-
Notifications
You must be signed in to change notification settings - Fork 312
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Ionut Bara
committed
Nov 28, 2024
1 parent
ce4de95
commit 9c987c3
Showing
32 changed files
with
1,690 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| # Define the folder containing the .reg files and the output file | ||
| $sourceFolder = "../Remove_defender_moduled" # Modify this with your source folder path | ||
| $outputFile = "../Output.reg" # Specify the output file path | ||
|
|
||
| $combinedContent = @() | ||
| $combinedContent += "Windows Registry Editor Version 5.00" | ||
| $regFiles = Get-ChildItem -Path $sourceFolder -Recurse -Filter "*.reg" | ||
|
|
||
| foreach ($file in $regFiles) { | ||
| $content = Get-Content -Path $file.FullName | ||
| $combinedContent += "; File: $($file.FullName)" | ||
| $combinedContent += $content[1..($content.Length - 1)] | ||
| } | ||
| $combinedContent | Set-Content -Path $outputFile -Encoding UTF8 | ||
|
|
||
| Write-Host "Combined registry file created at: $outputFile" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,306 @@ | ||
| Windows Registry Editor Version 5.00 | ||
| ; File: E:\Projects\Development\GitHub Repos\Listed Repos\windows-defender-remover\Remove_SecurityComp_moduled\DisableDevDriveProtection.reg | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection] | ||
| "DisableAsyncScanOnOpen"=dword:00000001 | ||
| ; File: E:\Projects\Development\GitHub Repos\Listed Repos\windows-defender-remover\Remove_SecurityComp_moduled\DisableLSAProtection.reg | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System] | ||
| "RunAsPPL"=dword:00000000 | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] | ||
| "restrictanonymous"=dword:00000001 | ||
| "everyoneincludesanonymous"=dword:00000000 | ||
| "restrictanonymoussam"=dword:00000001 | ||
| "SCENoApplyLegacyAuditPolicy"=dword:00000000 | ||
| "LsaConfigFlags"=dword:00000000 | ||
| "RunAsPPL"=dword:00000000 | ||
| "RunAsPPLBoot"=dword:00000000 | ||
| "LmCompatibilityLevel"=- | ||
| ; File: E:\Projects\Development\GitHub Repos\Listed Repos\windows-defender-remover\Remove_SecurityComp_moduled\DisableMaintenanceTaskreportinginSecurityHealthUI.reg | ||
|
|
||
| ; disables reporting of things from Maintenance Task in Windows Security App | ||
|
|
||
| [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Security Health] | ||
|
|
||
| [-HKEY_CURRENT_USER\Software\Microsoft\Windows Security Health] | ||
|
|
||
| [HKEY_CURRENT_USER\Software\Microsoft\Windows Security Health\State] | ||
| "Disabled"=dword:00000001 | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Security Health\Platform] | ||
| "Registered"=dword:00000000 | ||
| ; File: E:\Projects\Development\GitHub Repos\Listed Repos\windows-defender-remover\Remove_SecurityComp_moduled\DisableMicrosoftVulnerabileDriverBlocklist.reg | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CI\Config] | ||
| "VulnerableDriverBlocklistEnable"=dword:00000000 | ||
| ; File: E:\Projects\Development\GitHub Repos\Listed Repos\windows-defender-remover\Remove_SecurityComp_moduled\DisableSmartScreen.reg | ||
|
|
||
| ; Disable SmartScreen for Microsoft Edge | ||
|
|
||
| [HKEY_CURRENT_USER\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\PhishingFilter] | ||
| "EnabledV9"=dword:00000000 | ||
| "PreventOverride"=dword:00000000 | ||
|
|
||
| [HKEY_CURRENT_USER\Software\Microsoft\Edge] | ||
| "SmartScreenEnabled"=dword:00000000 | ||
|
|
||
| [HKEY_CURRENT_USER\Software\Microsoft\Edge\SmartScreenEnabled] | ||
| @=dword:00000000 | ||
|
|
||
| ; Disable SmartScreen in File Explorer and Windows Shell | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer] | ||
| "SmartScreenEnabled"="off" | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System] | ||
| "EnableSmartScreen"=dword:00000000 | ||
| "ShellSmartScreenLevel"=- | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Browser\AllowSmartScreen] | ||
| "value"=dword:00000000 | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\SmartScreen\EnableSmartScreenInShell] | ||
| "value"=dword:00000000 | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\SmartScreen\EnableAppInstallControl] | ||
| "value"=dword:00000000 | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\SmartScreen\PreventOverrideForFilesInShell] | ||
| "value"=dword:00000000 | ||
|
|
||
| ; Disable SmartScreen for Microsoft Store Apps | ||
|
|
||
| [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\AppHost] | ||
