Hacker News new | ask | show | jobs
by bob1029 1797 days ago
Maybe this is a good time to ask a dumb question.... how do yall disable windows defender?

I spent a weekend on it last year and couldn't figure it out. Best I could surmise is that I need to wipe my hard drive and install a sketchy copy of "mad max edition" windows 10 enterprise, which I would have to download on TPB or some other Warez site.
4 comments
bob1029 1797 days ago
Stopping by later in the day to offer a solution to my own question in case someone else is struggling with the same:

https://github.com/AveYo/LeanAndMean

If you can run as TrustedInstaller, it becomes feasible to rip all of this kind of bullshit out.

Just got my latest patched Win10 Pro copy running totally free of defender. Service is properly stopped. I was able to stop it like you would any other with TI privileges. Local admin just gets denied.

link
Wowfunhappy 1797 days ago
To turn it off permanently, there's a registry entry:

https://itty.bitty.site/#Disable_Real_Time_Protection_Perman...

I'm not sure whether or not it works on non-pro versions of Windows.

link
bob1029 1797 days ago
This does not work anymore.

https://www.pcgamer.com/permanently-disabling-windows-10s-bu...

link
Wowfunhappy 1797 days ago
...oh. Uh, that's super bad. I didn't know because I'm on LTSC.
link
colejohnson66 1797 days ago
Not sure why you’d want to disable virus protection, but Microsoft has a guide should you want to: https://support.microsoft.com/en-us/windows/turn-off-defende...
link
bob1029 1797 days ago
> Follow these steps to temporarily turn off real-time Microsoft Defender antivirus protection in Windows Security.

How long is "temporary"?

> Not sure why you’d want to disable virus protection

Because Microsoft's implementation drags ass when fighting with one of Microsoft's other terrible messes - visual studio.

Also. It's my fucking computer.

link
topkai22 1797 days ago
You can (depending on group policy if domain joined) disable real time scanning on individual processes, files, and folders in a more permanent manner IRC.
link
mattbee 1797 days ago
There's a registry (or group policy?) tweak to turn it off for good.

It was absolutely necessary on my 2015-era laptop, especially in the era of WSL1 where every Linux-side file operation caused a Defender operation - made a huge difference running test suites, git operations and so on.

I've tried to leave it on my new laptop (esp on WSL2 where Defender doesn't get a look-in) but I can _smell_ when it's slowing me down.

link
AnIdiotOnTheNet 1797 days ago
O&O ShutUp10: https://www.oo-software.com/en/shutup10
link