How to PERMANENTLY dissable Windows Defender on W11? It's annoying and picking up random stuff (even video files)

[Kratos]

Hello all,

 

So I upgraded to a new machine with Windows 11 Enterprise. I am a freelance and now i'm doing a project for a company but it requires it's own software that's custom made by the company. It's unsigned as it's internal.

Windows defender is picking it up as malware and it's annoying because it's deleting random stuff and I have to reinstall always, I know I can just set an exception on it's own firewall but by that time it's already too late and I have to reinstall the software. I asked the company and they said they have no idea since they use W10 and the issue is easier to fix with W10, but I have a 13th Gen Intel CPU and the E-Cores don't work well on W10 so I don't want to loose 16 E-Cores which is one of the reasons I upgraded (I do a lot of 3D Rendering).

 

I tried the custom reg files that are online, not worked. I tried also Winaero which works perfectly on W10 dissabling W Defender, but on W11 it only works temporarily, when you least expect it, it just reverts to normal, kicks me out of the software and I loose about maybe 15 minutes or so of work + having to reebot everytime for Winaero to dissable it again temporarily.

I also tried changing the values on the reg editor, didn't work either. 

 

PLEASE, is there any permanent way of blocking it? Also, I want to purchase a third party antivirus but i'm not going to waste my money until I know how to completely shut down Defender, since I know it will sure as hell interfere with a third party antivirus.

[Od1sseas]

Disable Tamper Protection, and then Real Time Protection.

 

Download Defender Control 2.1 and click Disable. That's it.

[Kratos]

Tamper protection and real time protection are already dissabled.

 

I'll have to look at Defender Control 2.1 and update the results.

 

Thank you!

[TomChaai]

If WD trips on a lot of files, including video files, doesn't that mean you probably have malware for real?

 

https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/configure-real-time-protection-microsoft-defender-antivirus?view=o365-worldwide

[Kratos]

Just now, TomChaai said:

If WD trips on a lot of files, including video files, doesn't that mean you probably have malware for real?

 

https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/configure-real-time-protection-microsoft-defender-antivirus?view=o365-worldwide

No, because many of those video files are projects I created myself in Davinci Resolve & Premiere Pro

[TomChaai]

1 hour ago, Kratos said:

No, because many of those video files are projects I created myself in Davinci Resolve & Premiere Pro

Which is weird, merely application data triggering WD is unusual, usually it's an executable file or file containing executable code. I still suspect something on your PC is indeed modding these files.

[Kratos]

3 hours ago, TomChaai said:

Which is weird, merely application data triggering WD is unusual, usually it's an executable file or file containing executable code. I still suspect something on your PC is indeed modding these files.

I don't think so, WD has a track record of being terrible and innacurate. It's a new machine with all new fresh install. I highly doubt anything's wrong. In fact, I might even run a third party antivirus to see.

[Mihle]

2 hours ago, Kratos said:

I don't think so, WD has a track record of being terrible and innacurate. It's a new machine with all new fresh install. I highly doubt anything's wrong. In fact, I might even run a third party antivirus to see.

I have had no issues with Windows Defender at all. Never really detected anything. (But I did with third party ones many years ago). But that is my experience.

[Hachi_Roku256563]

Only false positive ive seen WD get is Cheat Engine

and that makes sense

[Mark Kaine]

13 hours ago, Hachi_Roku256563 said:

Only false positive ive seen WD get is Cheat Engine

and that makes sense

its not a false positive.  its potentially unwanted software.  and yes that makes indeed sense. 

 

14 hours ago, Mihle said:

Never really detected anything

it does detect stuff, it also seems to work in chrome btw, sometimes it'll say "cant download cause your AV doesn't like it" but you can still overrule that so you can get that skimpy outfit for your character download the very serious business software you need for your "work"... 

 

 

23 hours ago, Kratos said:

Also, I want to purchase a third party antivirus but i'm not going to waste my money until I know how to completely shut down Defender, since I know it will sure as hell interfere with a third party antivirus.

any remotely reliable third party av software will disable defender automatically  

 

 

also paying for an AV offers no benefits,  and many 3rd party AVs are generally highly unreliable to the point of some being associated with national security threats and other data stealing schemes. but be my guest if you want to pay for that, i guess...

 

But if you really want to go that route i recommend ESET NOD32 as it seems one of the very few 3rd party AV that are actually reliable. 

 

22 hours ago, Kratos said:

Tamper protection and real time protection are already dissabled.

that means you basically have no protection at all currently,  i would strongly recommend to turn that back on, ie use the Windows Defender default settings as they work well for most users and make your computer more safe.

 

23 hours ago, Kratos said:

I know I can just set an exception on it's own firewall but by that time it's already too late

well you could set the exception in the "firewall" before you actually run the program?  i think that should work?

 

23 hours ago, Kratos said:

I asked the company and they said they have no idea since they use W10 and the issue is easier to fix with W10

tbh, i would not accept your work if you use an OS that's problematic with my software,  but thankfully im not your employer/job giver.  i still think thats basically on you if you use an OS that makes it explicitly more difficult to run unsigned software (ofc tbf, the company could also just stop being cheap and sign their software ¯\_(ツ)_/¯) 

[Mihle]

48 minutes ago, Mark Kaine said:

its not a false positive.  its potentially unwanted software.  and yes that makes indeed sense. 

