Remove "Scan with Defender" from context menu

Apply Now

Works with Windows 10 and 11Works with Windows Vista, XP, 7, 8, 10, 11, and Windows Server 2008 or newer.

• Windows onlyThis script improves your privacy on Windows
• Single actionThis page belongs to a script, containing basic changes to achieve a task.
• Impact: High

  System Functionality / Data Loss Risk: High

  This action improves privacy with high impact when you run the recommended script.

• Batch (batchfile)These changes use Windows system commands to update your settings.
• Administrator rights requiredThis script requires privilege access to do the system changes
• Fully reversible

  You can fully restore this action (revert back to the original behavior) using this website.

  The restore/revert methods provided here can help you fix issues.

Overview

This script removes the Scan with Microsoft Defender option from the right-click context menu.

This script enhances user privacy by limiting engagement with Defender's data collection processes. Defender may collect data during scans and at regular intervals, which some users may find unnecessary or unwanted.

Removing this option only affects the context menu appearance and does not disable Defender or its other functions.

Caution

This may reduce system security by making it less convenient to perform on-demand scans of specific files or folders.

Technical Details

The script functions by altering specific registry keys that correspond to the Defender context menu option. It specifically targets the CLSID {09A47860-11B0-4DA5-AFA5-26D86198A780}, which is associated with this option ^{1 2}. The script alters keys in the HKLM\Software\Classes branch, which automatically reflects in the HKCR (HKEY_CLASSES_ROOT) view ³.

The deletion of this key effectively removes the Scan with Microsoft Defender option from the context menu. This feature is provided by shellext.dll file located in Defender's program files ¹.

1. Not Advised

   This script should only be used by advanced users.

   This script is not recommended for daily use as it breaks important functionality.

   Consider creating a system restore point before doing any changes.

2. Security Trade-off

   This action prioritizes privacy over certain security features. It's not recommended and should only be used by advanced users after understanding its implications.

   Increased Privacy

   Enhanced privacy through reduced data collection and tracking

   Decreased Security

   Some security features will be disabled or limited

   This script can be reversed, this action allows you to can restore the system security.

Sources

PrivacyLearn.com maintains strict sourcing standards for accuracy, integrity and up-to-date content. Our content relies on authoritative sources including vendor documentation, industry standards, and verified research. Learn more about our verification process and quality standards in our editorial standards page.

• CLSID 09A47860-11B0-4DA5-AFA5-26D86198A780. (C:\Program Files\Windows Defender\shellext.dll). STRONTIC. strontic.github.io. (2023).
  Original: https://strontic.github.io/xcyclopedia/library/clsid_09A47860-11B0-4DA5-AFA5-26D86198A780.html
  Archived: https://web.archive.org/web/20231124215149/https://strontic.github.io/xcyclopedia/library/clsid_09A47860-11B0-4DA5-AFA5-26D86198A780.html
• shellext.dll - Should I Block It? (MD5 d9ed4e24723880f608c62e2e00430bdd). www.shouldiblockit.com. (2023).
  Original: https://www.shouldiblockit.com/shellext.dll-d9ed4e24723880f608c62e2e00430bdd.aspx
  Archived: https://web.archive.org/web/20231124215202/https://www.shouldiblockit.com/shellext.dll-d9ed4e24723880f608c62e2e00430bdd.aspx
• HKEY_CLASSES_ROOT Key - Win32 apps. Microsoft Learn. learn.microsoft.com. (2024).
  Original: https://learn.microsoft.com/en-us/windows/win32/sysinfo/hkey-classes-root-key
  Archived: https://web.archive.org/web/20240802114228/https://learn.microsoft.com/en-us/windows/win32/sysinfo/hkey-classes-root-key

Apply Now

Choose one of three ways to apply:

Download script

Download and run the script directly

• No app needed
• Offline usage
• Easy-to-apply
• Free
• Open-source

Apply protection

Undo protection

Help

How to apply or restore "Remove "Scan with Defender" from context menu" using script

• ≈ 2 min to complete
• Tools: Web Browser
• Difficulty: Simple
• ≈ 5 instructions

1. 1

   Download

   Download the script file by clicking on the   Apply protection  button above.
   Use   Undo protection button above to restore changes.
2. 2

   Keep the file

   If warned by your browser, keep the file.
3. 3

   Open

   Open the downloaded file.
4. 4

   Exit

   Once it's done, press any key to exit the window.
5. 5

   Restart

   Restart your computer for all changes to take effect.

Apply with privacy.sexy

Guided, automated application with safety checks

• Recommended for most users
• Includes safety checks
• Free
• Open-source
• Popular
• Offline/Online usage

Open privacy.sexy

Help

How to apply or restore "Remove "Scan with Defender" from context menu" using privacy.sexy

• ≈ 3 min to complete
• Tools: privacy.sexy
• Difficulty: Simple
• ≈ 4 instructions

privacy.sexy is free and open-source application that lets securely apply this action easily with more advanced options.

