Announcement

Collapse
No announcement yet.

Preventing the Microsoft Antimalware Service to start automatically

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Preventing the Microsoft Antimalware Service to start automatically

    Hi

    From the Command Prompt, what would be the proper procedure to prevent the Microsoft Antimalware Service (the latest version) to start automatically during startup of Windows 7 SP1?

    Thanks

    Bye
    balubeto

  • #2
    Re: Preventing the Microsoft Antimalware Service to start automatically

    Surely you have given up on Windows 7 now....?

    Can I (again), refer you to the helpful website where a very short amount of searching (https://www.google.com/search?q=cmd+...oe=&gws_rd=ssl) gives several possible solutions... (and no, I'm not saying what they are)

    You will, of course, need the name of the service to modify

    Why does it have to be the cmd prompt? - Powershell will also work, and for a single computer, services.msc is probably easiest, and for a domain, group policy.
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment


    • #3
      Re: Preventing the Microsoft Antimalware Service to start automatically

      How do I disable the latest version of Microsoft Security Essentials on startup of Windows 7 SP1?

      Thanks

      Bye
      balubeto

      Comment


      • #4
        Re: Preventing the Microsoft Antimalware Service to start automatically

        I really despair at times....

        Did you read anything in the link I posted?

        Do you ever do any research on your own, or do you always expect to get answers handed to you on a plate? If the latter, you really should consider a career that doesn't involve IT - politics, for example

        Have you ever wondered why your reputation (not just here) is plummeting to the depths previously only reached by Alitoday?

        Roughly:
        1) Identify the service or process that runs the latest version of MSE (note that is you identify it, not asking us to do it for you)
        2a) If a service, set its startup to manual (or disabled)
        2b) If a process, identify the registry key that controls it (use MSCONFIG to find out more details) and change it
        3) Test
        4) Deploy to the domain using group policy
        Tom Jones
        MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
        PhD, MSc, FIAP, MIITT
        IT Trainer / Consultant
        Ossian Ltd
        Scotland

        ** Remember to give credit where credit is due and leave reputation points where appropriate **

        Comment


        • #5
          Re: Preventing the Microsoft Antimalware Service to start automatically

          .......... [ATTACH]6123[/ATTACH]
          1 1 was a racehorse.
          2 2 was 1 2.
          1 1 1 1 race 1 day,
          2 2 1 1 2

          Comment


          • #6
            Re: Preventing the Microsoft Antimalware Service to start automatically

            Originally posted by Ossian View Post
            I really despair at times....

            Did you read anything in the link I posted?

            Do you ever do any research on your own, or do you always expect to get answers handed to you on a plate? If the latter, you really should consider a career that doesn't involve IT - politics, for example

            Have you ever wondered why your reputation (not just here) is plummeting to the depths previously only reached by Alitoday?

            Roughly:
            1) Identify the service or process that runs the latest version of MSE (note that is you identify it, not asking us to do it for you)
            2a) If a service, set its startup to manual (or disabled)
            2b) If a process, identify the registry key that controls it (use MSCONFIG to find out more details) and change it
            3) Test
            4) Deploy to the domain using group policy
            From an Administrators account, I opened the Command Prompt by clicking on "Run as Administrator" and I performed

            Code:
            net stop MsMpSvc
            but I get the "System Error 5: Access is denied." message. How come?

            Thanks

            Bye
            Last edited by balubeto; 24th October 2014, 16:49.
            balubeto

            Comment


            • #7
              Re: Preventing the Microsoft Antimalware Service to start automatically

              Originally posted by Ossian
              Did you read anything in the link I posted?
              Question has now been answered.
              1 1 was a racehorse.
              2 2 was 1 2.
              1 1 1 1 race 1 day,
              2 2 1 1 2

              Comment


              • #8
                Re: Preventing the Microsoft Antimalware Service to start automatically

                The horse is well and truly dead

                There is a clear difference between stopping a service and setting it not to start. Do you think malware might want to stop the service, so making it impossible to do "just like that" is a good idea?

