Give me an idea on how to get rid of Windows Defender. It randomly marks things as viruses from time to time, and it's driving me crazy.
Added 2025-03-07 16:42:25 +0000 UTC给我个点子, 怎么干掉 Windows Defender.
它每隔一段时间就随机标记一些东西为病毒, 我快烦死了.
------EDIT------
抱歉没用描述清晰, 我不是自己遇到这个问题, 而是 MTool 最近又有文件被标记为病毒.
Sorry for the lack of clarity, I'm not having this problem myself, but MTool has recently had another file flagged as a virus.
Comments
签名
LSP
2025-03-11 16:55:41 +0000 UTCStrange, sectigo says I can apply for an EV certificate. For individual?
AdventCirno
2025-03-10 15:21:40 +0000 UTCYes it's a troll comment, But I do play all games on Linux and use MTool on it, not even virtual machine, just wine and bottles.
Leo Chen
2025-03-10 12:59:10 +0000 UTC我是下个火绒把它顶掉😏
ganbei
2025-03-10 12:16:53 +0000 UTCthis guy..
Powerless
2025-03-08 21:01:13 +0000 UTCUse Linux
Leo Chen
2025-03-08 18:13:28 +0000 UTCJust out of personal interest, where did you find that Certificate? I checked my entire ZIP and didn't find any. Or was I looking at the wrong place? Thanks
ragnum
2025-03-08 16:25:05 +0000 UTCweird, sigcheck and signtool.exe cannot find any digital signature. Maybe it gets lost on the way? What exactly did you sign? And what file did get flagged? Good luck Tools sources: https://learn.microsoft.com/en-us/sysinternals/downloads/sigcheck https://codesigningstore.com/how-to-download-and-install-windows-signtool-exe Commands: .\signtool.exe verify /pa FILE .\sigcheck.exe -a -u FILE
ragnum
2025-03-08 10:45:35 +0000 UTCSorry, I didn't describe it accurately. This looks like an OV certificate (some CAs also refer to it as IV) you used. For MS antivirus detection (including so-called "unwanted applications" or SmartScreen, etc), it expects an EV certificate or "widespread use within the community" to avoid randomly treating some files as viruses. The number of MVTools users may not be sufficient for MS machine learning to consider its usage "widespread" enough. If you can point out which specific DLL is being flagged or provide a copy directly, perhaps I can use my own EVCS certificate to conduct some tests. In my experience, using EVCS for ordinary DLLs is enough to silence MS "machine learning" detection.
Zero Clover
2025-03-07 21:23:14 +0000 UTCI'm already signed, for years.
AdventCirno
2025-03-07 21:12:28 +0000 UTCIt's useless because it's already signed.
AdventCirno
2025-03-07 21:11:47 +0000 UTCI made an exclusion whjt the original tool folder and when updates comes up, i update the tool in the original folder. that way windows defender dont screw the others folders.
Jowy
2025-03-07 19:12:20 +0000 UTCYou only need to add a code signing to your binary file to solve this problem. Microsoft now offers Azure-managed signing services and supports personal authentication. https://azure.microsoft.com/en-us/products/trusted-signing
Zero Clover
2025-03-07 19:01:47 +0000 UTCWe had this at work too, there are a lot of hacks to get around the automatic system. The only true solution is to sign your code. The price of that can sadly vary a lot.
ragnum
2025-03-07 18:56:09 +0000 UTCNo need to get rid of it: Mark the whole folder you work on as an exception, windows defender will ignore that folder and all its sub folders. This just requires you to go to windows defender>anti virus protection>Exceptions, and add the desired folder
Kurague
2025-03-07 18:21:18 +0000 UTCIf it's your own PC, you can get rid of it completely, which is unadvised. You can install any 3rd party antivirus and then shut that down. Or if it is someone else's PC, add the directory to exclusions. Defender does a lot wrong, but will respect exclusions.
nagi
2025-03-07 18:08:43 +0000 UTCTell everyone to start using Linux
Shirobine01
2025-03-07 17:51:00 +0000 UTCThis is what I do, I set up a folder for Mtool and told windows defender to leave it alone with the exclusions, it's never bothered me that way.
Dekent
2025-03-07 17:29:38 +0000 UTCIt's pretty simple. I do it as job. From Admin Powershell: Uninstall-WindowsFeature -Name Windows-Defender
SSJSonGoku-ParnOfZaxon
2025-03-07 17:28:05 +0000 UTCThis is the right thing to do
FlyAlon3
2025-03-07 17:20:50 +0000 UTCThis is the updated version and i can vouch for it. Its been installed on 3 of my personal computers. https://youtu.be/LMN17-i10Ng
FreakTearz
2025-03-07 17:09:39 +0000 UTCYou can try an app called "Winhance" by a youtuber named Memory. It appears that it can completely disable Windows Defender (Windows 11), amongst other things. I haven't tested it myself though. https://github.com/memstechtips/Winhance https://youtu.be/1o-eO5doJrM
Kurome
2025-03-07 17:08:29 +0000 UTCYou should be able to add a specific folder or directory to the "Exclusion" list in your Defender settings, might help
Jinro
2025-03-07 16:48:56 +0000 UTCTypically you can disable it and then install a third party antivirus which should override it from coming back on. Conversely you can download one of the controller apps above but with newer Windows updates it's been flagged as malicious and windows will try to not let it run.
Michiel Hollister
2025-03-07 16:47:45 +0000 UTChttps://github.com/pgkt04/defender-control
Robin
2025-03-07 16:46:24 +0000 UTCI agree, it's really annoying to have to re-download your tool updates from scratch because it got marked as a virus injector. I can't imagine how awful it would be from the dev side.
Tsarius
2025-03-07 16:45:58 +0000 UTC
![[AI]久保翠&克勞蒂雅](https://nokimo.com/istorage/65716.jpg)
