Disable Defender Antivirus network inspection service

Works with Windows 10 and 11

Single action
Windows only
Impact: High
Batch (batchfile)
Fully reversible

Overview

This script disables the Defender Antivirus Network Inspection Service (WdNisSvc) and its process, NisSrv.exe.

This service is also known as:

Microsoft Defender Antivirus Network Inspection Service ¹ ²
Windows Defender Antivirus Network Inspection Service ³
Windows Defender Network Inspection Service ⁴
NIS ⁵

This service inspects network traffic to detect known vulnerabilities, aiming to protect against network-based attacks ¹ ⁴. It is part of Defender Antivirus ² and Defender for Endpoint ⁶.

It serves as Microsoft's zero-day vulnerability protection feature, blocking network traffic matching known exploits against unpatched vulnerabilities ⁵. When a new unpatched vulnerability affecting Microsoft products is discovered, Microsoft releases a signature to block that exploit on machines with this feature enabled ⁵. This feature performs synchronous inspection when activated, introducing latency and consuming additional resources ⁵.

This service comes preinstalled on Windows ⁴ and runs continuously in the background.

Disabling this service may enhance privacy by reducing data sent to Microsoft. By default, Defender Antivirus reports detected attacks to Microsoft ⁷. This automatically sends your network information to Microsoft.

Disabling this service may also boost system performance by reducing resource consumption. Synchronous inspection may cause latency, lower network throughput, and increase memory and CPU consumption ⁵. According to Microsoft, this feature is not suitable for machines with high network-intensive server roles such as IIS, Exchange, and SQL ⁵.

However, disabling this service may reduce your security. It prevents zero-day vulnerability shielding signatures from loading on your machine ⁵. This may leave you vulnerable to new network-based attacks until patches are applied.

Caution

Disabling this service may expose your system to unpatched network vulnerabilities, increasing the risk of security breaches.

Technical Details

This script:

Disables the WdNisSvc service
Removes the NisSrv.exe file
Blocks execution of the NisSrv.exe process

The script disables both the service and its process for persistent disabling. Disabling the service alone may be insufficient, as software like Configuration Manager can re-enable it ³.

NisSrv.exe is the process that provides functionality to this service ² ⁶. It is known as Microsoft Defender Antivirus Network Realtime Inspection service ². The process is located at:

%PROGRAMFILES%\Windows Defender ⁶ ⁸ on modern versions of Windows
%PROGRAMFILES%\Microsoft Security Client ⁶ on older versions of Windows.

Overview of default service statuses

OS Version	Status	Start type
Windows 10 (≥ 22H2)	🟢 Running	Manual
Windows 11 (≥ 23H2)	🔴 Stopped	Manual

Not Advised
This script should only be used by advanced users.
This script is not recommended for daily use as it breaks important functionality.
Consider creating a system restore point before doing any changes.
Security Trade-off
This action prioritizes privacy over certain security features. It's not recommended and should only be used by advanced users after understanding its implications.
Increased Privacy
Enhanced privacy through reduced data collection and tracking
Decreased Security
Some security features will be disabled or limited
This script can be reversed, this allows you to restore the default system security.

Sources

PrivacyLearn.com maintains strict sourcing standards for accuracy, integrity and up-to-date content. Our content relies on authoritative sources including vendor documentation, industry standards, and verified research. Learn more about our verification process and quality standards in our editorial standards page.

Guidance on disabling system services on Windows IoT Enterprise. Microsoft Learn. (2023).
Original: https://learn.microsoft.com/en-us/windows/iot/iot-enterprise/optimize/services
Archived: https://web.archive.org/web/20230905120815/https://learn.microsoft.com/en-us/windows/iot/iot-enterprise/optimize/services
Microsoft Defender Antivirus in Windows Overview - Microsoft Defender for Endpoint. Microsoft Learn. learn.microsoft.com. (2024).
Original: https://learn.microsoft.com/en-us/defender-endpoint/microsoft-defender-antivirus-windows
Archived: https://web.archive.org/web/20240609145624/https://learn.microsoft.com/en-us/defender-endpoint/microsoft-defender-antivirus-windows?view=o365-worldwide
Client health checks - Configuration Manager. Microsoft Learn. learn.microsoft.com. (2024).
Original: https://learn.microsoft.com/en-us/mem/configmgr/core/clients/manage/client-health-checks
Archived: https://web.archive.org/web/20241001123134/https://learn.microsoft.com/en-us/mem/configmgr/core/clients/manage/client-health-checks
Security guidelines for system services in Windows Server 2016. Microsoft Learn. (2023).
Original: https://learn.microsoft.com/en-us/windows-server/security/windows-services/security-guidelines-for-disabling-system-services-in-windows-server
Archived: https://web.archive.org/web/20231004161147/https://learn.microsoft.com/en-us/windows-server/security/windows-services/security-guidelines-for-disabling-system-services-in-windows-server
Enhancements to Behavior Monitoring and Network Inspection System in the Microsoft anti-malware platform - Microsoft Community Hub. techcommunity.microsoft.com. (2024).
Original: https://techcommunity.microsoft.com/t5/configuration-manager-archive/enhancements-to-behavior-monitoring-and-network-inspection/ba-p/273238
Archived: https://web.archive.org/web/20241001123042/https://techcommunity.microsoft.com/t5/configuration-manager-archive/enhancements-to-behavior-monitoring-and-network-inspection/ba-p/273238
Microsoft Defender for Endpoint - Proxy Service URLs (Commercial). download.microsoft.com. (2024).
Original: https://download.microsoft.com/download/6/b/f/6bfff670-47c3-4e45-b01b-64a2610eaefa/mde-urls-commercial.xlsx
Archived: https://web.archive.org/web/20240609102213/https://download.microsoft.com/download/6/b/f/6bfff670-47c3-4e45-b01b-64a2610eaefa/mde-urls-commercial.xlsx
Cloud protection and sample submission at Microsoft Defender Antivirus - Microsoft Defender for Endpoint. Microsoft Learn. learn.microsoft.com. (2024).
Original: https://learn.microsoft.com/en-us/defender-endpoint/cloud-protection-microsoft-antivirus-sample-submission
Archived: https://web.archive.org/web/20241001123101/https://learn.microsoft.com/en-us/defender-endpoint/cloud-protection-microsoft-antivirus-sample-submission
Microsoft Defender Antivirus Network Inspection Service - Windows 11 Service - batcmd.com. batcmd.com. (2024).
Original: https://batcmd.com/windows/11/services/wdnissvc
Archived: https://web.archive.org/web/20241001123116/https://batcmd.com/windows/11/services/wdnissvc/

Apply Now

Choose one of three ways to apply:

Download script

Download and run the script directly

No app needed
Offline usage
Easy-to-apply
Free
Open-source

Apply protection

Undo protection

Help

How to apply or restore "Disable Defender Antivirus network inspection service" using script

≈ 2 min to complete
Tools: Web Browser
Difficulty: Simple
≈ 5 instructions

1
Download
Download the script file by clicking on the Apply protection button above.
Use Undo protection button above to restore changes.
2
Keep the file
If warned by your browser, keep the file.
3
Open
Open the downloaded file.
4
Exit
Once it's done, press any key to exit the window.
5
Restart
Restart your computer for all changes to take effect.

Apply with privacy.sexy

Guided, automated application with safety checks

Recommended for most users
Includes safety checks
Free
Open-source
Popular
Offline/Online usage

Open privacy.sexy

Help

How to apply or restore "Disable Defender Antivirus network inspection service" using privacy.sexy

≈ 3 min to complete
Tools: privacy.sexy
Difficulty: Simple
≈ 4 instructions

privacy.sexy is free and open-source application that lets securely apply this action easily with more advanced options.

1
Open or download
Open or download the desktop application
2
Choose script
1. Search for the script name: Disable Defender Antivirus network inspection service
2. Check the script by clicking on the checkbox.
3
Run
Click on ▶️ Run button at the bottom of the page.
This button only appears on desktop version (recommended). On browser, use 💾 Save button.