1. 1

   Open or download

   Open or download the desktop application
2. 2

   Choose script

   1. Search for the script name: Remove "Scan with Defender" from context menu
   2. Check the script by clicking on the checkbox.
3. 3

   Run

   Click on ▶️ Run button at the bottom of the page.

   This button only appears on desktop version (recommended). On browser, use 💾 Save button.

Run commands

Copy and run commands manually Requires technical knowledge

Apply

Apply changes

:: Soft-delete the registry key: HKLM\SOFTWARE\Classes\CLSID\{09A47860-11B0-4DA5-AFA5-26D86198A780} 
PowerShell -ExecutionPolicy Unrestricted -Command "function Copy-Acl($Src, $Dst) { $srcKeys = @(Get-ChildItem -LiteralPath $Src -ErrorAction SilentlyContinue); foreach ($key in $srcKeys) { $dstKey = Join-Path $Dst $key.PSChildName; Copy-Acl -Src $key.PSPath -Dst $dstKey; }; $acl = Get-Acl -Path $Src -ErrorAction Stop; $sections = [System.Security.AccessControl.AccessControlSections]::All -band (-bnot [System.Security.AccessControl.AccessControlSections]::Owner); $sddl = $acl.GetSecurityDescriptorSddlForm($sections); $acl.SetSecurityDescriptorSddlForm($sddl, $sections); Set-Acl -Path $Dst -AclObject $acl -ErrorAction Stop; }; function Rename-KeyWithAcl($Old, $New) { try { Copy-Item -LiteralPath $Old -Destination $New -Recurse -Force -ErrorAction Stop; } catch { throw "^""Failed to copy: $_"^""; }; try { Copy-Acl -Src $Old -Dst $New; } catch { Write-Warning "^""Failed to copy ACL: $_"^""; }; try { Remove-Item -LiteralPath $Old -Force -Recurse -ErrorAction Stop | Out-Null; } catch { try { Remove-Item -LiteralPath $New -Force -Recurse -ErrorAction Stop | Out-Null; } catch { Write-Warning "^""Failed to clean up: $_"^""; }; throw "^""Failed to remove: $_"^""; }; }; $rawPath='HKLM\SOFTWARE\Classes\CLSID\{09A47860-11B0-4DA5-AFA5-26D86198A780}'; $suffix='.OLD'; $global:ok = 0; $global:skip = 0; $global:fail = 0; function Rename-KeyTree($Path) { Write-Host "^""Processing key: $Path"^""; if (-Not (Test-Path -LiteralPath $Path)) { Write-Host 'Skipping: Key does not exist.'; $global:skip++; return; }; $values = (Get-Item -LiteralPath $Path -ErrorAction Stop | Select-Object -ExpandProperty Property); foreach ($value in $values) { Write-Host "^""Renaming '$value'"^""; if ($value.EndsWith($suffix)) { Write-Host 'Skipping: Has suffix.'; $global:skip++; continue; }; $backupName = $value + $suffix; Write-Host "^""Renaming to '$backupName'."^""; try { Rename-ItemProperty -LiteralPath $Path -Name $value -NewName $backupName -ErrorAction Stop; Write-Host 'Successfully renamed.'; $global:ok++; } catch { Write-Warning "^""Failed to rename value: $_"^""; $global:fail++; }; }; $subkeys = @(Get-ChildItem -LiteralPath $Path -ErrorAction SilentlyContinue); foreach ($key in $subkeys) { Rename-KeyTree $key.PSPath; }; Write-Host "^""Renaming key '$Path'."^""; if ($Path.EndsWith($suffix)) { Write-Host 'Skipping: Has suffix.'; $global:skip++; } else { $backupPath = $Path + $suffix; while (Test-Path -LiteralPath $backupPath) { $backupPath += $suffix; }; Write-Host "^""Renaming to '$backupPath'."^""; try { Rename-KeyWithAcl -Old $Path -New $backupPath -ErrorAction Stop; Write-Host 'Successfully renamed.'; $global:ok++; } catch { Write-Warning "^""Failed to rename: $_"^""; $global:fail++; }; }; }; Write-Host "^""Soft deleting registry key '$rawPath' recursively."^""; $hive = $rawPath.Split('\')[0]; $path = $hive + ':' + $rawPath.Substring($hive.Length); Rename-KeyTree $path; $totalItems = $global:ok + $global:skip + $global:fail; Write-Host "^""Total items: $totalItems, Renamed: $global:ok, Skipped: $global:skip, Failed: $global:fail"^""; if (($totalItems -eq 0) -or ($totalItems -eq $global:skip)) { Write-Host 'No items were processed. The operation had no effect.'; } elseif ($global:fail -eq $totalItems) { throw "^""Operation failed. All $global:fail items could not be processed."^""; } elseif ($global:ok) { Write-Host "^""Successfully processed $global:ok item(s)."^""; }"
:: Delete the registry value "(Default)" from the key "HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\EPP" 
PowerShell -ExecutionPolicy Unrestricted -Command "$keyName = 'HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\EPP'; $valueName = '(Default)'; $hive = $keyName.Split('\')[0]; $path = "^""$($hive):$($keyName.Substring($hive.Length))"^""; Write-Host "^""Removing the registry value '$valueName' from '$path'."^""; if (-Not (Test-Path -LiteralPath $path)) { Write-Host 'Skipping, no action needed, registry key does not exist.'; Exit 0; }; $existingValueNames = (Get-ItemProperty -LiteralPath $path).PSObject.Properties.Name; if (-Not ($existingValueNames -Contains $valueName)) { Write-Host 'Skipping, no action needed, registry value does not exist.'; Exit 0; }; try { if ($valueName -ieq '(default)') { Write-Host 'Removing the default value.'; $(Get-Item -LiteralPath $path).OpenSubKey('', $true).DeleteValue(''); } else { Remove-ItemProperty -LiteralPath $path -Name $valueName -Force -ErrorAction Stop; }; Write-Host 'Successfully removed the registry value.'; } catch { Write-Error "^""Failed to remove the registry value: $($_.Exception.Message)"^""; }"
:: Delete the registry value "(Default)" from the key "HKLM\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\EPP" 
PowerShell -ExecutionPolicy Unrestricted -Command "$keyName = 'HKLM\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\EPP'; $valueName = '(Default)'; $hive = $keyName.Split('\')[0]; $path = "^""$($hive):$($keyName.Substring($hive.Length))"^""; Write-Host "^""Removing the registry value '$valueName' from '$path'."^""; if (-Not (Test-Path -LiteralPath $path)) { Write-Host 'Skipping, no action needed, registry key does not exist.'; Exit 0; }; $existingValueNames = (Get-ItemProperty -LiteralPath $path).PSObject.Properties.Name; if (-Not ($existingValueNames -Contains $valueName)) { Write-Host 'Skipping, no action needed, registry value does not exist.'; Exit 0; }; try { if ($valueName -ieq '(default)') { Write-Host 'Removing the default value.'; $(Get-Item -LiteralPath $path).OpenSubKey('', $true).DeleteValue(''); } else { Remove-ItemProperty -LiteralPath $path -Name $valueName -Force -ErrorAction Stop; }; Write-Host 'Successfully removed the registry value.'; } catch { Write-Error "^""Failed to remove the registry value: $($_.Exception.Message)"^""; }"

