How to stop “windows defender antivirus service”?

The only reliable way to really disable Windows Security is through the registry. There are many entries in the registry you have to modify by changing values. If I remember correctly there are perhaps 4-5 (maybe more) registry changes you must make in order to sufficiently disable all areas of Windows Security. Windows Security is actually pretty comprehensive and works interconnected with other parts which will in turn work to ensure all the other parts are working and enabled. You can seemingly disable one feature but it only has an affect on a superficial level, such as disabling parts in Services.

To fully disable Windows Security you must create a .reg file that contains all the necessary changes which will reflect full disabling of all the necessary parts. Without these being disabled Windows Security will still run. It's been a while since I had to do it but much of the persistence comes from real time scanning, firewall, antimalware, antivirus/antispyware etc. Once you disable the main features responsible for persistence on the system you have taken a large chunk of it from running on your computer.

You can also disable the notifications as well through the registry so that they no longer appear telling you to enable firewall/antivirus.

supermammalego said:

The only reliable way to really disable Windows Security is through the registry. There are many entries in the registry you have to modify by changing values. If I remember correctly there are perhaps 4-5 (maybe more) registry changes you must make in order to sufficiently disable all areas of Windows Security. Windows Security is actually pretty comprehensive and works interconnected with other parts which will in turn work to ensure all the other parts are working and enabled. You can seemingly disable one feature but it only has an affect on a superficial level, such as disabling parts in Services.

To fully disable Windows Security you must create a .reg file that contains all the necessary changes which will reflect full disabling of all the necessary parts. Without these being disabled Windows Security will still run. It's been a while since I had to do it but much of the persistence comes from real time scanning, firewall, antimalware, antivirus/antispyware etc. Once you disable the main features responsible for persistence on the system you have taken a large chunk of it from running on your computer.

You can also disable the notifications as well through the registry so that they no longer appear telling you to enable firewall/antivirus.

Till now, i'm still struggling with having clear steps that lead to disabling the service in question

jamal numan said:

Till now, i'm still struggling with having clear steps that lead to disabling the service in question

To begin with, the best way to disable Windows Security ie the full security suite that comes shipped with Windows in modern releases is to create either a CMD .bat file or throw together all the registry entries into one .reg file. This will save you having to continuosly mess with things that otherwise can be done in an automated fashion. For the things where either a CMD/Powershell command, or a registry entry for example cannot be found, you may have to manually change things yourself by directing yourself to the relevant places ie settings, GPO etc. For the most part though, a good 90% of the work can be done by compiling a script that can line by line disable built-in Windows security features.

A .bat script is basically a .txt file with a different file extension, in this case .bat extension, that runs lines of commands line by line. They are relatively simple to master and don't require extensive knowledge/experience to compile into working scripts that can make rapid and infinetly vast changes to your computer with little effort, this is presuming they are ran with administrative permissions. You would essentially put all the necessary commands to disable Windows security features in the .bat script. The idea would be to use the .bat file to run registry commands, either in bulk or individually entry by entry, and then any necessary Powershell commands as well (if necessary). Finally, and to make things that little bit more easier, you could then convert your .bat file into an executable file which can invoke the highest possible permissions and be customized to run in different environments and with different configurations set to suit your needs and desires.

You can make a .bat file by simplying running Notepad and then choosing 'All Files' in the 'Save As..' dialog window followed by choosing .bat as the file extension at the end of the file. Now you have a .bat file.

You can make a .bat file convert into an .exe by using software like BAT to EXE Converter, which I've used before personally and found works without any hitches for this particular task. It is only a trial based product but you can get more than what you need from the program while you're using the trial license. Once you've converted your batch file to an executable you've now got yourself an .exe you can run whenever and wherever you wish across many computers, presuming they do not have policies that restrict you from doing so. You can also set the executable to run silently using specific commands so that there is no dialog nor any confirmation as to the changes being made.

I don't want to spell everything out for you as that means you're getting no education from the decisions and actions you're making and what you're actually doing is a fairly complex thing in terms of Windows system administration and how a Windows operating system is configured and well, operates on one level regarding security. I learned what I needed to learn from studying foundational levels of computer security which involved effectively setting up a virtual machine and then trying to compromise it so I could install malware on it to then control it freely without the restraints of a security program such as Windows Security. Windows Security picks up on a lot of malicious actions or intentions, especially ones it already knows of. If you're going to ask how to disable an entire integral portion of an operating system you should at least know what is doing what, why, when and to who. If I gave you a bunch of registry entries, a bunch of Powershell commands, or even a Powershell script, or even a one-liner that did a lot of what you wanted you wouldn't really understand anything at all. Plus, if you ever wanted to enable the features again you'd probably be lost as the actions you do likely won't come with a user friendly reverse/undo option! You're talking about digging into the bowels of the operating system and making changes that rightfully aren't available to your average end user, and for good reason. Therefore you would need to also include a reversal script (using a .bat file for example) to then reverse everything you did so you can take your computer back to a state where built-in security features are enabled. You can really mess with the system if you don't know what you're doing and if you make serious changes even Windows won't instinctively know what you've done and therefore be able to revert the changes because these changes are usually done by professionals who know what they are doing and usually are the ones administrating computer networks running Windows, domains, shares, directories etc. And therefore most Windows programs are not programmed to cater for all levels of interaction with the system, especially actions that are not common among the general population of Windows users.