Run commands

Copy and run commands manually Requires technical knowledge

Apply
Revert

Apply changes
:: Disable the service `WdNisSvc` using TrustedInstaller privileges
PowerShell -ExecutionPolicy Unrestricted -Command "function Invoke-AsTrustedInstaller($Script) { $principalSid = [System.Security.Principal.SecurityIdentifier]::new('S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464'); $principalName = $principalSid.Translate([System.Security.Principal.NTAccount]); $streamFile = New-TemporaryFile; $scriptFile = New-TemporaryFile; try { $scriptFile = Rename-Item -LiteralPath $scriptFile -NewName ($scriptFile.BaseName + '.ps1') -Force -PassThru; $Script | Out-File $scriptFile -Encoding UTF8; $taskName = "^""privacy$([char]0x002E)sexy invoke"^""; schtasks.exe /delete /tn $taskName /f 2>&1 | Out-Null; $executionCommand = "^""powershell.exe -ExecutionPolicy Bypass -File '$scriptFile' *>&1 | Out-File -FilePath '$streamFile' -Encoding UTF8"^""; $action = New-ScheduledTaskAction -Execute 'powershell.exe' -Argument "^""-ExecutionPolicy Bypass -Command `"^""$executionCommand`"^"""^""; $settings = New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries; Register-ScheduledTask -TaskName $taskName -Action $action -Settings $settings -Force -ErrorAction Stop | Out-Null; try { ($scheduleService = New-Object -ComObject Schedule.Service).Connect(); $scheduleService.GetFolder('\').GetTask($taskName).RunEx($null, 0, 0, $principalName) | Out-Null; $timeout = (Get-Date).AddMinutes(5); Write-Host "^""Running as $principalName"^""; while ((Get-ScheduledTaskInfo $taskName).LastTaskResult -eq 267009) { Start-Sleep -Milliseconds 200; if ((Get-Date) -gt $timeout) { Write-Warning 'Skipping: Timeout'; break; }; }; if (($result = (Get-ScheduledTaskInfo $taskName).LastTaskResult) -ne 0) { Write-Error "^""Failed, due to exit code: $result."^""; } } finally { schtasks.exe /delete /tn $taskName /f | Out-Null; }; Get-Content $streamFile } finally { Remove-Item $streamFile, $scriptFile; }; }; $cmd = '$serviceQuery = ''WdNisSvc'''+"^""`r`n"^""+'$stopWithDependencies= $false'+"^""`r`n"^""+'<# -- 1. Skip if service does not exist #>'+"^""`r`n"^""+'$service = Get-Service -Name $serviceQuery -ErrorAction SilentlyContinue'+"^""`r`n"^""+'if(!$service) {'+"^""`r`n"^""+'    Write-Host "^""Service query `"^""$serviceQuery`"^"" did not yield any results, no need to disable it."^""'+"^""`r`n"^""+'    Exit 0'+"^""`r`n"^""+'}'+"^""`r`n"^""+'$serviceName = $service.Name'+"^""`r`n"^""+'Write-Host "^""Disabling service: `"^""$serviceName`"^""."^""'+"^""`r`n"^""+'<# -- 2. Stop if running #>'+"^""`r`n"^""+'if ($service.Status -eq [System.ServiceProcess.ServiceControllerStatus]::Running) {'+"^""`r`n"^""+'    Write-Host "^""`"^""$serviceName`"^"" is running, attempting to stop it."^""'+"^""`r`n"^""+'    try {'+"^""`r`n"^""+'        Write-Host "^""Stopping the service `"^""$serviceName`"^""."^""'+"^""`r`n"^""+'        $stopParams = @{ `'+"^""`r`n"^""+'            Name = $ServiceName'+"^""`r`n"^""+'            Force = $true'+"^""`r`n"^""+'            ErrorAction = ''Stop'''+"^""`r`n"^""+'        }'+"^""`r`n"^""+'        if (-not $stopWithDependencies) {'+"^""`r`n"^""+'            $stopParams[''NoWait''] = $true'+"^""`r`n"^""+'        }'+"^""`r`n"^""+'        Stop-Service @stopParams'+"^""`r`n"^""+'        Write-Host "^""Stopped `"^""$serviceName`"^"" successfully."^""'+"^""`r`n"^""+'    } catch {'+"^""`r`n"^""+'        if ($_.FullyQualifiedErrorId -eq ''CouldNotStopService,Microsoft.PowerShell.Commands.StopServiceCommand'') {'+"^""`r`n"^""+'            Write-Warning "^""The service `"^""$serviceName`"^"" does not accept a stop command and may need to be stopped manually or on reboot."^""'+"^""`r`n"^""+'        } else {'+"^""`r`n"^""+'            Write-Warning "^""Failed to stop service `"^""$ServiceName`"^"". It will be stopped after reboot. Error: $($_.Exception.Message)"^""'+"^""`r`n"^""+'        }'+"^""`r`n"^""+'    }'+"^""`r`n"^""+'} else {'+"^""`r`n"^""+'    Write-Host "^""`"^""$serviceName`"^"" is not running, no need to stop."^""'+"^""`r`n"^""+'}'+"^""`r`n"^""+'<# -- 3. Skip if service info is not found in registry #>'+"^""`r`n"^""+'$registryKey = "^""HKLM:\SYSTEM\CurrentControlSet\Services\$serviceName"^""'+"^""`r`n"^""+'if (-Not (Test-Path $registryKey)) {'+"^""`r`n"^""+'    Write-Host "^""`"^""$registryKey`"^"" is not found in registry, cannot enable it."^""'+"^""`r`n"^""+'    Exit 0'+"^""`r`n"^""+'}'+"^""`r`n"^""+'<# -- 4. Skip if already disabled #>'+"^""`r`n"^""+'if( $(Get-ItemProperty -Path "^""$registryKey"^"").Start -eq 4) {'+"^""`r`n"^""+'    Write-Host "^""`"^""$serviceName`"^"" is already disabled from start, no further action is needed."^""'+"^""`r`n"^""+'    Exit 0'+"^""`r`n"^""+'}'+"^""`r`n"^""+'<# -- 5. Disable service #>'+"^""`r`n"^""+'try {'+"^""`r`n"^""+'    Set-ItemProperty `'+"^""`r`n"^""+'        -LiteralPath $registryKey `'+"^""`r`n"^""+'        -Name "^""Start"^"" `'+"^""`r`n"^""+'        -Value 4 `'+"^""`r`n"^""+'        -ErrorAction Stop'+"^""`r`n"^""+'    Write-Host ''Successfully disabled the service. It will not start automatically on next boot.'''+"^""`r`n"^""+'} catch {'+"^""`r`n"^""+'    Write-Error "^""Failed to disable the service. Error: $($_.Exception.Message)"^""'+"^""`r`n"^""+'    Exit 1'+"^""`r`n"^""+'}'; Invoke-AsTrustedInstaller $cmd"
:: Soft delete files matching pattern: "%PROGRAMFILES%\Windows Defender\NisSrv.exe"  as TrustedInstaller
PowerShell -ExecutionPolicy Unrestricted -Command "function Invoke-AsTrustedInstaller($Script) { $principalSid = [System.Security.Principal.SecurityIdentifier]::new('S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464'); $principalName = $principalSid.Translate([System.Security.Principal.NTAccount]); $streamFile = New-TemporaryFile; $scriptFile = New-TemporaryFile; try { $scriptFile = Rename-Item -LiteralPath $scriptFile -NewName ($scriptFile.BaseName + '.ps1') -Force -PassThru; $Script | Out-File $scriptFile -Encoding UTF8; $taskName = "^""privacy$([char]0x002E)sexy invoke"^""; schtasks.exe /delete /tn $taskName /f 2>&1 | Out-Null; $executionCommand = "^""powershell.exe -ExecutionPolicy Bypass -File '$scriptFile' *>&1 | Out-File -FilePath '$streamFile' -Encoding UTF8"^""; $action = New-ScheduledTaskAction -Execute 'powershell.exe' -Argument "^""-ExecutionPolicy Bypass -Command `"^""$executionCommand`"^"""^""; $settings = New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries; Register-ScheduledTask -TaskName $taskName -Action $action -Settings $settings -Force -ErrorAction Stop | Out-Null; try { ($scheduleService = New-Object -ComObject Schedule.Service).Connect(); $scheduleService.GetFolder('\').GetTask($taskName).RunEx($null, 0, 0, $principalName) | Out-Null; $timeout = (Get-Date).AddMinutes(5); Write-Host "^""Running as $principalName"^""; while ((Get-ScheduledTaskInfo $taskName).LastTaskResult -eq 267009) { Start-Sleep -Milliseconds 200; if ((Get-Date) -gt $timeout) { Write-Warning 'Skipping: Timeout'; break; }; }; if (($result = (Get-ScheduledTaskInfo $taskName).LastTaskResult) -ne 0) { Write-Error "^""Failed, due to exit code: $result."^""; } } finally { schtasks.exe /delete /tn $taskName /f | Out-Null; }; Get-Content $streamFile } finally { Remove-Item $streamFile, $scriptFile; }; }; $cmd = '$pathGlobPattern = "^""%PROGRAMFILES%\Windows Defender\NisSrv.exe"^""'+"^""`r`n"^""+'$expandedPath = [System.Environment]::ExpandEnvironmentVariables($pathGlobPattern)'+"^""`r`n"^""+'Write-Host "^""Searching for items matching pattern: `"^""$($expandedPath)`"^""."