Goodbye Microsoft Defender

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
Windows Defender no more it's not on my system just doesn't even exist go into program files under C program files and Windows Defender you'll notice there's not a whole lot going on here and this is you know just a regular old windows system Windows 10 Windows 11 installs Defender much the same way but I kind of wanted to talk about Defender a little bit because I think a lot of people get caught up in detection rates specifically when you go to scan and you look at all the information online about Windows Defender detection rates you'll see well it does okay and that basically means well if it's okay on detection rates then it should be just as secure as any other antivirus and I'd argue that is definitely not the case so I want to show you for a whole bunch of reasons that Windows Defender is probably the worst antivirus you can use and if I was a virus manufacturer I want to show how I would infect thousands of Windows PCS that only rely on Defender so what are the different methods you can do for disabling Windows Defender and why would you even do this so first off there's Windows settings where you can just go into your windows screen and set this and click real time protection off and for the most part this will disable Windows Defender somewhat there's a lot of components to Windows Defender that a lot of people don't realize that Microsoft is trying to kind of gobbled together over the past 10 years but uh we'll get into that the second and probably the way I like to do it is through the registry now I actually made a tweet about this and said hey here's how I would go about or the main things I'd hit to just disable Windows Defender anti-malware real-time protection and a lot of the the smart screen capabilities of Windows Defender and a lot of people are like well wait defender's not that easy you can't just add a registry setting and then it just disables it right and I was like oh well yeah that's exactly how it works I I made a little registry setting right here this Windows Defender disable.reg is actually a little more comprehensive than what I put on my website article for this video this just gives you kind of the basics of it but there's a lot more registry settings that you can go into and disable and registry kind of controls it's the brain of Windows it always has been for 20 plus years so you can do pretty much anything you want to your windows install through registry that includes disabling services and if you disable these Services through registry Windows Defender can't work so you could easily disable a lot of the settings and do it through registry right here but you can also disable the service dependencies to make and render Windows Defender worthless and just pointless once you've deleted most of that or you've turned off Defender you can actually go through see program files Windows Defender and erase all the files like I did on this system and you can even turn off active monitoring and many things I have a little tweet I made about that and people are like confused they're like wait what are you doing are you disabling parts of Windows Defender and yeah you can do that through simple Powershell commands and disable certain aspects of it so that kind of brings us to the point of why you would do this because uh Windows Defender can protect against some viruses I would argue not nearly as much as pretty much any other antivirus because those antiviruses aren't so widespread so many people now rely only on Windows Defender that if I was a virus manufacturer I would immediately use the built-in tools Microsoft gives us administrators to disable and deliver payloads to the end user you might be thinking okay well not everybody knows that Titus knows that do know it probably have a job somewhere and they don't want to do it yeah you're right but look at this someone actually created a GitHub article you know GitHub the Microsoft owns and this has been going for a while and they said hey uh defeat Defender is the name of this certain thing it can deliver payloads through a simple batch file yeah it can disable UAC disable ransomware protection disable task manager can disable so much stuff all from one run of this program this is obviously not a payload system there's no virus attached to this project there's no release that you're going to download to do this it's more of a hey if you're a virus manufacturer this is how you would deliver payloads to systems that only use Windows Defender and they have like a little article for the proof of concept and it goes through this script mostly python based it looks like but it's really neat way of infecting those that only use Windows Defender as protection and then you can look at other GitHub projects for disabling Defender now I don't recommend doing any of this behind you when I'm talking about the GitHub projects I want to show you uh the code and then we can use that code to disable it and do it ourselves never run anything or blind X cubles on Windows especially if you're looking at disabling or removing any virus if you only are using Windows for a specific purpose so when I'm on my Windows machine back here well a lot of times my purpose is to just launch Steam and play a Windows only game like Destiny 2 or or something of that nature where I would launch into it and only use this system for it I don't want it getting bogged down by real-time scans indexing and many other windows utilities that that really drain performance from me so getting back over here they do have executables that rip out and Destroy Defender for you I caution you against using this type of stuff because it's so easy to get abused so what we can do though is look at these projects and exactly what they're doing and most of them if we go up to here and click like disabler you can see the reg files that they have for disabling certain things I would stick strictly to the registry side of things if you're using that system still now if you want to delete it completely and you just are on a vendetta to delete all the executables like I did I call it the scorched Earth routine mainly because there's no coming back from that when you delete all those files you're going to have to do like a dism system restore to get them back so I don't recommend that method Registries so much more flexible because we can disable all the services the protection the scans all those things through a reg file like this most of them are policies that are done on the system themselves so these policies are on every like Windows Home Windows Pro it doesn't matter you you put this in and it will disable Defender and then if you need Defender for whatever purpose in the future you could just come to the e-version and this enables and resets it back to normal or you can create system restore points this is the best method for disabling Windows Defender for performance-based machines and I will just say this is very revertible that's why it's the method I recommend and why I don't recommend executables is because of the first one I showed you this one is designed to deliver virus payloads it's easy to change these projects in the future and they could infect you if something went wrong hopefully GitHub would catch that but I don't want you relying 100 on these projects relying 100 on a project is just a recipe for disaster that's why I want to show the registry approach but there's also these types of ones where they don't show any of them I'll put a link this is probably my favorite one where he broke it out made it much more modular where you can just go through the registry side of things and you can see what each one and the registry entries for each component of Defender you got your security got your smart screen you got your spyware you got all these different components of Defender that this is disabling and you I say pick these out and then make your own registry file to run but if you just want to go scorched Earth and remove it at the time you could run his releases again I don't recommend it this one only has like 60 stars and it's an unknown developer but I still love the fact it's all documented here and I don't need to run the executable file I can just use the registry entries so I want to leave you with this thought when it comes to Defender a lot of these things I showed today are what system admins use to disable Defender because as a system admin out of business I'm going to tell you I need to disable Defender to install a good protection software because any other antivirus I'm not going to name any in this video any other one I find to be better protection because most viruses will be engineered in the future to bypass Windows Defender and it would be pretty easy to do because of these things and Microsoft's not going to disable it because as an administrator I need those policies those built-in things to disable Defender to use software that basically sends it back and says hey this user's being stupid and they're trying to run this program and then I get dinged I get my email Defender doesn't have that and maybe they add it in the future and then all of a sudden lock it down and force you to use it and take away all these things but there's so many different spots in the system I can go to get around Defender and I wanted to show those and make an article to say hey Defender yeah it's decent for its catching of viruses but it's very easy to bypass and deliver payloads for those that know what they're doing so with that let me know your thoughts down in the comments and I'll see you in the next one
Info
Channel: Chris Titus Tech
Views: 160,622
Rating: undefined out of 5
Keywords: chris titus tech, goodbye windows defender, windows defender good enough, windows defender, windows defender virus, goodbye windows 10, antivirus, microsoft defender, best antivirus, security, windows 10, is windows defender good enough, windows defender test, disable windows defender, turn off windows defender, permanently disable windows defender, windows defender antivirus, dell, hp, acer, asus, windows defender vs antivirus, microsoft, defender, the pc security channel, tpsc
Id: UywjKEMjSp0
Channel Id: undefined
Length: 10min 15sec (615 seconds)
Published: Fri Aug 12 2022
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.