-
Windows-Defender in finaler Fassung
Microsoft hat seine Anti-Spyware Defender in der endgültigen Version zum Download freigegeben. Bislang gibt es jedoch nur die englische Fassung, die deutsche Übersetzung braucht noch etwas Zeit.
Die endgültige Version von Defender ist neben einer 32-bittigen Version auch für 64-Bit-Betriebssysteme aus Redmond verfügbar. Die Anti-Spyware läuft jedoch offiziell nicht unter Windows 2000 – der Support dafür läuft im Oktober aus.
Microsoft stellt vor die Installation noch eine Windows-Echtheitsprüfung (WGA). Der Download-Seite ist zu entnehmen, dass Microsoft der Ansicht ist, es sei ein großes Risiko, nicht-originales Windows einzusetzen. Daher entferne Defender nur ernste Bedrohungen auf solchen Windows-Versionen.
Siehe dazu auch:
* Download der englischen Fassung von Windows Defender
* Download der deutschen Version von Windows Defender (derzeit Beta 2)
* Download der endgültigen 64-Bit-Fassung des englischen Windows Defender
Quelle und Links : http://www.heise.de/newsticker/meldung/79977
-
(https://i.postimg.cc/SKThkRwP/screenshot-769.png)
ConfigureDefender is a lightweight application designed to help you properly configure Windows Defender so you restrict access for children and avoid dealing with irritating restrictions for various folders, just to name a few.
Freeware
Whats new:>>
In the version 2.0.0.0 two new WD ASR rules were added:
Block only Office communication applications from creating child processes (includes Outlook protection).
Block Adobe Reader from creating child processes
https://github.com/AndyFul/ConfigureDefender
-
Changelog
1. Added icon.
2. Added the section PROTECTION LEVELS which includes the renamed buttons:
<Defender default settings> ----> <DEFAULT>
<Defender high settings> ----> <HIGH>
<Child Protection> ----> <MAX>
3. Added the button <Defender Security Log>, which allows seeing last 200 Windows Defender events. It also
shows the names of ASR rules alongside GUIDs.
4. Added the splash alert when applying time-consuming features.
5. Renamed option "Reporting Level (MAPS membership level)" to "Cloud-delivered Protection" (the name used
in the WD Security Center) and renamed its "Advanced" setting to "ON".
6. Extended the abilities of <REFRESH> button.
7. Updated the changes made by Microsoft to allow file & folder exclusions for some additional ASR rules.
8. Corrected the issue with closing the application.
9. Extended the help.
https://github.com/AndyFul/ConfigureDefender
-
Whats new:>>
Added additional ASR rule: "Block persistence through WMI event subscription".
Minor GUI improvements.
https://github.com/AndyFul/ConfigureDefender
-
(https://www.nirsoft.net/utils/windefthreatsview.png)
WinDefThreatsView is tool for Windows 10 that displays the list of all threats detected by Windows Defender Antivirus and allows you to easily set the default action (Allow, Quarantine, Clean, Remove, Block, or No Action) for multiple threats at once. You can use this tool on your local computer and also on remote computer, as long as you have permission to access WMI on the remote machine.
Freeware
https://www.nirsoft.net/utils/windows_defender_threats_view.html
-
Whats new:>>
You can now use any variable stored in the .cfg as command-line option. For example, in order to connect a remote computer that its IP address is 192.168.0.105:
WinDefThreatsView.exe /ConnectMode 2 /ComputerName 192.168.0.105
https://www.nirsoft.net/utils/windows_defender_threats_view.html
-
Whats new:>>
Added 'Put Icon On Tray' option
https://www.nirsoft.net/utils/windows_defender_threats_view.html
-
Whats new:>>
1. Corrected a bug related to the error when "Defender Security" Log is empty.
2. Removed events Id=1117 and Id=5007 from Defender Security Log.
3. Extended the maximal number of entries in the Log to 300.
4. Extended the "Cloud Time Check Limit" in HIGH Protection Level from 10s to 20s.
5. Added DLL hijacking protection - 64-bit and 32-bit installers are wrapped into one installer by NSISS.
6. Corrected some minor bugs.
https://github.com/AndyFul/ConfigureDefender
-
Whats new:>>
1. Added tip text feature to some buttons (<REFRESH, <DEFAULT>, <HIGH>, <MAX>).
2. Removed the feature of adding an icon to the taskbar notification area.
3. Removed event Id=5007 from Defender Security Log.
https://github.com/AndyFul/ConfigureDefender
-
Whats new:>>
Added 'Add Header Line To CSV/Tab-Delimited File' option (turned on by default).
https://www.nirsoft.net/utils/windows_defender_threats_view.html
-
Whats new:>>
Added 'Start As Hidden' option. When this option and 'Put Icon On Tray' option are turned on, the main window of WinDefThreatsView will be invisible on start.