Revert

Restore changes

Ijo6IFJlc3RvcmUgcmVnaXN0cnkga2V5OiBIS0xNXFxTT0ZUV0FSRVxcQ2xhc3Nlc1xcQ0xTSURcXHswOUE0Nzg2MC0xMUIwLTREQTUtQUZBNS0yNkQ4NjE5OEE3ODB9IFxuUG93ZXJTaGVsbCAtRXhlY3V0aW9uUG9saWN5IFVucmVzdHJpY3RlZCAtQ29tbWFuZCBcImZ1bmN0aW9uIENvcHktQWNsKCRTcmMsICREc3QpIHsgJHNyY0tleXMgPSBAKEdldC1DaGlsZEl0ZW0gLUxpdGVyYWxQYXRoICRTcmMgLUVycm9yQWN0aW9uIFNpbGVudGx5Q29udGludWUpOyBmb3JlYWNoICgka2V5IGluICRzcmNLZXlzKSB7ICRkc3RLZXkgPSBKb2luLVBhdGggJERzdCAka2V5LlBTQ2hpbGROYW1lOyBDb3B5LUFjbCAtU3JjICRrZXkuUFNQYXRoIC1Ec3QgJGRzdEtleTsgfTsgJGFjbCA9IEdldC1BY2wgLVBhdGggJFNyYyAtRXJyb3JBY3Rpb24gU3RvcDsgJHNlY3Rpb25zID0gW1N5c3RlbS5TZWN1cml0eS5BY2Nlc3NDb250cm9sLkFjY2Vzc0NvbnRyb2xTZWN0aW9uc106OkFsbCAtYmFuZCAoLWJub3QgW1N5c3RlbS5TZWN1cml0eS5BY2Nlc3NDb250cm9sLkFjY2Vzc0NvbnRyb2xTZWN0aW9uc106Ok93bmVyKTsgJHNkZGwgPSAkYWNsLkdldFNlY3VyaXR5RGVzY3JpcHRvclNkZGxGb3JtKCRzZWN0aW9ucyk7ICRhY2wuU2V0U2VjdXJpdHlEZXNjcmlwdG9yU2RkbEZvcm0oJHNkZGwsICRzZWN0aW9ucyk7IFNldC1BY2wgLVBhdGggJERzdCAtQWNsT2JqZWN0ICRhY2wgLUVycm9yQWN0aW9uIFN0b3A7IH07IGZ1bmN0aW9uIFJlbmFtZS1LZXlXaXRoQWNsKCRPbGQsICROZXcpIHsgdHJ5IHsgQ29weS1JdGVtIC1MaXRlcmFsUGF0aCAkT2xkIC1EZXN0aW5hdGlvbiAkTmV3IC1SZWN1cnNlIC1Gb3JjZSAtRXJyb3JBY3Rpb24gU3RvcDsgfSBjYXRjaCB7IHRocm93IFwiXlwiXCJGYWlsZWQgdG8gY29weTogJF9cIl5cIlwiOyB9OyB0cnkgeyBDb3B5LUFjbCAtU3JjICRPbGQgLURzdCAkTmV3OyB9IGNhdGNoIHsgV3JpdGUtV2FybmluZyBcIl5cIlwiRmFpbGVkIHRvIGNvcHkgQUNMOiAkX1wiXlwiXCI7IH07IHRyeSB7IFJlbW92ZS1JdGVtIC1MaXRlcmFsUGF0aCAkT2xkIC1Gb3JjZSAtUmVjdXJzZSAtRXJyb3JBY3Rpb24gU3RvcCB8IE91dC1OdWxsOyB9IGNhdGNoIHsgdHJ5IHsgUmVtb3ZlLUl0ZW0gLUxpdGVyYWxQYXRoICROZXcgLUZvcmNlIC1SZWN1cnNlIC1FcnJvckFjdGlvbiBTdG9wIHwgT3V0LU51bGw7IH0gY2F0Y2ggeyBXcml0ZS1XYXJuaW5nIFwiXlwiXCJGYWlsZWQgdG8gY2xlYW4gdXA6ICRfXCJeXCJcIjsgfTsgdGhyb3cgXCJeXCJcIkZhaWxlZCB0byByZW1vdmU6ICRfXCJeXCJcIjsgfTsgfTsgJHJhd1BhdGg9J0hLTE1cXFNPRlRXQVJFXFxDbGFzc2VzXFxDTFNJRFxcezA5QTQ3ODYwLTExQjAtNERBNS1BRkE1LTI2RDg2MTk4QTc4MH0nOyAkc3VmZml4ID0nLk9MRCc7ICRnbG9iYWw6ZmFpbCA9IDA7ICRnbG9iYWw6b2sgPSAwOyBmdW5jdGlvbiBHZXQtUmVhbCgkcykgeyB3aGlsZSAoJHMuRW5kc1dpdGgoJHN1ZmZpeCkpIHsgJHMgPSAkcy5TdWJzdHJpbmcoMCwgJHMuTGVuZ3RoIC0gJHN1ZmZpeC5MZW5ndGgpOyB9OyByZXR1cm4gJHM7IH07IGZ1bmN0aW9uIFJlc3RvcmUtS2V5VHJlZSgkUGF0aCkgeyAkZGVzdCA9IEdldC1SZWFsICRQYXRoOyAkc3JjID0gJFBhdGg7IFdyaXRlLUhvc3QgXCJeXCJcIlJlc3RvcmluZyBrZXk6ICckZGVzdCcgZnJvbSAnJHNyYydcIl5cIlwiOyBpZiAoLU5vdCAkc3JjLkVuZHNXaXRoKCRzdWZmaXgpKSB7ICRzcmMgKz0gJHN1ZmZpeDsgaWYgKC1Ob3QgKFRlc3QtUGF0aCAtTGl0ZXJhbFBhdGggJHNyYykpIHsgV3JpdGUtSG9zdCAnU2tpcHBpbmc6IE5vIGRhdGEuJzsgUmVzdG9yZS1DaGlsZHJlbiAkZGVzdDsgcmV0dXJuOyB9OyB9OyBpZiAoVGVzdC1QYXRoIC1MaXRlcmFsUGF0aCAkZGVzdCkgeyBXcml0ZS1Ib3N0ICdTa2lwcGluZyB0byBhdm9pZCBkYXRhIGxvc3MuIEtleSBhbHJlYWR5IGV4aXN0cy4nOyBXcml0ZS1XYXJuaW5nIFwiXlwiXCJNYW51YWwgaW50ZXJ2ZW50aW9uIG1heSBiZSByZXF1aXJlZCB0byBmdWxseSByZXN0b3JlIGZyb20gJyRzcmMnLlwiXlwiXCI7IH0gZWxzZSB7IHRyeSB7IFJlbmFtZS1LZXlXaXRoQWNsIC1PbGQgJHNyYyAtTmV3ICRkZXN0IC1FcnJvckFjdGlvbiBTdG9wOyBXcml0ZS1Ib3N0ICdTdWNjZXNzZnVsbHkgcmVzdG9yZWQuJzsgJGdsb2JhbDpvaysrOyB9IGNhdGNoIHsgV3JpdGUtV2FybmluZyBcIl5cIlwiRmFpbGVkOiAkX1wiXlwiXCI7ICRnbG9iYWw6ZmFpbCsrOyB9OyB9OyBSZXN0b3JlLUNoaWxkcmVuICRkZXN0OyB9OyBmdW5jdGlvbiBSZXN0b3JlLUNoaWxkcmVuKCRQYXRoKSB7IFdyaXRlLUhvc3QgXCJeXCJcIlJlc3RvcmluZyB2YWx1ZXMgaW4gJyRQYXRoJ1wiXlwiXCI7IGlmICgtTm90IChUZXN0LVBhdGggLUxpdGVyYWxQYXRoICRQYXRoKSkgeyBXcml0ZS1Ib3N0ICdTa2lwcGluZzogS2V5IGRvZXMgbm90IGV4aXN0LiBObyBhY3Rpb24gbmVlZGVkLic7IHJldHVybjsgfTsgJHZhbHVlcyA9ICggR2V0LUl0ZW0gLUxpdGVyYWxQYXRoICRQYXRoIC1FcnJvckFjdGlvbiBTdG9wIHwgU2VsZWN0LU9iamVjdCAtRXhwYW5kUHJvcGVydHkgUHJvcGVydHkgKTsgZm9yZWFjaCAoJHZhbHVlIGluICR2YWx1ZXMpIHsgV3JpdGUtSG9zdCBcIl5cIlwiUmVzdG9yaW5nIHZhbHVlICckdmFsdWUnXCJeXCJcIjsgaWYgKC1Ob3QgJHZhbHVlLkVuZHNXaXRoKCRzdWZmaXgpKSB7IFdyaXRlLUhvc3QgJ1NraXBwaW5nOiBObyBhY3Rpb24gbmVlZGVkLic7IGNvbnRpbnVlOyB9OyAkcmVhbCA9IEdldC1SZWFsICR2YWx1ZTsgV3JpdGUtSG9zdCBcIl5cIlwiUmVuYW1pbmcgdG8gJyRyZWFsJy5cIl5cIlwiOyB0cnkgeyBSZW5hbWUtSXRlbVByb3BlcnR5IC1MaXRlcmFsUGF0aCAkUGF0aCAtTmFtZSAkdmFsdWUgLU5ld05hbWUgJHJlYWwgLUVycm9yQWN0aW9uIFN0b3A7IFdyaXRlLUhvc3QgJ1N1Y2Nlc3NmdWxseSByZXN0b3JlZC4nOyAkZ2xvYmFsOm9rKys7IH0gY2F0Y2ggeyBXcml0ZS1XYXJuaW5nIFwiXlwiXCJGYWlsZWQ6ICRfXCJeXCJcIjsgJGdsb2JhbDpmYWlsKys7IH07IH07ICRrZXlzID0gQChHZXQtQ2hpbGRJdGVtIC1MaXRlcmFsUGF0aCAkUGF0aCAtRXJyb3JBY3Rpb24gU2lsZW50bHlDb250aW51ZSk7IGZvcmVhY2ggKCRrZXkgaW4gJGtleXMpIHsgUmVzdG9yZS1LZXlUcmVlICRrZXkuUFNQYXRoOyB9OyB9OyBXcml0ZS1Ib3N0IFwiXlwiXCJSZXN0b3JpbmcgcmVnaXN0cnkga2V5ICckcmF3UGF0aCcgcmVjdXJzaXZlbHkuXCJeXCJcIjsgJGhpdmUgPSAkcmF3UGF0aC5TcGxpdCgnXFwnKVswXTsgJHBhdGggPSAkaGl2ZSArICc6JyArICRyYXdQYXRoLlN1YnN0cmluZygkaGl2ZS5MZW5ndGgpOyBSZXN0b3JlLUtleVRyZWUgJHBhdGg7IGlmICgkZ2xvYmFsOmZhaWwpIHsgV3JpdGUtRXJyb3IgJ0ZhaWxlZCB0byByZXN0b3JlJzsgRXhpdCAxOyB9XCJcbjo6IFJlc3RvcmUgdGhlIHJlZ2lzdHJ5IHZhbHVlIFwiKERlZmF1bHQpXCIgaW4ga2V5IFwiSEtMTVxcU09GVFdBUkVcXENsYXNzZXNcXERpcmVjdG9yeVxcc2hlbGxleFxcQ29udGV4dE1lbnVIYW5kbGVyc1xcRVBQXCIgdG8gaXRzIG9yaWdpbmFsIHZhbHVlIFxuUG93ZXJTaGVsbCAtRXhlY3V0aW9uUG9saWN5IFVucmVzdHJpY3RlZCAtQ29tbWFuZCBcIiRkYXRhID0gJ3swOUE0Nzg2MC0xMUIwLTREQTUtQUZBNS0yNkQ4NjE5OEE3ODB9JzsgJHJhd1R5cGUgPSAnUkVHX1NaJzsgJHJhd1BhdGggPSAnSEtMTVxcU09GVFdBUkVcXENsYXNzZXNcXERpcmVjdG9yeVxcc2hlbGxleFxcQ29udGV4dE1lbnVIYW5kbGVyc1xcRVBQJzsgJHZhbHVlID0gJyhEZWZhdWx0KSc7ICRoaXZlID0gJHJhd1BhdGguU3BsaXQoJ1xcJylbMF07ICRwYXRoID0gXCJeXCJcIiQoJGhpdmUpOiQoJHJhd1BhdGguU3Vic3RyaW5nKCRoaXZlLkxlbmd0aCkpXCJeXCJcIjsgV3JpdGUtSG9zdCBcIl5cIlwiUmVzdG9yaW5nIHZhbHVlICckdmFsdWUnIGF0ICckcGF0aCcgd2l0aCB0eXBlICckcmF3VHlwZScgYW5kIHZhbHVlICckZGF0YScuXCJeXCJcIjsgaWYgKC1Ob3QgJHJhd1R5cGUpIHsgdGhyb3cgXCJeXCJcIkludGVybmFsIHByaXZhY3kkKFtjaGFyXTB4MDAyRSlzZXh5IGVycm9yOiBEYXRhIHR5cGUgaXMgbm90IHByb3ZpZGVkIGZvciBkYXRhICckZGF