I looked for registry access with “Defender” in the path, and this is the result: Procmon, from SysInternals, is a very convenient tool for this kind of research. TL DR : the final script can be found here : Registry configurationįirst, I took some time to look at the registry configuration, where are the parameters located, and how/when the values were changed. ![]() I would also add that some alternative working solutions have been added in the comments of this article (many thanks to their writers !) : it’s definitly worth checking. The “general public” might find another, easier to use solution that suit their need better. I made it as a malware analyst, for my usage, and decided to share it to help others. It aims at disabeling permanently windows defender, even removing its files if you chose to. ![]() This script is not intended as a “stop/start” solution. It finally bothered me enough to take an actual look at how to disable it permanently and reliably, in a fully automated way (a PowerShell script), on my Windows 10 20H2 (build 19042). ![]() Once again, after a Windows update, Windows Defender activated itself again.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |