Disable Defender Antivirus service (breaks "Set-MpPreference" cmdlet)

Works with Windows 10 and 11

Windows only
Single action
Impact: High
Batch (batchfile)
Administrator rights required
Fully reversible

Overview

This script disables the Microsoft Defender Antivirus Service and its associated process (MsMpEng.exe).

This service is known both as Microsoft Defender Antivirus Service ¹ ² and Windows Defender Service ². It is the primary component of Defender Antivirus ², essential for its functionality ¹ ³.

Disabling this service has the following benefits:

It enhances privacy by preventing Microsoft from collecting data about your system and files for malware analysis.
It improves system performance by reducing background processes and resource usage.

Disabling this service comes at a cost:

It reduces your system's security by removing real-time malware protection.
It may also impair other Defender products, such as Defender for Endpoint ⁴.
It interrupts the functionality of the Set-MpPreference PowerShell cmdlet. This cmdlet is used to configure Defender scans and updates ⁵.

Caution

Disabling this service reduces your computer's security against malware, may affect other protective features, and can prevent you from changing Defender settings.

Technical Details

This service runs the MsMpEng.exe executable ⁶ ⁷. This executable is also known as Microsoft Defender Antivirus service executable ⁴ or Antimalware Service Executable ¹. It's located at:

On modern Windows versions:
- %PROGRAMFILES%\Windows Defender ⁴ ⁶ ⁷
On older versions of Windows:
- %PROGRAMDATA%\Microsoft\Windows Defender\Platform\*\MsMpEng.exe ⁸
- %PROGRAMFILES%\Microsoft Security Client on older versions ⁴.

Attempting to use the Set-MpPreference cmdlet in PowerShell after disabling the service results in an error. Here's an example:

$ Set-MpPreference -Force -MAPSReporting 0

Set-MpPreference: Operation failed with the following error: 0x800106ba. Operation: Set-MpPreference.
Target: MAPS_MAPSReporting. FullyQualifiedErrorId : HRESULT 0x800106ba,Set-MpPreference.

Overview of default service statuses

OS Version	Status	Start type
Windows 10 (≥ 22H2)	🟢 Running	Automatic
Windows 11 (≥ 23H2)	🟢 Running	Automatic

Not Advised
This script should only be used by advanced users.
This script is not recommended for daily use as it breaks important functionality.
Consider creating a system restore point before doing any changes.
Security Trade-off
This action prioritizes privacy over certain security features. It's not recommended and should only be used by advanced users after understanding its implications.
Increased Privacy
Enhanced privacy through reduced data collection and tracking
Decreased Security
Some security features will be disabled or limited
This script can be reversed, this action allows you to can restore the system security.

Sources

PrivacyLearn.com maintains strict sourcing standards for accuracy, integrity and up-to-date content. Our content relies on authoritative sources including vendor documentation, industry standards, and verified research. Learn more about our verification process and quality standards in our editorial standards page.

Microsoft Defender Antivirus in Windows Overview - Microsoft Defender for Endpoint. Microsoft Learn. learn.microsoft.com. (2024).
Original: https://learn.microsoft.com/en-us/defender-endpoint/microsoft-defender-antivirus-windows
Archived: https://web.archive.org/web/20240609145624/https://learn.microsoft.com/en-us/defender-endpoint/microsoft-defender-antivirus-windows?view=o365-worldwide
Microsoft Defender Antivirus on Windows Server - Microsoft Defender for Endpoint. Microsoft Learn. learn.microsoft.com. (2024).
Original: https://learn.microsoft.com/en-us/defender-endpoint/microsoft-defender-antivirus-on-windows-server
Archived: https://web.archive.org/web/20240609150337/https://learn.microsoft.com/en-us/defender-endpoint/microsoft-defender-antivirus-on-windows-server?view=o365-worldwide
Troubleshoot Microsoft Defender for Endpoint onboarding issues - Microsoft Defender for Endpoint. Microsoft Learn. learn.microsoft.com. (2024).
Original: https://learn.microsoft.com/en-us/defender-endpoint/troubleshoot-onboarding
Archived: https://web.archive.org/web/20240609145030/https://learn.microsoft.com/en-us/defender-endpoint/troubleshoot-onboarding?view=o365-worldwide
Microsoft Defender for Endpoint - Proxy Service URLs (Commercial). download.microsoft.com. (2024).
Original: https://download.microsoft.com/download/6/b/f/6bfff670-47c3-4e45-b01b-64a2610eaefa/mde-urls-commercial.xlsx
Archived: https://web.archive.org/web/20240609102213/https://download.microsoft.com/download/6/b/f/6bfff670-47c3-4e45-b01b-64a2610eaefa/mde-urls-commercial.xlsx
Set-MpPreference (Defender). Microsoft Learn. learn.microsoft.com. (2024).
Original: https://learn.microsoft.com/en-us/powershell/module/defender/set-mppreference
Archived: https://web.archive.org/web/20240609150331/https://learn.microsoft.com/en-us/powershell/module/defender/set-mppreference?view=windowsserver2022-ps
Microsoft Defender Antivirus Service - Windows 10 Service - batcmd.com. batcmd.com. (2024).
Original: https://batcmd.com/windows/10/services/windefend
Archived: https://web.archive.org/web/20240314091238/https://batcmd.com/windows/10/services/windefend/
Microsoft Defender Antivirus Service - Windows 11 Service - batcmd.com. batcmd.com. (2024).
Original: https://batcmd.com/windows/11/services/windefend
Archived: https://web.archive.org/web/20240609144111/https://batcmd.com/windows/11/services/windefend/
Is this the normal path for MsMpEng.exe? - Microsoft Community. answers.microsoft.com. (2024).
Original: https://answers.microsoft.com/en-us/windows/forum/all/is-this-the-normal-path-for-msmpengexe/5a369636-b3d0-432e-a16d-609a3ae5867e
Archived: https://web.archive.org/web/20240925234238/https://answers.microsoft.com/en-us/windows/forum/all/is-this-the-normal-path-for-msmpengexe/5a369636-b3d0-432e-a16d-609a3ae5867e

Apply Now

Choose one of three ways to apply:

Download script

Download and run the script directly

No app needed
Offline usage
Easy-to-apply
Free
Open-source

Apply protection

Undo protection

Help

How to apply or restore "Disable Defender Antivirus service (breaks Set-MpPreference cmdlet)" using script

≈ 2 min to complete
Tools: Web Browser
Difficulty: Simple
≈ 5 instructions

1
Download
Download the script file by clicking on the Apply protection button above.
Use Undo protection button above to restore changes.
2
Keep the file
If warned by your browser, keep the file.
3
Open
Open the downloaded file.
4
Exit
Once it's done, press any key to exit the window.
5
Restart
Restart your computer for all changes to take effect.

Apply with privacy.sexy

Guided, automated application with safety checks

Recommended for most users
Includes safety checks
Free
Open-source
Popular
Offline/Online usage

Open privacy.sexy

Help

How to apply or restore "Disable Defender Antivirus service (breaks Set-MpPreference cmdlet)" using privacy.sexy

≈ 3 min to complete
Tools: privacy.sexy
Difficulty: Simple
≈ 4 instructions

privacy.sexy is free and open-source application that lets securely apply this action easily with more advanced options.

1
Open or download
Open or download the desktop application
2
Choose script
1. Search for the script name: Disable Defender Antivirus service (breaks Set-MpPreference cmdlet)
2. Check the script by clicking on the checkbox.
3
Run
Click on ▶️ Run button at the bottom of the page.
This button only appears on desktop version (recommended). On browser, use 💾 Save button.

Run commands

Copy and run commands manually Requires technical knowledge

Apply
Revert

Apply changes
:: Disable the service `WinDefend` using TrustedInstaller privileges
PowerShell -ExecutionPolicy Unrestricted -Command "function Invoke-AsTrustedInstaller($Script) { $principalSid = [System.Security.Principal.SecurityIdentifier]::new('S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464'); $principalName = $principalSid.Translate([System.Security.Principal.NTAccount]); $streamFile = New-TemporaryFile; $scriptFile = New-TemporaryFile; try { $scriptFile = Rename-Item -LiteralPath $scriptFile -NewName ($scriptFile.BaseName + '.ps1') -Force -PassThru; $Script | Out-File $scriptFile -Encoding UTF8; $taskName = "^""privacy$([char]0x002E)sexy invoke"^""; schtasks.exe /delete /tn $taskName /f 2>&1 | Out-Null; $executionCommand = "^""powershell.exe -ExecutionPolicy Bypass -File '$scriptFile' *>&1 | Out-File -FilePath '$streamFile' -Encoding UTF8"^""; $action = New-ScheduledTaskAction -Execute 'powershell.exe' -Argument "^""-ExecutionPolicy Bypass -Command `"^""$executionCommand`"^"""^""; $settings = New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries; Register-ScheduledTask -TaskName $taskName -Action $action -Settings $settings -Force -ErrorAction Stop | Out-Null; try { ($scheduleService = New-Object -ComObject Schedule.Service).Connect(); $scheduleService.GetFolder('\').GetTask($taskName).RunEx($null, 0, 0, $principalName) | Out-Null; $timeout = (Get-Date).AddMinutes(5); Write-Host "^""Running as $principalName"^""; while ((Get-ScheduledTaskInfo $taskName).LastTaskResult -eq 267009) { Start-Sleep -Milliseconds 200; if ((Get-Date) -gt $timeout) { Write-Warning 'Skipping: Timeout'; break; }; }; if (($result = (Get-ScheduledTaskInfo $taskName).LastTaskResult) -ne 0) { Write-Error "^""Failed, due to exit code: $result."^""; } } finally { schtasks.exe /delete /tn $taskName /f | Out-Null; }; Get-Content $streamFile } finally { Remove-Item $streamFile, $scriptFile; }; }; $cmd = '$serviceQuery = ''WinDefend'''+"^""`r`n"^""+'$stopWithDependencies= $false'+"^""`r`n"^""+'<# -- 1. Skip if service does not exist #>'+"^""`r`n"^""+'$service = Get-Service -Name $serviceQuery -ErrorAction SilentlyContinue'+"^""`r`n"^""+'if(!$service) {'+"^""`r`n"^""+'    Write-Host "^""Service query `"^""$serviceQuery`"^"" did not yield any results, no need to disable it."^""'+"^""`r`n"^""+'    Exit 0'+"^""`r`n"^""+'}'+"^""`r`n"^""+'$serviceName = $service.Name'+"^""`r`n"^""+'Write-Host "^""Disabling service: `"^""$serviceName`"^""."^""'+"^""`r`n"^""+'<# -- 2. Stop if running #>'+"^""`r`n"^""+'if ($service.Status -eq [System.ServiceProcess.ServiceControllerStatus]::Running) {'+"^""`r`n"^""+'    Write-Host "^""`"^""$serviceName`"^"" is running, attempting to stop it."^""'+"^""`r`n"^""+'    try {'+"^""`r`n"^""+'        Write-Host "^""Stopping the service `"^""$serviceName`"^""."^""'+"^""`r`n"^""+'        $stopParams = @{ `'+"^""`r`n"^""+'            Name = $ServiceName'+"^""`r`n"^""+'            Force = $true'+"^""`r`n"^""+'            ErrorAction = ''Stop'''+"^""`r`n"^""+'        }'+"^""`r`n"^""+'        if (-not $stopWithDependencies) {'+"^""`r`n"^""+'            $stopParams[''NoWait''] = $true'+"^""`r`n"^""+'        }'+"^""`r`n"^""+'        Stop-Service @stopParams'+"^""`r`n"^""+'        Write-Host "^""Stopped `"^""$serviceName`"^"" successfully."^""'+"^""`r`n"^""+'    } catch {'+"^""`r`n"^""+'        if ($_.FullyQualifiedErrorId -eq ''CouldNotStopService,Microsoft.PowerShell.Commands.StopServiceCommand'') {'+"^""`r`n"^""+'            Write-Warning "^""The service `"^""$serviceName`"^"" does not accept a stop command and may need to be stopped manually or on reboot."^""'+"^""`r`n"^""+'        } else {'+"^""`r`n"^""+'            Write-Warning "^""Failed to stop service `"^""$ServiceName`"^"". It will be stopped after reboot. Error: $($_.Exception.Message)"^""'+"^""`r`n"^""+'        }'+"^""`r`n"^""+'    }'+"^""`r`n"^""+'} else {'+"^""`r`n"^""+'    Write-Host "^""`"^""$serviceName`"^"" is not running, no need to stop."^""'+"^""`r`n"^""+'}'+"^""`r`n"^""+'<# -- 3. Skip if service info is not found in registry #>'+"^""`r`n"^""+'$registryKey = "^""HKLM:\SYSTEM\CurrentControlSet\Services\$serviceName"^""'+"^""`r`n"^""+'if (-Not (Test-Path $registryKey)) {'+"^""`r`n"^""+'    Write-Host "^""`"^""$registryKey`"^"" is not found in registry, cannot enable it."^""'+"^""`r`n"^""+'    Exit 0'+"^""`r`n"^""+'}'+"^""`r`n"^""+'<# -- 4. Skip if already disabled #>'+"^""`r`n"^""+'if( $(Get-ItemProperty -Path "^""$registryKey"^"").Start -eq 4) {'+"^""`r`n"^""+'    Write-Host "^""`"^""$serviceName`"^"" is already disabled from start, no further action is needed."^""'+"^""`r`n"^""+'    Exit 0'+"^""`r`n"^""+'}'+"^""`r`n"^""+'<# -- 5. Disable service #>'+"^""`r`n"^""+'try {'+"^""`r`n"^""+'    Set-ItemProperty `'+"^""`r`n"^""+'        -LiteralPath $registryKey `'+"^""`r`n"^""+'        -Name "^""Start"^"" `'+"^""`r`n"^""+'        -Value 4 `'+"^""`r`n"^""+'        -ErrorAction Stop'+"^""`r`n"^""+'    Write-Host ''Successfully disabled the service. It will not start automatically on next boot.'''+"^""`r`n"^""+'} catch {'+"^""`r`n"^""+'    Write-Error "^""Failed to disable the service. Error: $($_.Exception.Message)"^""'+"^""`r`n"^""+'    Exit 1'+"^""`r`n"^""+'}'; Invoke-AsTrustedInstaller $cmd"
:: Soft delete files matching pattern: "%PROGRAMFILES%\Windows Defender\MsMpEng.exe"  as TrustedInstaller
PowerShell -ExecutionPolicy Unrestricted -Command "function Invoke-AsTrustedInstaller($Script) { $principalSid = [System.Security.Principal.SecurityIdentifier]::new('S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464'); $principalName = $principalSid.Translate([System.Security.Principal.NTAccount]); $streamFile = New-TemporaryFile; $scriptFile = New-TemporaryFile; try { $scriptFile = Rename-Item -LiteralPath $scriptFile -NewName ($scriptFile.BaseName + '.ps1') -Force -PassThru; $Script | Out-File $scriptFile -Encoding UTF8; $taskName = "^""privacy$([char]0x002E)sexy invoke"^""; schtasks.exe /delete /tn $taskName /f 2>&1 | Out-Null; $executionCommand = "^""powershell.exe -ExecutionPolicy Bypass -File '$scriptFile' *>&1 | Out-File -FilePath '$streamFile' -Encoding UTF8"^""; $action = New-ScheduledTaskAction -Execute 'powershell.exe' -Argument "^""-ExecutionPolicy Bypass -Command `"^""$executionCommand`"^"""^""; $settings = New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries; Register-ScheduledTask -TaskName $taskName -Action $action -Settings $settings -Force -ErrorAction Stop | Out-Null; try { ($scheduleService = New-Object -ComObject Schedule.Service).Connect(); $scheduleService.GetFolder('\').GetTask($taskName).RunEx($null, 0, 0, $principalName) | Out-Null; $timeout = (Get-Date).AddMinutes(5); Write-Host "^""Running as $principalName"^""; while ((Get-ScheduledTaskInfo $taskName).LastTaskResult -eq 267009) { Start-Sleep -Milliseconds 200; if ((Get-Date) -gt $timeout) { Write-Warning 'Skipping: Timeout'; break; }; }; if (($result = (Get-ScheduledTaskInfo $taskName).LastTaskResult) -ne 0) { Write-Error "^""Failed, due to exit code: $result."^""; } } finally { schtasks.exe /delete /tn $taskName /f | Out-Null; }; Get-Content $streamFile } finally { Remove-Item $streamFile, $scriptFile; }; }; $cmd = '$pathGlobPattern = "^""%PROGRAMFILES%\Windows Defender\MsMpEng.exe"^""'+"^""`r`n"^""+'$expandedPath = [System.Environment]::ExpandEnvironmentVariables($pathGlobPattern)'+"^""`r`n"^""+'Write-Host "^""Searching for items matching pattern: `"^""$($expandedPath)`"^""."^""'+"^""`r`n"^""+''+"^""`r`n"^""+'$renamedCount   = 0'+"^""`r`n"^""+'$skippedCount   = 0'+"^""`r`n"^""+'$failedCount    = 0'+"^""`r`n"^""+''+"^""`r`n"^""+'$foundAbsolutePaths = @()'+"^""`r`n"^""+''+"^""`r`n"^""+'try {'+"^""`r`n"^""+'    $foundAbsolutePaths += @('+"^""`r`n"^""+'        Get-Item -Path $expandedPath -ErrorAction Stop | Select-Object -ExpandProperty FullName'+"^""`r`n"^""+'    )'+"^""`r`n"^""+'} catch [System.Management.Automation.ItemNotFoundException] {'+"^""`r`n"^""+'    <# Swallow, do not run `Test-Path` before, it''s unreliable for globs requiring extra permissions #>'+"^""`r`n"^""+'}'+"^""`r`n"^""+'$foundAbsolutePaths = $foundAbsolutePaths   `'+"^""`r`n"^""+'    | Select-Object -Unique                 `'+"^""`r`n"^""+'    | Sort-Object -Property { $_.Length } -Descending'+"^""`r`n"^""+'if (!$foundAbsolutePaths) {'+"^""`r`n"^""+'    Write-Host ''Skipping, no items available.'''+"^""`r`n"^""+'    exit 0'+"^""`r`n"^""+'}'+"^""`r`n"^""+'Write-Host "^""Initiating processing of $($foundAbsolutePaths.Count) items from `"^""$expandedPath`"^""."^""'+"^""`r`n"^""+'foreach ($path in $foundAbsolutePaths) {'+"^""`r`n"^""+'    if (Test-Path -Path $path -PathType Container) {'+"^""`r`n"^""+'    Write-Host "^""Skipping folder (not its contents): `"^""$path`"^""."^""'+"^""`r`n"^""+'    $skippedCount++'+"^""`r`n"^""+'    continue'+"^""`r`n"^""+'}'+"^""`r`n"^""+'if($revert -eq $true) {'+"^""`r`n"^""+'    if (-not $path.EndsWith(''.OLD'')) {'+"^""`r`n"^""+'        Write-Host "^""Skipping non-backup file: `"^""$path`"^""."^""'+"^""`r`n"^""+'        $skippedCount++'+"^""`r`n"^""+'        continue'+"^""`r`n"^""+'    }'+"^""`r`n"^""+'} else {'+"^""`r`n"^""+'    if ($path.EndsWith(''.OLD'')) {'+"^""`r`n"^""+'        Write-Host "^""Skipping backup file: `"^""$path`"^""."^""'+"^""`r`n"^""+'        $skippedCount++'+"^""`r`n"^""+'        continue'+"^""`r`n"^""+'    }'+"^""`r`n"^""+'}'+"^""`r`n"^""+'$originalFilePath = $path'+"^""`r`n"^""+'Write-Host "^""Processing file: `"^""$originalFilePath`"^""."^""'+"^""`r`n"^""+'if (-Not (Test-Path $originalFilePath)) {'+"^""`r`n"^""+'    Write-Host "^""Skipping, file `"^""$originalFilePath`"^"" not found."^""'+"^""`r`n"^""+'    $skippedCount++'+"^""`r`n"^""+'    exit 0'+"^""`r`n"^""+'}'+"^""`r`n"^""+''+"^""`r`n"^""+'if ($revert -eq $true) {'+"^""`r`n"^""+'    $newFilePath = $originalFilePath.Substring(0, $originalFilePath.Length - 4)'+"^""`r`n"^""+'} else {'+"^""`r`n"^""+'    $newFilePath = "^""$($originalFilePath).OLD"^""'+"^""`r`n"^""+'}'+"^""`r`n"^""+'try {'+"^""`r`n"^""+'    Move-Item -LiteralPath "^""$($originalFilePath)"^"" -Destination "^""$newFilePath"^"" -Force -ErrorAction Stop'+"^""`r`n"^""+'    Write-Host "^""Successfully processed `"^""$originalFilePath`"^""."^""'+"^""`r`n"^""+'    $renamedCount++'+"^""`r`n"^""+'    '+"^""`r`n"^""+'} catch {'+"^""`r`n"^""+'    Write-Error "^""Failed to rename `"^""$originalFilePath`"^"" to `"^""$newFilePath`"^"": $($_.Exception.Message)"^""'+"^""`r`n"^""+'    $failedCount++'+"^""`r`n"^""+'    '+"^""`r`n"^""+'}'+"^""`r`n"^""+'}'+"^""`r`n"^""+'if (($renamedCount -gt 0) -or ($skippedCount -gt 0)) {'+"^""`r`n"^""+'    Write-Host "^""Successfully processed $renamedCount items and skipped $skippedCount items."^""'+"^""`r`n"^""+'}'+"^""`r`n"^""+'if ($failedCount -gt 0) {'+"^""`r`n"^""+'    Write-Warning "^""Failed to process $($failedCount) items."^""'+"^""`r`n"^""+'}'+"^""`r`n"^""+''; Invoke-AsTrustedInstaller $cmd"
:: Check and terminate the running process "MsMpEng.exe"
tasklist /fi "ImageName eq MsMpEng.exe" /fo csv 2>NUL | find /i "MsMpEng.exe">NUL && (
    echo MsMpEng.exe is running and will be killed.
    taskkill /f /im MsMpEng.exe
) || (
    echo Skipping, MsMpEng.exe is not running.
)
:: Configure termination of "MsMpEng.exe" immediately upon its startup
:: Set the registry value: "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MsMpEng.exe!Debugger"
PowerShell -ExecutionPolicy Unrestricted -Command "$registryPath = 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MsMpEng.exe'; $data = '%SYSTEMROOT%\System32\taskkill.exe'; reg add 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MsMpEng.exe' /v 'Debugger' /t 'REG_SZ' /d "^""$data"^"" /f"
:: Add a rule to prevent the executable "MsMpEng.exe" from running via File Explorer
PowerShell -ExecutionPolicy Unrestricted -Command "$executableFilename='MsMpEng.exe'; try { $registryPathForDisallowRun='HKCU:\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun'; $existingBlockEntries = Get-ItemProperty -Path "^""$registryPathForDisallowRun"^"" -ErrorAction Ignore; $nextFreeRuleIndex = 1; if ($existingBlockEntries) { $existingBlockingRuleForExecutable = $existingBlockEntries.PSObject.Properties | Where-Object { $_.Value -eq $executableFilename }; if ($existingBlockingRuleForExecutable) { $existingBlockingRuleIndexForExecutable = $existingBlockingRuleForExecutable.Name; Write-Output "^""Skipping, no action needed: '$executableFilename' is already blocked under rule index `"^""$existingBlockingRuleIndexForExecutable`"^""."^""; exit 0; }; $occupiedRuleIndexes = $existingBlockEntries.PSObject.Properties | Where-Object { $_.Name -Match '^\d+$' } | Select -ExpandProperty Name; if ($occupiedRuleIndexes) { while ($occupiedRuleIndexes -Contains $nextFreeRuleIndex) { $nextFreeRuleIndex += 1; }; }; }; Write-Output "^""Adding block rule for `"^""$executableFilename`"^"" under rule index `"^""$nextFreeRuleIndex`"^""."^""; if (!(Test-Path $registryPathForDisallowRun)) { New-Item -Path "^""$registryPathForDisallowRun"^"" -Force -ErrorAction Stop | Out-Null; }; New-ItemProperty -Path "^""$registryPathForDisallowRun"^"" -Name "^""$nextFreeRuleIndex"^"" -PropertyType String -Value "^""$executableFilename"^"" ` -ErrorAction Stop | Out-Null; Write-Output "^""Successfully blocked `"^""$executableFilename`"^"" with rule index `"^""$nextFreeRuleIndex`"^""."^""; } catch { Write-Error "^""Failed to block `"^""$executableFilename`"^"": $_"^""; Exit 1; }"
:: Activate the DisallowRun policy to block specified programs from running via File Explorer
PowerShell -ExecutionPolicy Unrestricted -Command "try { $fileExplorerDisallowRunRegistryPath = 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer'; $currentDisallowRunPolicyValue = Get-ItemProperty -Path "^""$fileExplorerDisallowRunRegistryPath"^"" -Name 'DisallowRun' -ErrorAction Ignore | Select -ExpandProperty DisallowRun; if ([string]::IsNullOrEmpty($currentDisallowRunPolicyValue)) { Write-Output "^""Creating DisallowRun policy at `"^""$fileExplorerDisallowRunRegistryPath`"^""."^""; if (!(Test-Path $fileExplorerDisallowRunRegistryPath)) { New-Item -Path "^""$fileExplorerDisallowRunRegistryPath"^"" -Force -ErrorAction Stop | Out-Null; }; New-ItemProperty -Path "^""$fileExplorerDisallowRunRegistryPath"^"" -Name 'DisallowRun' -Value 1 -PropertyType DWORD -Force -ErrorAction Stop | Out-Null; Write-Output 'Successfully activated DisallowRun policy.'; Exit 0; }; if ($currentDisallowRunPolicyValue -eq 1) { Write-Output 'Skipping, no action needed: DisallowRun policy is already in place.'; Exit 0; }; Write-Output 'Updating DisallowRun policy from unexpected value `"^""$currentDisallowRunPolicyValue`"^"" to `"^""1`"^"".'; Set-ItemProperty -Path "^""$fileExplorerDisallowRunRegistryPath"^"" -Name 'DisallowRun' -Value 1 -Type DWORD -Force -ErrorAction Stop | Out-Null; Write-Output 'Successfully activated DisallowRun policy.'; } catch { Write-Error "^""Failed to activate DisallowRun policy: $_"^""; Exit 1; }"