 

it does detect stuff, it also seems to work in chrome btw, sometimes it'll say "cant download cause your AV doesn't like it" but you can still overrule that so you can get that skimpy outfit for your character download the very serious business software you need for your "work"... 

 

I ment it haven't detected things for me, probably because I haven't tried to download bad stuff. Not that don't detect anything. I haven't had any false detections.

[Mark Kaine]

6 minutes ago, Mihle said:

I ment it haven't detected things for me, probably because I haven't tried to download bad stuff. Not that don't detect anything. I haven't had any false detections.

yeah, it detects almost nothing for me too ... basically just game mods (and typically new ones, as they get into their "safe" database very quickly usually) 

i guess i just wanted to point that out, it does work, it also sometimes just detects weird old stuff, etc, well usually i double or triple check these things, but if im not sure im not downloading... defender+ub+"common sense" are really the best AV you can get imo 

[BetteBalterZen]

I have edited a fair amount of Davinci Resolve videos too and never have Windows Defender, on 10 and 11, reported any of my DR files as infected files or what ever. 

[Od1sseas]

3 hours ago, Mark Kaine said:

its not a false positive.  its potentially unwanted software.  and yes that makes indeed sense. 

 

it does detect stuff, it also seems to work in chrome btw, sometimes it'll say "cant download cause your AV doesn't like it" but you can still overrule that so you can get that skimpy outfit for your character download the very serious business software you need for your "work"... 

 

 

any remotely reliable third party av software will disable defender automatically  

 

 

also paying for an AV offers no benefits,  and many 3rd party AVs are generally highly unreliable to the point of some being associated with national security threats and other data stealing schemes. but be my guest if you want to pay for that, i guess...

 

But if you really want to go that route i recommend ESET NOD32 as it seems one of the very few 3rd party AV that are actually reliable. 

 

that means you basically have no protection at all currently,  i would strongly recommend to turn that back on, ie use the Windows Defender default settings as they work well for most users and make your computer more safe.

 

well you could set the exception in the "firewall" before you actually run the program?  i think that should work?

 

tbh, i would not accept your work if you use an OS that's problematic with my software,  but thankfully im not your employer/job giver.  i still think thats basically on you if you use an OS that makes it explicitly more difficult to run unsigned software (ofc tbf, the company could also just stop being cheap and sign their software ¯\_(ツ)_/¯) 

I hope you're trolling. He literally wants to permanently disable Windows Defender lol why you would want to enable those options back on?

[Kratos]

Hi guys, after taking a whole day off (money's on me) from the project I found a fix.

 

I would quote all posts but it will be too long to read for anyone so i'm going to try my best.

 

Just a few clarifications: the only reason why I wanted to dissable WD was because it keeps bothering my workflow, I'm quite happy having it enabled as long as it doesn't interfere.

So about the video projects, I am shocked too, this is indeed the first time something like this happens, I even have a laptop with a copy of those files (W10) and WD running there, no mention about the video files. But those are easy to fix since I only have to make an exception on the firewall (it doesn't delete them when it detects them, it just pops up its notification)

 

The workaround:

as Od1sseas said, Defender Control 2.1 works fine and does indeed dissable it. However, it is weird because if I proceed with any install it will keep on the "preparing install" forever. I checked this installing Discord, OBS, and even trying to install a driver update. Probably W11 is smart enough to prevent an install of ANY software if it doesn't detect WD.

 

So what I fianlly did was dissable tamper protection (since I had to re-enable WD again). Ask the company to send me the software on a .rar or .zip file (sent on zip) and add this as an exclusion on the WD Panel. Then, when I extracted the content to a temporary folder, I also added that as an exception, then installation & everything works and I can enable tamper protection again & doesn't detect any thread from the software. I also did a deep scan on WD to see if it detected anything else but it was fine.

[Hachi_Roku256563]

Good antivirus

*Came preinstalled with New laptop*

in all seriousness defender is not really a problem

it does it job quite well i dont think there are any other antivirus's i would trust

[Mark Kaine]

On 2/9/2023 at 6:26 PM, Kratos said:

Hi guys, after taking a whole day off (money's on me) from the project I found a fix.

 

I would quote all posts but it will be too long to read for anyone so i'm going to try my best.

 

Just a few clarifications: the only reason why I wanted to dissable WD was because it keeps bothering my workflow, I'm quite happy having it enabled as long as it doesn't interfere.

So about the video projects, I am shocked too, this is indeed the first time something like this happens, I even have a laptop with a copy of those files (W10) and WD running there, no mention about the video files. But those are easy to fix since I only have to make an exception on the firewall (it doesn't delete them when it detects them, it just pops up its notification)

 

The workaround:

as Od1sseas said, Defender Control 2.1 works fine and does indeed dissable it. However, it is weird because if I proceed with any install it will keep on the "preparing install" forever. I checked this installing Discord, OBS, and even trying to install a driver update. Probably W11 is smart enough to prevent an install of ANY software if it doesn't detect WD.

 

So what I fianlly did was dissable tamper protection (since I had to re-enable WD again). Ask the company to send me the software on a .rar or .zip file (sent on zip) and add this as an exclusion on the WD Panel. Then, when I extracted the content to a temporary folder, I also added that as an exception, then installation & everything works and I can enable tamper protection again & doesn't detect any thread from the software. I also did a deep scan on WD to see if it detected anything else but it was fine.

So basically what i said, set an exception.  Glad you found a solution!