Jul 5, 2013
Messages
10,473 (3.98/day)
System Name GPD-Q9
Processor Rockchip RK-3288 1.8ghz quad core
Motherboard GPD Q9_V6_150528
Cooling Passive
Memory 2GB DDR3
Video Card(s) Mali T764
Storage 16GB Samsung NAND
Display(s) IPS 1024x600
I don't need AV, that's why I want it disabled.
Ok, since you've been properly warned and want to anyway, here's how;
You need to use either a WinPE boot drive or a Linux live disc with NTFS support(most have such).
Open the file manager and rename all of the following folders to encase them in brackets.
For example; C:\Program Files\Windows Defender -> C:\Program Files\[Windows Defender]

The list of folders to rename is as a follows;
C:\Program Files\Windows Defender
C:\Program Files (x86)\Windows Defender
C:\ProgramData\Microsoft\Windows Defender

This will disable Windows Defender in a reversible way. This can be done with any program or app that is undesired which Windows will not let you remove.

You can also use a utility call WinAeroTweaker which has a function to disable Windows Defender, but this can easily be re-enabled by the OS. Renaming the folders can not be reversed by the OS very easily.
 
Last edited:
Joined
Mar 23, 2016
Messages
4,036 (2.46/day)
Processor Ryzen 7 3800X
Motherboard MSI B450 Tomahawk ATX
Cooling Cooler Master Hyper 212 Black Edition
Memory PNY Anarchy-X XLR8 Red DDR4-3200 16GB kit & PNY Anarchy-X XLR8 Red DDR4-2666 16GB kit
Video Card(s) MSI GeForce RTX 2060 GAMING Z 6G
Storage Samsung 970 EVO NVMe M.2 500 GB, SanDisk Ultra II 480 GB
Display(s) Samsung SyncMaster C27H711 OC refresh rate 110Hz
Case Phantek Eclipse P400S (PH-EC416PS)
Audio Device(s) EVGA NU Audio
Power Supply EVGA 850 BQ
Mouse SteelSeries Rival 310
Keyboard Logitech G G413 Silver
Software Windows 10 Professional 64-bit v2004
There's a anti-tamper setting turned on that prevents Windows Defender from being disabled, and other settings tampered with by a rouge app.

If you toggle that setting off then you can completely disable Windows Defender with the existing Group Policy change.

Edit:
Go to Settings, scroll down, click Update & Security
Click Windows Security in the left panel then Click Virus & Thread Protection
Scroll down to virus & threat protection settings, and click manage settings
Scroll down to Tamper Protection, and toggle off.

Untitled.jpg
 
Last edited:
Joined
Oct 5, 2010
Messages
53 (0.01/day)
There's a anti-tamper setting turned on that prevents Windows Defender from being disabled, and other settings tampered with by a rouge app.

If you toggle that setting off then you can completely disable Windows Defender with the existing Group Policy change.
How do I do this?
 
Joined
Jul 5, 2013
Messages
10,473 (3.98/day)
System Name GPD-Q9
Processor Rockchip RK-3288 1.8ghz quad core
Motherboard GPD Q9_V6_150528
Cooling Passive
Memory 2GB DDR3
Video Card(s) Mali T764
Storage 16GB Samsung NAND
Display(s) IPS 1024x600
How do I do this?
It will not work if Windows, or an update, turns it back on and reenables WD.

The only way to keep it disabled is to change the folder names.

I have been and currently do this myself. Granted I use a third party antimalware suite because I have more trust in them and their apps don't make irritating and intrusive changes without asking first. I delete the folders listed above and a few more because I have no intention of ever allowing WD and it's associated services to run on my personal systems. Unlike others, I do not trust Microsoft and do not run Windows in a default configuration.
 
Joined
Mar 23, 2016
Messages
4,036 (2.46/day)
Processor Ryzen 7 3800X
Motherboard MSI B450 Tomahawk ATX
Cooling Cooler Master Hyper 212 Black Edition
Memory PNY Anarchy-X XLR8 Red DDR4-3200 16GB kit & PNY Anarchy-X XLR8 Red DDR4-2666 16GB kit
Video Card(s) MSI GeForce RTX 2060 GAMING Z 6G
Storage Samsung 970 EVO NVMe M.2 500 GB, SanDisk Ultra II 480 GB
Display(s) Samsung SyncMaster C27H711 OC refresh rate 110Hz
Case Phantek Eclipse P400S (PH-EC416PS)
Audio Device(s) EVGA NU Audio
Power Supply EVGA 850 BQ
Mouse SteelSeries Rival 310
Keyboard Logitech G G413 Silver
Software Windows 10 Professional 64-bit v2004
Joined
Jun 28, 2016
Messages
3,595 (2.33/day)
I know what files I download (from very trusted sources), what sites I browse, which emails don't trust, and if I'm unsure I use virustotal.com to check some files that I dl from less trusty sources. I assure you, I'm without any AV and didn't have a virus/malware running on the system in many years. I don't need AV, that's why I want it disabled.
Have you considered a possibility that you didn't have a virus for years exactly because a security suit is built into your system? Into most systems "around" you?

