How to really disable Windows Defender on Win11

[pieterhouwen]

The installer script still ran into errors disabling Defender even when following the steps in the guide that is linked in the README.

The way I finally killed Windows Defender is by following "Using RegEdit to disable Windows Defender in Windows 11" on the site: https://lazyadmin.nl/win-11/turn-off-windows-defender-windows-11-permanently/

TL;DR:

An alternative way to disable Windows Defender in Windows 10 or 11 is to use the registry. For this, you will also need to boot into safe mode. Follow step 1 from the previous chapter to boot into safe mode.

Once booted in safe mode:

Press Windows key + R
Type regedit <enter> to open the registry
Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Service
Change the following folders the key Start to 4
Sense
WdBoot
WdFilter
WdNisDrv
WdNisSvc
WinDefend

Once done restart back to normal boot

Hope this helps!

[vm-packages]

Thank you for your feedback! We've been working on major updates to FLARE VM over the last year. The now revamped FLARE VM has just been released and will make the project more open and maintainable. Please check out our blog post at https://www.mandiant.com/resources/blog/flarevm-open-to-public and give the new installation a try.

If this problem still persists with the new installation, please report:

• new tools or tool-related issues at https://github.com/mandiant/VM-Packages/issues
• ideas and issues related to the installer script and configuration at https://github.com/mandiant/flare-vm/issues

Please note that we use this message to close all legacy issues in this repository. We look forward to your feedback and support for the next generation of FLARE VM.