Getting Rid Of Windows Defender?

Discussion in 'Windows 10' started by DeathStalker77, Nov 19, 2017.

  1. DeathStalker77

    DeathStalker77 MDL Senior Member

    Nov 8, 2009
    332
    20
    10
    Ok, so with the new 1709 release, I appear to be stuck with the Windows Defender icon in my system try (even though I've disabled everything to do with it). Is there any way to get rid of it completely?

    I've decided to try out Zone Alarm (haven't used it since the early days of XP!) Seems to get pretty good ratings lately. And Comodo just keeps getting worse and worse. Sad thing is, Comodo is just SO easy to use :(
     
  2. pisthai

    pisthai Imperfect Human

    Jul 29, 2009
    6,878
    2,035
    210
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. LoverOfLove

    LoverOfLove MDL Member

    Oct 17, 2017
    126
    31
    10
    you've already disabled defender.
    now just disable defender center in startup programs. and done.
    i would suggest you to not delete any files related to it.
     
  4. Riicckk

    Riicckk MDL Novice

    Jan 20, 2009
    15
    6
    0
    Go into Task Manager, Start Up, Disable Windows Defender Icon by right clicking.
     
  5. pisthai

    pisthai Imperfect Human

    Jul 29, 2009
    6,878
    2,035
    210
    AFAIK that will work only for a short time, at the Cumulative Update Defender will be back working!

    I'd try that several times some time ago and ended up with using that app (Post #2) to disable Defender. Since i use it that way, Defender never worked again, even not using WU or use an ISO to update Windows. For sure, if I would do a clean install, I'd to use that app again for to disable Defender!!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. Ultra Male

    Ultra Male MDL Expert

    May 30, 2014
    1,161
    539
    60
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. kaljukass

    kaljukass MDL Addicted

    Nov 26, 2012
    974
    327
    30
    1. to get rid of Windows Defender isn't the very smart idea;
    2. I haven't used ZoneAlarm since the early days of XP! - It is the best, what is possible to do.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. CHEF-KOCH

    CHEF-KOCH MDL Addicted

    Jan 7, 2008
    952
    912
    30
    You should not get rid of Defender because

    • WD and Security Center/Notification Center are deep integrated (ShellExperienceHost.exe)
    • Firewall + EMET integration (RS 3+) disabling the driver also disables the firewall
    • Security mechanism to control app protection will be disabled, in fact you lower your security and there is no way in case of troubles to change/override something

    Instead you better just control what WD should scan and exclude. Smart would be to workaround this, work with exclusions, and work with gpedit.msc/secpol.msc to use windows own protection mechanism, there as good as ZoneAlarm or any other AV.
     
  9. LiteOS

    LiteOS MDL Expert

    Mar 7, 2014
    1,551
    662
    60
    Did u tried with cbsenum ? to remove the packages ?
     
  10. DeathStalker77

    DeathStalker77 MDL Senior Member

    Nov 8, 2009
    332
    20
    10
    Ok, I found the Start Up and disabled it. I think that should take care of things. The problem with it, is for advanced users - you have little to no control over it, like a *real* AV program. I get a lot of false positives and it automatically deletes/quarantines them. VERY irritating. If it just gave me a notification and asked what to do, that would be fine.

    Also looking for a good AV program that works by hashes, not just filename+location - so if I move a false positive, it does re-register.

    Thanks :)
     
  11. Riicckk

    Riicckk MDL Novice

    Jan 20, 2009
    15
    6
    0
    If you use Group Policy, you can disable Defender without affecting firewall or anything else. Get rid of the icon as has been suggested. Any update, or any update to new build will not reinstate it.
     