^""'+"^""`r`n"^""+''+"^""`r`n"^""+'$renamedCount   = 0'+"^""`r`n"^""+'$skippedCount   = 0'+"^""`r`n"^""+'$failedCount    = 0'+"^""`r`n"^""+''+"^""`r`n"^""+'$foundAbsolutePaths = @()'+"^""`r`n"^""+''+"^""`r`n"^""+'try {'+"^""`r`n"^""+'    $foundAbsolutePaths += @('+"^""`r`n"^""+'        Get-Item -Path $expandedPath -ErrorAction Stop | Select-Object -ExpandProperty FullName'+"^""`r`n"^""+'    )'+"^""`r`n"^""+'} catch [System.Management.Automation.ItemNotFoundException] {'+"^""`r`n"^""+'    <# Swallow, do not run `Test-Path` before, it''s unreliable for globs requiring extra permissions #>'+"^""`r`n"^""+'}'+"^""`r`n"^""+'$foundAbsolutePaths = $foundAbsolutePaths   `'+"^""`r`n"^""+'    | Select-Object -Unique                 `'+"^""`r`n"^""+'    | Sort-Object -Property { $_.Length } -Descending'+"^""`r`n"^""+'if (!$foundAbsolutePaths) {'+"^""`r`n"^""+'    Write-Host ''Skipping, no items available.'''+"^""`r`n"^""+'    exit 0'+"^""`r`n"^""+'}'+"^""`r`n"^""+'Write-Host "^""Initiating processing of $($foundAbsolutePaths.Count) items from `"^""$expandedPath`"^""."^""'+"^""`r`n"^""+'foreach ($path in $foundAbsolutePaths) {'+"^""`r`n"^""+'    if (Test-Path -Path $path -PathType Container) {'+"^""`r`n"^""+'    Write-Host "^""Skipping folder (not its contents): `"^""$path`"^""."^""'+"^""`r`n"^""+'    $skippedCount++'+"^""`r`n"^""+'    continue'+"^""`r`n"^""+'}'+"^""`r`n"^""+'if($revert -eq $true) {'+"^""`r`n"^""+'    if (-not $path.EndsWith(''.OLD'')) {'+"^""`r`n"^""+'        Write-Host "^""Skipping non-backup file: `"^""$path`"^""."^""'+"^""`r`n"^""+'        $skippedCount++'+"^""`r`n"^""+'        continue'+"^""`r`n"^""+'    }'+"^""`r`n"^""+'} else {'+"^""`r`n"^""+'    if ($path.EndsWith(''.OLD'')) {'+"^""`r`n"^""+'        Write-Host "^""Skipping backup file: `"^""$path`"^""."^""'+"^""`r`n"^""+'        $skippedCount++'+"^""`r`n"^""+'        continue'+"^""`r`n"^""+'    }'+"^""`r`n"^""+'}'+"^""`r`n"^""+'$originalFilePath = $path'+"^""`r`n"^""+'Write-Host "^""Processing file: `"^""$originalFilePath`"^""."^""'+"^""`r`n"^""+'if (-Not (Test-Path $originalFilePath)) {'+"^""`r`n"^""+'    Write-Host "^""Skipping, file `"^""$originalFilePath`"^"" not found."^""'+"^""`r`n"^""+'    $skippedCount++'+"^""`r`n"^""+'    exit 0'+"^""`r`n"^""+'}'+"^""`r`n"^""+''+"^""`r`n"^""+'if ($revert -eq $true) {'+"^""`r`n"^""+'    $newFilePath = $originalFilePath.Substring(0, $originalFilePath.Length - 4)'+"^""`r`n"^""+'} else {'+"^""`r`n"^""+'    $newFilePath = "^""$($originalFilePath).OLD"^""'+"^""`r`n"^""+'}'+"^""`r`n"^""+'try {'+"^""`r`n"^""+'    Move-Item -LiteralPath "^""$($originalFilePath)"^"" -Destination "^""$newFilePath"^"" -Force -ErrorAction Stop'+"^""`r`n"^""+'    Write-Host "^""Successfully processed `"^""$originalFilePath`"^""."^""'+"^""`r`n"^""+'    $renamedCount++'+"^""`r`n"^""+'    '+"^""`r`n"^""+'} catch {'+"^""`r`n"^""+'    Write-Error "^""Failed to rename `"^""$originalFilePath`"^"" to `"^""$newFilePath`"^"": $($_.Exception.Message)"^""'+"^""`r`n"^""+'    $failedCount++'+"^""`r`n"^""+'    '+"^""`r`n"^""+'}'+"^""`r`n"^""+'}'+"^""`r`n"^""+'if (($renamedCount -gt 0) -or ($skippedCount -gt 0)) {'+"^""`r`n"^""+'    Write-Host "^""Successfully processed $renamedCount items and skipped $skippedCount items."^""'+"^""`r`n"^""+'}'+"^""`r`n"^""+'if ($failedCount -gt 0) {'+"^""`r`n"^""+'    Write-Warning "^""Failed to process $($failedCount) items."^""'+"^""`r`n"^""+'}'+"^""`r`n"^""+''; Invoke-AsTrustedInstaller $cmd"
:: Check and terminate the running process "NisSrv.exe"
tasklist /fi "ImageName eq NisSrv.exe" /fo csv 2>NUL | find /i "NisSrv.exe">NUL && (
    echo NisSrv.exe is running and will be killed.
    taskkill /f /im NisSrv.exe
) || (
    echo Skipping, NisSrv.exe is not running.
)
:: Configure termination of "NisSrv.exe" immediately upon its startup
:: Set the registry value: "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NisSrv.exe!Debugger"
PowerShell -ExecutionPolicy Unrestricted -Command "$registryPath = 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NisSrv.exe'; $data =  '%SYSTEMROOT%\System32\taskkill.exe'; reg add 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NisSrv.exe' /v 'Debugger' /t 'REG_SZ' /d "^""$data"^"" /f"
:: Add a rule to prevent the executable "NisSrv.exe" from running via File Explorer
PowerShell -ExecutionPolicy Unrestricted -Command "$executableFilename='NisSrv.exe'; try { $registryPathForDisallowRun='HKCU:\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun'; $existingBlockEntries = Get-ItemProperty -Path "^""$registryPathForDisallowRun"^"" -ErrorAction Ignore; $nextFreeRuleIndex = 1; if ($existingBlockEntries) { $existingBlockingRuleForExecutable = $existingBlockEntries.PSObject.Properties | Where-Object { $_.Value -eq $executableFilename }; if ($existingBlockingRuleForExecutable) { $existingBlockingRuleIndexForExecutable = $existingBlockingRuleForExecutable.Name; Write-Output "^""Skipping, no action needed: '$executableFilename' is already blocked under rule index `"^""$existingBlockingRuleIndexForExecutable`"^""."^""; exit 0; }; $occupiedRuleIndexes = $existingBlockEntries.PSObject.Properties | Where-Object { $_.Name -Match '^\d+$' } | Select -ExpandProperty Name; if ($occupiedRuleIndexes) { while ($occupiedRuleIndexes -Contains $nextFreeRuleIndex) { $nextFreeRuleIndex += 1; }; }; }; Write-Output "^""Adding block rule for `"^""$executableFilename`"^"" under rule index `"^""$nextFreeRuleIndex`"^""."^""; if (!(Test-Path $registryPathForDisallowRun)) { New-Item -Path "^""$registryPathForDisallowRun"^"" -Force -ErrorAction Stop | Out-Null; }; New-ItemProperty -Path "^""$registryPathForDisallowRun"^"" -Name "^""$nextFreeRuleIndex"^"" -PropertyType String -Value "^""$executableFilename"^"" ` -ErrorAction Stop | Out-Null; Write-Output "^""Successfully blocked `"^""$executableFilename`"^"" with rule index `"^""$nextFreeRuleIndex`"^""."^""; } catch { Write-Error "^""Failed to block `"^""$executableFilename`"^"": $_"^""; Exit 1; }"
:: Activate the DisallowRun policy to block specified programs from running via File Explorer
PowerShell -ExecutionPolicy Unrestricted -Command "try { $fileExplorerDisallowRunRegistryPath = 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer'; $currentDisallowRunPolicyValue = Get-ItemProperty -Path "^""$fileExplorerDisallowRunRegistryPath"^"" -Name 'DisallowRun' -ErrorAction Ignore | Select -ExpandProperty DisallowRun; if ([string]::IsNullOrEmpty($currentDisallowRunPolicyValue)) { Write-Output "^""Creating DisallowRun policy at `"^""$fileExplorerDisallowRunRegistryPath`"^""."^""; if (!(Test-Path $fileExplorerDisallowRunRegistryPath)) { New-Item -Path "^""$fileExplorerDisallowRunRegistryPath"^"" -Force -ErrorAction Stop | Out-Null; }; New-ItemProperty -Path "^""$fileExplorerDisallowRunRegistryPath"^"" -Name 'DisallowRun' -Value 1 -PropertyType DWORD -Force -ErrorAction Stop | Out-Null; Write-Output 'Successfully activated DisallowRun policy.'; Exit 0; }; if ($currentDisallowRunPolicyValue -eq 1) { Write-Output 'Skipping, no action needed: DisallowRun policy is already in place.'; Exit 0; }; Write-Output 'Updating DisallowRun policy from unexpected value `"^""$currentDisallowRunPolicyValue`"^"" to `"^""1`"^"".'; Set-ItemProperty -Path "^""$fileExplorerDisallowRunRegistryPath"^"" -Name 'DisallowRun' -Value 1 -Type DWORD -Force -ErrorAction Stop | Out-Null; Write-Output 'Successfully activated DisallowRun policy.'; } catch { Write-Error "^""Failed to activate DisallowRun policy: $_"^""; Exit 1; }"

