Solved Request: Windows Defender always active?

Silverhand92

Home IT Guy
Member
Messages
114
Alright, so a while back, I had a nasty encounter with a virus which crippled my main PC, including deactivating my OEM license for Windows 8, as well as somehow forcing Windows Defender to be disabled.

Upon clearing out the virus, I had stumbled across a method for preventing Windows Defender from being disabled.

Screenshot:

8aababf7d4.png

I'm not sure how I originally did this, but I would like to duplicate this action, because it improves the security of the computer by preventing Windows Defender from being disabled by a virus or other malicious program.
 
Never heard of one, as a virus yes can disable you Anti-Virus, even sometimes can be fake notification that it is turned off by a virus.
Read more in few articles, but i believe picture you show is to only enable admin to make changes to Windows Defender. If that worried about more viruses, either add Malwarebytes to system or get a better complete Internet security. One article shows way to run Windows Defender offline if this happens again.

What is Windows Defender Offline? - Windows Help
 
I'm not sure if this is done by secpol.msc or gpedit.msc. There may even be a regedit.msc option, but either way, it prevents the Turn On This App from being unchecked in Windows Defender's Administrator page.
 
I'm not sure if this is done by secpol.msc or gpedit.msc. There may even be a regedit.msc option, but either way, it prevents the Turn On This App from being unchecked in Windows Defender's Administrator page.

First 2 bring you to the Local Group Policy editor, not sure myself, see no info online about it. Third you mentioned is registry but not brought up that way, just regedit at run. Still feel may not stop a virus from disabling it or sending fake disable notice to you. I do not use Defender to even try in Policy editor as i use separate AV Security suite.

For one Windows Defender alone is not that good at protecting you.
 
Try help menu through Local Group policy, i see nothing for Windows defender, but do for Firewall.
 
Solved!

Location at: gpedit.msc -> Computer Configuration -> Windows Components -> Windows Defender -> Turn Windows Defender Off : Disabled

This prevents users / programs from disabling Windows Defender, as Windows forces this rule into the system upon startup. This can also be configured for individual users, rather than from the computer by changing Computer Configuration to User Configuration and following the same steps to Windows Components etc.

Thanks for the help.
 
If that worried about more viruses, either add Malwarebytes to system or get a better complete Internet security.


Personal opinion only and with due respect. I would not trust any app, etc to insure any AV could not be disabled.

Above quote is sage advice.
 
If that worried about more viruses, either add Malwarebytes to system or get a better complete Internet security.


Personal opinion only and with due respect. I would not trust any app, etc to insure any AV could not be disabled.

Above quote is sage advice.

Personally i am trying to get the point here, as system was compromised once before with Defender alone, as doing this is not going to make it invincible.
Check stats on Windows Defender, yes it is better then previous versions, but not the best alone, true any Anti-Virus is and can be vulnerable to attack. Real importance is safe computing, online (e-mails,downloads,websites) and sharing devices.
 
I haven't had another problem with this since doing the GPEdit method. The original issue, and the problem behind it was that a malicious program had been installed that had deactivated my OEM license.
Since then, I had disconnected the data cables from all but my main OS drive, reinstalled using the W8.1 media via MSDN ISO, and upon activating the product key again, configured Windows Defender via GPEdit, and then reconnected all my internal drives. A complete system scan via Windows Defender Offline, as well as a couple of DVD-based AV's, shows that my system is completely safe.
 
Back
Top