Fixed some display issues in high DPI mode.
https://www.nirsoft.net/utils/windows_defender_threats_view.html
-
(https://i.postimg.cc/3xRSybwX/screenshot-3033.png)
Defender Control is a tool featured within a simplistic UI that permits you to one-click disable/enable or even launch Windows Defender.
Freeware
Whats new:>>
1. [Fixed] – False Positive Issue
2. [Added] – Some minor improvements
https://www.sordum.org/9480/defender-control-v1-8/
-
Whats new:>>
[Fixed] – False Positive Issue
[Added] – Add it to the Exclusions list feature (Under the menu)
https://www.sordum.org/9480/defender-control-v1-9/
-
Changelog
Added some useful information to the Help and manual.
Added "Send All" setting to Automatic Sample Submission.
Updated ASR rules (1 new rule added).
Added the Warn mode to ASR rules.
Added INTERACTIVE Protection Level which uses ASR rules set to Warn.
Added the <Info> button next to the Protection Levels buttons. It displays information about which
settings are enabled in DEFAULT, HIGH, INTERACTIVE, and MAX Protection Levels.
Redesigned slightly the layout of the Exploit Guard section.
Added support for Windows 11.
Added support for Id=1120 to Defender Security Log. If this event is logged by Windows Event Log, then it will be also included in ConfigureDefender.
.Added CFA setting BDMO = Block Disk Modifications Only - folders will not be protected, but some
important disk sectors will be still protected (Id = 1127).
https://github.com/AndyFul/ConfigureDefender
-
(https://i.postimg.cc/KYPCjVcc/screenshot-3352.png)
Regardless of whether you choose Microsoft Defender Antivirus, or a third party antivirus solution you need to be sure these products are not scanning critical File and folders because Occasionally Microsoft Security Essentials or Microsoft Defender cause problems with some Files and folders. Typical issues include slow performance , deleting some necessary files or erratic operation or it may flag a file or folder that you trust as malicious. To work around these problems you can add this kind of files and folders to the list of exceptions.
Freeware
Whats new:>>
1. [Fixed] – Defender Exclusion Tool Doesn’t work on Windows 11
2. [Added] – Some code improvements
https://www.sordum.org/10636/defender-exclusion-tool-v1-3/
-
(https://i.postimg.cc/3xRSybwX/screenshot-3033.png)
Defender Control is a tool featured within a simplistic UI that permits you to one-click disable/enable or even launch Windows Defender.
Freeware
Whats new:>>
[Removed] – Cmd parameter support (Defender control is using inside some malware)
[Fixed] – Defender Control Doesn’t work on Windows 11
[Fixed] – Error occurs when turning off Windows Defender
[Added] – Some code improvements
https://www.sordum.org/9480/defender-control-v2-0/
-
(https://i.postimg.cc/pL06VffP/screenshot-3437.png)
Defender Control is a portable app capable of turning off Windows Defender without the need to install an antivirus.
This little app makes it simple to turn off Windows Defender without jumping through hoops. Of course, you should always have an up-to-date antivirus solution on your machine. But there are times when you need to turn it off, like when using certain software, for instance. Defender Control makes it quick and efficient. The same simplicity is applied to enabling protection; run the enable.exe and it will be active again.
License: Open Source
Whats new:>>
Statically linked runtime libraries to binaries.
https://github.com/qtkite/defender-control
-
(https://i.postimg.cc/SKThkRwP/screenshot-769.png)
ConfigureDefender is a lightweight application designed to help you properly configure Windows Defender so you restrict access for children and avoid dealing with irritating restrictions for various folders, just to name a few.
Freeware
Changelog
1. Added some useful information to the Help and manual.
2. Added "Send All" setting to Automatic Sample Submission.
3. Updated ASR rules (1 new rule added).
4. Added the Warn mode to ASR rules.
5. Added INTERACTIVE Protection Level which uses ASR rules set to Warn.
6. Added the <Info> button next to the Protection Levels buttons. It displays information about which
settings are enabled in DEFAULT, HIGH, INTERACTIVE, and MAX Protection Levels.
7. Redesigned slightly the layout of the Exploit Guard section.
8. Added support for Windows 11.
9. Added support for event Id=1120. If the proper policy is applied, then this event can be logged by Windows.
If the user has applied manually this policy by registry tweak or GPO, then the events related to Id=1120
will be also included in the "Defender Security Log".
10.Added CFA setting BDMO = Block Disk Modifications Only - folders will not be protected, but some
important disk sectors will be still protected (Id = 1127).
11. Corrected a minor bug related to displaying the empty log.
https://github.com/AndyFul/ConfigureDefender
-
Whats new:>>
Added silent mode.
Launch from an admin shell with -s argument to skip any user input.
1.3
Manages the security center service now.
https://github.com/qtkite/defender-control
-
Whats new:>>
Windows 11 Support (unconfirmed)
https://github.com/qtkite/defender-control
-
(https://i.postimg.cc/zvYBZxwH/screenshot-1594.png)
WinDefLogView is a tool for Windows 10 and Windows 11 that reads the event log of Windows Defender (Microsoft-Windows-Windows Defender/Operational) and displays a log of threats detected by Windows Defender on your system. For every log line, the following information is displayed: Filename, Detect Time, Threat Name, Severity, Category, Detection User, Action, Origin, and more...
You can view the detected threats log on your local computer, on remote computers on your network, and on external disk plugged to your computer.
https://www.nirsoft.net/utils/windows_defender_log_viewer.html
-
Whats new:>>
1. Added the updated certificate.
Version 3.0.1.1
1. Added support for Windows Server 2019+
https://github.com/AndyFul/ConfigureDefender
-
(https://i.postimg.cc/05bh5z8k/Kodi.png)
With DefenderUI, you can control Microsoft Defender much easier. For instance, it allows you to enable or disable real-time and cloud-delivered protection, or turn off and on the Windows Firewall.
Freeware
https://www.defenderui.com/
-
Whats new:>>
Added:
Different blocking method
Some code improvements
https://github.com/qtkite/defender-control
-
(https://i.postimg.cc/FHQphf3Y/screenshot-2179.png)
This application is removing / disables Windows Defender , including the Windows Security App, Windows Virtualization-Based Security (VBS) , Windows Smart-Screen, Windows Security Services , Windows Web-Threat Service and Windows File Virtualization (UAC) and Microsoft Defender App Guard.
Donationware
Whats new:>>
FIX! Modifying the UAC Disabler Rules because of someone said about UWP Startup not working. To fix the issue please check if the values are put in registry (because the script putted the values to 0)
FIX! and a fix for issue #32 (it says this thing is caused by removal of defender smartscreen, so i modified the rules of removal in the script now)
https://github.com/jbara2002/windows-defender-remover
-
Changelog
NEW! Added Support for importing "install.wim" file for disabling / removing removing defender by pressing "I". (This is not working for now.)
SOON! Also the support for importing "install.esd" will be added, but the exported file will be ".wim"
NEW! Added Support for OSCDIMG. a Microsoft Tool which export modified .wim files and create an ISO file, without any user interventions. (This may not work for now).
Known issues:
#34 Task Manager may be restored to "old version" due an unknown issue, which is investigating.
#35 Investigating the Disconnected Storage error when some UWP are installed.
The tool part for modifying install.esd and install.wim by removing/disabling defender is not work as expected, When I is pressed, it applies the removal instead looking for drives and mounting .wim file (or converting .esd ->.wim and mounting)
https://github.com/jbara2002/windows-defender-remover
-
Whats new:>>
NEW! Implemented mounting of install.wim image if drive was detected.
NEW! You can download the script from 2 sources: Softpedia and instalki.pl.
FIX! Changed letter from I to J for mounting Images.
FIX! Changed the rule of disabling SmartScreen when is selected N or E letter from the menu. (renaming is not working)
This version is designed for who want to test removal of Defender via offline Windows Image (ISO, .wim). Maybe i'll finish in 1 week or two, but that will worth. =))
https://github.com/jbara2002/windows-defender-remover
-
Whats new:>>
Disabled Microsoft Vulnerable Driver BlockList. ( i don't know why some drivers mod are in that blocklist =)))
Disabled Early Launch Anti-Malware Protection. (i've seen the shut down time was improved so much).
https://github.com/jbara2002/windows-defender-remover
-
Whats new:>>
NEW! Added support for ARM64 Arhitecture. (You can remove/disable/enable Windows Defender in Windows ARM PCs now, requires Windows 10 19H1 ARM or newer)
NEW! Modified Rules for the remover which you can update Windows with Defender Removed. (It's an one condition, the update must no contain about modifying Windows.SecHealthUI App).
FIX! Fixed the app taken as virus and twice applying in Winodws Insider Build 25314 (Canary Channel),
FIX! #35 (Disconnected Storage Error). You must uninstall and re-download the problem apps now, after the script application (if you have the problem now)
https://github.com/jbara2002/windows-defender-remover
-
Whats new:>>
FIX! #34 In some version of Windows 11 , task manager are get reverted to old version. This is fixed for now.
