Share via

[Need Help] Windows IOT LTS 2021 is unexpected updated and deleting my executable file

ko.ko 20 Reputation points
2025-02-26T02:24:16.08+00:00

Hello everyone,

I'm using Windows IoT LTS 2021 for our embedded system, which is configured to run using EShell for our customer. It was functioning normally before, but last week it unexpectedly updated and began deleting our application's executable files. As a result, our system cannot boot properly.

We've disabled real-time protection, but it still updated yesterday. It seems to be affected by this update:

https://www.microsoft.com/en-us/wdsi/defenderupdates

(Sorry I posted the same content just now but it seems have 404 error and cannot be viewed so I post this again)

Does anyone have a solution? Any ideas would be appreciated.

Windows for business | Windows for IoT
0 comments
Accepted answer
  1. Anonymous
    2025-02-27T16:07:11.39+00:00

    Hello,

    Disable Windows Defender Completely

    To ensure Defender is fully disabled, follow these steps:

    Step 1: Disable Defender via Group Policy

    Press Win + R, type gpedit.msc, and press Enter.

    Navigate to:

    Computer Configuration > Administrative Templates > Windows Components > Microsoft Defender Antivirus

    Double-click Turn off Microsoft Defender Antivirus.

    Set it to Enabled and click OK.

    Step 2: Disable Defender via Registry

    Press Win + R, type regedit, and press Enter.

    Navigate to:

    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender

    Create a new DWORD (32-bit) Value named DisableAntiSpyware.

    Set its value to 1.

    Restart your system.

    Step 3: Disable Defender Services

    Press Win + R, type services.msc, and press Enter.

    Locate the following services:

    Microsoft Defender Antivirus Service

    Microsoft Defender Antivirus Network Inspection Service

    Right-click each service, select Properties, and set the Startup type to Disabled.

    Stop the services if they are running.

    1. Exclude Your Application Files from Defender Scans

    If you prefer to keep Defender enabled but prevent it from deleting your files, add your application's directory to the exclusion list:

    Open Windows Security:

    Press Win + I, go to Update & Security > Windows Security > Virus & threat protection.

    Click Manage settings under Virus & threat protection settings.

    Scroll down to Exclusions and click Add or remove exclusions.

    Add the folder containing your application's executable files.

    1. Block Windows Updates

    To prevent further updates from interfering with your system, you can temporarily block updates:

    Step 1: Disable Windows Update Service

    Press Win + R, type services.msc, and press Enter.

    Locate the Windows Update service.

    Right-click it, select Properties, and set the Startup type to Disabled.

    Stop the service if it is running.

    1. Restore Deleted Files

    If your application files were deleted, you may need to restore them:

    Check the Quarantine in Windows Security:

    Open Windows Security > Virus & threat protection > Protection history.

    If your files are listed, restore them.

    If the files are not in quarantine, restore them from a backup or reinstall your application.

    Best Regards,

    Hania Lian

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.