Defender Status / Disable Realtime Monitoring

Check Defender presence

sc query windefend
wmic service get name,displayname,pathname,startmode | findstr "Defender"

Disable real-time monitoring (admin only)

powershell -ep bypass -c Set-MpPreference -DisableRealtimeMonitoring $true