API tools faq
paste
Advertisement
Guest User

Disable Windows Defender / March 2022

a guest
Mar 10th, 2022
431
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.75 KB | None | 0 0
raw download clone embed print report
  1. Registry:
  2. HKEY_LOCAL_MACHINE/SOFTWARE/Policies/Microsoft/Windows Defender
  3. DWORD: DisableAntiSpyware, set value to 1
  4. Delete to enable
  5.  
  6.  
  7.  
  8. Autoruns: Filter "security", disable (uncheck) Windows Security Service:
  9. Windows Security Service / SecurityHealthService / c:\windows\system32\securityhealthservice.exe
  10. Enable by re-checking the tick box
  11.  
  12.  
  13.  
  14. Powershell:
  15. Disable: Set-MpPreference -DisableRealtimeMonitoring $true
  16. Enable: Set-MpPreference -DisableRealtimeMonitoring $false
  17.  
  18.  
  19.  
  20. Registry File Disable: reg import E:\wd_dis.reg
  21. Needs run as Trusted Installer / Command Prompt with AdvancedRun
  22. https://www.nirsoft.net/utils/advanced_run.html
  23.  
  24. Windows Registry Editor Version 5.00
  25.  
  26. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WdBoot]
  27. "Start"=dword:00000004
  28.  
  29. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WdFilter]
  30. "Start"=dword:00000004
  31.  
  32. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WdNisDrv]
  33. "Start"=dword:00000004
  34.  
  35. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend]
  36. "ImagePath"=hex(2):22,00,43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,\
  37. 00,44,00,61,00,74,00,61,00,5c,00,4d,00,69,00,63,00,72,00,6f,00,73,00,6f,00,\
  38. 66,00,74,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,44,00,65,\
  39. 00,66,00,65,00,6e,00,64,00,65,00,72,00,5c,00,50,00,6c,00,61,00,74,00,66,00,\
  40. 6f,00,72,00,6d,00,5c,00,34,00,2e,00,31,00,38,00,2e,00,32,00,32,00,30,00,31,\
  41. 00,2e,00,31,00,30,00,2d,00,30,00,5c,00,6e,00,75,00,6c,00,6c,00,2e,00,65,00,\
  42. 78,00,65,00,22,00,00,00
  43. "Start"=dword:00000004
  44.  
  45. Registry File Enable: reg import E:\wd_en.reg
  46. Needs run as Trusted Installer / Command Prompt with AdvancedRun
  47. https://www.nirsoft.net/utils/advanced_run.html
  48.  
  49. Windows Registry Editor Version 5.00
  50.  
  51. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WdBoot]
  52. "Start"=dword:00000000
  53.  
  54. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WdFilter]
  55. "Start"=dword:00000000
  56.  
  57. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WdNisDrv]
  58. "Start"=dword:00000003
  59.  
  60. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend]
  61. "ImagePath"=hex(2):22,00,43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,\
  62. 6d,00,44,00,61,00,74,00,61,00,5c,00,4d,00,69,00,63,00,72,00,6f,00,73,00,6f,\
  63. 00,66,00,74,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,44,00,\
  64. 65,00,66,00,65,00,6e,00,64,00,65,00,72,00,5c,00,50,00,6c,00,61,00,74,00,66,\
  65. 00,6f,00,72,00,6d,00,5c,00,34,00,2e,00,31,00,38,00,2e,00,32,00,32,00,30,00,\
  66. 31,00,2e,00,31,00,30,00,2d,00,30,00,5c,00,4d,00,73,00,4d,00,70,00,45,00,6e,\
  67. 00,67,00,2e,00,65,00,78,00,65,00,22,00,00,00
  68. "Start"=dword:00000002
  69.  
  70. Reboot computer
  71.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!