this is a complicated situation so if you don't see a solution that's normal so i removed some stuff from windows 10 LTSC 2019 but didn't remove Action center,windows defender or smartscreen now i installed the image in VM installed 1 program whatever it's doesn't matter then i sysprepped with Generalize then i captured the image now i removed windows defender and security center and smartscreen from the captured image using NTLite then i installed the image to test if they are removed totally or not now here is the problem they are removed with their services but i'm getting this notification it keeps popping up i managed to disable the notification from security and maintenance but i want to get to the source that is causing this to pop up something got deployed in the first installation and i don't know where it is (registry,windows file, service,task schedular) if you know any solution that could help me to reach it's source wherever it's and i will manage to modify it i would be thankful PS: Don't suggest removing them from the beginning as i can't do that for some reasons
1. Windows-Defender-Client-Package~31bf3856ad364e35~amd64~~10.0.17763.1 2. C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy 3. Privacy --> Background Apps --> Close Windows Security 4. Windows-Defender.reg Code: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender] "DisableAntiSpyware"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection] "DisableBehaviorMonitoring"=dword:00000001 "DisableOnAccessProtection"=dword:00000001 "DisableScanOnRealtimeEnable"=dword:00000001 "DisableRealtimeMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Signature Updates] "ForceUpdateFromMU"=dword:00000000 "UpdateOnStartUp"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Systray] "HideSystray"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Attachments] "ScanWithAntiVirus"=dword:00000003 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MRT] "DontOfferThroughWUAU"=dword:00000001 "DontReportInfectionInformation"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SecurityHealth"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] "SettingsPageVisibility"="Showonly:display;notifications;powersleep;storagesense;tabletmode;multitasking;crossdevice;about;bluetooth;printers;mousetouchpad;usb;network-status;network-ethernet;network-dialup;network-vpn;datausage;network-proxy;personalization-background;colors;lockscreen;themes;personalization-start;taskbar;appsfeatures;defaultapps;maps;appsforwebsites;yourinfo;signinoptions;otherusers;sync;dateandtime;regionlanguage;speech;easeofaccess-narrator;easeofaccess-magnifier;easeofaccess-highcontrast;easeofaccess-closedcaptioning;easeofaccess-keyboard;easeofaccess-mouse;easeofaccess-otheroptions;privacy-webcam;privacy-microphone;privacy-notifications;privacy-accountinfo;privacy-contacts;privacy-calendar;privacy-callhistory;privacy-email;privacy-tasks;privacy-messaging;privacy-radios;privacy-customdevices;privacy-backgroundapps;privacy-appdiagnostics;windowsupdate;activation;backup;recovery;developers;" [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SecurityHealthService] [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\WinDefend]
special thanks for your effort but unfortunately it didn't work it works if the windows hasn't been deployed something got installed in the first installation it should be related to security center as it's checking about security center tbh i'm starting to lose hope and i think i will stick to turning off the notification even though i don't like having process doing something useless in the background and wasting resources anyway if anyone got any suggestion i'm all ears
special thanks to everyone who tried to help and who thought of a solution i solved it by wiping the piece of s**t out of existence from system32 tbh i didn't think that was possible but it's what it's
Try Code: reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Notifications\Settings\Windows.SystemToast.SecurityAndMaintenance" /v "Enabled" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center\Notifications" /v "DisableNotifications" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center\Notifications" /v "DisableEnhancedNotifications" /t REG_DWORD /d "1" /f
i know this and it works but it removes the notification but doesn't remove the process from it's source the solution is to eliminate the last files from system32 of the security center
Hey! I know it's been a while since anyone posted here, but I came across this thread while researching disabling windows defender service. The following notification appears only when 'wscsvc' service is disabled. I hope this information can be helpful, even though this thread is a bit older.