If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
|
Thread Tools | Rate Thread | Display Modes |
#16
|
|||
|
|||
Win10 is a random, ever changing, grab bag of features (Was:[inexplicably] Debian 10 "buster" released)
Kenny McCormack wrote:
In article , Paul wrote: ... I like to think of these as "random feature sets". Imagine an elevator in your apartment building. One day, it doesn't go "UP". The next day, it doesn't go "DOWN". Next day, the door has fallen off the front, but it does go UP and DOWN ok. These are great ideas, if only you could see an objective or a plan... Like, why take the door off the elevator ? Faster egress ? Doubles as a melon slicer ? You have to make up your own rationale on these things. Exactly! Glad to hear someone else making this observation. This is what I have been saying all along - that Win10 is this ever-changing random grab bag of features. The elevator analogy is apt. It (W10) is quite suitable for the cell-phone generation. They like things constantly changing for no good reason. I just tried to use GPEDIT in a 32 bit copy of Windows 10 1903, and when I clicked "Apply", the OS freezes for 5-10 second, then the OS reboots... and the Reliability Monitor has no entry (for the crash) ! How clever. I will file a bug report filled with... sweet **** all. Well, I am using the latest version of VirtualBox, so it's my own fault ? It's hard being a tester. So very hard. Paul |
Ads |
#17
|
|||
|
|||
"Antimalware Service Executable"
On 08 Jul 2019, Jeff-Relf.Me @.@ posted some --
4.00pm.Seattle.2019: Someone replied ( to me ): If anyone knows how to kill "Antimalware Service Executable", Windows 10, v1903, I'm all ears. Find the exe file and delete it ? Can't delete it, can't rename it, can't "unlock" it, not even with a reboot. What's the name of the running executable? If you're asking about "Antimalware Service Executable" aka MsMpEng.exe, stopping it and deleting it ain't an option. Microsoft has made its Windows Defender feature a permanent fixture of Windows 10. There are ways to turn it off using gpedit and the prog itself. Stop being stupid and install some other antivirus software, it will turn itself off. |
#18
|
|||
|
|||
"Antimalware Service Executable"
On 08 Jul 2019, "Snowden" posted some
: Someone replied ( to me ): If anyone knows how to kill "Antimalware Service Executable", Windows 10, v1903, I'm all ears. Find the exe file and delete it ? Can't delete it, can't rename it, can't "unlock" it, not even with a reboot. If you have knowledge of Linux, you could run systemrescue on a USB with systemrescuecd-x86-4.6.1.iso and delete it from the disk with that. There's that Linux mentality and bad advice again. Just boot up an .ISO and start deleting **** in Windows that you don't have a clue what it does. You must be related to that neck-bearded geek Peter. SMH.. |
#19
|
|||
|
|||
Remove the "Antimalware Service Executable".
Jeff-Relf.Me @.@ wrote:
Paul, I can't access the "Tamper Prevention" dialogue; see: http://Jeff-Relf.Me/No.Tamper.Prevention.PNG It can't possibly be that yours is Home and mine is Pro, because both are "uncontrollable rubbish". I think you can do it, and I can't, because I'm using the Home Edition, v1903. around when 1903 showed up, You could use Security Panel to turn off Real Time protection, and [MsMpEng] would turn itself back on again. If you try to use the slider again ( off|on ) nothing happens. So something did change in the last release. Right, I think they took another **** on us Home Edition users, v1903. https://www.ghacks.net/2018/12/19/wi...ction-feature/ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Features TamperProtection DWORD 0 # Disable HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows Defender DisableAntiSpyware DWORD 1 HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\M icrosoft\Windows Defender DisableAntiSpyware DWORD 1 Picture of regedits so far. https://i.postimg.cc/6qZsQPhz/regeditary.gif I don't know if this is enough or not. But you can test that much and see. There are two keys for the Windows Defender disable, on a 64-bit OS. It's possible Regedit will block that setting. The registry is a file system. Each entry has permissions. There are ways around each one. Note that I suspect the 32-bit OS I was testing in, the crash was actually related to a "trip wire". Windows has exploit protection with a name like "fast crash", where rather than be exploited, the machine just resets. And it can do that in a few instruction times. It doesn't **** around. That's one of the defense strategies, if a trip wire is set off. I see how the deck is stacked, in your picture, so I'm not all that confident we can beat this pig. Paul |
#20
|
|||
|
|||
"Antimalware Service Executable"
On Mon, 08 Jul 2019 16:00:01 -0700 (Seattle), LO AND BEHOLD;
Jeff-Relf.Me @.@ determined that the following was of great importance and subsequently decided to freely share it with us in : ✡✡✡✡✡✡✡✡✡✡✡ Someone replied ( to me ): ✡✡✡✡✡✡✡✡✡✡✡ ✡✡✡✡✡✡✡✡✡✡✡ ✡✡✡✡✡✡✡✡✡✡✡ If anyone knows how to kill "Antimalware Service Executable", Windows ✡✡✡✡✡✡✡✡✡✡✡ ✡✡✡✡✡✡✡✡✡✡✡ ✡✡✡✡✡✡✡✡✡✡✡ 10, v1903, I'm all ears. ✡✡✡✡✡✡✡✡✡✡✡ ✡✡✡✡✡✡✡✡✡✡✡ Find the exe file and delete it ? ✡✡✡✡✡✡✡✡✡✡✡ ✡✡✡✡✡✡✡✡✡✡✡ Can't delete it, can't rename it, can't "unlock" it, not even with a ✡✡✡✡✡✡✡✡✡✡✡ reboot. ✡✡✡✡✡✡✡✡✡✡✡ boot to a linux CD/DVD and frigging delete it, ya ditz. -- [THIS POAST HAS PASSED TRIMCHECK® VALIDATION] THIS SPACE FOR RENT https://www.youtube.com/watch?v=iB6B8jGSdLA "Thanks to muzzies and their apologist-enablers like puppy whistle, this seems to be the new norm in the world. It's spreading like a cancer, and it's time we admit we're at war with pure evil. We need to put an end to this muzzie plague, or life on Earth is going to become pure hell everywhere. We need to get these people out of every civilized country, and there's only one way to do it. IOW, we have to become like them, with an emphasis on expediency over cruelty." - Checkmate (of alt.checkmate) "Pussy Willow has just proven that Trump's crackdown on previously unenforced immigration policies is working. We'll deal with the domestic terrorists as needed, but we don't need to be letting the muzzie terrorists get a foothold in our country too. One need only look at what they're doing in Europe right now to know we're doing the right thing by keeping them out, which is our right and our duty. - Checkmate (#1 pussy willow fan) - "You just made puppy whistle's sig line longer." - Janithor - "If I have a complaint about the (Southern Poverty) Law Center's description (of the alt-right movement), it is the phrase "heavy use of social media," which implies the alt-right is a real-world movement which uses a lot of social media. This is backwards: it is an online movement which occasionally appears in the real world. Where it gets punched." - Jason Rhode - "I think we should destroy every last ****ing mosque in America." - "Checkmate, DoW #1" proves for us that white males are violent in Message-ID: - Golden Killfile, June 2005 KOTM, November 2006 Bob Allisat Memorial Hook, Line & Sinker, November 2006 Special Ops Cody Memorial Purple Heart, November 2006 Special Ops Cody Memorial Purple Heart, September 2007 Tony Sidaway Memorial "Drama Queen" Award, November 2006 Busted Urinal Award, April 2007 Order of the Holey Sockpuppet, September 2007 Barbara Woodhouse Memorial Dog Whistle, September 2006 Barbara Woodhouse Memorial Dog Whistle, April 2008 Tinfoil Sombrero, February 2007 AUK Mascot, September 2007 Putting the Awards Out of Order to Screw With the OCD ****heads, March 2016 |
#21
|
|||
|
|||
"TamperProtection"=dword:0 worked.
Jeff-Relf.Me @.@ wrote:
Thanks Paul, "TamperProtection"=dword:0 worked; "Antimalware Service Executable" no longer runs. From "http://Jeff-Relf.Me/Win10.REG.TXT": ; Take ownership of "Windows Defender" ( and children ) -Manually-, ; take "Full Control", Merge+ReBoot. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Features] "TamperProtection"=dword:0 ; Must Merge+ReBoot. Turns Windows Defender On[Off]: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows Defender] ; "DisableAntiSpyware"=- "DisableAntiSpyware"=dword:1 There are two keys for the Windows Defender disable, on a 64-bit OS. No, the "WOW6432Node" thing isn't necessary; x32 settings == x64 settings; changing one changes the other. Note that I suspect the 32-bit OS I was testing in, the crash was actually related to a "trip wire". Windows has exploit protection with a name like "fast crash", where rather than be exploited, the machine just resets. And it can do that in a few instruction times. It doesn't **** around. That's one of the defense strategies, if a trip wire is set off. Really ?! I've never seen that. OK, think I got it. Elevating with psexec -hsi cmd, to SYSTEM, didn't work. Needed the heavy artillery. No more foolin around. Had to resort to Kaspersky Rescue Disc 10 "Regedit". The offline scanner disc happens to have a very nice registry editor. All running under a Gentoo-like OS. https://i.postimg.cc/3NBpbVnN/kasper...sc-regedit.gif https://i.postimg.cc/C1pqMS2d/proofski.gif And you're correct, in that in this case, there isn't even the right structure to be adding to the WOW one, so forget it. It still seems to work, with just two regedits. You have to add the second key, which is missing. "Tamper, for the win" Paul |
#22
|
|||
|
|||
Debian 10 "buster" released
Some services in windows, if you stop them from task manager,
will restart automatically. If anyone knows how to kill "Antimalware Service Executable", Windows 10, v1903, I'm all ears. I'm not too worried about it, I don't think it's necessary. I did kill Cortana, however, using a wooden stake. |
#23
|
|||
|
|||
Kill "Antimalware Service Executable".
