[BUG?]: defender services disablement in latest win11 no longer working

[msoltyspl]

Description

Basically, any attempt by the script to disable Defender Antivirus services using Trusted Installer credentials is no longer working (tested in 22H2). The run log of relevant scripts return "access denied".

On a related note - it seem the only way working at the moment is: go to safe mode -> disable relevant services (and drivers) with regedit (e.g. set 4 to their start for: windefend, sense, wdfilter, wdboot, wdnisdrv, wdnissvc) -> go back to normal mode.

OS

Windows 11 22H2

Reproduction steps

Try to run any of the scripts under disable os components / disable defender services

Additional information

Disabling this thing is a tricky pony as usual =)

Anyway, perhaps adding extra info to those scripts' titles that they don't work in the most recent versions of windows is good idea.

[undergroundwires]

Hi, tamper protection needs to be manually turned off. You can then run the script, it would disable defender more reliably than just disabling the services.

I'm open for any suggestions how to disable this programmatically except RPA (robotic process automation i.e. simulating clicks etc.).

Linked to, or potential duplicate of #170

[msoltyspl]

My tamper protection was off. As mentioned in the first post - Win11 since some of its updates is particularly resilient to attempts to disable defender stuff.

I had to go to safe mode and disable respective services/drivers manually (under CurrentControlSet hive).