You know sites you browse. Lets challenge that. What do you know about virustotal.com? Do you know who is behind this site? :)
 
Joined
Jul 5, 2013
Messages
10,473 (3.98/day)
System Name GPD-Q9
Processor Rockchip RK-3288 1.8ghz quad core
Motherboard GPD Q9_V6_150528
Cooling Passive
Memory 2GB DDR3
Video Card(s) Mali T764
Storage 16GB Samsung NAND
Display(s) IPS 1024x600
It's stayed off for me even after updates have been applied.
Weird. I've watched it get re-enabled, depending on the update applied.
 
Joined
Oct 5, 2010
Messages
53 (0.01/day)
There's a anti-tamper setting turned on that prevents Windows Defender from being disabled, and other settings tampered with by a rouge app.

If you toggle that setting off then you can completely disable Windows Defender with the existing Group Policy change.

Edit:
Go to Settings, scroll down, click Update & Security
Click Windows Security in the left panel then Click Virus & Thread Protection
Scroll down to virus & threat protection settings, and click manage settings
Scroll down to Tamper Protection, and toggle off.

View attachment 141477
Thanks a lot! Disabling the tamper protection and enabling the two policies in gpedit.msc from the first post did the trick and now even MsMPEng.exe (the main defender process) is not running = approximately 100MB RAM saved and a bit quicker boot time :). Good thing is the Windows Firewall is still running as intended.
 
Last edited:
Joined
Jul 5, 2013
Messages
10,473 (3.98/day)
System Name GPD-Q9
Processor Rockchip RK-3288 1.8ghz quad core
Motherboard GPD Q9_V6_150528
Cooling Passive
Memory 2GB DDR3
Video Card(s) Mali T764
Storage 16GB Samsung NAND
Display(s) IPS 1024x600
Thanks a lot! Disabling the tamper protection and enabling the two policies in gpedit.msc from the first post did the trick and now even MsMPEng.exe (the main defender process) is not running = approximately 100MB RAM saved and a bit quicker boot time :). Good thing is the Windows Firewall is still running as intended.
Glad you have a solution you're happy with. You will have to watch it though as future updates are applied. If it does become a problem, the folder renaming method will work in a way only you can reverse.
 
Joined
Jan 1, 2020
Messages
62 (0.24/day)
Location
Avon Lake, Ohio
System Name Frankenstein
Processor AMD 8120 3.10
Motherboard AsRock
Cooling air
Memory 16
Video Card(s) MSI RX580 OC
Storage a bunch
Display(s) 27" IPS
Case beat
Audio Device(s) nothing special
Power Supply converted to gas
Mouse and cat
Keyboard backlit and big letters!
Software 7, 10, CentOS
Benchmark Scores embarrassing I imagine!
This worked great for me. I deleted them. I was just messing around seeing what I could get away with.....I had the OS stripped pretty dang good and no issues!


Oddly, I didn't mess with defender though. I saw no reason but I will probably kill it too just to see...
 

Attachments

Joined
Sep 27, 2019
Messages
246 (0.69/day)
Location
Canada
System Name New compy
Processor AMD Ryzen 3600x
Motherboard MSI MEG x570 ACE
Cooling Noctua NH-D15S w. FHP141 + Xigmatek AOS
Memory Patriot Viper 16gb ddr4400
Video Card(s) Asus GTX 1070 HB SLI
Storage 9.5tb
Display(s) Alienware AW2518H 24" 240hz, LG 43" 4k HDR TV 43UM6910PUA
Case Thermaltake Core v71
Audio Device(s) iFi Nano Idsd Le, Creative T20 + T50, Sennheiser HD6Mix
Power Supply EVGA Supernova G2 1000w
Mouse Logitech G502 Hero custom w. G900 scroll wheel mod, G602, M705
Keyboard Corsair K68 RGB + K70 RGB, MK700
Software Win 10 Pro
Benchmark Scores https://valid.x86.fr/83f50d
To disable defender use shutup 10, get it here.