.wim image part
NEW! Because this software is open source, i will put the code, of wimwim.cmd file to see if the code is working with provided information about images.
NEW! Made some progress by removing Defender Services (including filters and Windows Security Center Services) which is working for Microsoft provided lastest Windows 11 22H2 Image , exporting automaticly in : c:defenderRemovedISOWindowsDefenderRemovedImage.iso
https://github.com/jbara2002/windows-defender-remover
-
(https://i.postimg.cc/FHQphf3Y/screenshot-2179.png)
This application is removing / disables Windows Defender , including the Windows Security App, Windows Virtualization-Based Security (VBS) , Windows Smart-Screen, Windows Security Services , Windows Web-Threat Service and Windows File Virtualization (UAC) and Microsoft Defender App Guard.
Donationware
Whats new:>>
When you remove Windows Defender, also the Windows Security Page from Settings must be removed or hidden (for Windows 10 and Windows 11)
https://github.com/jbara2002/windows-defender-remover
-
Whats new:>>
New:
Improvements..
Added Text for script progress.
Fixed:
Removing Windowss Defender Files (including data and Program Files) it must work now. You'll get +300 MB free Space in C:
https://github.com/jbara2002/windows-defender-remover
-
Whats new:>>
fixed issues with uwp apps specified in #38 .
fixed some tracing removal of defender specified in #4 (in Windows 10 22H2 and Windows 11 Dev Channel, only)
improvements in performance
https://github.com/jbara2002/windows-defender-remover
-
Whats new:>>
FIX! Fixes issues specified in #44 ,
NEW! If you have a PC with Microsoft Pluton Security Procesor and Windows 11 22H2 or newer, rhis script will support removal of Defender (and pluton driver)
https://github.com/jbara2002/windows-defender-remover
-
Whats new:>>
optimized app size (code) less 200KB.
fixing LSA Configuration where breaking Network Connections, Devices and Authentification. (fixes #50 ,#44)
using ShadowWhisperer's way to remove Provisioned Appx-es (which fix #52 issue).
https://github.com/jbara2002/windows-defender-remover
-
Changelog
Overhaul:
NEW! Replaced PowerRun integration with nSudo for pemission access.
NEW! ISO Tool is simplified and complicated (with no .esd file support, for now) (fixes #55)
NEW! Made Removal of the script efficient (contr. by @ropucyka)
Fixes:
Fix the issue #56.
Fix the issue #66 , #58 , #57 , by rethinking the disabler part. (It disables antivirus , or antivirus with Windows Security Service (for who don't want Windows Security App)
The report about 12.5 helped so much! so the #62 will be closed.
The Firewall Context Menu is moved to Melody Script (https://www.github.com/jbara2002/melody_windows)
The Safe methods doesn't disable UAC, but it remove mitigations.
Workarounds:
For those are applied the removed in previous version (<12.4.7) and have problems with UWP, check if your windows update history.
If the Windows Security Intelligence Update (that thing is cause to broken things after script) is installed , there is a problem and can be solved by restoring the system at the point before applying the script. If you want to disable antivirus you can use safe methods (pressing N for disabling all components and M to disable Defender Antivirus Only), and that can be restored by rerun the script. Also the new safe methods doesn't add policies and system registry configurations (the method is based by services removal and restoring), so the system will NOT be harmed. (so the issues related will be closed after release) You can use the Y method , but you need to disable Windows Update or make to Windows will not update at the moment.
https://github.com/jbara2002/windows-defender-remover
-
Whats new:>>
Reverted from NSudo to PowerRun because of lack of running in ARM64
https://github.com/jbara2002/windows-defender-remover
-
Whats new:>>
Added disablation and enablation of Security Health Tray Startup, when the safe method of disable security components.
Added disabling of FTH (Fault Torelant Heap Mitigation ) disable in remover version
https://github.com/jbara2002/windows-defender-remover
-
Whats new:>>
temporary removed iso creator tool because it starts to produce problems
added ability to force disable Dev Drive Protection in safe method.. (and legacy)
the text for legacy removing defender is not in the app because i want to start to switch some settings in new safe methods (where microsoft store apps , and more things are working fine in Windows 11), so if you want to apply in Windows 10, or in lastest Canary Build, you can press Y.
https://github.com/jbara2002/windows-defender-remover
-
Whats new:>>
added disablation/enablation of Windows Defender's Tasks in safe methods.
https://github.com/jbara2002/windows-defender-remover
-
Whats new:>>
Fixing the spelling errors in code (when WdFilter is not removed). not this should to be removed.
https://github.com/jbara2002/windows-defender-remover
-
(https://i.postimg.cc/05bh5z8k/Kodi.png)
With DefenderUI, you can control Microsoft Defender much easier. For instance, it allows you to enable or disable real-time and cloud-delivered protection, or turn off and on the Windows Firewall.