| "EnableWebContentEvaluation"=dword:00000000 | ||
| "PreventOverride"=dword:00000000 | ||
|
|
||
| ; Configure App Install Control | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\SmartScreen] | ||
| "ConfigureAppInstallControlEnabled"=dword:00000001 | ||
| "ConfigureAppInstallControl"="Anywhere" | ||
| ; File: E:\Projects\Development\GitHub Repos\Listed Repos\windows-defender-remover\Remove_SecurityComp_moduled\DisableSpyNetTelemetry.reg | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet] | ||
| "DisableBlockAtFirstSeen"=dword:00000001 | ||
| "LocalSettingOverrideSpynetReporting"=dword:00000000 | ||
| "SpynetReporting"=dword:00000000 | ||
| "SubmitSamplesConsent"=dword:00000002 | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Microsoft Antimalware\SpyNet] | ||
| "SpyNetReporting"=dword:00000000 | ||
| "LocalSettingOverrideSpyNetReporting"=dword:00000000 | ||
| ; File: E:\Projects\Development\GitHub Repos\Listed Repos\windows-defender-remover\Remove_SecurityComp_moduled\DisableSystemMitigations.reg | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsMitigation] | ||
| "UserPreference"=dword:00000002 | ||
|
|
||
| ; In-kernel Mitigations | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\kernel] | ||
| "MitigationAuditOptions"=hex:00,00,00,00,00,00,20,22,00,00,00,00,00,00,00,20,00,00,00,00,00,00,00,00 | ||
| "MitigationOptions"=hex:00,22,22,20,22,20,22,22,20,00,00,00,00,20,00,20,00,00,00,00,00,00,00,00 | ||
| "KernelSEHOPEnabled"=dword:00000000 | ||
|
|
||
| ; Disable Spectre & Meltdown Mitigations | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management] | ||
| "FeatureSettings"=dword:00000001 | ||
| "FeatureSettingsOverride"=dword:00000003 | ||
| "FeatureSettingsOverrideMask"=dword:00000003 | ||
|
|
||
| ; Services Mitigations | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SCMConfig] | ||
| "EnableSvchostMitigationPolicy"=hex(b):00,00,00,00,00,00,00,00 | ||
| ; File: E:\Projects\Development\GitHub Repos\Listed Repos\windows-defender-remover\Remove_SecurityComp_moduled\DisableTamperProtection.reg | ||
|
|
||
| ; Remove Defender's Tamper Protection | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Features] | ||
| "MpPlatformKillbitsFromEngine"=hex:00,00,00,00,00,00,00,00 | ||
| "TamperProtectionSource"=dword:00000000 | ||
| "MpCapability"=hex:00,00,00,00,00,00,00,00 | ||
| "TamperProtection"=dword:00000000 | ||
| ; File: E:\Projects\Development\GitHub Repos\Listed Repos\windows-defender-remover\Remove_SecurityComp_moduled\DisableUAC.reg | ||
|
|
||
| ; Disable UAC | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] | ||
| "EnableLUA"=dword:00000000 | ||
| "ConsentPromptBehaviorAdmin"=dword:00000000 | ||
| "ConsentPromptBehaviorUser"=dword:00000000 | ||
| "FilterAdministratorToken"=dword:00000001 | ||
| "LocalAccountTokenFilterPolicy"=dword:00000001 | ||
| "EnableUIADesktopToggle"=dword:00000000 | ||
| "ValidateAdminCodeSignatures"=dword:00000001 | ||
| "EnableSecureUIAPaths"=dword:00000000 | ||
| "DelayedDesktopSwitchTimemout"=dword:00000000 | ||
| "PromptOnSecureDesktop"=dword:00000000 | ||
|
|
||
| ; Fix mouse cursor dissapeiring | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] | ||
| "EnableCursorSuppression"=dword:00000000 | ||
| ; File: E:\Projects\Development\GitHub Repos\Listed Repos\windows-defender-remover\Remove_SecurityComp_moduled\DisableVBS.reg | ||
|
|
||
| ; Reset values for Virtualization Settings | ||
|
|
||
| [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceGuard] | ||
|
|
||
| [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\DeviceGuard] | ||
|
|
||
| [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\VirtualizationBasedTechnology] | ||
|
|
||
| ; Disable Virtualization Based Security | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceGuard] | ||
| "EnableVirtualizationBasedSecurity"=dword:00000000 | ||
| "HypervisorEnforcedCodeIntegrity"=dword:00000000 | ||
| "HVCIMATRequired"=dword:00000000 | ||
| "LsaCfgFlags"=dword:00000000 | ||
| "ConfigureSystemGuardLaunch"=dword:00000002 | ||
| "RequirePlatformSecurityFeature"=dword:00000000 | ||
| "CachedDrtmAuthIndex"=dword:00000000 | ||
| "RequireMicrosoftSignedBootChain"=dword:00000001 | ||
| "Locked"=dword:00000000 | ||
| "RequirePlatformSecurityFeatures"=dword:00000000 | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity] | ||
| "Enabled"=dword:00000000 | ||
| "Locked"=dword:00000000 | ||