0YScuXCJeXCJcIjsgfTsgaWYgKC1Ob3QgKFRlc3QtUGF0aCAtTGl0ZXJhbFBhdGggJHBhdGgpKSB7IHRyeSB7IE5ldy1JdGVtIC1QYXRoICRwYXRoIC1Gb3JjZSAtRXJyb3JBY3Rpb24gU3RvcCB8IE91dC1OdWxsOyBXcml0ZS1Ib3N0ICdTdWNjZXNzZnVsbHkgY3JlYXRlZCByZWdpc3RyeSBrZXkuJzsgfSBjYXRjaCB7IHRocm93IFwiXlwiXCJGYWlsZWQgdG8gY3JlYXRlIHJlZ2lzdHJ5IGtleTogJCgkXy5FeGNlcHRpb24uTWVzc2FnZSlcIl5cIlwiOyB9OyB9OyAkY3VycmVudERhdGEgPSBHZXQtSXRlbVByb3BlcnR5IC1MaXRlcmFsUGF0aCAkcGF0aCAtTmFtZSAkdmFsdWUgLUVycm9yQWN0aW9uIFNpbGVudGx5Q29udGludWUgfCBTZWxlY3QtT2JqZWN0IC1FeHBhbmRQcm9wZXJ0eSAkdmFsdWU7IGlmICgkY3VycmVudERhdGEgLWVxICRkYXRhKSB7IFdyaXRlLUhvc3QgJ1NraXBwaW5nLCBubyBjaGFuZ2VzIHJlcXVpcmVkLCB0aGUgcmVnaXN0cnkgZGF0YSBpcyBhbHJlYWR5IGFzIGV4cGVjdGVkLic7IEV4aXQgMDsgfTsgdHJ5IHsgJHR5cGUgPSBzd2l0Y2ggKCRyYXdUeXBlKSB7ICdSRUdfU1onIHsgJ1N0cmluZycgfTsgJ1JFR19EV09SRCcgeyAnRFdvcmQnIH07ICdSRUdfUVdPUkQnIHsgJ1FXb3JkJyB9OyAnUkVHX0VYUEFORF9TWicgeyAnRXhwYW5kU3RyaW5nJyB9OyBkZWZhdWx0IHsgdGhyb3cgXCJeXCJcIkludGVybmFsIHByaXZhY3kkKFtjaGFyXTB4MDAyRSlzZXh5IGVycm9yOiBGYWlsZWQgdG8gZmluZCBkYXRhIHR5cGUgZm9yOiAnJHJhd1R5cGUnLlwiXlwiXCI7IH07IH07IFNldC1JdGVtUHJvcGVydHkgLUxpdGVyYWxQYXRoICRwYXRoIC1OYW1lICR2YWx1ZSAtVmFsdWUgJGRhdGEgLVR5cGUgJHR5cGUgLUZvcmNlIC1FcnJvckFjdGlvbiBTdG9wOyBXcml0ZS1Ib3N0ICdTdWNjZXNzZnVsbHkgcmVzdG9yZWQgdGhlIHJlZ2lzdHJ5IHZhbHVlLic7IH0gY2F0Y2ggeyB0aHJvdyBcIl5cIlwiRmFpbGVkIHRvIHJlc3RvcmUgdGhlIHZhbHVlOiAkKCRfLkV4Y2VwdGlvbi5NZXNzYWdlKVwiXlwiXCI7IH1cIlxuOjogUmVzdG9yZSB0aGUgcmVnaXN0cnkgdmFsdWUgXCIoRGVmYXVsdClcIiBpbiBrZXkgXCJIS0xNXFxTT0ZUV0FSRVxcQ2xhc3Nlc1xcRHJpdmVcXHNoZWxsZXhcXENvbnRleHRNZW51SGFuZGxlcnNcXEVQUFwiIHRvIGl0cyBvcmlnaW5hbCB2YWx1ZSBcblBvd2VyU2hlbGwgLUV4ZWN1dGlvblBvbGljeSBVbnJlc3RyaWN0ZWQgLUNvbW1hbmQgXCIkZGF0YSA9ICd7MDlBNDc4NjAtMTFCMC00REE1LUFGQTUtMjZEODYxOThBNzgwfSc7ICRyYXdUeXBlID0gJ1JFR19TWic7ICRyYXdQYXRoID0gJ0hLTE1cXFNPRlRXQVJFXFxDbGFzc2VzXFxEcml2ZVxcc2hlbGxleFxcQ29udGV4dE1lbnVIYW5kbGVyc1xcRVBQJzsgJHZhbHVlID0gJyhEZWZhdWx0KSc7ICRoaXZlID0gJHJhd1BhdGguU3BsaXQoJ1xcJylbMF07ICRwYXRoID0gXCJeXCJcIiQoJGhpdmUpOiQoJHJhd1BhdGguU3Vic3RyaW5nKCRoaXZlLkxlbmd0aCkpXCJeXCJcIjsgV3JpdGUtSG9zdCBcIl5cIlwiUmVzdG9yaW5nIHZhbHVlICckdmFsdWUnIGF0ICckcGF0aCcgd2l0aCB0eXBlICckcmF3VHlwZScgYW5kIHZhbHVlICckZGF0YScuXCJeXCJcIjsgaWYgKC1Ob3QgJHJhd1R5cGUpIHsgdGhyb3cgXCJeXCJcIkludGVybmFsIHByaXZhY3kkKFtjaGFyXTB4MDAyRSlzZXh5IGVycm9yOiBEYXRhIHR5cGUgaXMgbm90IHByb3ZpZGVkIGZvciBkYXRhICckZGF0YScuXCJeXCJcIjsgfTsgaWYgKC1Ob3QgKFRlc3QtUGF0aCAtTGl0ZXJhbFBhdGggJHBhdGgpKSB7IHRyeSB7IE5ldy1JdGVtIC1QYXRoICRwYXRoIC1Gb3JjZSAtRXJyb3JBY3Rpb24gU3RvcCB8IE91dC1OdWxsOyBXcml0ZS1Ib3N0ICdTdWNjZXNzZnVsbHkgY3JlYXRlZCByZWdpc3RyeSBrZXkuJzsgfSBjYXRjaCB7IHRocm93IFwiXlwiXCJGYWlsZWQgdG8gY3JlYXRlIHJlZ2lzdHJ5IGtleTogJCgkXy5FeGNlcHRpb24uTWVzc2FnZSlcIl5cIlwiOyB9OyB9OyAkY3VycmVudERhdGEgPSBHZXQtSXRlbVByb3BlcnR5IC1MaXRlcmFsUGF0aCAkcGF0aCAtTmFtZSAkdmFsdWUgLUVycm9yQWN0aW9uIFNpbGVudGx5Q29udGludWUgfCBTZWxlY3QtT2JqZWN0IC1FeHBhbmRQcm9wZXJ0eSAkdmFsdWU7IGlmICgkY3VycmVudERhdGEgLWVxICRkYXRhKSB7IFdyaXRlLUhvc3QgJ1NraXBwaW5nLCBubyBjaGFuZ2VzIHJlcXVpcmVkLCB0aGUgcmVnaXN0cnkgZGF0YSBpcyBhbHJlYWR5IGFzIGV4cGVjdGVkLic7IEV4aXQgMDsgfTsgdHJ5IHsgJHR5cGUgPSBzd2l0Y2ggKCRyYXdUeXBlKSB7ICdSRUdfU1onIHsgJ1N0cmluZycgfTsgJ1JFR19EV09SRCcgeyAnRFdvcmQnIH07ICdSRUdfUVdPUkQnIHsgJ1FXb3JkJyB9OyAnUkVHX0VYUEFORF9TWicgeyAnRXhwYW5kU3RyaW5nJyB9OyBkZWZhdWx0IHsgdGhyb3cgXCJeXCJcIkludGVybmFsIHByaXZhY3kkKFtjaGFyXTB4MDAyRSlzZXh5IGVycm9yOiBGYWlsZWQgdG8gZmluZCBkYXRhIHR5cGUgZm9yOiAnJHJhd1R5cGUnLlwiXlwiXCI7IH07IH07IFNldC1JdGVtUHJvcGVydHkgLUxpdGVyYWxQYXRoICRwYXRoIC1OYW1lICR2YWx1ZSAtVmFsdWUgJGRhdGEgLVR5cGUgJHR5cGUgLUZvcmNlIC1FcnJvckFjdGlvbiBTdG9wOyBXcml0ZS1Ib3N0ICdTdWNjZXNzZnVsbHkgcmVzdG9yZWQgdGhlIHJlZ2lzdHJ5IHZhbHVlLic7IH0gY2F0Y2ggeyB0aHJvdyBcIl5cIlwiRmFpbGVkIHRvIHJlc3RvcmUgdGhlIHZhbHVlOiAkKCRfLkV4Y2VwdGlvbi5NZXNzYWdlKVwiXlwiXCI7IH1cIiI=

