How to Fix Windows Defender When It Keeps Re-Enabling Itself on Windows 11 | #itsecurity | #infosec

Microsoft introduced Windows Defender in 2004. It wasn’t the most enticing computer security solution back then. But it has slowly become better at detecting threats and offering real-time protection. The current generation of Windows Defender offers stellar protection against malware. But what if you don’t want to use Microsoft’s alternative for system protection.


While Windows Defender is great, it surely lacks some features compared to the best third-party alternatives. But disabling Windows Defender isn’t as easy as it seems. In this post, we will discuss the methods to disable Windows Defender for good, so it never auto-enables again.

Why Does Windows Defender Keep Re-enabling Itself on Windows 11?

We’ve scooped out a few reasons why Windows Defender re-enables on your system. These are as follows:

  1. You don’t use a third-party antivirus program on your system.
  2. The Tamper Protection feature in Windows Security is active.
  3. You have recently installed a security update for Windows 11.
  4. You are running an expired version of a third-party antivirus program.

How to Fix Windows Defender Re-enabling Itself on Windows 11

Disabling Windows Defender directly doesn’t work anymore. Windows re-enables it after a short while. So, here are a few methods using which you can stop Windows Defender from re-enabling on your system.

1. Disable Tamper Protection

Microsoft introduced a new Tamper Protection feature in Windows 10. Now, it is available in Windows 11 as well. It plays a crucial role in stopping attackers from changing security settings via the registry or PowerShell. Thus, Tamper Protection deters any external intrusion into your system.

Tamper Protection ensures that Microsoft Defender can offer real-time malware protection. Even if you disable real-time protection, Tamper Protection will activate it after some time. It is a nifty fail-safe design but can be meddlesome at times. So, you need to turn off Tamper Protection to stop Windows Defender from re-enabling.

To disable Tamper Protection, do as follows:

  1. Press Win + I to launch the Settings app. Navigate to the left-hand side menu and click on the Privacy and Security option.
  2. Then, navigate to Windows Security > Open Windows Security.
  3. Click on the Virus and threat protection option. Scroll down and click on the Manage Settings option under Virus and threat protection settings.
  4. Find the Tamper Protection option and click on the toggle to disable it.
  5. Restart your PC and revisit the Windows Security app to check whether real-time protection re-activates or not.

2. Disable Windows Defender via the Group Policy Editor

A more permanent method to disable Windows Defender is by using the Group Policy Editor. However, You can refer to our complete Group Policy Editor guide for more information on this.

To disable Windows Defender using the Group Policy Editor, repeat the following steps:

  1. Press Win + R to launch the Run command box. Then, type gpedit.msc in the text box and press the enter key.
  2. Group Policy Editor will launch. Navigate to Computer Configuration > Administrative Templates > Windows Components > Microsoft Defender Antivirus.
  3. Now, hover your cursor to the right-hand side. Scroll down and find the Turn off Microsoft Defender Antivirus policy option.
  4. Double-click on the Turn off Microsoft Defender Antivirus policy option to reveal more settings.
  5. Click on the Disabled radio button to disable Windows Defender. Then, click on the Apply button and then the OK button.
  6. Exit the Group Policy Editor and restart your system. Now, check whether real-time protection is active or not.

3. Disable Windows Defender via Registry Editor

Windows 11 Home does not have Group Policy Editor available by default. So, you can edit the registry to disable Windows Defender permanently. Always create a backup of your registry before making modifications to it.

To disable Windows Defender using the Registry Editor, do as follows:

  1. Press Win + R to open the Run command box. Type Regedit and click on the OK button. UAC will pop up. Click on OK to launch the Registry Editor.
  2. Now, go to the top bar, input the following path and press enter key: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender
  3. Navigate to the right-hand side and right-click on it. Click on New > DWORD (32-bit) Value.
  4. Name the newly created value as DisableAntiSpyware. Do not enter any spaces in between.
  5. Now, double-click on the DisableAntiSpyware value to open the edit window. Keep the base as hexadecimal and set the Data Value to 0.
  6. Click on the OK button and then close the Registry Editor.
  7. Restart your system. Windows Defender won’t re-enable anymore.

4. Renew the License of Your 3rd Party Antivirus

Windows Defender is always active to protect your system from malware and intrusion attempts. Windows Defender automatically turns off when there is a third-party antivirus program installed. But Windows can re-enable it when your antivirus license expires.

Antivirus programs come with a limited validity after which you need to renew them to keep using the features. But, if you fail to renew the license, Windows re-activates Defender to keep you protected. It is a fail-safe mechanism that is present in the latest versions. So, you must renew your antivirus package or install another one. This will prevent Windows Defender from re-enabling on your system.

5. Disable Windows Updates

Despite disabling Microsoft Defender from the settings, it may revert to default settings after a system update. If you are extremely frustrated with these antics, you can disable Windows updates. Microsoft upgrades the tamper protection code with each security update, which also re-enables Windows Defender after installing updates.

If you don’t need Windows Defender anymore, you can try stopping Windows updates. However, doing so will put your system in a very vulnerable position. So, proceed with this method only after considering the risks.

To disable Windows updates, repeat the following steps:

  1. Press Win + R to open the Run command box. Type services.msc in the text input area and then hit the enter key.
  2. Services utility will launch. Scroll down and find the Windows Update option. Double-click on it to reveal the properties window.
  3. Now, navigate to the Startup Type option. It will be active by default. Click on the arrow to reveal the drop-down menu and select the Disabled option.
  4. Click on the Apply button to apply changes. Then click on the OK button and then exit the Services utility window.
  5. Restart your system and now Windows update won’t run and install updates on its own.

Windows Defender Won’t Bother Your Anymore

Tamper Protection can enable Windows Defender to combat malware attempts. After turning it off, you can try the Group Policy Editor and Registry tweaks to disable Windows Defender. Moreover, renew your antivirus license as a precautionary measure. The last resort is turning off the Windows Update. You should try that only if nothing works.

Original Source link

Leave a Reply

Your email address will not be published.

sixty six − = 62