How to Disable Windows Defender via Group Policy
- 2 Minutes to read
- DarkLight
- PDF
How to Disable Windows Defender via Group Policy
- 2 Minutes to read
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
Revision: 2020-02-12
Windows Defender can be disabled normally through the Defender Interface, however this does not always fully disable the software and the built-in application will re-enable itself when Windows reboots. The best way to permanently disable this built-in application would be to use Group Policy which will prevent the application and any services from starting when the Windows is initialized.
In order to access Group Policy, the PC will need to be running on a Windows Professional platform.
Windows Home Editions do not allow access to Group Policy (among many other administrative tools) as this is a tool typically used by and for commercial applications.
Before disabling it, you must first check to see if Windows Defender is running. You can check the system tray for the Defender Icon or you can Click the Start Menu and start typing Defender. When you see the relevant icon for Windows Defender show up in the search results, you can simply click it to see if the program opens or is enabled.
PLEASE NOTE:
If you are not comfortable making changes to your Windows' settings, please consult with your IT administrator / IS department. Keep in mind, if you work in a commercial environment, these settings may need to be managed by your IT team and you may not have access to change these settings without prior approval.
Here are the steps to follow for disabling Windows Defender via Group Policy. This is applicable for users running Windows 10 Professional:
- Close out any open applications.
- Right-Click on Start > RUN (You can also single left-click on the Start Button and type “run”)
Type in “gpedit.msc” and click OK:
Under Computer Configuration, navigate to:
Administrative Templates > Windows Components > Windows Defender
When you click on the Windows Defender directory, you will see the following window:
You will need to double click on “Turn off Windows Defender” This will open a new dialogue window:
In this case, we're wanting to "Enable" the option to "Turn off Windows Defender Antivirus":
You can click OK when done.
Under the "Real-time Protection" folder, you will find the following entries that should also be set accordingly:
After these changes are made, you can now close the Local Group Policy Editor Window and restart Windows. After the PC completely reboots and you are logged in to Windows, you can try opening Windows Defender (Windows Key + Type "Defender"). If you followed the steps correctly in disabling the utility, you will get the following message (or similar):
When checking Real-time protection status in Windows' settings, you should see the following:
Was this article helpful?