Help

How to apply or restore "Remove "Scan with Defender" from context menu" using commands

• ≈ 2 min to complete
• Tools: Command Prompt
• Difficulty: Medium
• ≈ 3 instructions

View step-by-step guide with screenshots

---

1. 1

   Open Command Prompt

   Open Command Prompt as Administrator.
2. 2

   Copy code

   Copy the code:

   Copy Apply Code Copy Revert Code
3. 3

   Paste & run

   Paste the commands into Command Prompt and press Enter to run.

   Some changes require a system restart to take effect

Similar Guides

Wider Goal

Guides below includes this guide to achieve a wider goal.

See other more general settings that includes this one as one of its actions.

These plans combine multiple privacy settings, including this one, for stronger protection.

Disable Windows Security interface

This category offers scripts to disable or modify different aspects of the Windows Security user interface, formerly known as Windows Defender Security Center. Win...

Visit category page

Disable Defender

This category offers scripts to disable Windows security components related to Defender. Defender is also referred to as Microsoft Defender or Windows Defender. Al...

Visit category page

Privacy over security

Steps to privacy over security on your Windows machine to enhance data privacy protection. Together with that, this feature walks through the procedure to undo the...

Visit category page

Same Goal

Other guides in Disable Windows Security interface 

See settings that are in the same category as this guide.

Using other actions in the same category may help you achieve your goal better.

See all 12 guides

Disable Defender interface background services

Disable sections in "Windows Security"

Disable security notifications

Disable Security and Maintenance

Remove "Windows Security" system tray icon

Remove "Windows Security" icon from taskbar

Disable Defender Antivirus interface

Disable outdated non-administrator access to Defender threat history

Disable Defender Firewall Control Panel applet

Disable Defender Firewall "Windows Defender Firewall with Advanced Security"

Remove "Windows Security" app (SecHealthUI) (breaks Windows Security user interface)

Disable outdated "Windows Defender Security Center" interface

---

About the Creators

These people have authored this documentation and written its scripts:

• 

  undergroundwires

  • Certified security professional
  • 7+ years experience securing banks
  • Open-source developer since 2005
  • EU advisor, Public Speaker, Moderator
• Open-Source Contributors

  • Hundreds across the globe
  • Testers, reviewers, developers
  • Companies, military agencies
  • Community since 2017

About Us

Reviewed By

This guide has undergone comprehensive auditing and peer review:

• Expert review by undergroundwires

  • Verified technical accuracy and editorial standards
  • Assessed system impact and user privacy risks

• Public review by large community

  • Privacy enthusiasts and professionals peer-reviewed
  • Millions of end-users tested across different environments

History

We continually monitor our guides, their impact and all other privacy options. We update our guides when new information becomes available. On every update, we publicly store who made the change, what has been changed, why the change was made and when the change was made.

Review Change History Our Change Process