From be67ac397c406139f8c146b47c22ee6005ce2806 Mon Sep 17 00:00:00 2001 From: Alex Hirsch Date: Tue, 4 Aug 2015 13:49:48 +0200 Subject: [PATCH] disable-defender.reg --> disable-defender.ps1 --- scripts/disable-defender.ps1 | 20 ++++++++++++++++++++ scripts/disable-defender.reg | Bin 888 -> 0 bytes 2 files changed, 20 insertions(+) create mode 100644 scripts/disable-defender.ps1 delete mode 100644 scripts/disable-defender.reg diff --git a/scripts/disable-defender.ps1 b/scripts/disable-defender.ps1 new file mode 100644 index 0000000..5869b6b --- /dev/null +++ b/scripts/disable-defender.ps1 @@ -0,0 +1,20 @@ +# Description: +# This script will disable Windows Defender via Group Policies. + +echo "Disabling Windows Defender" +$reg = @" +Windows Registry Editor Version 5.00 + +[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows Defender] +"DisableAntiSpyware"=dword:00000001 +"DisableRoutinelyTakingAction"=dword:00000001 + +[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows Defender\Policy Manager] + +[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows Defender\Real-Time Protection] +"DisableRealtimeMonitoring"=dword:00000001 +"@ +$regfile = "$env:windir\Temp\registry.reg" +$reg | Out-File $regfile +regedit /s $regfile +rm $regfile \ No newline at end of file diff --git a/scripts/disable-defender.reg b/scripts/disable-defender.reg deleted file mode 100644 index 8bcf619fa4f272d90efa5a828ba51930872ae43e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 888 zcmd6m%SyvQ6o&t`;5&rw74Hkdg|v#IQHiBNjFei_FjyxtsRUnM{mvAzLP3{hILw^e zf3EZSk;}>JNwr!vN|dQog{;v`LGMUT&^ovpKG6VuKKZqc2puN-+6C3(!@KzrKN4pudBODu1AO^G*#N+K6v85fW@ z(1hFyaDLa(!*&8$ZI$3E48-B1JaI;@M^&h+=sC~t8sp| zmm+0YzeOw$!W6VVXwNaLia6t_v!4A2-MYD|om`xV?MF(T9;z1lyxRHOj*pnp1~YPc iflJsj+ou`tpGhs>nQw2~8}m)^^StLj#I~^dbH-nAcb8-U