Mike Swanson
31088cb8de
Author: Mike Swanson Machine: DESKTOP-0O8A1RL Timestamp: 2026-05-15 15:23:02
25 lines
1.1 KiB
PowerShell
25 lines
1.1 KiB
PowerShell
$regPath = "HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender"
|
|
if (-not (Test-Path $regPath)) { New-Item -Path $regPath -Force | Out-Null }
|
|
Set-ItemProperty -Path $regPath -Name "DisableAntiSpyware" -Value 1 -Type DWord
|
|
Write-Host "Policy key set"
|
|
|
|
Set-MpPreference -DisableRealtimeMonitoring $true -ErrorAction SilentlyContinue
|
|
Set-MpPreference -DisableBehaviorMonitoring $true -ErrorAction SilentlyContinue
|
|
Set-MpPreference -DisableIOAVProtection $true -ErrorAction SilentlyContinue
|
|
Set-MpPreference -DisableScriptScanning $true -ErrorAction SilentlyContinue
|
|
Set-MpPreference -DisableArchiveScanning $true -ErrorAction SilentlyContinue
|
|
Write-Host "MpPreference overrides applied"
|
|
|
|
try {
|
|
Stop-Service -Name WinDefend -Force -ErrorAction Stop
|
|
Set-Service -Name WinDefend -StartupType Disabled
|
|
Write-Host "WinDefend: stopped and disabled"
|
|
} catch {
|
|
Write-Host "WinDefend stop: $_"
|
|
}
|
|
|
|
$pref = Get-MpPreference
|
|
Write-Host "RealtimeMonitoring disabled: $($pref.DisableRealtimeMonitoring)"
|
|
$regVal = (Get-ItemProperty -Path $regPath -Name DisableAntiSpyware -ErrorAction SilentlyContinue).DisableAntiSpyware
|
|
Write-Host "Policy DisableAntiSpyware: $regVal"
|