• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2315
  • Last Modified:

how to disable windows defender via logon script

Since we are running 2003 Forest/Domain there are no GPO options to disable Windows Defender (that I am aware of).

Is there a method via logon script to disable Windows Defender in Win 7 ?
0
jtd1
Asked:
jtd1
  • 7
  • 6
  • 2
  • +4
1 Solution
 
KimputerCommented:
Instead of disabling it, here's how to stop it:

add a batch file for the computer startup script:

net stop WinDefend
0
 
DMTechGrooupCommented:
Create a GPO for logon to apply a registry setting.. then disable it from there.. just a GPO work around.


http://support.microsoft.com/kb/927367

https://blogs.technet.com/b/askds/archive/2007/08/14/deploying-custom-registry-changes-through-group-policy.aspx
0
 
N-WCommented:
There's no point it only stopping the service, it will turn itself back on automatically.

You need to stop and disable the service:
sc config WinDefend start= disabled
net stop WinDefend

Open in new window

0
SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

 
David Johnson, CD, MVPOwnerCommented:
Are you using a 3rd party anti0virus? you can always uninstall windows defender. I can't see a reason for having it installed if you don't want to use it.
0
 
jtd1Author Commented:
I thought there was a secondary service that also had to be stopped at the same time ?
0
 
Sivaraj ELead – IT InfrastructuresCommented:
It can be done in the software itself, Open the defender and click tools and then option and the administrator and un-tick the use this program and save it.

Then disable the service through services.msc.

http://www.howtogeek.com/howto/15788/how-to-uninstall-disable-and-remove-windows-defender.-also-how-turn-it-off/

Regards, Shiva
0
 
N-WCommented:
For Windows 7, there is only one service "Windows Defender" (WinDefend).
0
 
jtd1Author Commented:
I have added the following to the login script and will see how it goes:

sc config WinDefend start= disabled
net stop WinDefend

Thanks everyone for your feedback
0
 
McKnifeCommented:
The logon script cannot be used to change system wide settings. The startup script needs to be used instead. But what's better: install RSAT on your administrative workstation to manage the GPOs from remote, then you will have access to all the windows defender policies.
0
 
jtd1Author Commented:
There are no DEFENDER GPO attributes in a 2003 FOREST/DOMAIN so using GPO settings directly is not possible.  

Adding

sc config WinDefend start= disabled
net stop WinDefend

to the logon script does not work since it requires elevated privileges.

When you say startup script, are you referring to GPO startup scripts ?
0
 
McKnifeCommented:
You don't understand... please install RSAT on your administrative workstation. RSAT enables even 2003 server to set GPOs for defender.

GPO startup script, yes.
0
 
jtd1Author Commented:
RSAT is installed, how do I go about getting access to Defender attributes for the domain ?
0
 
McKnifeCommented:
You start GPMC on the RSAT machine, connect to your DC and open a new Policy. The policy will now Display windows defender sections.
0
 
jtd1Author Commented:
So I am just setting the one option TURN OFF WINDOWS DEFENDER (set to ENABLE) in the following:

COMPUTER CONFIGURATION\POLICIES\ADMINISTRATIVE TEMPLATES\WINDOWS COMPONENTS\WINDOWS DEFENDER

Then applying that policy to the OU of my choice and that's it ???
0
 
McKnifeCommented:
Right, that's it. The OU with computer objects in it will stop using windows defender after the next GPO client refresh (try at the client side with gpupdate /force or a restart to speed it up).
0
 
jtd1Author Commented:
Will do.  One last note:

When I did the above, if I go into one of the DC's and look at GROUP POLICY's from that 2003 server, I see the applied policy but it does not show the DEFENDER policy options.  It did show it when I created it from a WIN 7 RSAT machine but not when viewing on the 2003 server.  Normal and expected behavior ?
0
 
McKnifeCommented:
Yes, normal and expected. The server has no templates to interpret the syntax of the policy files. But your RSAT client has, that's how he could set those settings.
And the domain clients don't care if the DC does not "understand" the policies it hosts :)
0
 
jtd1Author Commented:
So the policies are in place but the 2003 DC's have no real way to see/edit them ?

Basically you are saying the newer client OS's can still benefit from newer policies even though the older 2003 DC's can't read or edit them ?

I have implemented and will test tomorrow.  Thanks for the help !
0
 
McKnifeCommented:
True.
0

Featured Post

Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

  • 7
  • 6
  • 2
  • +4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now