Hey everyone! I'm looking for a PowerShell script to uninstall Windows Defender from all our servers. I want to make sure the script does the following: First, it should check if Trend services are running. Then, it should check the status of Defender. Finally, if Trend is running and Defender is installed, it should go ahead and uninstall Defender. Here's what I've got so far: $windefservice = Get-MpComputerStatus and $trendservice = Get-Service -Name 'Trend Micro Endpoint Basecamp'. If you have any suggestions or insights on how to enhance it, I'd really appreciate it!
3 Answers
You might want to add a command to actually uninstall the application. Check out this documentation for details on how to use the Uninstall-Package command: https://learn.microsoft.com/en-us/powershell/module/packagemanagement/uninstall-package?view=powershellget-2.x
Actually, you don’t need to uninstall Defender. Just install your new AV agent, and Defender will automatically go dormant. It’s designed to do that. Keeping it around can be beneficial because if your primary AV fails, Defender can step in. I’ve seen it happen before where an AV uninstalls itself, and Defender took over until we got the system back running.
Consider looking into Group Policies (GPOs). You might find a way to disable Defender through GPOs, which could save you some hassle later on.
Thanks for the link! I do know the uninstall command is "Uninstall-WindowsFeature -Name Windows-Defender", but I want to ensure the checks are performed first. Plus, if Trend isn’t installed, Defender shouldn’t be uninstalled.