Disable Windows Defender in Windows 11

AsadAlrafidain said:
...can you Disable (or uninstall) security center altogether but leave firewall?...has it become integrated with security center and defender?...is "Microsoft Defender Firewall" the new name for old windows firewall?
Click to expand...
Uninstalling a component removes its files from the image, which has the possibility of causing problems. NTLite removes Security Center along with Defender, and Nuhi may be able to split this out, since I think it was determined to be possible. I am not as versed in that aspect though, because I don't uninstall it from my image at this time. I doubt the firewall is harmed from this removal, but the only way to know for sure is to test it.

Disabling things is usually done by turning off services, registry keys, or scheduled tasks. The way that I disable Defender, and have zero issues, is contained within the security registry file of this guide (link). It has proven to work on every build I've tried so far, but I have no interest in testing W11, because I dislike that operating system and I have too much stuff on my to-do list. Properly disabling Defender will not harm the firewall.

People like Garlin and myself aren't computer geniuses, the thing that separates guys like us from the masses is that we are expert Googlers and troubleshooters, because we are driven to find solutions through research and testing things, while focusing on proper methods over a hacky approach--which is when a user disables something by breaking code or using excessive tweaks. My point is that people can test questions like this to find answers too, since that's what helpers are doing, so give it a whirl and let us know the results of your adventure.
 
Last edited:
Hellbovine said:
Uninstalling a component removes its files from the image, which has the possibility of causing problems. NTLite removes Security Center along with Defender, and Nuhi may be able to split this out, since I think it was determined to be possible. I am not as versed in that aspect though, because I don't uninstall it from my image at this time. I doubt the firewall is harmed from this removal, but the only way to know for sure is to test it.

Disabling things is usually done by turning off services, registry keys, or scheduled tasks. The way that I disable Defender, and have zero issues, is contained within the security registry file of this guide (link). It has proven to work on every build I've tried so far, but I have no interest in testing W11, because I dislike that operating system and I have too much stuff on my to-do list. Properly disabling Defender will not harm the firewall.

People like Garlin and myself aren't computer geniuses, the thing that separates guys like us from the masses is that we are expert Googlers and troubleshooters, because we are driven to find solutions through research and testing things, while focusing on proper methods over a hacky approach--which is when a user disables something by breaking code or using excessive tweaks. My point is that people can test questions like this to find answers too, since that's what helpers are doing, so give it a whirl and let us know the results of your adventure.
Click to expand...
Thanks for the reply...I tried your security REG tweaks but noticed that firewall is disabled...I don't like security center and defender, but for me the firewall is a must...I'll try to delete all the parts that contain "firewall" in them and see if it gives a satisfactory result.

BTW, I'm trying this on Windows 11
 
You don't have to use the whole file as-is, simply delete the tweaks from the registry file that you don't want and Windows will fallback to its normal defaults for the settings that were removed, then Integrate the modified file into a new image and test it. Keep in mind that some of these may require updating for newer builds or W11, and a registry comparison tool is what I would use to get started on figuring that out.
 
Last edited:
I bought a new scouter and this one says:

Garlin.png


Oh crap, I'm realizing that I probably just summoned all the Discord bros to the forum.
 
Last edited:
I use these reg batch found on github (I don't know if I can post the link), the author also made an exe, even after the updates it doesn't appear. transform it into a bat with "reg2exe converter" and place it in post setup, so as to avoid breaking the image. I recommend updating with WuMgr_v1.1b so you can choose which ones to do.
 

Attachments

dedolo said:
I use these reg batch found on github (I don't know if I can post the link)
Click to expand...
It's preferred that you post a GitHub link whenever possible, so readers can download files directly from the source and know its dev(s).
 
dedolo said:
Lo faccio subito, ecco il link: https://github.com/ionuttbara/windows-defender-removerI
Click to expand...
I've been recently working with this tool for a non-NTLite project.

On the whole, it's not bad but there's some annoying flaws:
1. DefenderRemover.exe is a self-extracting app that uses a hacked version of PowerRun to run several commands.

He doesn't use the official PowerRun file, because of "optimizations". If you're including another dev's TrustedInstaller tool, provide the original version of that tool. Especially as the script cannot do its work without PowerRun or another TI rights tool.

2. DefenderRemover.exe is broken, because it only allows one command-line argument: Y (disable Defender and other Windows security measures). While his batch script's menu supports three options, the other two options are ignored when passed as arguments.

You can't run "DefenderRemover.exe A" or "S".

4. While he groups the different reg settings into separate files (good), his script performs a for-loop to install them (bad). What happens is the script rapidly opens too many flashing windows, one for each reg file. The source files could be merged in his EXE version.

3. The dev throws in some totally unrelated reg entries and removals which have NOTHING to do with Defender or platform security. They're just random personal tweaks, and should be excluded.

My overall assessment is while DefenderRemover mostly works, there's room for fixes. From the dev's comments, he's in school and has less time to work on his projects. If you want to continue using the self-extracting EXE, it's possible to use 7-Zip and replace individual files.

There's many Defender tools or scripts on GitHub, but some of their methods and code quality aren't at the same level. Unfortunately, it's too much work checking them out to find a better solution. I rank this one better than average.
 
This disables certain services (Sense, WdBoot, WdFilter, WdNisDrv, WdNisSvc, WinDefend) during Windows Setup and thus prevents the MsMpEng.exe process from running
Click to expand...
 
You must log in or register to reply here.
Back
Top