Question Looking for Defender Control alternative

[Michael24]

I just upgraded from Windows 10 Enterprise LTSC 2019 to LTSC 2021.
Defender Control worked just fine with LTSC 2019 but as i noticed the hard way, not anymore with LTSC 2021:

We get some messages like this ; After turning off Defender with Defender Control, it cannot be opened again.Although it never causes this error on our systems. There are complaints from users

the following are just possibilities :

Microsoft does not want Defender to be turned off completely. Therefore, when defender is turned off, windows update or windows component is trying to repair Defender and as a result Defender may become corrupt. Of course a malicious program may also corrupt Defender completely. (If there is no different security software in windows, when Defender is turned off)
Microsoft is constantly taking new measures because it does not want Defender to be turned off. There is a possibility that Windows Defender may be corrupted among these measures. Therefore We will no longer update this program
Sordum.org Team

After rebooting Defender finally works again. But i'm not willing to risk breaking it again/maybe irreversible.

Is there an alternative way to disable windows defender that does not corrupt it / where it will restart without issues? (After lets say a couple days at a time)

According to this article

5 Ways to Permanently Disable Microsoft Defender in Windows 11

Want Microsoft Defender down for good? Here's how to do it on Windows 11.

www.makeuseof.com

A simple registry tweak should be enough?

But i'm not quite sold because if that is true, why does "defender control" do all these things and not just that?

What changes does the Defender Control software make in the disable process?
The software stops the Wscsvc service, then WinDefend and the services specified in the ini file like WdFilter, WdNisDrv, WdNisSvc.
Some new reg values are added to the following Registry Key
HKLM\SOFTWARE\Microsoft\Windows Defender.
The software performs some Group Policy settings (HKLM\SOFTWARE\Policies\Microsoft\Windows Defender)
SecurityHealthSystray.exe is stopped so that it does not run at system startup.
mpcmdrun.exe is blocked to prevent it from running.
The startup values of the services specified in the ini file are changed.
There are some other controls and operations.
If the wscsvc service is not running, it will started.
In Defender Control enable, all changes made are undone and some settings are restored to the system default settings.

 

[zinkles]

You wanna completely and permanently disable windows defender? ight?

I recommend this tool: https://github.com/ionuttbara/windows-defender-remover

It gives you a couple options to chose from, being, disable defender permanently, stop defender and its other components, etc.

I don't recommend staying without a antivirus though, so consider downloading an alternative.

But i'm not quite sold because if that is true, why does "defender control" do all these things and not just that?

I've also noticed that and it runs as a small (sometimes big) process in the background even after disabling it via defender control panel. That's why i use that script which disables it permanently without it interfering, cause i have another AV already.

Note: Don't poke around the registry, cause a wrong edit would even leave the OS corrupted (experience). if you really want to edit it, make sure you do it correctly, and do one change at a time so its easy to revert back. I also recommend backing up the registry beforehand.

 

[COLGeek]

I just want to add something here. Disabling Defender is not useful. If you install another anti-virus app, it will be disabled.

I (and nearly all the moderators) use Defender and nothing else. The best anti-virus app you have is between your ears. Be smart about how you access the 'Net and Defender is more than enough.

Be dumb and no tool will fully protect you.

For @Michael24 was are you expecting to gain by disabling Defender?

 

[Michael24]

You wanna completely and permanently disable windows defender? ight?

No i just want to disable it while doing backups of my external 20TB HDD which usually takes 2-3 Days.
After that i want to reactivate it. That's what i did for years using "Defender Control" on LTSC 2019. But unfortunately that seems no longer possible on LTSC 2021. -.-

 

[zinkles]

No i just want to disable it while doing backups of my external 20TB HDD which usually takes 2-3 Days.
After that i want to reactivate it. That's what i did for years using "Defender Control" on LTSC 2019. But unfortunately that seems no longer possible on LTSC 2021. -.-

you can do so using that tool as well. disable temporarily and stuff.

 

[Michael24]

you can do so using that tool as well. disable temporarily and stuff.

But you can't really control if and when it turns itself back on.
Exclusions STILL throw warnings aswell despite not being deleted/quarantined.

 

[USAFRet]

No i just want to disable it while doing backups of my external 20TB HDD which usually takes 2-3 Days.

Why aren't you just doing Incremental or Differential backups?
Instead of the whole thing every time.

 

[zinkles]

But you can't really control if and when it turns itself back on.
Exclusions STILL throw warnings aswell despite not being deleted/quarantined.

you can. when you run it again and enable it, thats when it reenables

 

[Michael24]

Today i tried the registry edit described here:

5 Ways to Permanently Disable Microsoft Defender in Windows 11

Want Microsoft Defender down for good? Here's how to do it on Windows 11.

www.makeuseof.com

It works and i was happy and even wrote a script to automate that (enabling/disabling) process.

Then i noticed windows automatically reverts these changes after 5-10 minutes. 😡

I have tamper protection disabled in settings but i noticed the registry value
https://www.thewindowsclub.com/how-to-enable-tamper-protection-in-windows-10
Is set to "4" (Instead of 0 or 5 like described in the article above) and i cant change it. (Access denied)

I dont know if this is my problem though.

Does anybody know why it's turning itself back on and how i can prevent this?
I have spent a couple hours writing a .bat script and now i would love to get it working.

 

[zinkles]

PowerRun

PowerRun v1.7 (Run with highest privileges)

PowerRun is a tool to launch any program/script files with the same privileges as the TrustedInstaller /SYSTEM. it is a Portable and free

www.sordum.org

Use this tool to run that script in the highest privileges.

also, couple hours for a .bat script for a registry value is insane! it won't take even 15 mins to do so 🤔

 

[Michael24]

I also added these two registry tweaks:
https://www.tenforums.com/tutorials/110230-enable-disable-windows-security-windows-10-a.html

Configure Windows Defender SmartScreen

This policy allows you to turn Windows Defender SmartScreen on or off. SmartScreen helps protect PCs by warning users before running potentially malicious programs downloaded from the Internet. This warning is presented as an interstitial dialog shown before running an app that has been...

admx.help

It almost seems like its working now. But need to wait longer.

Thanks for the heads up on PowerRun.

Edit:
I made a pretty fancy script that's why it took so long.
I also never did something like this before. But i know programming in general.