Disable "Malicious Software Reporting Tool" diagnostic data
This script prevents Microsoft's Malicious Software Reporting Tool (MSRT) from transmitting diagnostic data. Malicious Software Reporting Tool is a component of the Malicious Software Removal Tool (MSRT). The MSRT is designed to detect and remove specific, prevalent malware from Windows computers. The tool is integrated into Defender Antivirus. It's also downloaded and run automatically by Windows Update in the background. This tool raises significant privacy concerns: to track citiz...
Disable Defender Antivirus "Block at First Sight" feature
This script disables the "Block at first sight". Block at first sight is Defender Antivirus feature. It protects against threats by quickly detecting and blocking new malware. When Defender Antivirus encounters a suspicious file it can't identify, it consults its cloud protection backend. The cloud backend uses heuristics, machine learning, and automated analysis to identify malicious files. This back-end is part of Cloud Protection. It is also known as Microsoft Active Protection Serv...
Disable Defender Antivirus "Extended Cloud Check" feature
This script disables the extended cloud check feature in Defender Antivirus by reducing its timeout. The extended cloud check is a Defender Antivirus feature. It allows Defender to block a suspicious file for up to 60 seconds while it is scanned in the cloud to verify its safety. This script reduces the extended cloud check timeout to 0, effectively disabling the feature. This maintains the standard (default) time, which is 10 seconds. This feature is part of Microsoft MAPS, also known as SpyNet...
Disable Defender Antivirus aggressive cloud protection
This script disables the aggressive cloud protection setting in Microsoft Defender Antivirus. Cloud protection delivers faster protection to devices compared to traditional security intelligence updates. It works on different aggressiveness levels in blocking and scanning suspicious files. This feature applies to both Microsoft Defender Antivirus and Microsoft Defender for Endpoint. By default, the protection level is unconfigured. This default state provides the least protection. Th...
Disable Defender Antivirus automatic file submission to Microsoft
This script disables Defender's automatic submission of file samples to Microsoft for analysis. Automatic file submission is a feature of Defender Antivirus. By default, Defender automatically sends 'safe' file samples to Microsoft for analysis. This action is part of Microsoft's Advanced Protection Service (MAPS). Previously, this service was known as Microsoft SpyNet. It is now referred to as cloud protection. This automatic collection and submission can include your personal i...
Disable Defender Antivirus Azure data collection
This script disables the Azure data collection library by removing "MpAzSubmit.dll" Microsoft refers to this library as the MpAzSubmit Module and Microsoft Malware Protection. This file is responsible for: Sending data to Azure storage • HTTP communications and REST APIs • It logs events and errors This script enhances privacy by preventing Defender Antivirus from sending potentially sensitive data to Microsoft's cloud services. It may also slightly improve boot performance by reduci...
Disable Defender Antivirus cloud protection
This category contains scripts that disable or limit Microsoft Defender's cloud-based protection features. Microsoft Defender's cloud protection is also known as Microsoft MAPS (Microsoft Active Protection Service) or Microsoft SpyNet. It is an online community that helps detect and prevent the spread of malware. These features automatically collect data and send it to Microsoft. They leverage user data to identify potentially malicious programs, sharing details such as file information, IP addr...
Disable Defender Antivirus cloud protection reporting
This script disables Microsoft Defender's cloud protection reporting. Cloud protection is was previously also known as Microsoft MAPS (Microsoft Active Protection Service). It was previously known as Windows Defender Antivirus Cloud Protection Service and Microsoft Defender Antivirus Cloud Protection Service. It's a feature of Defender Antivirus. This feature creates an online community that helps users address potential threats and prevent new malicious software. Participation in ...
Disable Defender Antivirus cloud-based notifications
This script disables notifications that can turn off security intelligence in Microsoft Defender. This script prevents the antimalware service from receiving notifications to disable individual security intelligence. Security intelligence is updated information that helps antivirus software detect and protect against the latest threats, working with cloud-based protection. The antimalware service, also known as Microsoft Defender Antivirus, is essential to both Microsoft Defender and Microso...
Disable Defender Antivirus real-time security intelligence updates
This script disables the real-time security intelligence updates in Defender. Real-time security intelligence updates are a feature of Defender Antivirus. They are part of Microsoft Active Protection Service (MAPS). MAPS is also known as Microsoft SpyNet or cloud protection. This service collects and sends personal data and other information to Microsoft. When enabled, if Defender encounters an unknown file and MAPS has new intelligence on a threat involving that file, it immediately...
Disable Defender Antivirus remote experimentation and configurations
This script disables the remote configurations and experimentation features of the Microsoft Defender Core service. It enhances privacy by limiting the data Microsoft collects about your system and usage habits. It may improve system performance by reducing background processes related to these features. Disabling this feature may affect Microsoft's ability to improve the Defender product. This script specifically targets the Microsoft Defender Core Service. This service is a part of Defender ...
Disable Defender Antivirus telemetry
This script disables telemetry collection by Defender, enhancing user privacy. By default, Microsoft collects telemetry data from Microsoft Defender Antivirus and other Defender software. This data collection is referred to as 1DS telemetry. Microsoft's One Data Strategy (1DS) centralizes and collects telemetry from various Microsoft services and tools. The strategy collects data from various Microsoft services and tools. The Microsoft Defender Core Service collects telemetry for Microsoft Defen...
Disable Defender Antivirus Watson event reporting
This script prevents Defender from sending Watson events to Microsoft. Watson events are automatically sent reports to Microsoft when a program or service crashes or fails. By default, these reports are sent automatically. This script specifically targets reporting behavior of Defender Antivirus without affecting other applications or services that may use Watson events. Disabling Watson events enhances privacy by preventing the automatic submission of potentially sensitive information about...