  12. Grywald

    Grywald MDL Novice

    Jun 25, 2014
    14
    1
    0
    If you plan to reinstall Windows10 from clean iso :
    Code:
    ## First of all, you must delete the Capabilities !
    ## Dism /Image:D:\IsoWindows10 /Get-Capabilities
    ## Then you can try to delete Defender
    ## Perhaps this order can be improve but at least, it avoid (plenty of) mistakes.
    Dism /Image:D:\IsoWindows10 /Remove-Package /Packagename:Windows-Defender-Nis-Group-Package~31bf3856ad364e35~amd64~~10.0.16299.15
    Dism /Image:D:\IsoWindows10 /Remove-Package /Packagename:Windows-Defender-Management-Group-amcore-Package~31bf3856ad364e35~amd64~~10.0.16299.15
    Dism /Image:D:\IsoWindows10 /Remove-Package /Packagename:Windows-Defender-Management-Group-onecore-Package~31bf3856ad364e35~amd64~~10.0.16299.15
    Dism /Image:D:\IsoWindows10 /Remove-Package /Packagename:Windows-Defender-Management-Group-Package~31bf3856ad364e35~amd64~~10.0.16299.15
    Dism /Image:D:\IsoWindows10 /Remove-Package /Packagename:Windows-Defender-Management-MDM-Group-Package~31bf3856ad364e35~amd64~~10.0.16299.15
    Dism /Image:D:\IsoWindows10 /Remove-Package /Packagename:Windows-Defender-Management-Powershell-Group-Package~31bf3856ad364e35~amd64~~10.0.16299.15
    Dism /Image:D:\IsoWindows10 /Remove-Package /Packagename:Windows-Defender-Management-Powershell-Group-WOW64-Package~31bf3856ad364e35~amd64~~10.0.16299.15
    Dism /Image:D:\IsoWindows10 /Remove-Package /Packagename:Windows-Defender-Core-Group-amcore-Package~31bf3856ad364e35~amd64~~10.0.16299.15
    Dism /Image:D:\IsoWindows10 /Remove-Package /Packagename:Windows-Defender-Core-Group-onecore-Package~31bf3856ad364e35~amd64~~10.0.16299.15
    Dism /Image:D:\IsoWindows10 /Remove-Package /Packagename:Windows-Defender-Core-Group-Package~31bf3856ad364e35~amd64~~10.0.16299.15
    Dism /Image:D:\IsoWindows10 /Remove-Package /Packagename:Windows-Defender-Core-Group-WOW64-amcore-Package~31bf3856ad364e35~amd64~~10.0.16299.15
    Dism /Image:D:\IsoWindows10 /Remove-Package /Packagename:Windows-Defender-Core-Group-WOW64-onecore-Package~31bf3856ad364e35~amd64~~10.0.16299.15
    Dism /Image:D:\IsoWindows10 /Remove-Package /Packagename:Windows-Defender-Core-Group-WOW64-Package~31bf3856ad364e35~amd64~~10.0.16299.15
    Dism /Image:D:\IsoWindows10 /Remove-Package /Packagename:Windows-Defender-AM-Default-Definitions-Package~31bf3856ad364e35~amd64~~10.0.16299.15
    Dism /Image:D:\IsoWindows10 /Remove-Package /Packagename:Windows-Defender-AppLayer-Group-amcore-Package~31bf3856ad364e35~amd64~~10.0.16299.15
    Dism /Image:D:\IsoWindows10 /Remove-Package /Packagename:Windows-Defender-AppLayer-Group-onecore-Package~31bf3856ad364e35~amd64~~10.0.16299.15
    Dism /Image:D:\IsoWindows10 /Remove-Package /Packagename:Windows-Defender-AppLayer-Group-Package~31bf3856ad364e35~amd64~~10.0.16299.15
    Dism /Image:D:\IsoWindows10 /Remove-Package /Packagename:Windows-Defender-AppLayer-Group-WOW64-Package~31bf3856ad364e35~amd64~~10.0.16299.15
    Dism /Image:D:\IsoWindows10 /Remove-Package /Packagename:Windows-Defender-ApplicationGuard-Inbox-Package~31bf3856ad364e35~amd64~~10.0.16299.15
    Dism /Image:D:\IsoWindows10 /Remove-Package /Packagename:Windows-Defender-Client-WOW64-Package~31bf3856ad364e35~amd64~~10.0.16299.15
    Dism /Image:D:\IsoWindows10 /Remove-Package /Packagename:Windows-Defender-Client-Package~31bf3856ad364e35~amd64~~10.0.16299.15
    Dism /Image:D:\IsoWindows10 /Remove-Package /Packagename:Windows-Defender-Group-Policy-Package~31bf3856ad364e35~amd64~~10.0.16299.15
     
  13. DeathStalker77

    DeathStalker77 MDL Senior Member

    Nov 8, 2009
    332
    20
    10
    Still waiting on the thread that discusses alternatives for AV & Firewalls ...... :)
     
  14. Ultra Male

    Ultra Male MDL Expert

    May 30, 2014
    1,161
    539
    60
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  15. pisthai

    pisthai Imperfect Human

    Jul 29, 2009
    6,878
    2,035
    210
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  16. TairikuOkami

    TairikuOkami MDL Addicted

    Mar 15, 2014
    750
    638
    30
    No AV has got a zero performance impact, literally 0, it is used as a baseline score for that graph. :mushy:
     
  17. DeathStalker77

    DeathStalker77 MDL Senior Member

    Nov 8, 2009
    332
    20
    10
    Still waiting on the link to the thread that discusses these specifically (as was mentioned above). BTW, can't disable Cortana either - yes, I entered DWORD 0 in the reg, and everything is disabled at startup, but Cortana still shows as a running process.
     
  18. CHEF-KOCH

    CHEF-KOCH MDL Addicted

    Jan 7, 2008
    952
    912
    30
    Cortana and search are depending on each other, as long as the windows search and Shellexperiencehost.exe is running Cortana will respawn automatically.

    Sadly this chart is useless because Eset is partial coded in ASM while all other AVs are coded in different languages, WD is (currently) slow because it migrates several NET, C# languages to not break the e.g. emet and other function which it can control now. MS might change this soon or later but this requires a re-write.