Disable Windows Defender AV on Server 2016+

Starting with Server 2016 (and continuing with 2019), Microsoft changed the way their Windows Defender works when installing a 3rd party AV solution. Namely they made it so that the installation of the 3rd party AV no longer disables the built-in Windows Defender.

I actually found this out when I was receiving CPU alerts for a domain controller. Recently added monitoring and alerting to an existing site and found that Sophos AV was competing with Windows Defender and both scanning at the same time. Yay.

Open a Powershell command as Administrator:

Uninstall-WindowsFeature -Name Windows-Defender

Then reboot the server.

Leave a Reply

Your email address will not be published. Required fields are marked *