ctrlaltkills/notes

FYI The correct way to disable WinDefend using this tool on Win11 Pro 22H2 · Issue #80 · ionuttbara/windows-defender-remover · GitHub

ctrlaltkills opened this issue · 0 comments

ctrlaltkills commented

|

Hi!

First of all, thank you so much for your tool.

FYI (my observations on how to use "N" method and achieve WinDefend service and Antimalware Service Executable stay disabled and not consuming your RAM and CPU)

So, my PC is running on Win11 Pro 22H2 22621.2134 (latest build) and after using "N" method of this program v12.5.1 WinDefend service and similar security services were still running along with Antimalware Service Executable and I hit performance issues mentioned before (general system slowdown) but UWP apps and MS Store were working I suppose it was fixed by the dev.
I have been struggling of this kind of an issue for a long time looking for solutions.
And finally, I developed my own solution.

Good to mention that before using "N" method I disabled realtime protection and tamper protection etc.

Let's start.

In order to fix it I made some woodoo stuff such as:

  1. At first, I used "N" method (this step was done before woodoo stuff below)
  2. I re-enabled security using "R" method
  3. In Windows Security settings I disabled realtime protection and tamper protection etc (again)
  4. In Windows Security settings I disabled SmartApp Control (Smart Screen) completely (if you need to re-enable it you need to reinstall Windows)
  5. In Windows Security settings I disabled everything in App$Browser Control (Reputation-based protection)
  6. In Windows Security settings I disabled everything in Core Isolation menu except MS Vuln Driver Blocklist
  7. Using GPEDIT I changed Windows Defender policies only mentioned in this guide - https://www.alphr.com/disable-windows-defender-windows-11
  8. Reboot PC
  9. ???
  10. Done! You are golden and no WinDefend services are running anymore including Antimalware Service Executable. And MS Store + UWP is working.

Basically, my guess is that in order to use "N" method correctly you need to follow steps I wrote above but may be in a bit different order like this:

  1. Disable realtime protection and tamper protection etc.
  2. Disable SmartApp Control (Smart Screen) completely (IDK if this step is really needed)
  3. Disable everything in App$Browser Control (Reputation-based protection) (IDK if this step is really needed)
  4. Disable everything in Core Isolation menu except MS Vuln Driver Blocklist
  5. Change GP only like in this guide https://www.alphr.com/disable-windows-defender-windows-11
  6. Reboot
  7. Use "N" method

To summarize, personally, these all steps helped me in my case. I can't be 100% sure if it will help you (but if you have the same problem as me, it probably will).
I don't want to do tests or reproduce it in VM, as I've been doing it on my PC for a long time, as I've written above. It's working and WinDefend is completely disabled right now - i'm pleased.

Hope, I could help someone.

Wish you all good luck!




|