Windows 10 comes with Windows Defender which is a built-in antivirus and in it Microsoft introduced a new security feature called Tamper Protection in Windows 10 build 1909 and later. Malware cannot change Windows Defender Antivirus settings if anti-malware protection is enabled on the system. This adds an extra layer of security to the system, as real-time protection is unbreakable.
By default, anti-hacking is enabled in Windows 10. If you want to disable tamper protection, this guide covers two different ways to do it.
How to enable or disable tamper protection in Windows 10.*
1. The following methods can be used to enable or disable Tamper Protection on an individual Windows 10 system. If you’re an organization that uses Microsoft Defender for Endpoint, you can manage breach protection in Intune just like you manage other endpoint protection features. For instructions, read the relevant section of the following Microsoft article:
2. Open PowerShell to see if tamper protection is enabled on your system PowerShell as administrator and write “Get-MpComputerStatus“. Then see if IsTamperPrototected is the state That’s right.
3. The following methods can only be used to enable or disable tamper protection in Windows Defender Firewall. You must enable or disable tamper protection separately for any third-party antivirus you are using.
Method 1: How to disable/enable hack protection security through Windows Defender settings.
The first way to disable or enable Tamper Protection is through Defender settings.
1. open the Running button and click the command window Win and R keys at the same time.
2. Type windows defender: and beat Enter:
3. In the Windows Security window, click Protection from viruses and threats tile.
4. Scroll down and find out Virus and threat protection settings and click on it Manage settings.
5. Scroll down and find out Tamper protection.
6a. In order to Enable anti-spoofingturn on the button Enabled or…
6b. …turn on the move button Off for Turn off tamper protection Security.*
*Note: If you see a UAC pop up asking for permission, click on it Yes.
Method 2: How to disable or enable modification protection using Registry Editor.
1. Open the registry editor: To do this:
- open the Running button and click the command window Win and R keys at the same time.
- Type regedit and beat Enter: *
*Note: If you see a User Access Control (UAC) warning box asking for permission, click on it Yes.
2. In the search bar above, delete the previous values and copy the following registry address and click Enter. *
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Properties
*Note: If you encounter any problems, go to the registry address shown above from the left panel.
3. select Characteristics left and right switch double click at Tamper protection REG_DWORD value. *
*Note: If “TamperProtection” value does not exist, right click click anywhere on the right panel and select new > A DWORD (32-bit) value. Name the new value “TamperProtection” and continue reading below.
4. In the Edit DWORD window that opens:*
- To whom Turn off tamper protectionset value data 0 and click on it OK button.*
- To whom Enable anti-spoofingset the value 5 and press OK. *
*Note: If after clicking OK, you receive the error: “Error editing value. Could not edit TamperProtection. An error occurred while writing the new content of the value.”, continue below to take ownership of the “Properties” registry key, and then repeat the process above.
to own Characteristics registry key:
Step 1. Registry backup.
Changing registry settings can be dangerous, as even a small mistake can damage the system, so it’s important to back up the registry key you want to update before you begin. For this:
1. Right click on Characteristics click the button on the left panel and select Export.
2. give a proper name (eg FeaturesKey_Backup) and storage Download the REG file yourself desktop. *
*Note: If something goes wrong after editing the registry, you can undo the changes by double-clicking the registry key (REG file) released on the desktop.
Step 2. Own the registry key.
1. Click the right mouse button Characteristics key and select Permissions.
2. In the Properties Permissions window, click Complicated button.
3. In the “Advanced security settings for properties” window, click on it Change.
4. In the “Select a user or group” window, under Enter the name of the object to select section, species Administrators, and click on it OK button.
5. set the Replace the owner on subcontainers or objects select an option and click on it Please apply button.
6. Now, double click on it Administrators login as shown below.
7. Check the icon in the window that appears Full control box and click on it OK.
8. In the Advanced Settings window, click OK.
9. In the “Permissions for Features” window, click on it OK.
10. Now that you have the required permissions, go ahead and change the “TamperProtection” REG value as shown in method-2 above.
That’s it! Which method worked for you?
Let me know if this guide helped you by leaving a comment about your experience. Please like and share this guide to help others.