Long Arrow Right External Link angle-right Search Times Spinner angle-left
Go to ThreatLocker

Search our Knowledge Base

Disable Tamper Protection

Updated June 28, 2022

View in browser

Overview

The following article covers the steps required to disable Tamper Protection. Tamper Protection can be disabled on a single device or be disabled on multiple devices at once.

Please note that disabling Tamper Protection will place computers that are in Learning Mode into Secured Mode. To avoid this, computers should be placed into Monitor Only Mode before disabling Tamper Protection.

Disabling Tamper Protection For a Single Computer

  • Log into the ThreatLocker Portal.
  • Navigate to the Computers page from the left menu.
undefined

If the PC is currently in Learning Mode and you wish to avoid it going into Secured Mode, change the status to Monitor Only in the quick dropdown menu before you attempt to disable Tamper Protection.
undefined

  • Select 'Maintenance Mode' on the desired PC.
undefined

  • The next popup will pull up the maintenance schedule window.
  • Click the dropdown for 'Maintenance Type' shown below.
undefined
  • Navigate to 'Tamper Protection Disabled' mode.
undefined

  • Finally, click 'Add Maintenance Schedule' in order to finish disabling Tamper Protection.
Note: The 'End' button (as shown with red box below) confirms a Tamper Protection Disabled maintenance mode is currently in use.
undefined

Additional Note: File and registry permissions will take effect on next check-in. For the service and driver permissions you will need to restart the service.

Disabling Tamper Protection For Multiple Computers at Once

  • Log into the ThreatLocker Portal.
  • Navigate to the Computers page from the left menu. 
undefined
  • For PCs in Learning Mode, Monitor Only Mode will need to be enabled first.
  • Select the checkbox next to the computers you will be changing to Monitor Only Mode, or select the checkbox at the top of the page to select all PCs on that page.
undefined

  • Next, select the 'Disable Protection' button at the top of the screen.
undefined

  • Select Monitor Only from the dropdown menu.
undefined

  • Click the 'Start' button.
undefined

  • All the PCs you had selected will be in Monitor Only Mode and you can proceed with disabling Tamper Protection.
undefined

  • Select the checkbox next to the PCs you want to disable Tamper Protection on or select the checkbox at the top to select all PCs on the current page.
undefined

  • Click the 'Disable Protection' button at the top of the page.
undefined

  • Select Disable Tamper Protection from the dropdown menu and then click the 'Start' button.
undefined

  • Tamper Protection is now disabled for all PCs you have selected.
undefined

Enabling Learning Mode for Multiple Computers at Once

  • To place your PCs back into Learning Mode, select the checkbox next to the PCs you want to place into Learning Mode, and then select the 'Disable Protection' button at the top of the screen.
  • Set your desired ending time for the Learning Mode. Choose Learning based on Group settings from the dropdown menu.  
  • Click 'Start'.
undefined
  • All selected PCs will be placed into Learning Mode until the date/time you selected.