Apply all settings, restart pc.

To stop security center run regedit and edit the following 2 locations

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc

Change the Start dword value to 4 on both to disable security center.

To get rid of the security center warning message do the following

1 Tap on the Windows-key, type gpedit.msc, and hit the Enter-key. This starts the Group Policy Editor on the system.
2 Use the sidebar to go to User Configuration > Administrative Templates > Start Menu and Taskbar.
3 Locate Remove Notifications and Action Center there. If the list is not sorted alphabetically, click on the "setting" column title to do so. This makes it easier to find the policy.
4 Double-click on the policy.
5 Set it to enabled.
6 Restart the PC
 
Last edited:
Joined
Jan 1, 2020
Messages
62 (0.24/day)
Location
Avon Lake, Ohio
System Name Frankenstein
Processor AMD 8120 3.10
Motherboard AsRock
Cooling air
Memory 16
Video Card(s) MSI RX580 OC
Storage a bunch
Display(s) 27" IPS
Case beat
Audio Device(s) nothing special
Power Supply converted to gas
Mouse and cat
Keyboard backlit and big letters!
Software 7, 10, CentOS
Benchmark Scores embarrassing I imagine!
Shut up 10 doesn't hold at least one setting...I can't remember which one though. A update may have fixed it?
 
Joined
Jul 25, 2006
Messages
7,379 (1.43/day)
Location
Nebraska, USA
System Name Brightworks Systems BWS-6 E-IV
Processor Intel Core i5-6600 @ 3.9GHz
Motherboard Gigabyte GA-Z170-HD3 Rev 1.0
Cooling Quality case, 2 x Fractal Design 140mm fans, stock CPU HSF
Memory 16GB (2 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s) EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s) Samsung S24E650BW LED x 2
Case Fractal Design Define R4
Power Supply EVGA Supernova 550W G2 Gold
Mouse Microsoft Wireless 5000
Keyboard Microsoft Wireless Comfort 5050
Software W10 Pro 64-bit
Yeah, I used to think I was smarter than all the bad guys and that I could never ever, not once slip up and accidentally click on something I shouldn't, or that the most trusted sites could never be hacked.

Good luck.
 
Joined
Jan 1, 2020
Messages
62 (0.24/day)
Location
Avon Lake, Ohio
System Name Frankenstein
Processor AMD 8120 3.10
Motherboard AsRock
Cooling air
Memory 16
Video Card(s) MSI RX580 OC
Storage a bunch
Display(s) 27" IPS
Case beat
Audio Device(s) nothing special
Power Supply converted to gas
Mouse and cat
Keyboard backlit and big letters!
Software 7, 10, CentOS
Benchmark Scores embarrassing I imagine!
I look forward to that ^^ .LOL. It keeps us current.
 

rtwjunkie

PC Gaming Enthusiast
Supporter
Joined
Jul 25, 2008
Messages
13,214 (2.98/day)
Location
Louisiana -Laissez les bons temps rouler!
System Name Bayou Phantom
Processor Core i7-8700k 4.4Ghz @ 1.18v
Motherboard ASRock Z390 Phantom Gaming 6
Cooling All air: 2x140mm Fractal exhaust; 3x 140mm Cougar Intake; Enermax T40F Black CPU cooler
Memory 2x 16GB Mushkin Redline DDR-4 3200
Video Card(s) MSI GTX 1080Ti Gaming X
Storage 1x 500 MX500 SSD; 1x 2TB WD Black; 2x 4TB WD Black; 1x400GB VelRptr; 1x 3TB WD Blue storage (eSATA)
Display(s) HP 27q 27" IPS @ 2560 x 1440
Case Fractal Design Define R4 Black w/Titanium front -windowed
Audio Device(s) Soundblaster Z
Power Supply Seasonic X-850
Mouse Coolermaster Sentinel III (large palm grip!)
Keyboard Logitech G610 Orion mechanical (Cherry Brown switches)
Software Windows 10 Pro 64-bit (Start10 & Fences 3.0 installed)
I know what files I download (from very trusted sources), what sites I browse, which emails don't trust, and if I'm unsure I use virustotal.com to check some files that I dl from less trusty sources. I assure you, I'm without any AV and didn't have a virus/malware running on the system in many years. I don't need AV, that's why I want it disabled.
Except for the fact that known safe sites occasionally end up with drive-by infections.

Anyway, I hope this solution works for you.
 
Status
Not open for further replies.
Top