What I can say is that you can run ALL you need to do what you want on the internet. Try searching for 'disable Windows Security' and maybe add 'registry' in there or 'Powershell'. You'll find LOTS of resources out there that will guide you on this. There have already been some viable suggestions in this thread already regarding registry modification to disable what you want to disable. Registry modification is probably the easiest route to go. Powershell is easy but the shell interface is unappealing and daunting to many people who do not have experience navigating around it, and you likely will need to eventually navigate the shell if you want to make solid changes because despite what many people think, the shell is really the ONLY way to talk with the computer in an effective and unrestricted way. All you have to do then is figure out what else needs to be disabled. I can tell you that disabling Windows Defender alone will not work, because it operates as a part of a much bigger package that itself is seperated into different parts. Real time scanning, sample upload submission, periodic scanning, Windows Defender, Spyware, Antimalware, automatic updates, taskbar notifications, virus signature rollbacks etc are all seperate parts and things you will need to look at in order to completely prevent all these seemingly isolated parts of the bigger Windows Security package from communicating with each other and therefore left redundant and useless.

Google is your friend. Well, Google is a privacy invasive stalker if we want to get technical but with decent privacy practices you can minimize that but, hey, that's an entirely different subject!

Macboatmaster said:

supermammalego

May I point out to you, just in case you have missed it, that Brink the admin of the site, has posted to jamal numan in post 33, the recommended and usual solution, which is offered in Brink`s tutorial on the subject, attached to the post.

Your post is interesting on the subject, but the bat files you mention, are dealt with on the link to the tutorial - for the download of the regedit.

Finally I cannot agree, but it is only my opinion that

In instances such as this - google or any other web search engine, may NOT IMHO be your friend as all manner of suggestions can be found - including the use of some rather questionable software, and in my experience there are so many registry entries, relating to security on 10, (keys, sub keys, values etc) that if you start modifying the wrong ones, you can end up with real problems

All what you mentioned I highlighted in my post hence why there isn't a concrete solution to the question in my post. I agree in what I believe you are saying in that this process is tricky and can damage your system. I will not just willingly share how to do this knowing the potential for bad things to happen are greater when in the hands of anybody who isn't aware of their basis.
Also, you managed to read 'Google is your friend' but then didn't extend your reading a few more characters to your right!
As for questionable software please analyse the software I have suggested and report back and I will retract. Failing that this software has been around for many years and is immensely popular for converting bat files to exe.

Also, a bat file is not a reg file. A bat file, as explained in my post, is a batch file that Windows has used since the DOS days for automating batch commands through one file. They are still used to this day by experienced sysadmins who don't want to individually make changes to a system. Another example akin to batch files on some level would be bash scripts in Linux. These types of files have been around for a LONG time. They make inputting commands and doing sysadmin work VERY EASY.

Also, the reg file is for ONE single reg entry. What jamal wants is multiple reg entries as Windows Security IS NOT disabled through one reg entry alone. Windows Defender will not be completely disabled through the one reg entry provided. This you can check for yourself by trying to disable it using one reg entry. You will see that many of the parts are still running. And therefore I suggested running a bat file to make all these entries run line by line into the registry. A better way would be to actually create your own registry file in Notepad but this requires a little bit more work, and can get tricky as its not always a case of copying and pasting. You need to understand the 'template' used that Windows recognises, better still, the syntax.

supermammalego said:

All what you mentioned I highlighted in my post hence why there isn't a concrete solution to the question in my post. I agree in what I believe you are saying in that this process is tricky and can damage your system. I will not just willingly share how to do this knowing the potential for bad things to happen are greater when in the hands of anybody who isn't aware of their basis.
Also, you managed to read 'Google is your friend' but then didn't extend your reading a few more characters to your right!
As for questionable software please analyse the software I have suggested and report back and I will retract. Failing that this software has been around for many years and is immensely popular for converting bat files to exe.

Also, a bat file is not a reg file. A bat file, as explained in my post, is a batch file that Windows has used since the DOS days for automating batch commands through one file. They are still used to this day by experienced sysadmins who don't want to individually make changes to a system. Another example akin to batch files on some level would be bash scripts in Linux. These types of files have been around for a LONG time. They make inputting commands and doing sysadmin work VERY EASY.

Also, the reg file is for ONE single reg entry. What jamal wants is multiple reg entries as Windows Security IS NOT disabled through one reg entry alone. Windows Defender will not be completely disabled through the one reg entry provided. This you can check for yourself by trying to disable it using one reg entry. You will see that many of the parts are still running. And therefore I suggested running a bat file to make all these entries run line by line into the registry. A better way would be to actually create your own registry file in Notepad but this requires a little bit more work, and can get tricky as its not always a case of copying and pasting. You need to understand the 'template' used that Windows recognises, better still, the syntax.

36 posts just to disable “windows defender antivirus service”! why our life gets hard?

Okay, here goes...

Copy and paste this into a new text file and make sure to save it as a .reg otherwise Windows won't recognise it.

Code:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender]
"DisableAntiSpyware"=dword:00000001
"DisableRealtimeMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection]
"DisableBehaviorMonitoring"=dword:00000001
"DisableOnAccessProtection"=dword:00000001
"DisableScanOnRealtimeEnable"=dword:00000001

This disables several elements of Windows Defender.

This one disables Windows Defender Security Center

Code:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService]
"Start"=dword:00000004

I didn't want to post seeing as there will be lots of people who believe doing this is a great idea at first but then won't have any idea how to enable it again should they need it.

To re-enable just change the dword values in the first reg file from 00000001 to 00000000.
This is the same as 0 being false and 1 being true.

As for the second, change the dword values from 00000004 to 00000002.

Simply run the .reg files and everything should be re-enabled once again.
Let me know how you get on