Skip to content

Commit 7e3b59c

Browse files
author
Ionut Bara
committed
12.8 code
1 parent e8483ac commit 7e3b59c

File tree

2 files changed

+54
-95
lines changed

2 files changed

+54
-95
lines changed

Remove_defender/Antivirus_d.reg

Lines changed: 0 additions & 78 deletions
This file was deleted.

Script_Run.bat

Lines changed: 54 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,9 @@
1+
@set defenderremoverver=12.8
2+
@setlocal DisableDelayedExpansion
13
@echo off
24
pushd "%CD%"
35
CD /D "%~dp0"
6+
47
:: Arguments Section
58
IF "%1"== "y" GOTO :removedef
69
IF "%1"== "Y" GOTO :removedef
@@ -10,16 +13,20 @@ IF "%1"== "Y" GOTO :removedef
1013
:--------------------------------------
1114
::Menu Section
1215
cls
13-
echo ------Defender Remover Script , version 12.7------
16+
echo ------ Defender Remover Script , version %defenderremoverver% ------
1417
echo Select an option:
1518
echo.
1619
echo Do you want to remove Windows Defender and alongside components? After this you'll need to reboot.
1720
echo If you PC have a Microsoft Pluton Chip, you can disable from BIOS anytime. (This script removes the integration of Pluton Chip Support and Processing from Windows.)
1821
echo After confirmation of Removal, your Device will RESTART!!
1922
echo A backup and/or System Restore point is recommended.
20-
echo Press Y to Remove, press N to exit from this script.
21-
set /P c=Select one of the options to continue:
22-
if /I "%c%" EQU "Y" goto :removedef
23+
echo [Y] Remove Windows Defender Antivirus + Disable All Security Mitigations
24+
echo [A] Remove Windows Defender only
25+
echo [S] Disable All Security Mitigations
26+
choice /C:yas /N
27+
if errorlevel==3 goto disablemitigations
28+
if errorlevel==2 goto removeantivirus
29+
if errorlevel==1 goto removedef
2330
:--------------------------------------
2431

2532

@@ -30,18 +37,7 @@ goto :eof
3037

3138
:--------------------------------------
3239
:removedef
33-
::killing proceses
3440
CLS
35-
echo Killing Processes which are using Windows Defender Files...
36-
taskkill /f /im smartscreen.exe >nul
37-
taskkill /f /im SecurityHealthSystray.exe >nul
38-
taskkill /f /im SecurityHealthHost.exe >nul
39-
taskkill /f /im SecurityHealthService.exe >nul
40-
taskkill /f /im SecurityHealthHost.exe >nul
41-
taskkill /f /im DWWIN.EXE >nul
42-
taskkill /f /im CompatTelRunner.exe >nul
43-
taskkill /f /im GameBarPresenceWriter.exe >nul
44-
taskkill /f /im DeviceCensus.exe >nul
4541
bcdedit /set hypervisorlaunchtype off
4642