                For a fuller discussion, refer to , and in particular the first few hits when searching for the text of your previous post.
                Tom Jones
                MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
                PhD, MSc, FIAP, MIITT
                IT Trainer / Consultant
                Ossian Ltd
                Scotland

                ** Remember to give credit where credit is due and leave reputation points where appropriate **

                Comment


                • #9
                  Re: Preventing the Microsoft Antimalware Service to start automatically

                  To try to disable MSE when Windows starts, I created this bat file:

                  Code:
                  @echo off
                  taskkill /im msseces.exe /f /t
                  taskkill /im MsMpEng.exe /f /t
                  net stop MsMpSvc
                  sc config "MsMpSvc" start= disabled
                  Next, I created a scheduled task

                  Code:
                  <?xml version="1.0" encoding="UTF-16"?>
                  <Task version="1.3" xmlns="http://schemas.microsoft.com/windows/2004/02/mit/task">
                    <RegistrationInfo>
                      <Date>2014-10-26T11:08:46.4219135</Date>
                      <Author>Pippo\Balubeto</Author>
                    </RegistrationInfo>
                    <Triggers>
                      <BootTrigger>
                        <Enabled>true</Enabled>
                      </BootTrigger>
                    </Triggers>
                    <Principals>
                      <Principal id="Author">
                        <UserId>S-1-5-18</UserId>
                        <RunLevel>HighestAvailable</RunLevel>
                      </Principal>
                    </Principals>
                    <Settings>
                      <MultipleInstancesPolicy>IgnoreNew</MultipleInstancesPolicy>
                      <DisallowStartIfOnBatteries>false</DisallowStartIfOnBatteries>
                      <StopIfGoingOnBatteries>true</StopIfGoingOnBatteries>
                      <AllowHardTerminate>true</AllowHardTerminate>
                      <StartWhenAvailable>false</StartWhenAvailable>
                      <RunOnlyIfNetworkAvailable>false</RunOnlyIfNetworkAvailable>
                      <IdleSettings>
                        <StopOnIdleEnd>true</StopOnIdleEnd>
                        <RestartOnIdle>false</RestartOnIdle>
                      </IdleSettings>
                      <AllowStartOnDemand>true</AllowStartOnDemand>
                      <Enabled>true</Enabled>
                      <Hidden>false</Hidden>
                      <RunOnlyIfIdle>false</RunOnlyIfIdle>
                      <DisallowStartOnRemoteAppSession>false</DisallowStartOnRemoteAppSession>
                      <UseUnifiedSchedulingEngine>false</UseUnifiedSchedulingEngine>
                      <WakeToRun>false</WakeToRun>
                      <ExecutionTimeLimit>P3D</ExecutionTimeLimit>
                      <Priority>7</Priority>
                    </Settings>
                    <Actions Context="Author">
                      <Exec>
                        <Command>D:\Users\Public\Documents\balubeto\MSE_disabled.bat</Command>
                      </Exec>
                    </Actions>
                  </Task>
                  so that it goes running with the System's rights when the system starts up.

                  When, however, I rebooted the system, the MSE service is still active. How come?

                  Where did I do wrong?

                  Thanks

                  Bye
                  Last edited by balubeto; 26th October 2014, 12:25.
                  balubeto

                  Comment


                  • #10
                    Re: Preventing the Microsoft Antimalware Service to start automatically

                    Originally posted by balubeto View Post

                    Where did I do wrong?

                    Thanks

                    Bye
                    I suspect MSE has decided you (or at least your scheduled task) are some form of malware and is taking steps to prevent itself being shut down.

                    What is wrong with disabling MSE within the program, or uninstalling MSE completely?
                    Tom Jones
                    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
                    PhD, MSc, FIAP, MIITT
                    IT Trainer / Consultant
                    Ossian Ltd
                    Scotland

                    ** Remember to give credit where credit is due and leave reputation points where appropriate **

                    Comment


                    • #11
                      Re: Preventing the Microsoft Antimalware Service to start automatically

                      Why would you want to do this??

                      Why not just remove MSE from the system if you don't want it running??

                      Comment

                      Working...
                      X