Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

FINALLY #10

Merged
merged 1 commit into from
Jul 12, 2024
Merged

FINALLY #10

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
138 changes: 137 additions & 1 deletion defender script.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1168,4 +1168,140 @@ for /f "tokens=*" %%d in ('wmic path win32_logicaldisk where "driveType='4'" get
if %errorlevel% equ 0 && (%is_admin% equ 0 || errorlevel 1) (echo No install media found on any removable drives&exit /b 1)
endlocal & exit 0

:: Let the user know that part 1 is complete and its time to reboot to their windows installation media after they copy this script to their thumb drive
:: Let the user know that part 1 is complete and its time to reboot to their windows installation media after they copy this script to their thumb drive.

:start_script_part_2
echo Remember to download your storage drivers as a just in case, especially in RAID/Intel Rapid Storage Technology (Intel RST) mode.
echo Also, please disable BitLocker protection so you can access the drive offline (WINPE).

:end_of_script
echo Thank you for using this script. Once in WINPE you can relaunch this script and you can continue getting rid of defender.

Have a great day!
pause & exit 0



:: Check if we're running in WinPE/WinRE
if "%PROCESSOR_ARCHITECTURE%"=="AMD64" if "%WINDIR%" == "%WINDIR:~0,7%WINPE%" goto winpe_or_re
if "%WINDIR%" == "%WINDIR:~0,7%WINRE%" goto winre
echo You must run this script from either Windows Recovery Environment (WinRE) or Windows Installation Media (WinPE).
pause
exit /b 1

:winpe_or_re
:: Check if we're running from the correct directory structure
if not exist "%SYSTEM_DRIVE%\ProgramData\Microsoft\" (
echo Not in correct directory structure. Aborting.
pause
exit /b 1
)

:: Check the environment
if exist "%windir%\system32\wpeinit.exe" (
echo Windows PE detected.
) else if exist "%SYSTEM_DRIVE%\Windows\System32\Recovery" (
echo WinRE detected.
) else (
echo Windows install media detected.
)

cd /d C:/ProgramData
cd Microsoft
icacls * /grant %username%:f :r
icacls "Windows Defender" /grant %username%:f :r
takeown /f "Windows Defender" /r
chdir

pause

cd /d %SYSTEM_DRIVE%\ProgramData\Microsoft > nul
if errorlevel 1 (
echo Not in correct directory structure. Aborting.
pause
exit /b 1
)

IF EXIST "C:/ProgramData/Microsoft/"Windows Defender" (
icacls "Windows Defender" /grant %username%:f :r
takeown /f "Windows Defender" /r

cd ..
IF EXIST "C:/ProgramData/Microsoft/"Windows Defender Advanced Threat Protection"
icacls "Windows Defender Advanced Threat Protection" /grant %username%:f :r
takeown /f Windows Defender Advanced Threat Protection /r
cd..

cd "C:\ProgramData\Microsoft\Windows Defender\Platform"
icacls * /grant %username%:f :r
takeown /f * /r

IF EXIST 4.18.24050.7-0
cd 4.18.24050.7-0
icacls * /grant %username%:f :r
takeown /f * /r




)else(
IF NOT EXIST "C:/ProgramData/Microsoft/please"
echo Renaming Main Windows Defender Folder
ren "Windows Defender" please
icacls "please" /grant %username%:f :r
takeown /f "please" /r
cd ..
IF NOT EXIST "C:/ProgramData/Microsoft/"fruitsnackia"
echo Renaming Windows Defender ATP folder
ren "Windows Defender Advanced Threat Protection" fruitsnackia
icacls fruitsnackia /grant %username%:f :r
takeown /f "fruitsnackia" /r
cd..

)else(

IF EXIST C:/ProgramData/Microsoft/fruitsnackia
ECHO deleting renamed Windows Defender ATP folder
erase /f C:/ProgramData/Microsoft/fruitsnackia /s /q
erase /f C:/ProgramData/Microsoft/fruitsnackia/* /s /q

IF EXIST C:/ProgramData/Microsoft/please
ECHO deleting renamed Windows Defender folder
erase /f C:/ProgramData/Microsoft/please/* /s /q
erase /f C:/ProgramData/Microsoft/please /s /q

)

IF EXIST C:/Program Files (x86)
cd "Program Files (x86)"
icacls "Windows Defender" /grant %username%:f :r
takeown /f "Windows Defender" /r
erase /f "Windows Defender" /s /q


IF EXIST "Windows Defender Advanced Threat Protection" (
icacls "Windows Defender" /grant %username%:f :r
takeown /f "Windows Defender" /r
erase /f "Windows Defender" /s /q


cd /d X:
cd Windows
cd System32
)


)else(
IF NOT EXIST "C:/Program Files (x86)/Windows Defender"
ECHO Windows Defender main directory does not exist, yay!

IF NOT EXIST "C:/Program Files (x86)/Windows Defender Advanced Threat Protection"
ECHO Windows Defender Advanced Threat Protection directory has ceased to exist, yippee!

ECHO Fruitsnackia..... OMNOMNOM!
ECHO I am in no way affiliated with general mills or any of their brands. Fruitsnackia belongs to them. Not me.
)


exit 0