问题
I must warn you I don't use powershell much. I am trying to turn off windows defender real time protection via powershell I found the command Set-MpPreference -DisableRealtimeMonitoring $true
and tried it in admin privileges only to get this
Set-MpPreference : Operation failed with the following error: 0x800106ba. Operation: Set-MpPreference. Target: DisableRealtimeMonitoring. At line:1 char:1
+ Set-MpPreference -DisableRealtimeMonitoring $true
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (MSFT_MpPreference:root\Microsoft...FT_MpPreference)
[Set-MpPreference], CimException
+ FullyQualifiedErrorId : HRESULT 0x800106ba,Set-MpPreference
Any thoughts?
回答1:
The problem is that the Windows Defender antivirus services seem to be persistently disabled on your machine.
It's unfortunate that the Set-MpPreference
cmdlet reports this in such an obscure fashion.
To fix this problem, re-enable the Windows Defender antivirus services:
The easiest way to do this is the following, but note that it involves a reboot:
Set-ItemProperty 'HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender' DisableAntiSpyware 0
Restart-Computer
You may instead use the Local Group Policy Editor-based method described in this windowscentral.com article or use
regedit.exe
's GUI or us thereg.exe
CLI utility.Note that the linked instructions are slightly outdated - instead of node
Windows Defender
, settingTurn off Windows Defender
, target nodeWindows Defender Antivirus
, settingTurn off Windows Defender Antivirus
).While using the Local Group Policy Editor (
gpedit.msc
) to turn the antivirus services off takes effect immediately, turning them back on can take minutes before the services are actually restarted (on the plus side, no reboot is required, unlike what the linked instructions say).
Note that if you reenable via the registry, such as via the above PowerShell command whereas disabling was originally performed via [local] group policy, that policy will continue to reflect the disabling (however, it is the registry setting that matters).
来源:https://stackoverflow.com/questions/48960190/powershell-set-mppreference-disablerealtimemonitoring-true-not-working-correct