Restore changes

Ijo6IFJlc3RvcmUgdGhlIHNlcnZpY2UgYFdpbkRlZmVuZGAgdXNpbmcgVHJ1c3RlZEluc3RhbGxlciBwcml2aWxlZ2VzXG5Qb3dlclNoZWxsIC1FeGVjdXRpb25Qb2xpY3kgVW5yZXN0cmljdGVkIC1Db21tYW5kIFwiZnVuY3Rpb24gSW52b2tlLUFzVHJ1c3RlZEluc3RhbGxlcigkU2NyaXB0KSB7ICRwcmluY2lwYWxTaWQgPSBbU3lzdGVtLlNlY3VyaXR5LlByaW5jaXBhbC5TZWN1cml0eUlkZW50aWZpZXJdOjpuZXcoJ1MtMS01LTgwLTk1NjAwODg4NS0zNDE4NTIyNjQ5LTE4MzEwMzgwNDQtMTg1MzI5MjYzMS0yMjcxNDc4NDY0Jyk7ICRwcmluY2lwYWxOYW1lID0gJHByaW5jaXBhbFNpZC5UcmFuc2xhdGUoW1N5c3RlbS5TZWN1cml0eS5QcmluY2lwYWwuTlRBY2NvdW50XSk7ICRzdHJlYW1GaWxlID0gTmV3LVRlbXBvcmFyeUZpbGU7ICRzY3JpcHRGaWxlID0gTmV3LVRlbXBvcmFyeUZpbGU7IHRyeSB7ICRzY3JpcHRGaWxlID0gUmVuYW1lLUl0ZW0gLUxpdGVyYWxQYXRoICRzY3JpcHRGaWxlIC1OZXdOYW1lICgkc2NyaXB0RmlsZS5CYXNlTmFtZSArICcucHMxJykgLUZvcmNlIC1QYXNzVGhydTsgJFNjcmlwdCB8IE91dC1GaWxlICRzY3JpcHRGaWxlIC1FbmNvZGluZyBVVEY4OyAkdGFza05hbWUgPSBcIl5cIlwicHJpdmFjeSQoW2NoYXJdMHgwMDJFKXNleHkgaW52b2tlXCJeXCJcIjsgc2NodGFza3MuZXhlIC9kZWxldGUgL3RuICR0YXNrTmFtZSAvZiAyPiYxIHwgT3V0LU51bGw7ICRleGVjdXRpb25Db21tYW5kID0gXCJeXCJcInBvd2Vyc2hlbGwuZXhlIC1FeGVjdXRpb25Qb2xpY3kgQnlwYXNzIC1GaWxlICckc2NyaXB0RmlsZScgKj4mMSB8IE91dC1GaWxlIC1GaWxlUGF0aCAnJHN0cmVhbUZpbGUnIC1FbmNvZGluZyBVVEY4XCJeXCJcIjsgJGFjdGlvbiA9IE5ldy1TY2hlZHVsZWRUYXNrQWN0aW9uIC1FeGVjdXRlICdwb3dlcnNoZWxsLmV4ZScgLUFyZ3VtZW50IFwiXlwiXCItRXhlY3V0aW9uUG9saWN5IEJ5cGFzcyAtQ29tbWFuZCBgXCJeXCJcIiRleGVjdXRpb25Db21tYW5kYFwiXlwiXCJcIl5cIlwiOyAkc2V0dGluZ3MgPSBOZXctU2NoZWR1bGVkVGFza1NldHRpbmdzU2V0IC1BbGxvd1N0YXJ0SWZPbkJhdHRlcmllcyAtRG9udFN0b3BJZkdvaW5nT25CYXR0ZXJpZXM7IFJlZ2lzdGVyLVNjaGVkdWxlZFRhc2sgLVRhc2tOYW1lICR0YXNrTmFtZSAtQWN0aW9uICRhY3Rpb24gLVNldHRpbmdzICRzZXR0aW5ncyAtRm9yY2UgLUVycm9yQWN0aW9uIFN0b3AgfCBPdXQtTnVsbDsgdHJ5IHsgKCRzY2hlZHVsZVNlcnZpY2UgPSBOZXctT2JqZWN0IC1Db21PYmplY3QgU2NoZWR1bGUuU2VydmljZSkuQ29ubmVjdCgpOyAkc2NoZWR1bGVTZXJ2aWNlLkdldEZvbGRlcignXFwnKS5HZXRUYXNrKCR0YXNrTmFtZSkuUnVuRXgoJG51bGwsIDAsIDAsICRwcmluY2lwYWxOYW1lKSB8IE91dC1OdWxsOyAkdGltZW91dCA9IChHZXQtRGF0ZSkuQWRkTWludXRlcyg1KTsgV3JpdGUtSG9zdCBcIl5cIlwiUnVubmluZyBhcyAkcHJpbmNpcGFsTmFtZVwiXlwiXCI7IHdoaWxlICgoR2V0LVNjaGVkdWxlZFRhc2tJbmZvICR0YXNrTmFtZSkuTGFzdFRhc2tSZXN1bHQgLWVxIDI2NzAwOSkgeyBTdGFydC1TbGVlcCAtTWlsbGlzZWNvbmRzIDIwMDsgaWYgKChHZXQtRGF0ZSkgLWd0ICR0aW1lb3V0KSB7IFdyaXRlLVdhcm5pbmcgJ1NraXBwaW5nOiBUaW1lb3V0JzsgYnJlYWs7IH07IH07IGlmICgoJHJlc3VsdCA9IChHZXQtU2NoZWR1bGVkVGFza0luZm8gJHRhc2tOYW1lKS5MYXN0VGFza1Jlc3VsdCkgLW5lIDApIHsgV3JpdGUtRXJyb3IgXCJeXCJcIkZhaWxlZCwgZHVlIHRvIGV4aXQgY29kZTogJHJlc3VsdC5cIl5cIlwiOyB9IH0gZmluYWxseSB7IHNjaHRhc2tzLmV4ZSAvZGVsZXRlIC90biAkdGFza05hbWUgL2YgfCBPdXQtTnVsbDsgfTsgR2V0LUNvbnRlbnQgJHN0cmVhbUZpbGUgfSBmaW5hbGx5IHsgUmVtb3ZlLUl0ZW0gJHN0cmVhbUZpbGUsICRzY3JpcHRGaWxlOyB9OyB9OyAkY21kID0gJyRzZXJ2aWNlUXVlcnkgPSAnJ1dpbkRlZmVuZCcnJytcIl5cIlwiYHJgblwiXlwiXCIrJyRkZWZhdWx0U3RhcnR1cE1vZGUgPSAnJ0F1dG9tYXRpYycnJytcIl5cIlwiYHJgblwiXlwiXCIrJzwjIC0tIDEuIFNraXAgaWYgc2VydmljZSBkb2VzIG5vdCBleGlzdCAjPicrXCJeXCJcImByYG5cIl5cIlwiKyckc2VydmljZSA9IEdldC1TZXJ2aWNlIC1OYW1lICRzZXJ2aWNlUXVlcnkgLUVycm9yQWN0aW9uIFNpbGVudGx5Q29udGludWUnK1wiXlwiXCJgcmBuXCJeXCJcIisnaWYgKCEkc2VydmljZSkgeycrXCJeXCJcImByYG5cIl5cIlwiKycgICAgV3JpdGUtV2FybmluZyBcIl5cIlwiU2VydmljZSBxdWVyeSBgXCJeXCJcIiRzZXJ2aWNlUXVlcnlgXCJeXCJcIiBkaWQgbm90IHlpZWxkIGFuZCByZXN1bHRzLiBSZXZlcnQgY2Fubm90IHByb2NlZWQuXCJeXCJcIicrXCJeXCJcImByYG5cIl5cIlwiKycgICAgRXhpdCAxJytcIl5cIlwiYHJgblwiXlwiXCIrJ30nK1wiXlwiXCJgcmBuXCJeXCJcIisnJHNlcnZpY2VOYW1lID0gJHNlcnZpY2UuTmFtZScrXCJeXCJcImByYG5cIl5cIlwiKydXcml0ZS1Ib3N0IFwiXlwiXCJSZXN0b3JpbmcgcmVnaXN0cnkgc2V0dGluZ3MgZm9yIHNlcnZpY2UgYFwiXlwiXCIkc2VydmljZU5hbWVgXCJeXCJcIiB0byBkZWZhdWx0IHN0YXJ0dXAgbW9kZSBgXCJeXCJcIiRkZWZhdWx0U3RhcnR1cE1vZGVgXCJeXCJcIi5cIl5cIlwiJytcIl5cIlwiYHJgblwiXlwiXCIrJzwjIC0tIDIuIFNraXAgaWYgc2VydmljZSBpbmZvIGlzIG5vdCBmb3VuZCBpbiByZWdpc3RyeSAjPicrXCJeXCJcImByYG5cIl5cIlwiKyckcmVnaXN0cnlLZXkgPSBcIl5cIlwiSEtMTTpcXFNZU1RFTVxcQ3VycmVudENvbnRyb2xTZXRcXFNlcnZpY2VzXFwkc2VydmljZU5hbWVcIl5cIlwiJytcIl5cIlwiYHJgblwiXlwiXCIrJ2lmICgtTm90IChUZXN0LVBhdGggJHJlZ2lzdHJ5S2V5KSkgeycrXCJeXCJcImByYG5cIl5cIlwiKycgICAgV3JpdGUtV2FybmluZyBcIl5cIlwiYFwiXlwiXCIkcmVnaXN0cnlLZXlgXCJeXCJcIiBpcyBub3QgZm91bmQgaW4gcmVnaXN0cnkuIFJldmVydCBjYW5ub3QgcHJvY2VlZC5cIl5cIlwiJytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICBFeGl0IDEnK1wiXlwiXCJgcmBuXCJeXCJcIisnfScrXCJeXCJcImByYG5cIl5cIlwiKyc8IyAtLSAzLiBFbmFibGUgaWYgbm90IGFscmVhZHkgZW5hYmxlZCAjPicrXCJeXCJcImByYG5cIl5cIlwiKyckZGVmYXVsdFN0YXJ0dXBSZWdWYWx1ZSA9IHN3aXRjaCAoJGRlZmF1bHRTdGFydHVwTW9kZSkgeycrXCJeXCJcImByYG5cIl5cIlwiKycgICAgJydCb290JycgICAgICB7IDAgfScrXCJeXCJcImByYG5cIl5cIlwiKycgICAgJydTeXN0ZW0nJyAgICB7IDEgfScrXCJeXCJcImByYG5cIl5cIlwiKycgICAgJydBdXRvbWF0aWMnJyB7IDIgfScrXCJeXCJcImByYG5cIl5cIlwiKycgICAgJydNYW51YWwnJyAgICB7IDMgfScrXCJeXCJcImByYG5cIl5cIlwiKycgICAgJydEaXNhYmxlZCcnICB7IDQgfScrXCJeXCJcImByYG5cIl5cIlwiKycgICAgZGVmYXVsdCB7JytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICAgICAgV3JpdGUtRXJyb3IgXCJeXCJcIkVycm9yOiBVbmtub3duIHN0YXJ0dXAgbW9kZSBzcGVjaWZpZWQ6IGBcIl5cIlwiJGRlZmF1bHRTdGFydHVwTW9kZWBcIl5cIlwiLiBSZXZlcnQgY2Fubm90IHByb2NlZWQuXCJeXCJcIicrXCJeXCJcImByYG5cIl5cIlwiKycgICAgICAgIHJldHVybicrXCJeXCJcImByYG5cIl5cIlwiKycgICAgfScrXCJeXCJcImByYG5cIl5cIlwiKyd9JytcIl5cIlwiYHJgblwiXlwiXCIrJ2lmICgkKEdldC1JdGVtUHJvcGVydHkgLVBhdGggXCJeXCJcIiRyZWdpc3RyeUtleVwiXlwiXCIpLlN0YXJ0IC1lcSAkZGVmYXVsdFN0YXJ0dXBSZWdWYWx1ZSkgeycrXCJeXCJcImByYG5cIl5cIlwiKycgICAgV3JpdGUtSG9zdCBcIl5cIlwiYFwiXlwiXCIkc2VydmljZU5hbWVgXCJeXCJcIiBpcyBoYXMgYWxyZWFkeSBkZWZhdWx0IHN0YXJ0dXAgbW9kZTogYFwiXlwiXCIkZGVmYXVsdFN0YXJ0dXBNb2RlYFwiXlwiXCIuXCJeXCJcIicrXCJeXCJcImByYG5cIl5cIlwiKyd9IGVsc2UgeycrXCJeXCJcImByYG5cIl5cIlwiKycgICAgdHJ5IHsnK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgICAgICBTZXQtSXRlbVByb3BlcnR5ICRyZWdpc3RyeUtleSAtTmFtZSBTdGFydCAtVmFsdWUgJGRlZmF1bHRTdGFydHVwUmVnVmFsdWUgLUZvcmNlJytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICAgICAgV3JpdGUtSG9zdCBcIl5cIlwiU3VjY2Vzc2Z1bGx5IHJlc3RvcmVkIGBcIl5cIlwiJHNlcnZpY2VOYW1lYFwiXlwiXCIgd2l0aCBgXCJeXCJcIiRkZWZhdWx0U3RhcnR1cE1vZGVgXCJeXCJcIiBzdGFydCwgdGhpcyBtYXkgcmVxdWlyZSByZXN0YXJ0aW5nIHlvdXIgY29tcHV0ZXIuXCJeXCJcIicrXCJeXCJcImByYG5cIl5cIlwiKycgICAgfSBjYXRjaCB7JytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICAgICAgV3JpdGUtRXJyb3IgXCJeXCJcIkNvdWxkIG5vdCBlbmFibGUgYFwiXlwiXCIkc2VydmljZU5hbWVgXCJeXCJcIjogJF9cIl5cIlwiJytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICAgICAgRXhpdCAxJytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICB9JytcIl5cIlwiYHJgblwiXlwiXCIrJ30nK1wiXlwiXCJgcmBuXCJeXCJcIisnPCMgLS0gNC4gU3RhcnQgaWYgbm90IHJ1bm5pbmcgKG11c3QgYmUgZW5hYmxlZCBmaXJzdCkgIz4nK1wiXlwiXCJgcmBuXCJeXCJcIisnaWYgKCRkZWZhdWx0U3RhcnR1cE1vZGUgLWVxICcnQXV0b21hdGljJycgLW9yICRkZWZhdWx0U3RhcnR1cE1vZGUgLWVxICcnQm9vdCcnIC1vciAkZGVmYXVsdFN0YXJ0dXBNb2RlIC1lcSAnJ1N5c3RlbScnKSB7JytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICBpZiAoJHNlcnZpY2UuU3RhdHVzIC1uZSBbU3lzdGVtLlNlcnZpY2VQcm9jZXNzLlNlcnZpY2VDb250cm9sbGVyU3RhdHVzXTo6UnVubmluZykgeycrXCJeXCJcImByYG5cIl5cIlwiKycgICAgICAgIFdyaXRlLUhvc3QgXCJeXCJcImBcIl5cIlwiJHNlcnZpY2VOYW1lYFwiXlwiXCIgaXMgbm90IHJ1bm5pbmcsIHRyeWluZyB0byBzdGFydCBpdC5cIl5cIlwiJytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICAgICAgdHJ5IHsnK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgICAgICAgICAgU3RhcnQtU2VydmljZSAtTmFtZSAkc2VydmljZU5hbWUgLUVycm9yQWN0aW9uIFN0b3AnK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgICAgICAgICAgV3JpdGUtSG9zdCAnJ1NlcnZpY2Ugc3RhcnRlZCBzdWNjZXNzZnVsbHkuJycnK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgICAgICB9IGNhdGNoIHsnK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgICAgICAgICAgV3JpdGUtV2FybmluZyBcIl5cIlwiRmFpbGVkIHRvIHJlc3RhcnQgc2VydmljZS4gSXQgd2lsbCBiZSBzdGFydGVkIGFmdGVyIHJlYm9vdC4gRXJyb3I6ICQoJF8uRXhjZXB0aW9uLk1lc3NhZ2UpXCJeXCJcIicrXCJeXCJcImByYG5cIl5cIlwiKycgICAgICAgIH0nK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgIH0gZWxzZSB7JytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICAgICAgV3JpdGUtSG9zdCBcIl5cIlwiYFwiXlwiXCIkc2VydmljZU5hbWVgXCJeXCJcIiBpcyBhbHJlYWR5IHJ1bm5pbmcsIG5vIG5lZWQgdG8gc3RhcnQuXCJeXCJcIicrXCJeXCJcImByYG5cIl5cIlwiKycgICAgfScrXCJeXCJcImByYG5cIl5cIlwiKyd9JzsgSW52b2tlLUFzVHJ1c3RlZEluc3RhbGxlciAkY21kXCJcbjo6IFJlc3RvcmUgZmlsZXMgbWF0Y2hpbmcgcGF0dGVybjogXCIlUFJPR1JBTUZJTEVTJVxcV2luZG93cyBEZWZlbmRlclxcTXNNcEVuZy5leGVcIiAgYXMgVHJ1c3RlZEluc3RhbGxlclxuUG93ZXJTaGVsbCAtRXhlY3V0aW9uUG9saWN5IFVucmVzdHJpY3RlZCAtQ29tbWFuZCBcImZ1bmN0aW9uIEludm9rZS1Bc1RydXN0ZWRJbnN0YWxsZXIoJFNjcmlwdCkgeyAkcHJpbmNpcGFsU2lkID0gW1N5c3RlbS5TZWN1cml0eS5QcmluY2lwYWwuU2VjdXJpdHlJZGVudGlmaWVyXTo6bmV3KCdTLTEtNS04MC05NTYwMDg4ODUtMzQxODUyMjY0OS0xODMxMDM4MDQ0LTE4NTMyOTI2MzEtMjI3MTQ3ODQ2NCcpOyAkcHJpbmNpcGFsTmFtZSA9ICRwcmluY2lwYWxTaWQuVHJhbnNsYXRlKFtTeXN0ZW0uU2VjdXJpdHkuUHJpbmNpcGFsLk5UQWNjb3VudF0pOyAkc3RyZWFtRmlsZSA9IE5ldy1UZW1wb3JhcnlGaWxlOyAkc2NyaXB0RmlsZSA9IE5ldy1UZW1wb3JhcnlGaWxlOyB0cnkgeyAkc2NyaXB0RmlsZSA9IFJlbmFtZS1JdGVtIC1MaXRlcmFsUGF0aCAkc2NyaXB0RmlsZSAtTmV3TmFtZSAoJHNjcmlwdEZpbGUuQmFzZU5hbWUgKyAnLnBzMScpIC1Gb3JjZSAtUGFzc1RocnU7ICRTY3JpcHQgfCBPdXQtRmlsZSAkc2NyaXB0RmlsZSAtRW5jb2RpbmcgVVRGODsgJHRhc2tOYW1lID0gXCJeXCJcInByaXZhY3kkKFtjaGFyXTB4MDAyRSlzZXh5IGludm9rZVwiXlwiXCI7IHNjaHRhc2tzLmV4ZSAvZGVsZXRlIC90biAkdGFza05hbWUgL2YgMj4mMSB8IE91dC1OdWxsOyAkZXhlY3V0aW9uQ29tbWFuZCA9IFwiXlwiXCJwb3dlcnNoZWxsLmV4ZSAtRXhlY3V0aW9uUG9saWN5IEJ5cGFzcyAtRmlsZSAnJHNjcmlwdEZpbGUnICo+JjEgfCBPdXQtRmlsZSAtRmlsZVBhdGggJyRzdHJlYW1GaWxlJyAtRW5jb2RpbmcgVVRGOFwiXlwiXCI7ICRhY3Rpb24gPSBOZXctU2NoZWR1bGVkVGFza0FjdGlvbiAtRXhlY3V0ZSAncG93ZXJzaGVsbC5leGUnIC1Bcmd1bWVudCBcIl5cIlwiLUV4ZWN1dGlvblBvbGljeSBCeXBhc3MgLUNvbW1hbmQgYFwiXlwiXCIkZXhlY3V0aW9uQ29tbWFuZGBcIl5cIlwiXCJeXCJcIjsgJHNldHRpbmdzID0gTmV3LVNjaGVkdWxlZFRhc2tTZXR0aW5nc1NldCAtQWxsb3dTdGFydElmT25CYXR0ZXJpZXMgLURvbnRTdG9wSWZHb2luZ09uQmF0dGVyaWVzOyBSZWdpc3Rlci1TY2hlZHVsZWRUYXNrIC1UYXNrTmFtZSAkdGFza05hbWUgLUFjdGlvbiAkYWN0aW9uIC1TZXR0aW5ncyAkc2V0dGluZ3MgLUZvcmNlIC1FcnJvckFjdGlvbiBTdG9wIHwgT3V0LU51bGw7IHRyeSB7ICgkc2NoZWR1bGVTZXJ2aWNlID0gTmV3LU9iamVjdCAtQ29tT2JqZWN0IFNjaGVkdWxlLlNlcnZpY2UpLkNvbm5lY3QoKTsgJHNjaGVkdWxlU2VydmljZS5HZXRGb2xkZXIoJ1xcJykuR2V0VGFzaygkdGFza05hbWUpLlJ1bkV4KCRudWxsLCAwLCAwLCAkcHJpbmNpcGFsTmFtZSkgfCBPdXQtTnVsbDsgJHRpbWVvdXQgPSAoR2V0LURhdGUpLkFkZE1pbnV0ZXMoNSk7IFdyaXRlLUhvc3QgXCJeXCJcIlJ1bm5pbmcgYXMgJHByaW5jaXBhbE5hbWVcIl5cIlwiOyB3aGlsZSAoKEdldC1TY2hlZHVsZWRUYXNrSW5mbyAkdGFza05hbWUpLkxhc3RUYXNrUmVzdWx0IC1lcSAyNjcwMDkpIHsgU3RhcnQtU2xlZXAgLU1pbGxpc2Vjb25kcyAyMDA7IGlmICgoR2V0LURhdGUpIC1ndCAkdGltZW91dCkgeyBXcml0ZS1XYXJuaW5nICdTa2lwcGluZzogVGltZW91dCc7IGJyZWFrOyB9OyB9OyBpZiAoKCRyZXN1bHQgPSAoR2V0LVNjaGVkdWxlZFRhc2tJbmZvICR0YXNrTmFtZSkuTGFzdFRhc2tSZXN1bHQpIC1uZSAwKSB7IFdyaXRlLUVycm9yIFwiXlwiXCJGYWlsZWQsIGR1ZSB0byBleGl0IGNvZGU6ICRyZXN1bHQuXCJeXCJcIjsgfSB9IGZpbmFsbHkgeyBzY2h0YXNrcy5leGUgL2RlbGV0ZSAvdG4gJHRhc2tOYW1lIC9mIHwgT3V0LU51bGw7IH07IEdldC1Db250ZW50ICRzdHJlYW1GaWxlIH0gZmluYWxseSB7IFJlbW92ZS1JdGVtICRzdHJlYW1GaWxlLCAkc2NyaXB0RmlsZTsgfTsgfTsgJGNtZCA9ICckcmV2ZXJ0ID0gJHRydWUnK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgICRwYXRoR2xvYlBhdHRlcm4gPSBcIl5cIlwiJVBST0dSQU1GSUxFUyVcXFdpbmRvd3MgRGVmZW5kZXJcXE1zTXBFbmcuZXhlLk9MRFwiXlwiXCInK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgICRleHBhbmRlZFBhdGggPSBbU3lzdGVtLkVudmlyb25tZW50XTo6RXhwYW5kRW52aXJvbm1lbnRWYXJpYWJsZXMoJHBhdGhHbG9iUGF0dGVybiknK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgIFdyaXRlLUhvc3QgXCJeXCJcIlNlYXJjaGluZyBmb3IgaXRlbXMgbWF0Y2hpbmcgcGF0dGVybjogYFwiXlwiXCIkKCRleHBhbmRlZFBhdGgpYFwiXlwiXCIuXCJeXCJcIicrXCJeXCJcImByYG5cIl5cIlwiKycgICAgJytcIl5cIlwiYHJgblwiXlwiXCIrJyRyZW5hbWVkQ291bnQgICA9IDAnK1wiXlwiXCJgcmBuXCJeXCJcIisnJHNraXBwZWRDb3VudCAgID0gMCcrXCJeXCJcImByYG5cIl5cIlwiKyckZmFpbGVkQ291bnQgICAgPSAwJytcIl5cIlwiYHJgblwiXlwiXCIrJycrXCJeXCJcImByYG5cIl5cIlwiKycgICAgJGZvdW5kQWJzb2x1dGVQYXRocyA9IEAoKScrXCJeXCJcImByYG5cIl5cIlwiKycgICAgJytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICB0cnkgeycrXCJeXCJcImByYG5cIl5cIlwiKycgICAgICAgICRmb3VuZEFic29sdXRlUGF0aHMgKz0gQCgnK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgICAgICAgICAgR2V0LUl0ZW0gLVBhdGggJGV4cGFuZGVkUGF0aCAtRXJyb3JBY3Rpb24gU3RvcCB8IFNlbGVjdC1PYmplY3QgLUV4cGFuZFByb3BlcnR5IEZ1bGxOYW1lJytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICAgICAgKScrXCJeXCJcImByYG5cIl5cIlwiKycgICAgfSBjYXRjaCBbU3lzdGVtLk1hbmFnZW1lbnQuQXV0b21hdGlvbi5JdGVtTm90Rm91bmRFeGNlcHRpb25dIHsnK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgICAgICA8IyBTd2FsbG93LCBkbyBub3QgcnVuIGBUZXN0LVBhdGhgIGJlZm9yZSwgaXQnJ3MgdW5yZWxpYWJsZSBmb3IgZ2xvYnMgcmVxdWlyaW5nIGV4dHJhIHBlcm1pc3Npb25zICM+JytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICB9JytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICAkZm91bmRBYnNvbHV0ZVBhdGhzID0gJGZvdW5kQWJzb2x1dGVQYXRocyAgIGAnK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgICAgICB8IFNlbGVjdC1PYmplY3QgLVVuaXF1ZSAgICAgICAgICAgICAgICAgYCcrXCJeXCJcImByYG5cIl5cIlwiKycgICAgICAgIHwgU29ydC1PYmplY3QgLVByb3BlcnR5IHsgJF8uTGVuZ3RoIH0gLURlc2NlbmRpbmcnK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgIGlmICghJGZvdW5kQWJzb2x1dGVQYXRocykgeycrXCJeXCJcImByYG5cIl5cIlwiKycgICAgICAgIFdyaXRlLUhvc3QgJydTa2lwcGluZywgbm8gaXRlbXMgYXZhaWxhYmxlLicnJytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICAgICAgZXhpdCAwJytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICB9JytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICBXcml0ZS1Ib3N0IFwiXlwiXCJJbml0aWF0aW5nIHByb2Nlc3Npbmcgb2YgJCgkZm91bmRBYnNvbHV0ZVBhdGhzLkNvdW50KSBpdGVtcyBmcm9tIGBcIl5cIlwiJGV4cGFuZGVkUGF0aGBcIl5cIlwiLlwiXlwiXCInK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgIGZvcmVhY2ggKCRwYXRoIGluICRmb3VuZEFic29sdXRlUGF0aHMpIHsnK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgICAgICBpZiAoVGVzdC1QYXRoIC1QYXRoICRwYXRoIC1QYXRoVHlwZSBDb250YWluZXIpIHsnK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgIFdyaXRlLUhvc3QgXCJeXCJcIlNraXBwaW5nIGZvbGRlciAobm90IGl0cyBjb250ZW50cyk6IGBcIl5cIlwiJHBhdGhgXCJeXCJcIi5cIl5cIlwiJytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICAkc2tpcHBlZENvdW50KysnK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgIGNvbnRpbnVlJytcIl5cIlwiYHJgblwiXlwiXCIrJ30nK1wiXlwiXCJgcmBuXCJeXCJcIisnaWYoJHJldmVydCAtZXEgJHRydWUpIHsnK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgIGlmICgtbm90ICRwYXRoLkVuZHNXaXRoKCcnLk9MRCcnKSkgeycrXCJeXCJcImByYG5cIl5cIlwiKycgICAgICAgIFdyaXRlLUhvc3QgXCJeXCJcIlNraXBwaW5nIG5vbi1iYWNrdXAgZmlsZTogYFwiXlwiXCIkcGF0aGBcIl5cIlwiLlwiXlwiXCInK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgICAgICAkc2tpcHBlZENvdW50KysnK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgICAgICBjb250aW51ZScrXCJeXCJcImByYG5cIl5cIlwiKycgICAgfScrXCJeXCJcImByYG5cIl5cIlwiKyd9IGVsc2UgeycrXCJeXCJcImByYG5cIl5cIlwiKycgICAgaWYgKCRwYXRoLkVuZHNXaXRoKCcnLk9MRCcnKSkgeycrXCJeXCJcImByYG5cIl5cIlwiKycgICAgICAgIFdyaXRlLUhvc3QgXCJeXCJcIlNraXBwaW5nIGJhY2t1cCBmaWxlOiBgXCJeXCJcIiRwYXRoYFwiXlwiXCIuXCJeXCJcIicrXCJeXCJcImByYG5cIl5cIlwiKycgICAgICAgICRza2lwcGVkQ291bnQrKycrXCJeXCJcImByYG5cIl5cIlwiKycgICAgICAgIGNvbnRpbnVlJytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICB9JytcIl5cIlwiYHJgblwiXlwiXCIrJ30nK1wiXlwiXCJgcmBuXCJeXCJcIisnJG9yaWdpbmFsRmlsZVBhdGggPSAkcGF0aCcrXCJeXCJcImByYG5cIl5cIlwiKydXcml0ZS1Ib3N0IFwiXlwiXCJQcm9jZXNzaW5nIGZpbGU6IGBcIl5cIlwiJG9yaWdpbmFsRmlsZVBhdGhgXCJeXCJcIi5cIl5cIlwiJytcIl5cIlwiYHJgblwiXlwiXCIrJ2lmICgtTm90IChUZXN0LVBhdGggJG9yaWdpbmFsRmlsZVBhdGgpKSB7JytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICBXcml0ZS1Ib3N0IFwiXlwiXCJTa2lwcGluZywgZmlsZSBgXCJeXCJcIiRvcmlnaW5hbEZpbGVQYXRoYFwiXlwiXCIgbm90IGZvdW5kLlwiXlwiXCInK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgICRza2lwcGVkQ291bnQrKycrXCJeXCJcImByYG5cIl5cIlwiKycgICAgZXhpdCAwJytcIl5cIlwiYHJgblwiXlwiXCIrJ30nK1wiXlwiXCJgcmBuXCJeXCJcIisnJytcIl5cIlwiYHJgblwiXlwiXCIrJ2lmICgkcmV2ZXJ0IC1lcSAkdHJ1ZSkgeycrXCJeXCJcImByYG5cIl5cIlwiKycgICAgJG5ld0ZpbGVQYXRoID0gJG9yaWdpbmFsRmlsZVBhdGguU3Vic3RyaW5nKDAsICRvcmlnaW5hbEZpbGVQYXRoLkxlbmd0aCAtIDQpJytcIl5cIlwiYHJgblwiXlwiXCIrJ30gZWxzZSB7JytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICAkbmV3RmlsZVBhdGggPSBcIl5cIlwiJCgkb3JpZ2luYWxGaWxlUGF0aCkuT0xEXCJeXCJcIicrXCJeXCJcImByYG5cIl5cIlwiKyd9JytcIl5cIlwiYHJgblwiXlwiXCIrJ3RyeSB7JytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICBNb3ZlLUl0ZW0gLUxpdGVyYWxQYXRoIFwiXlwiXCIkKCRvcmlnaW5hbEZpbGVQYXRoKVwiXlwiXCIgLURlc3RpbmF0aW9uIFwiXlwiXCIkbmV3RmlsZVBhdGhcIl5cIlwiIC1Gb3JjZSAtRXJyb3JBY3Rpb24gU3RvcCcrXCJeXCJcImByYG5cIl5cIlwiKycgICAgV3JpdGUtSG9zdCBcIl5cIlwiU3VjY2Vzc2Z1bGx5IHByb2Nlc3NlZCBgXCJeXCJcIiRvcmlnaW5hbEZpbGVQYXRoYFwiXlwiXCIuXCJeXCJcIicrXCJeXCJcImByYG5cIl5cIlwiKycgICAgJHJlbmFtZWRDb3VudCsrJytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICAnK1wiXlwiXCJgcmBuXCJeXCJcIisnfSBjYXRjaCB7JytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICBXcml0ZS1FcnJvciBcIl5cIlwiRmFpbGVkIHRvIHJlbmFtZSBgXCJeXCJcIiRvcmlnaW5hbEZpbGVQYXRoYFwiXlwiXCIgdG8gYFwiXlwiXCIkbmV3RmlsZVBhdGhgXCJeXCJcIjogJCgkXy5FeGNlcHRpb24uTWVzc2FnZSlcIl5cIlwiJytcIl5cIlwiYHJgblwiXlwiXCIrJyAgICAkZmFpbGVkQ291bnQrKycrXCJeXCJcImByYG5cIl5cIlwiKycgICAgJytcIl5cIlwiYHJgblwiXlwiXCIrJ30nK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgIH0nK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgIGlmICgoJHJlbmFtZWRDb3VudCAtZ3QgMCkgLW9yICgkc2tpcHBlZENvdW50IC1ndCAwKSkgeycrXCJeXCJcImByYG5cIl5cIlwiKycgICAgV3JpdGUtSG9zdCBcIl5cIlwiU3VjY2Vzc2Z1bGx5IHByb2Nlc3NlZCAkcmVuYW1lZENvdW50IGl0ZW1zIGFuZCBza2lwcGVkICRza2lwcGVkQ291bnQgaXRlbXMuXCJeXCJcIicrXCJeXCJcImByYG5cIl5cIlwiKyd9JytcIl5cIlwiYHJgblwiXlwiXCIrJ2lmICgkZmFpbGVkQ291bnQgLWd0IDApIHsnK1wiXlwiXCJgcmBuXCJeXCJcIisnICAgIFdyaXRlLVdhcm5pbmcgXCJeXCJcIkZhaWxlZCB0byBwcm9jZXNzICQoJGZhaWxlZENvdW50KSBpdGVtcy5cIl5cIlwiJytcIl5cIlwiYHJgblwiXlwiXCIrJ30nK1wiXlwiXCJgcmBuXCJeXCJcIisnJzsgSW52b2tlLUFzVHJ1c3RlZEluc3RhbGxlciAkY21kXCJcbjo6IFJlbW92ZSBjb25maWd1cmF0aW9uIHByZXZlbnRpbmcgXCJNc01wRW5nLmV4ZVwiIGZyb20gc3RhcnRpbmdcbjo6IERlbGV0ZSB0aGUgcmVnaXN0cnkgdmFsdWUgXCJIS0xNXFxTT0ZUV0FSRVxcTWljcm9zb2Z0XFxXaW5kb3dzIE5UXFxDdXJyZW50VmVyc2lvblxcSW1hZ2UgRmlsZSBFeGVjdXRpb24gT3B0aW9uc1xcTXNNcEVuZy5leGUhRGVidWdnZXJcIlxuUG93ZXJTaGVsbCAtRXhlY3V0aW9uUG9saWN5IFVucmVzdHJpY3RlZCAtQ29tbWFuZCBcInJlZyBkZWxldGUgJ0hLTE1cXFNPRlRXQVJFXFxNaWNyb3NvZnRcXFdpbmRvd3MgTlRcXEN1cnJlbnRWZXJzaW9uXFxJbWFnZSBGaWxlIEV4ZWN1dGlvbiBPcHRpb25zXFxNc01wRW5nLmV4ZScgL3YgJ0RlYnVnZ2VyJyAvZiAyPiRudWxsXCJcbjo6IFJlbW92ZSB0aGUgcnVsZSB0aGF0IHByZXZlbnRzIHRoZSBleGVjdXRhYmxlIFwiTXNNcEVuZy5leGVcIiBmcm9tIHJ1bm5pbmcgdmlhIEZpbGUgRXhwbG9yZXJcblBvd2VyU2hlbGwgLUV4ZWN1dGlvblBvbGljeSBVbnJlc3RyaWN0ZWQgLUNvbW1hbmQgXCIkZXhlY3V0YWJsZUZpbGVuYW1lPSdNc01wRW5nLmV4ZSc7IHRyeSB7ICRibG9ja0VudHJpZXMgPSBHZXQtSXRlbVByb3BlcnR5IC1QYXRoICdIS0NVOlxcU29mdHdhcmVcXE1pY3Jvc29mdFxcV2luZG93c1xcQ3VycmVudFZlcnNpb25cXFBvbGljaWVzXFxFeHBsb3JlclxcRGlzYWxsb3dSdW4nIC1FcnJvckFjdGlvbiBJZ25vcmU7IGlmICgtTm90ICRibG9ja0VudHJpZXMpIHsgV3JpdGUtT3V0cHV0IFwiXlwiXCJTa2lwcGluZywgbm8gYWN0aW9uIG5lZWRlZDogTm8gYmxvY2sgcnVsZXMgZXhpc3QsIGBcIl5cIlwiJGV4ZWN1dGFibGVGaWxlbmFtZWBcIl5cIlwiIGlzIG5vdCBibG9ja2VkLlwiXlwiXCI7IGV4aXQgMDsgfTsgJGJsb2NraW5nUnVsZXNGb3JFeGVjdXRhYmxlID0gQCg7ICRibG9ja0VudHJpZXMuUFNPYmplY3QuUHJvcGVydGllcyB8IFdoZXJlLU9iamVjdCB7ICRfLlZhbHVlIC1lcSAkZXhlY3V0YWJsZUZpbGVuYW1lIH07ICk7IGlmICgtTm90ICRibG9ja2luZ1J1bGVzRm9yRXhlY3V0YWJsZSkgeyBXcml0ZS1PdXRwdXQgXCJeXCJcIlNraXBwaW5nLCBubyBhY3Rpb24gbmVlZGVkOiBgXCJeXCJcIiRleGVjdXRhYmxlRmlsZW5hbWVgXCJeXCJcIiBpcyBub3QgY3VycmVudGx5IGJsb2NrZWQuXCJeXCJcIjsgZXhpdCAwOyB9OyBmb3JlYWNoICgkYmxvY2tpbmdSdWxlRm9yRXhlY3V0YWJsZSBpbiAkYmxvY2tpbmdSdWxlc0ZvckV4ZWN1dGFibGUpIHsgJGJsb2NraW5nUnVsZUluZGV4Rm9yRXhlY3V0YWJsZSA9ICRibG9ja2luZ1J1bGVGb3JFeGVjdXRhYmxlLk5hbWU7IFdyaXRlLU91dHB1dCBcIl5cIlwiUmVtb3ZpbmcgcnVsZSBgXCJeXCJcIiRibG9ja2luZ1J1bGVJbmRleEZvckV4ZWN1dGFibGVgXCJeXCJcIiB0aGF0IGJsb2NrcyBgXCJeXCJcIiRleGVjdXRhYmxlRmlsZW5hbWVgXCJeXCJcIi5cIl5cIlwiOyBSZW1vdmUtSXRlbVByb3BlcnR5IC1QYXRoICdIS0NVOlxcU29mdHdhcmVcXE1pY3Jvc29mdFxcV2luZG93c1xcQ3VycmVudFZlcnNpb25cXFBvbGljaWVzXFxFeHBsb3JlclxcRGlzYWxsb3dSdW4nIC1OYW1lIFwiXlwiXCIkYmxvY2tpbmdSdWxlSW5kZXhGb3JFeGVjdXRhYmxlXCJeXCJcIiAtRm9yY2UgLUVycm9yQWN0aW9uIFN0b3A7IFdyaXRlLU91dHB1dCBcIl5cIlwiU3VjY2Vzc2Z1bGx5IHJldm9rZWQgYmxvY2tpbmcgb2YgYCRleGVjdXRhYmxlRmlsZW5hbWVgIHVuZGVyIHJ1bGUgYFwiXlwiXCIkYmxvY2tpbmdSdWxlSW5kZXhGb3JFeGVjdXRhYmxlYFwiXlwiXCIuXCJeXCJcIjsgfTsgfSBjYXRjaCB7IFdyaXRlLUVycm9yIFwiXlwiXCJGYWlsZWQgdG8gcmV2b2tlIGJsb2NraW5nIG9mIGBcIl5cIlwiJGV4ZWN1dGFibGVGaWxlbmFtZWBcIl5cIlwiOiAkX1wiXlwiXCI7IEV4aXQgMTsgfVwiXG46OiBSZXN0b3JlIHRoZSBGaWxlIEV4cGxvcmVyIERpc2FsbG93UnVuIHBvbGljeSBpZiBubyBvdGhlciBibG9ja3MgYXJlIGFjdGl2ZVxuUG93ZXJTaGVsbCAtRXhlY3V0aW9uUG9saWN5IFVucmVzdHJpY3RlZCAtQ29tbWFuZCBcInRyeSB7ICRjdXJyZW50RGlzYWxsb3dSdW5Qb2xpY3lWYWx1ZSA9IEdldC1JdGVtUHJvcGVydHkgLVBhdGggJ0hLQ1U6XFxTb2Z0d2FyZVxcTWljcm9zb2Z0XFxXaW5kb3dzXFxDdXJyZW50VmVyc2lvblxcUG9saWNpZXNcXEV4cGxvcmVyJyAtTmFtZSAnRGlzYWxsb3dSdW4nIC1FcnJvckFjdGlvbiBJZ25vcmUgfCBTZWxlY3QtT2JqZWN0IC1FeHBhbmRQcm9wZXJ0eSAnRGlzYWxsb3dSdW4nOyBpZiAoW3N0cmluZ106OklzTnVsbE9yRW1wdHkoJGN1cnJlbnREaXNhbGxvd1J1blBvbGljeVZhbHVlKSkgeyBXcml0ZS1PdXRwdXQgJ1NraXBwaW5nLCBubyBhY3Rpb24gbmVlZGVkOiBEaXNhbGxvd1J1biBwb2xpY3kgaXMgbm90IGFjdGl2ZS4nOyBFeGl0IDA7IH07IGlmICgkY3VycmVudERpc2FsbG93UnVuUG9saWN5VmFsdWUgLW5lIDEpIHsgV3JpdGUtT3V0cHV0IFwiXlwiXCJTa2lwcGluZywgRGlzYWxsb3dSdW4gcG9saWN5IGlzIG5vdCBjb25maWd1cmVkIGJ5IHByaXZhY3kuc2V4eSwgdW5leHBlY3RlZCB2YWx1ZTogYFwiXlwiXCIkY3VycmVudERpc2FsbG93UnVuUG9saWN5VmFsdWVgXCJeXCJcIi5cIl5cIlwiOyBFeGl0IDA7IH07ICRyZW1haW5pbmdCbG9ja2luZ1J1bGVzID0gR2V0LUl0ZW1Qcm9wZXJ0eSAtUGF0aCAnSEtDVTpcXFNvZnR3YXJlXFxNaWNyb3NvZnRcXFdpbmRvd3NcXEN1cnJlbnRWZXJzaW9uXFxQb2xpY2llc1xcRXhwbG9yZXJcXERpc2FsbG93UnVuJyAtRXJyb3JBY3Rpb24gSWdub3JlOyBpZiAoJHJlbWFpbmluZ0Jsb2NraW5nUnVsZXMpIHsgV3JpdGUtT3V0cHV0ICdTa2lwcGluZyBkZWFjdGl2YXRpbmcgRGlzYWxsb3dSdW4gcG9saWN5LCB0aGVyZSBhcmUgc3RpbGwgYWN0aXZlIHJ1bGVzLic7IEV4aXQgMDsgfTsgV3JpdGUtT3V0cHV0ICdObyByZW1haW5pbmcgcnVsZXMsIGRlbGV0aW5nIERpc2FsbG93UnVuIHBvbGljeS4nOyBSZW1vdmUtSXRlbVByb3BlcnR5IC1QYXRoICdIS0NVOlxcU29mdHdhcmVcXE1pY3Jvc29mdFxcV2luZG93c1xcQ3VycmVudFZlcnNpb25cXFBvbGljaWVzXFxFeHBsb3JlcicgLU5hbWUgJ0Rpc2FsbG93UnVuJyAtRm9yY2UgLUVycm9yQWN0aW9uIFN0b3A7IFdyaXRlLU91dHB1dCAnU3VjY2Vzc2Z1bGx5IHJlc3RvcmVkIERpc2FsbG93UnVuIHBvbGljeS4nOyB9IGNhdGNoIHsgV3JpdGUtRXJyb3IgXCJeXCJcIkZhaWxlZCB0byByZXN0b3JlIERpc2FsbG93UnVuIHBvbGljeTogJF9cIl5cIlwiOyBFeGl0IDE7IH1cIiI=

