diff --git a/scripts/disable-defender.ps1 b/scripts/disable-defender.ps1
new file mode 100644
index 0000000..5869b6b
--- /dev/null
+++ b/scripts/disable-defender.ps1
@@ -0,0 +1,20 @@
+#   Description:
+# This script will disable Windows Defender via Group Policies.
+
+echo "Disabling Windows Defender"
+$reg = @"
+Windows Registry Editor Version 5.00
+
+[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows Defender]
+"DisableAntiSpyware"=dword:00000001
+"DisableRoutinelyTakingAction"=dword:00000001
+
+[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows Defender\Policy Manager]
+
+[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows Defender\Real-Time Protection]
+"DisableRealtimeMonitoring"=dword:00000001
+"@
+$regfile = "$env:windir\Temp\registry.reg"
+$reg | Out-File $regfile
+regedit /s $regfile
+rm $regfile
\ No newline at end of file
diff --git a/scripts/disable-defender.reg b/scripts/disable-defender.reg
deleted file mode 100644
index 8bcf619..0000000
Binary files a/scripts/disable-defender.reg and /dev/null differ