4743
CLS
@@ -52,9 +48,8 @@ PowerShell -NoProfile -ExecutionPolicy Bypass -Command "& {Start-Process PowerSh
5248
CLS
5349
echo Unregister Windows Defender Security Components...
5450
:: Registry Remove of Windows Defender
55-
FOR /R %%f IN (Remove_defender\*.reg) DO regedit.exe /s "%%f"
5651
FOR /R %%f IN (Remove_defender\*.reg) DO PowerRun.exe regedit.exe /s "%%f"
57-
FOR /R %%f IN (Remove_SecurityComp\*.reg) DO regedit.exe /s "%%f"
52+
FOR /R %%f IN (Remove_defender\*.reg) DO regedit.exe /s "%%f"
5853
FOR /R %%f IN (Remove_SecurityComp\*.reg) DO PowerRun.exe regedit.exe /s "%%f"
5954
CLS
6055
:: Removing files and folders
@@ -66,3 +61,45 @@ timeout 10
6661
shutdown /r /f /t 0
6762
exit
6863
:--------------------------------------
64+
65+
66+
:--------------------------------------
67+
:removeantivirus
68+
CLS
69+
bcdedit /set hypervisorlaunchtype off
70+
71+
CLS
72+
echo Removing Windows Security UWP App...
73+
:: Remove Windows Security App
74+
PowerShell -NoProfile -ExecutionPolicy Bypass -Command "& {Start-Process PowerShell -ArgumentList '-NoProfile -ExecutionPolicy Bypass -File ""RemoveSecHealthApp.ps1""' -Verb RunAs}"
75+
76+
CLS
77+
echo Unregister Windows Defender Security Components...
78+
:: Registry Remove of Windows Defender
79+
FOR /R %%f IN (Remove_defender\*.reg) DO PowerRun.exe regedit.exe /s "%%f"
80+
CLS
81+
:: Removing files and folders
82+
for %%d in ("C:\Windows\WinSxS\FileMaps\wow64_windows-defender*.manifest" "C:\Windows\WinSxS\FileMaps\x86_windows-defender*.manifest" "C:\Windows\WinSxS\FileMaps\amd64_windows-defender*.manifest" "C:\Windows\System32\SecurityAndMaintenance_Error.png" "C:\Windows\System32\SecurityAndMaintenance.png" "C:\Windows\System32\SecurityHealthSystray.exe" "C:\Windows\System32\SecurityHealthService.exe" "C:\Windows\System32\SecurityHealthHost.exe" "C:\Windows\System32\drivers\SgrmAgent.sys" "C:\Windows\System32\drivers\WdDevFlt.sys" "C:\Windows\System32\drivers\WdBoot.sys" "C:\Windows\System32\drivers\WdFilter.sys" "C:\Windows\System32\wscsvc.dll" "C:\Windows\System32\drivers\WdNisDrv.sys" "C:\Windows\System32\wscsvc.dll" "C:\Windows\System32\wscproxystub.dll" "C:\Windows\System32\wscisvif.dll" "C:\Windows\System32\SecurityHealthProxyStub.dll" "C:\Windows\System32\smartscreen.dll" "C:\Windows\SysWOW64\smartscreen.dll" "C:\Windows\System32\smartscreen.exe" "C:\Windows\SysWOW64\smartscreen.exe" "C:\Windows\System32\DWWIN.EXE" "C:\Windows\SysWOW64\smartscreenps.dll" "C:\Windows\System32\smartscreenps.dll" "C:\Windows\System32\SecurityHealthCore.dll" "C:\Windows\System32\SecurityHealthSsoUdk.dll" "C:\Windows\System32\SecurityHealthUdk.dll" "C:\Windows\System32\SecurityHealthAgent.dll" "C:\Windows\System32\wscapi.dll" "C:\Windows\System32\wscadminui.exe" "C:\Windows\SysWOW64\GameBarPresenceWriter.exe" "C:\Windows\System32\GameBarPresenceWriter.exe" "C:\Windows\SysWOW64\DeviceCensus.exe" "C:\Windows\SysWOW64\CompatTelRunner.exe" "C:\Windows\system32\drivers\msseccore.sys" "C:\Windows\system32\drivers\MsSecFltWfp.sys" "C:\Windows\system32\drivers\MsSecFlt.sys") DO PowerRun cmd.exe /c del /f "%%d"
83+
:: part 2
84+
for %%d in ("C:\Windows\WinSxS\amd64_security-octagon*" "C:\Windows\WinSxS\x86_windows-defender*" "C:\Windows\WinSxS\wow64_windows-defender*" "C:\Windows\WinSxS\amd64_windows-defender*" "C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy" "C:\ProgramData\Microsoft\Windows Defender" "C:\ProgramData\Microsoft\Windows Defender Advanced Threat Protection" "C:\Program Files (x86)\Windows Defender Advanced Threat Protection" "C:\Program Files\Windows Defender Advanced Threat Protection" "C:\ProgramData\Microsoft\Windows Security Health" "C:\ProgramData\Microsoft\Storage Health" "C:\WINDOWS\System32\drivers\wd" "C:\Program Files (x86)\Windows Defender" "C:\Program Files\Windows Defender" "C:\Windows\System32\SecurityHealth" "C:\Windows\System32\WebThreatDefSvc" "C:\Windows\System32\Sgrm" "C:\Windows\Containers\WindowsDefenderApplicationGuard.wim" "C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\DefenderPerformance" "C:\Windows\System32\WindowsPowerShell\v1.0\Modules\DefenderPerformance" "C:\Windows\System32\WindowsPowerShell\v1.0\Modules\Defender" "C:\Windows\System32\Tasks_Migrated\Microsoft\Windows\Windows Defender" "C:\Windows\System32\Tasks\Microsoft\Windows\Windows Defender" "C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\Defender" "C:\Windows\System32\HealthAttestationClient" "C:\Windows\GameBarPresenceWriter" "C:\Windows\bcastdvr" "C:\Windows\Containers\serviced\WindowsDefenderApplicationGuard.wim") do PowerRun cmd.exe /c rmdir "%%~d" /s /q
85+
echo Your PC will reboot in 10 seconds..
86+
timeout 10
87+
shutdown /r /f /t 0
88+
exit
89+
:--------------------------------------
90+
91+
:--------------------------------------
92+
:disablemitigations
93+
CLS
94+
bcdedit /set hypervisorlaunchtype off
95+
96+
CLS
97+
echo Disabling Security Mitigations...
98+
:: Registry Remove of Windows Defender
99+
FOR /R %%f IN (Remove_SecurityComp\*.reg) DO PowerRun.exe regedit.exe /s "%%f"
100+
CLS
101+
echo Your PC will reboot in 10 seconds..
102+
timeout 10
103+
shutdown /r /f /t 0
104+
exit
105+
:--------------------------------------

0 commit comments

Comments
 (0)