(Q)Build 14251 and removing contana defender... ms change the component store so after the package "removed" it reinstall it back i saw windows modder that did success to lite it someone trying to bypass this defense mechanism? my suspicion is on pending xml in winsxs dir altered to install back the packages
Not an answer for these days? I am eager to learn too. Since 11102, there are many packages that will be brought back automatically after being removed. Well, here is my best to Windows Defender: 1. Delete these Service keys from registry WdBoot WdFilter WdNisDrv WdNisSvc WinDefend 2. Delete these content from the registry key [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\CIMOM] "Autorecover MOFs" %ProgramFiles%\windows defender\protectionmanagement.mof %ProgramFiles%\windows defender\clientwmiinstall.mof %ProgramFiles%\windows defender\ammonitoringinstall.mof %ProgramFiles%\windows defender\amstatusinstall.mof %ProgramFiles%\windows defender\xx-xx\protectionmanagement.mfl 3. Delete Windows Defender folder from C:\Program Files (and C:\Program Files (x86)) 4. Remove these packages Windows-Defender-AppLayer-Group-Package~31bf3856ad364e35~amd64~xx-XX~10.0.14251.1000 Windows-Defender-AppLayer-Group-Package~31bf3856ad364e35~amd64~~10.0.14251.1000 Windows-Defender-AppLayer-Group-WOW64-Package~31bf3856ad364e35~amd64~xx-XX~10.0.14251.1000 Windows-Defender-AppLayer-Group-WOW64-Package~31bf3856ad364e35~amd64~~10.0.14251.1000 Windows-Defender-Client-Package~31bf3856ad364e35~amd64~xx-XX~10.0.14251.1000 Windows-Defender-Client-Package~31bf3856ad364e35~amd64~~10.0.14251.1000 Windows-Defender-Client-WOW64-Package~31bf3856ad364e35~amd64~xx-XX~10.0.14251.1000 Windows-Defender-Client-WOW64-Package~31bf3856ad364e35~amd64~~10.0.14251.1000 Windows-Defender-CloudClean-Group-Package~31bf3856ad364e35~amd64~~10.0.14251.1000 Windows-Defender-Core-Group-Package~31bf3856ad364e35~amd64~xx-XX~10.0.14251.1000 Windows-Defender-Core-Group-Package~31bf3856ad364e35~amd64~~10.0.14251.1000 Windows-Defender-Core-Group-WOW64-Package~31bf3856ad364e35~amd64~xx-XX~10.0.14251.1000 Windows-Defender-Core-Group-WOW64-Package~31bf3856ad364e35~amd64~~10.0.14251.1000 Windows-Defender-Group-Policy-Package~31bf3856ad364e35~amd64~xx-XX~10.0.14251.1000 Windows-Defender-Group-Policy-Package~31bf3856ad364e35~amd64~~10.0.14251.1000 Windows-Defender-Management-Group-Package~31bf3856ad364e35~amd64~xx-XX~10.0.14251.1000 Windows-Defender-Management-Group-Package~31bf3856ad364e35~amd64~~10.0.14251.1000 Windows-Defender-Management-MDM-Group-Package~31bf3856ad364e35~amd64~~10.0.14251.1000 Windows-Defender-Management-Powershell-Group-Package~31bf3856ad364e35~amd64~~10.0.14251.1000 5. Reboot or Install I hope it is merely a bug at the moment.
If it will be also removed from winsxs it wont recover btw is this build worth our time ? edit: did u tried to remove only "Autorecover MOFs" and then remove the packages ?
The problem is, after my repeated experiments, everything remains. That is why I HOPE it a bug. OneDrive too. Edit: No. I will try again.
can u run dism cleanup with resetbase if its remove the files from winsxs then its done i tried to run it but there error
OK. I will do it now. Oh, no. I am doing it with clean APPLIED image. /resetbase would not be allowed for PENDING processes. I am going to reboot now. See you.
I successed to uninstall cortana just need to run resetbase removing defender break dism resetbase Im trying sfc scannow
It would not work at all. To disable/delete Defender Service is as good as Group Policy Disabled, but NOT removal. As for Cortana, to me, it is OK to remove without any trick. Anyway, to me, the only way to successfully remove 11102/11103/14251 Windows Defender packages is: 1. Manually remove Windows Defender installed folders 2. Manually Remove Defender-related registry keys 3. Manually Remove Defender-related WinSxS folders and files 4. Manually Remove Defender-related TaskScheduler
I did something else i remove it with package removal remove dirs from winsxs cos there was 2 files that's wont delete i delete them from recovery did the restart and now its not reinstall it back another time lets test deny the permission to the folders reboot and then reset the permission run resetbase that might clean it nicely and wont break the resetbase edit: removing again the packages fix the dism resetbase
Yes, you are doing what I am talking about: Remove it MANUALLY. But why since 11102? Edit: deny the permission? I do not think so. OK. Here is another thing I found about Microsoft-Client-Features-Classic-Package: 1. speechpal.dll 2. 6 pictures of lock screen
Probably new policy of each Windows needs AV / spy speechpal ? is it new feature? deny the permission - why not ?
No. It is, I think, about Speech of Cortana. But why MS put Lock Screen background pictures (C:\Windows\Web\Screen) together with Speech?
Off-topic: Madonna Louise Ciccone is surprisingly here in Taiwan now by her private aircraft. Oh, I forgot about NTlite. I will test it now or then.
specifically, MS made changes in build 14251 so that they could not clean installation, so errors occur when removing components.
Oh, I have never known about it, because I have always been testing them by dism applying the image to other partition. But how? So I wondered if the image was the same? OK. I will try to install from DVD/USB some other time. Thanks.
why remove this services...their install for a reason use them...if u dont use them, just leave it alone. is better than blowing up later
Ms making small observation between client to server, there a group that want their client OS like server. they forcing their POV to our believes