Download "advanced run" from nirsoft Spawn a powershell process with trustedinstaller perms and run the following with the -delete flag https[:]//raw.githubusercontent.com/jeremybeaume/tools/master/disable-defender.ps1
irm https://raw.githubusercontent.com/jeremybeaume/tools/master/disable-defender.ps1 -Outfile disable-defender.ps1
Set-ExecutionPolicy Bypass -Scope LocalMachine
. .\disable-defender.ps1