Also disable Windows Defender Services

README.md

@@ -38,6 +38,8 @@ Unblock PowerShell scripts and modules within this directory:
 2. Edit the scripts to fit your need.
 3. Run the scripts
 4. `PS > Restart-Computer`
+5. Run `disable-windows-defender.ps1` one more time.
+6. `PS > Restart-Computer`
 
 ## Startmenu
 

scripts/disable-windows-defender.ps1

@@ -1,7 +1,13 @@
 #   Description:
-# This script disables Windows Defender.
+# This script disables Windows Defender. Run it once (will throw errors), then
+# reboot, run it again (this time no errors should occur) followed by another
+# reboot.
 
 Import-Module -DisableNameChecking $PSScriptRoot\..\lib\force-mkdir.psm1
+Import-Module -DisableNameChecking $PSScriptRoot\..\lib\take-own.psm1
+
+echo "Elevating priviledges for this process"
+do {} until (Elevate-Privileges SeTakeOwnershipPrivilege)
 
 $tasks = @(
     "\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance"
@@ -26,5 +32,14 @@ sp "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows Defender" "DisableRout
 force-mkdir "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows Defender\Real-Time Protection"
 sp "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows Defender\Real-Time Protection" "DisableRealtimeMonitoring" 1
 
+echo "Disabling Windows Defender Services"
+Takeown-Registry("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend")
+sp "HKLM:\SYSTEM\CurrentControlSet\Services\WinDefend" "Start" 4
+sp "HKLM:\SYSTEM\CurrentControlSet\Services\WinDefend" "AutorunsDisabled" 3
+sp "HKLM:\SYSTEM\CurrentControlSet\Services\WdNisSvc" "Start" 4
+sp "HKLM:\SYSTEM\CurrentControlSet\Services\WdNisSvc" "AutorunsDisabled" 3
+sp "HKLM:\SYSTEM\CurrentControlSet\Services\Sense" "Start" 4
+sp "HKLM:\SYSTEM\CurrentControlSet\Services\Sense" "AutorunsDisabled" 3
+
 echo "Removing Windows Defender context menu item"
 si "HKLM:\SOFTWARE\Classes\CLSID\{09A47860-11B0-4DA5-AFA5-26D86198A780}\InprocServer32" ""