Freeware
https://www.defenderui.com/
-
Whats new:>>
Removed some security security settings which are depreciated by Microsoft a long time (ServiceKeepAlive and DisableAntiSpyware) are not working anymore with Windows 10 1703 or newer, but the removal script is unaffected.
Added disablation of Remote UAC
Added disablation/enablation of UAC in ~newer methods (are revertible)
https://github.com/jbara2002/windows-defender-remover
-
Whats new:>>
Added Signature of executable to make original and evite any modified 3rd party version of script (and make less virus detectable too)
https://github.com/jbara2002/windows-defender-remover
-
Whats new:>>
Made the app to be less detecteble VirusTotal result
Tested hardness for Canary Channel 25905 (timebombed upon 14.09.2023, but tested for Tamper Protection Bypasses and more)
switched from PowerRun to superUser64 (so documentation will be updated, and also will be provided content)
https://github.com/jbara2002/windows-defender-remover
-
(https://i.postimg.cc/FHQphf3Y/screenshot-2179.png)
This application is removing / disables Windows Defender , including the Windows Security App, Windows Virtualization-Based Security (VBS) , Windows Smart-Screen, Windows Security Services , Windows Web-Threat Service and Windows File Virtualization (UAC) and Microsoft Defender App Guard.
Donationware
Whats new:>>
Deprecated Security Center Settings because are taken as virus in MalwareBytes and BitDefender
Fixed some many errors and bug fixes.
Made an x86-32bit version of the script.
Completly switched from PowerRun to GetTrustedInstaller.
https://github.com/jbara2002/windows-defender-remover
-
Whats new:>>
fix where in Canary Channel and in Windows 11 23H2 some content from C:\ProgramData\Microsoft are removed using Y and U options. (check #109 )
fix some code typos
https://github.com/jbara2002/windows-defender-remover
-
(https://www.nirsoft.net/utils/windefthreatsview.png)
WinDefThreatsView is tool for Windows 10 that displays the list of all threats detected by Windows Defender Antivirus and allows you to easily set the default action (Allow, Quarantine, Clean, Remove, Block, or No Action) for multiple threats at once. You can use this tool on your local computer and also on remote computer, as long as you have permission to access WMI on the remote machine.
Freeware
Whats new:>>
Added option to change the sorting column from the menu (View -> Sort By). Like the column header click sorting, if you click again the same sorting menu item, it'll switch between ascending and descending order. Also, if you hold down the shift key while choosing the sort menu item, you'll get a secondary sorting.
Added 'Sort By' toolbar button
Fixed a few high DPI mode issues
Fixed issue: When copying data to the clipboard or exporting to tab-delimited file, every line contained an empty field in the end of the line.
https://www.nirsoft.net/utils/windows_defender_threats_view.html
-
(https://i.postimg.cc/zvYBZxwH/screenshot-1594.png)
WinDefLogView is a tool for Windows 10 and Windows 11 that reads the event log of Windows Defender (Microsoft-Windows-Windows Defender/Operational) and displays a log of threats detected by Windows Defender on your system. For every log line, the following information is displayed: Filename, Detect Time, Threat Name, Severity, Category, Detection User, Action, Origin, and more...
You can view the detected threats log on your local computer, on remote computers on your network, and on external disk plugged to your computer.
Whats new:>>
Added option to change the sorting column from the menu (View -> Sort By). Like the column header click sorting, if you click again the same sorting menu item, it'll switch between ascending and descending order. Also, if you hold down the shift key while choosing the sort menu item, you'll get a secondary sorting.
Added 'Sort By' toolbar button
Fixed issue: When copying data to the clipboard or exporting to tab-delimited file, every line contained an empty field in the end of the line.
https://www.nirsoft.net/utils/windows_defender_log_viewer.html
-
Whats new:>>
re-writed way to remove WindowsSecurityCenter services and applets (removing applets broke Windows Update service and Windows Store.) (Issues #83 , #125 , #139 and #144 will be closed due results of testing of this version.)
https://github.com/jbara2002/windows-defender-remover
-
Whats new:>>
Add ability to remove antivirus without disable UAC or another Security mitigations by default
https://github.com/jbara2002/windows-defender-remover