Windows – How to disable Windows 10 defender service (W10 1909)

windows 10windows-defender

On Windows 10 1909 enterprise, I have a process "Antimalware Service executable", within which the service: "Windows defender antivirus service"; which takes 115BM of memory.

However, in group policy, "Windows defender antivirus" I have "Turn off Windows defender antivirus" enabled, which help says:

This policy setting turns off Windows Defender Antivirus.

If you enable this policy setting, Windows Defender Antivirus does not run, and will not scan computers for malware or other potentially
unwanted software.

As well as "Turn off real-time protection" enabled (but this should not change a thing since the sus-mentionned parameter was turned off).

If I remember well the process was not running in 1809 with this policy. How can I in the end disable the process ? Is this a bug ?

Best Answer

The correct action is to disable the Tamper protection in Windows security/virus&threat protection settings. Even without the key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\DisableAntiSpyware = 1 the group policy Turn off Windows defender antivirus to enabled will have effect.

Registry keys should be used as last option.

Related Question