Can windows defender be disabled programmatically?
Yes, you can. However, it must be remembered that you are disabling the security software. On your computer, you are free to do any experiments, on the computer of another user, you must warn him in advance about this .
sc stop WinDefend
then turn on:
sc start WinDefend
sc query WinDefend
It is possible with a start ban:
sc config WinDefend start= disabled sc stop WinDefend
Don't forget about admin rights!
On Windows 10, you'll have to use Powershell:
Set-MpPreference -DisableRealtimeMonitoring $true # запрет Set-MpPreference -DisableRealtimeMonitoring $false # разрешение
As a commentary, since it has nothing to do with the issue: it was noticed that in Windows 10, even with Defender turned off (and, by the way, it turns off not forever, but for a short time), the logging of changes on the disk continues, and immediately after Defender is turned on "rushes" to check what was changed when it was turned off.
Update 1. Starting from version 1703, kernel control is not disabled.