Restore changes

Ijo6IFJlc3RvcmUgdGhlIHNlcnZpY2UgYFdkTmlzU3ZjYCB1c2luZyBUcnVzdGVkSW5zdGFsbGVyIHByaXZpbGVnZXNcblBvd2VyU2hlbGwgLUV4ZWN1dGlvblBvbGljeSBVbnJlc3RyaWN0ZWQgLUNvbW1hbmQgXCJmdW5jdGlvbiBJbnZva2UtQXNUcnVzdGVkSW5zdGFsbGVyKCRTY3JpcHQpIHsgJHByaW5jaXBhbFNpZCA9IFtTeXN0ZW0uU2VjdXJpdHkuUHJpbmNpcGFsLlNlY3VyaXR5SWRlbnRpZmllcl06Om5ldygnUy0xLTUtODAtOTU2MDA4ODg1LTM0MTg1MjI2NDktMTgzMTAzODA0NC0xODUzMjkyNjMxLTIyNzE0Nzg0NjQnKTsgJHByaW5jaXBhbE5hbWUgPSAkcHJpbmNpcGFsU2lkLlRyYW5zbGF0ZShbU3lzdGVtLlNlY3VyaXR5LlByaW5jaXBhbC5OVEFjY291bnRdKTsgJHN0cmVhbUZpbGUgPSBOZXctVGVtcG9yYXJ5RmlsZTsgJHNjcmlwdEZpbGUgPSBOZXctVGVtcG9yYXJ5RmlsZTsgdHJ5IHsgJHNjcmlwdEZpbGUgPSBSZW5hbWUtSXRlbSAtTGl0ZXJhbFBhdGggJHNjcmlwdEZpbGUgLU5ld05hbWUgKCRzY3JpcHRGaWxlLkJhc2VOYW1lICsgJy5wczEnKSAtRm9yY2UgLVBhc3NUaHJ1OyAkU2NyaXB0IHwgT3V0LUZpbGUgJHNjcmlwdEZpbGUgLUVuY29kaW5nIFVURjg7ICR0YXNrTmFtZSA9IFwiXlwiXCJwcml2YWN5JChbY2hhcl0weDAwMkUpc2V4eSBpbnZva2VcIl5cIlwiOyBzY2h0YXNrcy5leGUgL2RlbGV0ZSAvdG4gJHRhc2tOYW1lIC9mIDI+JjEgfCBPdXQtTnVsbDsgJGV4ZWN1dGlvbkNvbW1hbmQgPSBcIl5cIlwicG93ZXJzaGVsbC5leGUgLUV4ZWN1dGlvblBvbGljeSBCeXBhc3MgLUZpbGUgJyRzY3JpcHRGaWxlJyAqPiYxIHwgT3V0LUZpbGUgLUZpbGVQYXRoICckc3RyZWFtRmlsZScgLUVuY29kaW5nIFVURjhcIl5cIlwiOyAkYWN0aW9uID0gTmV3LVNjaGVkdWxlZFRhc2tBY3Rpb24gLUV4ZWN1dGUgJ3Bvd2Vyc2hlbGwuZXhlJyAtQXJndW1lbnQgXCJeXCJcIi1FeGVjdXRpb25Qb2xpY3kgQnlwYXNzIC1Db21tYW5kIGBcIl5cIlwiJGV4ZWN1dGlvbkNvbW1hbmRgXCJeXCJcIlwiXlwiXCI7ICRzZXR0aW5ncyA9IE5ldy1TY2hlZHVsZWRUYXNrU2V0dGluZ3NTZXQgLUFsbG93U3RhcnRJZk9uQmF0dGVyaWVzIC1Eb250U3RvcElmR29pbmdPbkJhdHRlcmllczsgUmVnaXN0ZXItU2NoZWR1bGVkVGFzayAtVGFza05hbWUgJHRhc2tOYW1lIC1BY3Rpb24gJGFjdGlvbiAtU2V0dGluZ3MgJHNldHRpbmdzIC1Gb3JjZSAtRXJyb3JBY3Rpb24gU3RvcCB8IE91dC1OdWxsOyB0cnkgeyAoJHNjaGVkdWxlU2VydmljZSA9IE5ldy1PYmplY3QgLUNvbU9iamVjdCBTY2hlZHVsZS5TZXJ2aWNlKS5Db25uZWN0KCk7ICRzY2hlZHVsZVNlcnZpY2UuR2V0Rm9sZGVyKCdcXCcpLkdldFRhc2soJHRhc2tOYW1lKS5SdW5FeCgkbnVsbCwgMCwgMCwgJHByaW5jaXBhbE5hbWUpIHwgT3V0LU51bGw7ICR0aW1lb3V0ID0gKEdldC1EYXRlKS5BZGRNaW51dGVzKDUpOyBXcml0ZS1Ib3N0IFwiXlwiXCJSdW5uaW5nIGFzICRwcmluY2lwYWxOYW1lXCJeXCJcIjsgd2hpbGUgKChHZXQtU2NoZWR1bGVkVGFza0luZm8gJHRhc2tOYW1lKS5MYXN0VGFza1Jlc3VsdCAtZXEgMjY3MDA5KSB7IFN0YXJ0LVNsZWVwIC1NaWxsaXNlY29uZHMgMjAwOyBpZiAoKEdldC1EYXRlKSAtZ3QgJHRpbWVvdXQpIHsgV3JpdGUtV2FybmluZyAnU2tpcHBpbmc6IFRpbWVvdXQnOyBicmVhazsgfTsgfTsgaWYgKCgkcmVzdWx0ID0gKEdldC1TY2hlZHVsZWRUYXNrSW5mbyAkdGFza05hbWUpLkxhc3RUYXNrUmVzdWx0KSAtbmUgMCkgeyBXcml0ZS1FcnJvciBcIl5cIlwiRmFpbGVkLCBkdWUgdG8gZXhpdCBjb2RlOiAkcmVzdWx0LlwiXlwiXCI7IH0gfSBmaW5hbGx5IHsgc2NodGFza3MuZXhlIC9kZWxldGUgL3RuICR0YXNrTmFtZSAvZiB8IE91dC1OdWxsOyB9OyBHZXQtQ29udGVudCAkc3RyZWFtRmlsZSB9IGZpbmFsbHkgeyBSZW1vdmUtSXRlbSAkc3RyZWFtRmlsZSwgJHNjcmlwdEZpbGU7IH07IH07ICRjbWQgPSAnJHNlcnZpY2VRdWVyeSA9ICcnV2ROaXNTdmMnJycrXCJeXCJcImByYG5cIl5cIlwiKyckZGVmYXVsdFN0YXJ0dXBNb2RlID0gJydNYW51YWwnJycrXCJeXCJcImByYG5cIl5cIlwiKyc8IyAtLSAxLiBTa2lwIGlmIHNlcnZpY2UgZG9lcyBub3QgZXhpc3QgIz4nK1wiXlwiXCJgcmBuXCJeXCJcIisnJHNlcnZpY2UgPSBHZXQtU2VydmljZSAtTmFtZSAkc2VydmljZVF1ZXJ5IC1FcnJvckFjdGlvbiBTaWxlbnRseUNvbnRpbnVlJytcIl5cIlwiYHJgblwiXlwiXCIrJ2lmICghJHNlcnZpY2UpIHsnK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgIFdyaXRlLVdhcm5pbmcgXCJeXCJcIlNlcnZpY2UgcXVlcnkgYFwiXlwiXCIkc2VydmljZVF1ZXJ5YFwiXlwiXCIgZGlkIG5vdCB5aWVsZCBhbmQgcmVzdWx0cy4gUmV2ZXJ0IGNhbm5vdCBwcm9jZWVkLlwiXlwiXCInK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgIEV4aXQgMScrXCJeXCJcImByYG5cIl5cIlwiKyd9JytcIl5cIlwiYHJgblwiXlwiXCIrJyRzZXJ2aWNlTmFtZSA9ICRzZXJ2aWNlLk5hbWUnK1wiXlwiXCJgcmBuXCJeXCJcIisnV3JpdGUtSG9zdCBcIl5cIlwiUmVzdG9yaW5nIHJlZ2lzdHJ5IHNldHRpbmdzIGZvciBzZXJ2aWNlIGBcIl5cIlwiJHNlcnZpY2VOYW1lYFwiXlwiXCIgdG8gZGVmYXVsdCBzdGFydHVwIG1vZGUgYFwiXlwiXCIkZGVmYXVsdFN0YXJ0dXBNb2RlYFwiXlwiXCIuXCJeXCJcIicrXCJeXCJcImByYG5cIl5cIlwiKyc8IyAtLSAyLiBTa2lwIGlmIHNlcnZpY2UgaW5mbyBpcyBub3QgZm91bmQgaW4gcmVnaXN0cnkgIz4nK1wiXlwiXCJgcmBuXCJeXCJcIisnJHJlZ2lzdHJ5S2V5ID0gXCJeXCJcIkhLTE06XFxTWVNURU1cXEN1cnJlbnRDb250cm9sU2V0XFxTZXJ2aWNlc1xcJHNlcnZpY2VOYW1lXCJeXCJcIicrXCJeXCJcImByYG5cIl5cIlwiKydpZiAoLU5vdCAoVGVzdC1QYXRoICRyZWdpc3RyeUtleSkpIHsnK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgIFdyaXRlLVdhcm5pbmcgXCJeXCJcImBcIl5cIlwiJHJlZ2lzdHJ5S2V5YFwiXlwiXCIgaXMgbm90IGZvdW5kIGluIHJlZ2lzdHJ5LiBSZXZlcnQgY2Fubm90IHByb2NlZWQuXCJeXCJcIicrXCJeXCJcImByYG5cIl5cIlwiKycgICAgRXhpdCAxJytcIl5cIlwiYHJgblwiXlwiXCIrJ30nK1wiXlwiXCJgcmBuXCJeXCJcIisnPCMgLS0gMy4gRW5hYmxlIGlmIG5vdCBhbHJlYWR5IGVuYWJsZWQgIz4nK1wiXlwiXCJgcmBuXCJeXCJcIisnJGRlZmF1bHRTdGFydHVwUmVnVmFsdWUgPSBzd2l0Y2ggKCRkZWZhdWx0U3RhcnR1cE1vZGUpIHsnK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgICcnQm9vdCcnICAgICAgeyAwIH0nK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgICcnU3lzdGVtJycgICAgeyAxIH0nK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgICcnQXV0b21hdGljJycgeyAyIH0nK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgICcnTWFudWFsJycgICAgeyAzIH0nK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgICcnRGlzYWJsZWQnJyAgeyA0IH0nK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgIGRlZmF1bHQgeycrXCJeXCJcImByYG5cIl5cIlwiKycgICAgICAgIFdyaXRlLUVycm9yIFwiXlwiXCJFcnJvcjogVW5rbm93biBzdGFydHVwIG1vZGUgc3BlY2lmaWVkOiBgXCJeXCJcIiRkZWZhdWx0U3RhcnR1cE1vZGVgXCJeXCJcIi4gUmV2ZXJ0IGNhbm5vdCBwcm9jZWVkLlwiXlwiXCInK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgICAgICByZXR1cm4nK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgIH0nK1wiXlwiXCJgcmBuXCJeXCJcIisnfScrXCJeXCJcImByYG5cIl5cIlwiKydpZiAoJChHZXQtSXRlbVByb3BlcnR5IC1QYXRoIFwiXlwiXCIkcmVnaXN0cnlLZXlcIl5cIlwiKS5TdGFydCAtZXEgJGRlZmF1bHRTdGFydHVwUmVnVmFsdWUpIHsnK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgIFdyaXRlLUhvc3QgXCJeXCJcImBcIl5cIlwiJHNlcnZpY2VOYW1lYFwiXlwiXCIgaXMgaGFzIGFscmVhZHkgZGVmYXVsdCBzdGFydHVwIG1vZGU6IGBcIl5cIlwiJGRlZmF1bHRTdGFydHVwTW9kZWBcIl5cIlwiLlwiXlwiXCInK1wiXlwiXCJgcmBuXCJeXCJcIisnfSBlbHNlIHsnK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgIHRyeSB7JytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICAgICAgU2V0LUl0ZW1Qcm9wZXJ0eSAkcmVnaXN0cnlLZXkgLU5hbWUgU3RhcnQgLVZhbHVlICRkZWZhdWx0U3RhcnR1cFJlZ1ZhbHVlIC1Gb3JjZScrXCJeXCJcImByYG5cIl5cIlwiKycgICAgICAgIFdyaXRlLUhvc3QgXCJeXCJcIlN1Y2Nlc3NmdWxseSByZXN0b3JlZCBgXCJeXCJcIiRzZXJ2aWNlTmFtZWBcIl5cIlwiIHdpdGggYFwiXlwiXCIkZGVmYXVsdFN0YXJ0dXBNb2RlYFwiXlwiXCIgc3RhcnQsIHRoaXMgbWF5IHJlcXVpcmUgcmVzdGFydGluZyB5b3VyIGNvbXB1dGVyLlwiXlwiXCInK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgIH0gY2F0Y2ggeycrXCJeXCJcImByYG5cIl5cIlwiKycgICAgICAgIFdyaXRlLUVycm9yIFwiXlwiXCJDb3VsZCBub3QgZW5hYmxlIGBcIl5cIlwiJHNlcnZpY2VOYW1lYFwiXlwiXCI6ICRfXCJeXCJcIicrXCJeXCJcImByYG5cIl5cIlwiKycgICAgICAgIEV4aXQgMScrXCJeXCJcImByYG5cIl5cIlwiKycgICAgfScrXCJeXCJcImByYG5cIl5cIlwiKyd9JytcIl5cIlwiYHJgblwiXlwiXCIrJzwjIC0tIDQuIFN0YXJ0IGlmIG5vdCBydW5uaW5nIChtdXN0IGJlIGVuYWJsZWQgZmlyc3QpICM+JytcIl5cIlwiYHJgblwiXlwiXCIrJ2lmICgkZGVmYXVsdFN0YXJ0dXBNb2RlIC1lcSAnJ0F1dG9tYXRpYycnIC1vciAkZGVmYXVsdFN0YXJ0dXBNb2RlIC1lcSAnJ0Jvb3QnJyAtb3IgJGRlZmF1bHRTdGFydHVwTW9kZSAtZXEgJydTeXN0ZW0nJykgeycrXCJeXCJcImByYG5cIl5cIlwiKycgICAgaWYgKCRzZXJ2aWNlLlN0YXR1cyAtbmUgW1N5c3RlbS5TZXJ2aWNlUHJvY2Vzcy5TZXJ2aWNlQ29udHJvbGxlclN0YXR1c106OlJ1bm5pbmcpIHsnK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgICAgICBXcml0ZS1Ib3N0IFwiXlwiXCJgXCJeXCJcIiRzZXJ2aWNlTmFtZWBcIl5cIlwiIGlzIG5vdCBydW5uaW5nLCB0cnlpbmcgdG8gc3RhcnQgaXQuXCJeXCJcIicrXCJeXCJcImByYG5cIl5cIlwiKycgICAgICAgIHRyeSB7JytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICAgICAgICAgIFN0YXJ0LVNlcnZpY2UgLU5hbWUgJHNlcnZpY2VOYW1lIC1FcnJvckFjdGlvbiBTdG9wJytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICAgICAgICAgIFdyaXRlLUhvc3QgJydTZXJ2aWNlIHN0YXJ0ZWQgc3VjY2Vzc2Z1bGx5LicnJytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICAgICAgfSBjYXRjaCB7JytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICAgICAgICAgIFdyaXRlLVdhcm5pbmcgXCJeXCJcIkZhaWxlZCB0byByZXN0YXJ0IHNlcnZpY2UuIEl0IHdpbGwgYmUgc3RhcnRlZCBhZnRlciByZWJvb3QuIEVycm9yOiAkKCRfLkV4Y2VwdGlvbi5NZXNzYWdlKVwiXlwiXCInK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgICAgICB9JytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICB9IGVsc2UgeycrXCJeXCJcImByYG5cIl5cIlwiKycgICAgICAgIFdyaXRlLUhvc3QgXCJeXCJcImBcIl5cIlwiJHNlcnZpY2VOYW1lYFwiXlwiXCIgaXMgYWxyZWFkeSBydW5uaW5nLCBubyBuZWVkIHRvIHN0YXJ0LlwiXlwiXCInK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgIH0nK1wiXlwiXCJgcmBuXCJeXCJcIisnfSc7IEludm9rZS1Bc1RydXN0ZWRJbnN0YWxsZXIgJGNtZFwiXG46OiBSZXN0b3JlIGZpbGVzIG1hdGNoaW5nIHBhdHRlcm46IFwiJVBST0dSQU1GSUxFUyVcXFdpbmRvd3MgRGVmZW5kZXJcXE5pc1Nydi5leGVcIiAgYXMgVHJ1c3RlZEluc3RhbGxlclxuUG93ZXJTaGVsbCAtRXhlY3V0aW9uUG9saWN5IFVucmVzdHJpY3RlZCAtQ29tbWFuZCBcImZ1bmN0aW9uIEludm9rZS1Bc1RydXN0ZWRJbnN0YWxsZXIoJFNjcmlwdCkgeyAkcHJpbmNpcGFsU2lkID0gW1N5c3RlbS5TZWN1cml0eS5QcmluY2lwYWwuU2VjdXJpdHlJZGVudGlmaWVyXTo6bmV3KCdTLTEtNS04MC05NTYwMDg4ODUtMzQxODUyMjY0OS0xODMxMDM4MDQ0LTE4NTMyOTI2MzEtMjI3MTQ3ODQ2NCcpOyAkcHJpbmNpcGFsTmFtZSA9ICRwcmluY2lwYWxTaWQuVHJhbnNsYXRlKFtTeXN0ZW0uU2VjdXJpdHkuUHJpbmNpcGFsLk5UQWNjb3VudF0pOyAkc3RyZWFtRmlsZSA9IE5ldy1UZW1wb3JhcnlGaWxlOyAkc2NyaXB0RmlsZSA9IE5ldy1UZW1wb3JhcnlGaWxlOyB0cnkgeyAkc2NyaXB0RmlsZSA9IFJlbmFtZS1JdGVtIC1MaXRlcmFsUGF0aCAkc2NyaXB0RmlsZSAtTmV3TmFtZSAoJHNjcmlwdEZpbGUuQmFzZU5hbWUgKyAnLnBzMScpIC1Gb3JjZSAtUGFzc1RocnU7ICRTY3JpcHQgfCBPdXQtRmlsZSAkc2NyaXB0RmlsZSAtRW5jb2RpbmcgVVRGODsgJHRhc2tOYW1lID0gXCJeXCJcInByaXZhY3kkKFtjaGFyXTB4MDAyRSlzZXh5IGludm9rZVwiXlwiXCI7IHNjaHRhc2tzLmV4ZSAvZGVsZXRlIC90biAkdGFza05hbWUgL2YgMj4mMSB8IE91dC1OdWxsOyAkZXhlY3V0aW9uQ29tbWFuZCA9IFwiXlwiXCJwb3dlcnNoZWxsLmV4ZSAtRXhlY3V0aW9uUG9saWN5IEJ5cGFzcyAtRmlsZSAnJHNjcmlwdEZpbGUnICo+JjEgfCBPdXQtRmlsZSAtRmlsZVBhdGggJyRzdHJlYW1GaWxlJyAtRW5jb2RpbmcgVVRGOFwiXlwiXCI7ICRhY3Rpb24gPSBOZXctU2NoZWR1bGVkVGFza0FjdGlvbiAtRXhlY3V0ZSAncG93ZXJzaGVsbC5leGUnIC1Bcmd1bWVudCBcIl5cIlwiLUV4ZWN1dGlvblBvbGljeSBCeXBhc3MgLUNvbW1hbmQgYFwiXlwiXCIkZXhlY3V0aW9uQ29tbWFuZGBcIl5cIlwiXCJeXCJcIjsgJHNldHRpbmdzID0gTmV3LVNjaGVkdWxlZFRhc2tTZXR0aW5nc1NldCAtQWxsb3dTdGFydElmT25CYXR0ZXJpZXMgLURvbnRTdG9wSWZHb2luZ09uQmF0dGVyaWVzOyBSZWdpc3Rlci1TY2hlZHVsZWRUYXNrIC1UYXNrTmFtZSAkdGFza05hbWUgLUFjdGlvbiAkYWN0aW9uIC1TZXR0aW5ncyAkc2V0dGluZ3MgLUZvcmNlIC1FcnJvckFjdGlvbiBTdG9wIHwgT3V0LU51bGw7IHRyeSB7ICgkc2NoZWR1bGVTZXJ2aWNlID0gTmV3LU9iamVjdCAtQ29tT2JqZWN0IFNjaGVkdWxlLlNlcnZpY2UpLkNvbm5lY3QoKTsgJHNjaGVkdWxlU2VydmljZS5HZXRGb2xkZXIoJ1xcJykuR2V0VGFzaygkdGFza05hbWUpLlJ1bkV4KCRudWxsLCAwLCAwLCAkcHJpbmNpcGFsTmFtZSkgfCBPdXQtTnVsbDsgJHRpbWVvdXQgPSAoR2V0LURhdGUpLkFkZE1pbnV0ZXMoNSk7IFdyaXRlLUhvc3QgXCJeXCJcIlJ1bm5pbmcgYXMgJHByaW5jaXBhbE5hbWVcIl5cIlwiOyB3aGlsZSAoKEdldC1TY2hlZHVsZWRUYXNrSW5mbyAkdGFza05hbWUpLkxhc3RUYXNrUmVzdWx0IC1lcSAyNjcwMDkpIHsgU3RhcnQtU2xlZXAgLU1pbGxpc2Vjb25kcyAyMDA7IGlmICgoR2V0LURhdGUpIC1ndCAkdGltZW91dCkgeyBXcml0ZS1XYXJuaW5nICdTa2lwcGluZzogVGltZW91dCc7IGJyZWFrOyB9OyB9OyBpZiAoKCRyZXN1bHQgPSAoR2V0LVNjaGVkdWxlZFRhc2tJbmZvICR0YXNrTmFtZSkuTGFzdFRhc2tSZXN1bHQpIC1uZSAwKSB7IFdyaXRlLUVycm9yIFwiXlwiXCJGYWlsZWQsIGR1ZSB0byBleGl0IGNvZGU6ICRyZXN1bHQuXCJeXCJcIjsgfSB9IGZpbmFsbHkgeyBzY2h0YXNrcy5leGUgL2RlbGV0ZSAvdG4gJHRhc2tOYW1lIC9mIHwgT3V0LU51bGw7IH07IEdldC1Db250ZW50ICRzdHJlYW1GaWxlIH0gZmluYWxseSB7IFJlbW92ZS1JdGVtICRzdHJlYW1GaWxlLCAkc2NyaXB0RmlsZTsgfTsgfTsgJGNtZCA9ICckcmV2ZXJ0ID0gJHRydWUnK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgICRwYXRoR2xvYlBhdHRlcm4gPSBcIl5cIlwiJVBST0dSQU1GSUxFUyVcXFdpbmRvd3MgRGVmZW5kZXJcXE5pc1Nydi5leGUuT0xEXCJeXCJcIicrXCJeXCJcImByYG5cIl5cIlwiKycgICAgJGV4cGFuZGVkUGF0aCA9IFtTeXN0ZW0uRW52aXJvbm1lbnRdOjpFeHBhbmRFbnZpcm9ubWVudFZhcmlhYmxlcygkcGF0aEdsb2JQYXR0ZXJuKScrXCJeXCJcImByYG5cIl5cIlwiKycgICAgV3JpdGUtSG9zdCBcIl5cIlwiU2VhcmNoaW5nIGZvciBpdGVtcyBtYXRjaGluZyBwYXR0ZXJuOiBgXCJeXCJcIiQoJGV4cGFuZGVkUGF0aClgXCJeXCJcIi5cIl5cIlwiJytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICAnK1wiXlwiXCJgcmBuXCJeXCJcIisnJHJlbmFtZWRDb3VudCAgID0gMCcrXCJeXCJcImByYG5cIl5cIlwiKyckc2tpcHBlZENvdW50ICAgPSAwJytcIl5cIlwiYHJgblwiXlwiXCIrJyRmYWlsZWRDb3VudCAgICA9IDAnK1wiXlwiXCJgcmBuXCJeXCJcIisnJytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICAkZm91bmRBYnNvbHV0ZVBhdGhzID0gQCgpJytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICAnK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgIHRyeSB7JytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICAgICAgJGZvdW5kQWJzb2x1dGVQYXRocyArPSBAKCcrXCJeXCJcImByYG5cIl5cIlwiKycgICAgICAgICAgICBHZXQtSXRlbSAtUGF0aCAkZXhwYW5kZWRQYXRoIC1FcnJvckFjdGlvbiBTdG9wIHwgU2VsZWN0LU9iamVjdCAtRXhwYW5kUHJvcGVydHkgRnVsbE5hbWUnK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgICAgICApJytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICB9IGNhdGNoIFtTeXN0ZW0uTWFuYWdlbWVudC5BdXRvbWF0aW9uLkl0ZW1Ob3RGb3VuZEV4Y2VwdGlvbl0geycrXCJeXCJcImByYG5cIl5cIlwiKycgICAgICAgIDwjIFN3YWxsb3csIGRvIG5vdCBydW4gYFRlc3QtUGF0aGAgYmVmb3JlLCBpdCcncyB1bnJlbGlhYmxlIGZvciBnbG9icyByZXF1aXJpbmcgZXh0cmEgcGVybWlzc2lvbnMgIz4nK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgIH0nK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgICRmb3VuZEFic29sdXRlUGF0aHMgPSAkZm91bmRBYnNvbHV0ZVBhdGhzICAgYCcrXCJeXCJcImByYG5cIl5cIlwiKycgICAgICAgIHwgU2VsZWN0LU9iamVjdCAtVW5pcXVlICAgICAgICAgICAgICAgICBgJytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICAgICAgfCBTb3J0LU9iamVjdCAtUHJvcGVydHkgeyAkXy5MZW5ndGggfSAtRGVzY2VuZGluZycrXCJeXCJcImByYG5cIl5cIlwiKycgICAgaWYgKCEkZm91bmRBYnNvbHV0ZVBhdGhzKSB7JytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICAgICAgV3JpdGUtSG9zdCAnJ1NraXBwaW5nLCBubyBpdGVtcyBhdmFpbGFibGUuJycnK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgICAgICBleGl0IDAnK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgIH0nK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgIFdyaXRlLUhvc3QgXCJeXCJcIkluaXRpYXRpbmcgcHJvY2Vzc2luZyBvZiAkKCRmb3VuZEFic29sdXRlUGF0aHMuQ291bnQpIGl0ZW1zIGZyb20gYFwiXlwiXCIkZXhwYW5kZWRQYXRoYFwiXlwiXCIuXCJeXCJcIicrXCJeXCJcImByYG5cIl5cIlwiKycgICAgZm9yZWFjaCAoJHBhdGggaW4gJGZvdW5kQWJzb2x1dGVQYXRocykgeycrXCJeXCJcImByYG5cIl5cIlwiKycgICAgICAgIGlmIChUZXN0LVBhdGggLVBhdGggJHBhdGggLVBhdGhUeXBlIENvbnRhaW5lcikgeycrXCJeXCJcImByYG5cIl5cIlwiKycgICAgV3JpdGUtSG9zdCBcIl5cIlwiU2tpcHBpbmcgZm9sZGVyIChub3QgaXRzIGNvbnRlbnRzKTogYFwiXlwiXCIkcGF0aGBcIl5cIlwiLlwiXlwiXCInK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgICRza2lwcGVkQ291bnQrKycrXCJeXCJcImByYG5cIl5cIlwiKycgICAgY29udGludWUnK1wiXlwiXCJgcmBuXCJeXCJcIisnfScrXCJeXCJcImByYG5cIl5cIlwiKydpZigkcmV2ZXJ0IC1lcSAkdHJ1ZSkgeycrXCJeXCJcImByYG5cIl5cIlwiKycgICAgaWYgKC1ub3QgJHBhdGguRW5kc1dpdGgoJycuT0xEJycpKSB7JytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICAgICAgV3JpdGUtSG9zdCBcIl5cIlwiU2tpcHBpbmcgbm9uLWJhY2t1cCBmaWxlOiBgXCJeXCJcIiRwYXRoYFwiXlwiXCIuXCJeXCJcIicrXCJeXCJcImByYG5cIl5cIlwiKycgICAgICAgICRza2lwcGVkQ291bnQrKycrXCJeXCJcImByYG5cIl5cIlwiKycgICAgICAgIGNvbnRpbnVlJytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICB9JytcIl5cIlwiYHJgblwiXlwiXCIrJ30gZWxzZSB7JytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICBpZiAoJHBhdGguRW5kc1dpdGgoJycuT0xEJycpKSB7JytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICAgICAgV3JpdGUtSG9zdCBcIl5cIlwiU2tpcHBpbmcgYmFja3VwIGZpbGU6IGBcIl5cIlwiJHBhdGhgXCJeXCJcIi5cIl5cIlwiJytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICAgICAgJHNraXBwZWRDb3VudCsrJytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICAgICAgY29udGludWUnK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgIH0nK1wiXlwiXCJgcmBuXCJeXCJcIisnfScrXCJeXCJcImByYG5cIl5cIlwiKyckb3JpZ2luYWxGaWxlUGF0aCA9ICRwYXRoJytcIl5cIlwiYHJgblwiXlwiXCIrJ1dyaXRlLUhvc3QgXCJeXCJcIlByb2Nlc3NpbmcgZmlsZTogYFwiXlwiXCIkb3JpZ2luYWxGaWxlUGF0aGBcIl5cIlwiLlwiXlwiXCInK1wiXlwiXCJgcmBuXCJeXCJcIisnaWYgKC1Ob3QgKFRlc3QtUGF0aCAkb3JpZ2luYWxGaWxlUGF0aCkpIHsnK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgIFdyaXRlLUhvc3QgXCJeXCJcIlNraXBwaW5nLCBmaWxlIGBcIl5cIlwiJG9yaWdpbmFsRmlsZVBhdGhgXCJeXCJcIiBub3QgZm91bmQuXCJeXCJcIicrXCJeXCJcImByYG5cIl5cIlwiKycgICAgJHNraXBwZWRDb3VudCsrJytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICBleGl0IDAnK1wiXlwiXCJgcmBuXCJeXCJcIisnfScrXCJeXCJcImByYG5cIl5cIlwiKycnK1wiXlwiXCJgcmBuXCJeXCJcIisnaWYgKCRyZXZlcnQgLWVxICR0cnVlKSB7JytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICAkbmV3RmlsZVBhdGggPSAkb3JpZ2luYWxGaWxlUGF0aC5TdWJzdHJpbmcoMCwgJG9yaWdpbmFsRmlsZVBhdGguTGVuZ3RoIC0gNCknK1wiXlwiXCJgcmBuXCJeXCJcIisnfSBlbHNlIHsnK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgICRuZXdGaWxlUGF0aCA9IFwiXlwiXCIkKCRvcmlnaW5hbEZpbGVQYXRoKS5PTERcIl5cIlwiJytcIl5cIlwiYHJgblwiXlwiXCIrJ30nK1wiXlwiXCJgcmBuXCJeXCJcIisndHJ5IHsnK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgIE1vdmUtSXRlbSAtTGl0ZXJhbFBhdGggXCJeXCJcIiQoJG9yaWdpbmFsRmlsZVBhdGgpXCJeXCJcIiAtRGVzdGluYXRpb24gXCJeXCJcIiRuZXdGaWxlUGF0aFwiXlwiXCIgLUZvcmNlIC1FcnJvckFjdGlvbiBTdG9wJytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICBXcml0ZS1Ib3N0IFwiXlwiXCJTdWNjZXNzZnVsbHkgcHJvY2Vzc2VkIGBcIl5cIlwiJG9yaWdpbmFsRmlsZVBhdGhgXCJeXCJcIi5cIl5cIlwiJytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICAkcmVuYW1lZENvdW50KysnK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgICcrXCJeXCJcImByYG5cIl5cIlwiKyd9IGNhdGNoIHsnK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgIFdyaXRlLUVycm9yIFwiXlwiXCJGYWlsZWQgdG8gcmVuYW1lIGBcIl5cIlwiJG9yaWdpbmFsRmlsZVBhdGhgXCJeXCJcIiB0byBgXCJeXCJcIiRuZXdGaWxlUGF0aGBcIl5cIlwiOiAkKCRfLkV4Y2VwdGlvbi5NZXNzYWdlKVwiXlwiXCInK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgICRmYWlsZWRDb3VudCsrJytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICAnK1wiXlwiXCJgcmBuXCJeXCJcIisnfScrXCJeXCJcImByYG5cIl5cIlwiKycgICAgfScrXCJeXCJcImByYG5cIl5cIlwiKycgICAgaWYgKCgkcmVuYW1lZENvdW50IC1ndCAwKSAtb3IgKCRza2lwcGVkQ291bnQgLWd0IDApKSB7JytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICBXcml0ZS1Ib3N0IFwiXlwiXCJTdWNjZXNzZnVsbHkgcHJvY2Vzc2VkICRyZW5hbWVkQ291bnQgaXRlbXMgYW5kIHNraXBwZWQgJHNraXBwZWRDb3VudCBpdGVtcy5cIl5cIlwiJytcIl5cIlwiYHJgblwiXlwiXCIrJ30nK1wiXlwiXCJgcmBuXCJeXCJcIisnaWYgKCRmYWlsZWRDb3VudCAtZ3QgMCkgeycrXCJeXCJcImByYG5cIl5cIlwiKycgICAgV3JpdGUtV2FybmluZyBcIl5cIlwiRmFpbGVkIHRvIHByb2Nlc3MgJCgkZmFpbGVkQ291bnQpIGl0ZW1zLlwiXlwiXCInK1wiXlwiXCJgcmBuXCJeXCJcIisnfScrXCJeXCJcImByYG5cIl5cIlwiKycnOyBJbnZva2UtQXNUcnVzdGVkSW5zdGFsbGVyICRjbWRcIlxuOjogUmVtb3ZlIGNvbmZpZ3VyYXRpb24gcHJldmVudGluZyBcIk5pc1Nydi5leGVcIiBmcm9tIHN0YXJ0aW5nXG46OiBEZWxldGUgdGhlIHJlZ2lzdHJ5IHZhbHVlIFwiSEtMTVxcU09GVFdBUkVcXE1pY3Jvc29mdFxcV2luZG93cyBOVFxcQ3VycmVudFZlcnNpb25cXEltYWdlIEZpbGUgRXhlY3V0aW9uIE9wdGlvbnNcXE5pc1Nydi5leGUhRGVidWdnZXJcIlxuUG93ZXJTaGVsbCAtRXhlY3V0aW9uUG9saWN5IFVucmVzdHJpY3RlZCAtQ29tbWFuZCBcInJlZyBkZWxldGUgJ0hLTE1cXFNPRlRXQVJFXFxNaWNyb3NvZnRcXFdpbmRvd3MgTlRcXEN1cnJlbnRWZXJzaW9uXFxJbWFnZSBGaWxlIEV4ZWN1dGlvbiBPcHRpb25zXFxOaXNTcnYuZXhlJyAvdiAnRGVidWdnZXInIC9mIDI+JG51bGxcIlxuOjogUmVtb3ZlIHRoZSBydWxlIHRoYXQgcHJldmVudHMgdGhlIGV4ZWN1dGFibGUgXCJOaXNTcnYuZXhlXCIgZnJvbSBydW5uaW5nIHZpYSBGaWxlIEV4cGxvcmVyXG5Qb3dlclNoZWxsIC1FeGVjdXRpb25Qb2xpY3kgVW5yZXN0cmljdGVkIC1Db21tYW5kIFwiJGV4ZWN1dGFibGVGaWxlbmFtZT0nTmlzU3J2LmV4ZSc7IHRyeSB7ICRibG9ja0VudHJpZXMgPSBHZXQtSXRlbVByb3BlcnR5IC1QYXRoICdIS0NVOlxcU29mdHdhcmVcXE1pY3Jvc29mdFxcV2luZG93c1xcQ3VycmVudFZlcnNpb25cXFBvbGljaWVzXFxFeHBsb3JlclxcRGlzYWxsb3dSdW4nIC1FcnJvckFjdGlvbiBJZ25vcmU7IGlmICgtTm90ICRibG9ja0VudHJpZXMpIHsgV3JpdGUtT3V0cHV0IFwiXlwiXCJTa2lwcGluZywgbm8gYWN0aW9uIG5lZWRlZDogTm8gYmxvY2sgcnVsZXMgZXhpc3QsIGBcIl5cIlwiJGV4ZWN1dGFibGVGaWxlbmFtZWBcIl5cIlwiIGlzIG5vdCBibG9ja2VkLlwiXlwiXCI7IGV4aXQgMDsgfTsgJGJsb2NraW5nUnVsZXNGb3JFeGVjdXRhYmxlID0gQCg7ICRibG9ja0VudHJpZXMuUFNPYmplY3QuUHJvcGVydGllcyB8IFdoZXJlLU9iamVjdCB7ICRfLlZhbHVlIC1lcSAkZXhlY3V0YWJsZUZpbGVuYW1lIH07ICk7IGlmICgtTm90ICRibG9ja2luZ1J1bGVzRm9yRXhlY3V0YWJsZSkgeyBXcml0ZS1PdXRwdXQgXCJeXCJcIlNraXBwaW5nLCBubyBhY3Rpb24gbmVlZGVkOiBgXCJeXCJcIiRleGVjdXRhYmxlRmlsZW5hbWVgXCJeXCJcIiBpcyBub3QgY3VycmVudGx5IGJsb2NrZWQuXCJeXCJcIjsgZXhpdCAwOyB9OyBmb3JlYWNoICgkYmxvY2tpbmdSdWxlRm9yRXhlY3V0YWJsZSBpbiAkYmxvY2tpbmdSdWxlc0ZvckV4ZWN1dGFibGUpIHsgJGJsb2NraW5nUnVsZUluZGV4Rm9yRXhlY3V0YWJsZSA9ICRibG9ja2luZ1J1bGVGb3JFeGVjdXRhYmxlLk5hbWU7IFdyaXRlLU91dHB1dCBcIl5cIlwiUmVtb3ZpbmcgcnVsZSBgXCJeXCJcIiRibG9ja2luZ1J1bGVJbmRleEZvckV4ZWN1dGFibGVgXCJeXCJcIiB0aGF0IGJsb2NrcyBgXCJeXCJcIiRleGVjdXRhYmxlRmlsZW5hbWVgXCJeXCJcIi5cIl5cIlwiOyBSZW1vdmUtSXRlbVByb3BlcnR5IC1QYXRoICdIS0NVOlxcU29mdHdhcmVcXE1pY3Jvc29mdFxcV2luZG93c1xcQ3VycmVudFZlcnNpb25cXFBvbGljaWVzXFxFeHBsb3JlclxcRGlzYWxsb3dSdW4nIC1OYW1lIFwiXlwiXCIkYmxvY2tpbmdSdWxlSW5kZXhGb3JFeGVjdXRhYmxlXCJeXCJcIiAtRm9yY2UgLUVycm9yQWN0aW9uIFN0b3A7IFdyaXRlLU91dHB1dCBcIl5cIlwiU3VjY2Vzc2Z1bGx5IHJldm9rZWQgYmxvY2tpbmcgb2YgYCRleGVjdXRhYmxlRmlsZW5hbWVgIHVuZGVyIHJ1bGUgYFwiXlwiXCIkYmxvY2tpbmdSdWxlSW5kZXhGb3JFeGVjdXRhYmxlYFwiXlwiXCIuXCJeXCJcIjsgfTsgfSBjYXRjaCB7IFdyaXRlLUVycm9yIFwiXlwiXCJGYWlsZWQgdG8gcmV2b2tlIGJsb2NraW5nIG9mIGBcIl5cIlwiJGV4ZWN1dGFibGVGaWxlbmFtZWBcIl5cIlwiOiAkX1wiXlwiXCI7IEV4aXQgMTsgfVwiXG46OiBSZXN0b3JlIHRoZSBGaWxlIEV4cGxvcmVyIERpc2FsbG93UnVuIHBvbGljeSBpZiBubyBvdGhlciBibG9ja3MgYXJlIGFjdGl2ZVxuUG93ZXJTaGVsbCAtRXhlY3V0aW9uUG9saWN5IFVucmVzdHJpY3RlZCAtQ29tbWFuZCBcInRyeSB7ICRjdXJyZW50RGlzYWxsb3dSdW5Qb2xpY3lWYWx1ZSA9IEdldC1JdGVtUHJvcGVydHkgLVBhdGggJ0hLQ1U6XFxTb2Z0d2FyZVxcTWljcm9zb2Z0XFxXaW5kb3dzXFxDdXJyZW50VmVyc2lvblxcUG9saWNpZXNcXEV4cGxvcmVyJyAtTmFtZSAnRGlzYWxsb3dSdW4nIC1FcnJvckFjdGlvbiBJZ25vcmUgfCBTZWxlY3QtT2JqZWN0IC1FeHBhbmRQcm9wZXJ0eSAnRGlzYWxsb3dSdW4nOyBpZiAoW3N0cmluZ106OklzTnVsbE9yRW1wdHkoJGN1cnJlbnREaXNhbGxvd1J1blBvbGljeVZhbHVlKSkgeyBXcml0ZS1PdXRwdXQgJ1NraXBwaW5nLCBubyBhY3Rpb24gbmVlZGVkOiBEaXNhbGxvd1J1biBwb2xpY3kgaXMgbm90IGFjdGl2ZS4nOyBFeGl0IDA7IH07IGlmICgkY3VycmVudERpc2FsbG93UnVuUG9saWN5VmFsdWUgLW5lIDEpIHsgV3JpdGUtT3V0cHV0IFwiXlwiXCJTa2lwcGluZywgRGlzYWxsb3dSdW4gcG9saWN5IGlzIG5vdCBjb25maWd1cmVkIGJ5IHByaXZhY3kuc2V4eSwgdW5leHBlY3RlZCB2YWx1ZTogYFwiXlwiXCIkY3VycmVudERpc2FsbG93UnVuUG9saWN5VmFsdWVgXCJeXCJcIi5cIl5cIlwiOyBFeGl0IDA7IH07ICRyZW1haW5pbmdCbG9ja2luZ1J1bGVzID0gR2V0LUl0ZW1Qcm9wZXJ0eSAtUGF0aCAnSEtDVTpcXFNvZnR3YXJlXFxNaWNyb3NvZnRcXFdpbmRvd3NcXEN1cnJlbnRWZXJzaW9uXFxQb2xpY2llc1xcRXhwbG9yZXJcXERpc2FsbG93UnVuJyAtRXJyb3JBY3Rpb24gSWdub3JlOyBpZiAoJHJlbWFpbmluZ0Jsb2NraW5nUnVsZXMpIHsgV3JpdGUtT3V0cHV0ICdTa2lwcGluZyBkZWFjdGl2YXRpbmcgRGlzYWxsb3dSdW4gcG9saWN5LCB0aGVyZSBhcmUgc3RpbGwgYWN0aXZlIHJ1bGVzLic7IEV4aXQgMDsgfTsgV3JpdGUtT3V0cHV0ICdObyByZW1haW5pbmcgcnVsZXMsIGRlbGV0aW5nIERpc2FsbG93UnVuIHBvbGljeS4nOyBSZW1vdmUtSXRlbVByb3BlcnR5IC1QYXRoICdIS0NVOlxcU29mdHdhcmVcXE1pY3Jvc29mdFxcV2luZG93c1xcQ3VycmVudFZlcnNpb25cXFBvbGljaWVzXFxFeHBsb3JlcicgLU5hbWUgJ0Rpc2FsbG93UnVuJyAtRm9yY2UgLUVycm9yQWN0aW9uIFN0b3A7IFdyaXRlLU91dHB1dCAnU3VjY2Vzc2Z1bGx5IHJlc3RvcmVkIERpc2FsbG93UnVuIHBvbGljeS4nOyB9IGNhdGNoIHsgV3JpdGUtRXJyb3IgXCJeXCJcIkZhaWxlZCB0byByZXN0b3JlIERpc2FsbG93UnVuIHBvbGljeTogJF9cIl5cIlwiOyBFeGl0IDE7IH1cIiI=