Help

How to apply or restore "Disable Defender Antivirus service (breaks Set-MpPreference cmdlet)" using commands

≈ 2 min to complete
Tools: Command Prompt
Difficulty: Medium
≈ 3 instructions

View step-by-step guide with screenshots

1
Open Command Prompt
Open Command Prompt as Administrator.
2
Copy code
Copy the code:
Copy Apply Code Copy Revert Code
3
Paste & run
Paste the commands into Command Prompt and press Enter to run.
Some changes require a system restart to take effect

Similar Guides

Wider Goal

Guides below includes this guide to achieve a wider goal.

Disable Defender Antivirus service
Disable Defender services and drivers
Disable Defender Antivirus
Disable Defender
Privacy over security

This category disables the Defender Antivirus service and its related components. This service is also referred to as Microsoft Defender Antivirus Service and Wind...

Visit category page

Same Goal

Other guides in Disable Defender Antivirus service

See all 10 guides

Disable Defender Antivirus service in Safe Mode

Disable Defender Antivirus service always-on state

Disable Defender Antivirus service high-priority startup

Disable Defender Antivirus service automatic launch

Disable Defender Antivirus service active state

Disable Defender Antivirus data storage location

Disable Defender Antivirus service module

Disable Defender Antivirus antimalware engine

Disable Defender Antivirus communication module

Disable Defender Antivirus service communication with apps

About the Creators

These people have authored this documentation and written its scripts:

undergroundwires
- Certified security professional
- 7+ years experience securing banks
- Open-source developer since 2005
- EU advisor, Public Speaker, Moderator
Open-Source Contributors
- Hundreds across the globe
- Testers, reviewers, developers
- Companies, military agencies
- Community since 2017

About Us

Reviewed By

This guide has undergone comprehensive auditing and peer review:

Expert review by undergroundwires
- Verified technical accuracy and editorial standards
- Assessed system impact and user privacy risks
Public review by large community
- Privacy enthusiasts and professionals peer-reviewed
- Millions of end-users tested across different environments

History

We continually monitor our guides, their impact and all other privacy options. We update our guides when new information becomes available. On every update, we publicly store who made the change, what has been changed, why the change was made and when the change was made.

Review Change History Our Change Process

Overview​

Technical Details​

Overview of default service statuses​

Increased Privacy

Decreased Security

Apply Now​

Download script​

How to apply or restore "Disable Defender Antivirus service (breaks Set-MpPreference cmdlet)" using script​

Download

Keep the file

Open

Exit

Restart

Apply with privacy.sexy​

How to apply or restore "Disable Defender Antivirus service (breaks Set-MpPreference cmdlet)" using privacy.sexy​

Open or download

Choose script

Run

Run commands​

How to apply or restore "Disable Defender Antivirus service (breaks Set-MpPreference cmdlet)" using commands​

Open Command Prompt

Copy code

Paste & run

Similar Guides​

Wider Goal​

Same Goal​

About the Creators​

Reviewed By​

Expert review by undergroundwires​

Public review by large community​

History​

Overview

Technical Details

Overview of default service statuses

Apply Now

Download script

How to apply or restore "Disable Defender Antivirus service (breaks Set-MpPreference cmdlet)" using script

Apply with privacy.sexy

How to apply or restore "Disable Defender Antivirus service (breaks Set-MpPreference cmdlet)" using privacy.sexy

Run commands

How to apply or restore "Disable Defender Antivirus service (breaks Set-MpPreference cmdlet)" using commands

Similar Guides

Wider Goal

Same Goal

About the Creators

Reviewed By

Expert review by undergroundwires

Public review by large community

History