Paul replied ( to me ):
If anyone knows how to kill "Antimalware Service Executable", Windows 10, v1903, I'm all ears. I'm not too worried about it, I don't think it's necessary. use GPEDIT on Pro. I'm using The Home Edition; no GPEDIT; besides, I don't think that would actually remove the process. I bet you can't do it. |
#24
|
|||
|
|||
Remove the "Antimalware Service Executable".
Paul replied ( to me ):
Remove the "Antimalware Service Executable". I'm using The Home Edition; no GPEDIT; besides, I don't think that would actually remove the process. I bet you can't do it. DisableAntiSpyware DWORD 1 I set that variable many years ago. https://i.postimg.cc/VvnXcKzy/Task-Manager.gif That's not "Antimalware Service Executable"; see: http://Jeff-Relf.Me/Antimalware.Service.Executable.PNG |
#25
|
|||
|
|||
Remove the "Antimalware Service Executable".
Paul,
I already did the "DisableAntiSpyware" thing, long ago; still, "Antimalware Service Executable" is running; see: http://Jeff-Relf.Me/Antimalware.Service.Executable.PNG I don't know what you're doing different. Are you not running Windows 10, v1903, all updates ? |
#26
|
|||
|
|||
"Antimalware Service Executable"
Someone replied ( to me ):
If anyone knows how to kill "Antimalware Service Executable", Windows 10, v1903, I'm all ears. Find the exe file and delete it ? Can't delete it, can't rename it, can't "unlock" it, not even with a reboot. |
#27
|
|||
|
|||
Remove the "Antimalware Service Executable".
Paul,
I can't access the "Tamper Prevention" dialogue; see: http://Jeff-Relf.Me/No.Tamper.Prevention.PNG It can't possibly be that yours is Home and mine is Pro, because both are "uncontrollable rubbish". I think you can do it, and I can't, because I'm using the Home Edition, v1903. around when 1903 showed up, You could use Security Panel to turn off Real Time protection, and [MsMpEng] would turn itself back on again. If you try to use the slider again ( off|on ) nothing happens. So something did change in the last release. Right, I think they took another **** on us Home Edition users, v1903. |
#28
|
|||
|
|||
"Home Edition" weenies.
Someone replied ( to me ):
Remove the "Antimalware Service Executable". Are you not running Windows 10, v1903, all updates ? I'm curious if you just uninstalled Windows Defender? That's not an option, especially for us "Home Edition" weenies. Besides, I like Windows Defender, sometimes ( not always ). |
#29
|
|||
|
|||
"TamperProtection"=dword:0 worked.
Thanks Paul, "TamperProtection"=dword:0 worked;
"Antimalware Service Executable" no longer runs. From "http://Jeff-Relf.Me/Win10.REG.TXT": ; Take ownership of "Windows Defender" ( and children ) -Manually-, ; take "Full Control", Merge+ReBoot. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Features] "TamperProtection"=dword:0 ; Must Merge+ReBoot. Turns Windows Defender On[Off]: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows Defender] ; "DisableAntiSpyware"=- "DisableAntiSpyware"=dword:1 There are two keys for the Windows Defender disable, on a 64-bit OS. No, the "WOW6432Node" thing isn't necessary; x32 settings == x64 settings; changing one changes the other. Note that I suspect the 32-bit OS I was testing in, the crash was actually related to a "trip wire". Windows has exploit protection with a name like "fast crash", where rather than be exploited, the machine just resets. And it can do that in a few instruction times. It doesn't **** around. That's one of the defense strategies, if a trip wire is set off. Really ?! I've never seen that. |
|
Thread Tools | |
Display Modes | Rate This Thread |
|
|