Help

How to apply or restore "Disable Defender Antivirus network inspection service" using commands

≈ 2 min to complete
Tools: Command Prompt
Difficulty: Medium
≈ 3 instructions

View step-by-step guide with screenshots

1
Open Command Prompt
Open Command Prompt as Administrator.
2
Copy code
Copy the code:
Copy Apply Code Copy Revert Code
3
Paste & run
Paste the commands into Command Prompt and press Enter to run.
Some changes require a system restart to take effect

Similar Guides

Wider Goal

Guides below includes this guide to achieve a wider goal.

Disable Defender services and drivers
Disable Defender Antivirus
Disable Defender
Privacy over security

Visit category page

Same Goal

Other guides in Disable Defender services and drivers

Disable Defender Antivirus service

Disable "Microsoft Defender Antivirus Network Inspection System Driver" service

Disable Defender Antivirus device filter driver

Disable Microsoft Defender Core Service

About the Creators

These people have authored this documentation and written its scripts:

undergroundwires
- Certified security professional
- 7+ years experience securing banks
- Open-source developer since 2005
- EU advisor, Public Speaker, Moderator
Open-Source Contributors
- Hundreds across the globe
- Testers, reviewers, developers
- Companies, military agencies
- Community since 2017

About Us

Reviewed By

This guide has undergone comprehensive auditing and peer review:

Expert review by undergroundwires
- Verified technical accuracy and editorial standards
- Assessed system impact and user privacy risks
- Audited and verified using automated security tests
Public review by large community
- Privacy enthusiasts and professionals peer-reviewed
- Millions of end-users tested across different environments
- Audited and verified using third-party security software

History

We continually monitor our guides, their impact and other potential privacy options. We update our guides when new information becomes available. On every update, we publicly store who made the change, what has been changed, why the change was made and when the change was made.

Review Change History Our Change Process

Overview​

Technical Details​

Overview of default service statuses​

Increased Privacy

Decreased Security

Apply Now​

Download script​

How to apply or restore "Disable Defender Antivirus network inspection service" using script​

Download

Keep the file

Open

Exit

Restart

Apply with privacy.sexy​

How to apply or restore "Disable Defender Antivirus network inspection service" using privacy.sexy​

Open or download

Choose script

Run

Run commands​

How to apply or restore "Disable Defender Antivirus network inspection service" using commands​

Open Command Prompt

Copy code

Paste & run

Similar Guides​

Wider Goal​

Same Goal​

About the Creators​

Reviewed By​

Expert review by undergroundwires​

Public review by large community​

History​

Overview

Technical Details

Overview of default service statuses

Apply Now

Download script

How to apply or restore "Disable Defender Antivirus network inspection service" using script

Apply with privacy.sexy

How to apply or restore "Disable Defender Antivirus network inspection service" using privacy.sexy

Run commands

How to apply or restore "Disable Defender Antivirus network inspection service" using commands

Similar Guides

Wider Goal

Same Goal

About the Creators

Reviewed By

Expert review by undergroundwires

Public review by large community

History