| "WasEnabledBy"=- | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\VirtualizationBasedTechnology\HypervisorEnforcedCodeIntegrity] | ||
| "value"=dword:00000000 | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\DeviceGuard\EnableVirtualizationBasedSecurity] | ||
| "value"=dword:00000000 | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\DeviceGuard\ConfigureSystemGuardLaunch] | ||
| "value"=dword:00000000 | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\DeviceGuard\LsaCfgFlags] | ||
| "value"=dword:00000000 | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\DeviceGuard\RequirePlatformSecurityFeatures] | ||
| "value"=dword:00000000 | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\VirtualizationBasedTechnology\RequireUEFIMemoryAttributesTable] | ||
| "value"=dword:00000000 | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceGuard] | ||
| "DeployConfigCIPolicy"=dword:00000000 | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\CredentialGuard] | ||
| "Enabled"=dword:00000000 | ||
| ; File: E:\Projects\Development\GitHub Repos\Listed Repos\windows-defender-remover\Remove_SecurityComp_moduled\ExploitGuard_d.reg | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\Controlled Folder Access] | ||
| "EnableControlledFolderAccess"=dword:00000000 | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\Network Protection] | ||
| "EnableNetworkProtection"=- | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\ASR] | ||
| "ExploitGuard_ASR_Rules"=dword:00000000 | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\Network Protection] | ||
| "EnableNetworkProtection"=- | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemovalTools\MpGears] | ||
| "HeartbeatTrackingIndex"=dword:00000000 | ||
| "SpyNetReportingLocation"="0" | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Windows Defender Exploit Guard\ASR] | ||
| "EnableASRConsumers"=dword:00000000 | ||
| ; File: E:\Projects\Development\GitHub Repos\Listed Repos\windows-defender-remover\Remove_SecurityComp_moduled\MitigationofFaultTorelantHeap.reg | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FTH] | ||
| "Enabled"=dword:00000000 | ||
| ; File: E:\Projects\Development\GitHub Repos\Listed Repos\windows-defender-remover\Remove_SecurityComp_moduled\RemovalofAnti-PhishingServices.reg | ||
|
|
||
| [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\WebThreatDefSvc] | ||
|
|
||
| [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\webthreatdefsvc] | ||
|
|
||
| [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\webthreatdefusersvc] | ||
|
|
||
| [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\WebThreatDefense] | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost] | ||
| "WebThreatDefense"=- | ||
|
|
||
| ; From Disabler | ||
|
|
||
| [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WebThreatDefense] | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WebThreatDefense\AuditMode] | ||
| "value"=dword:00000000 | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WebThreatDefense\NotifyUnsafeOrReusedPassword] | ||
| "value"=dword:00000000 | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WebThreatDefense\ServiceEnabled] | ||
| "value"=dword:00000000 | ||
|
|
||
| [-HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WTDS] | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WTDS\Components] | ||
| "NotifyPasswordReuse"=dword:00000000 | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WTDS\Components] | ||
| "NotifyMalicious"=dword:00000000 | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WebThreatDefense\AuditMode] | ||
| "value"=dword:00000000 | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WebThreatDefense\NotifyUnsafeOrReusedPassword] | ||
| "value"=dword:00000000 | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WebThreatDefense\ServiceEnabled] | ||
| "value"=dword:00000000 | ||
|
|
||
| [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\webthreatdefsvc] | ||
|
|
||
| [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\webthreatdefusersvc] | ||
|
|
||
| [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\WebThreatDefense] | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost] | ||
| "WebThreatDefense"=- | ||
| ; File: E:\Projects\Development\GitHub Repos\Listed Repos\windows-defender-remover\Remove_SecurityComp_moduled\Remove and Disable Microsoft Pluton.reg | ||
|
|
||
| [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PlutonHsp2] | ||
|
|
||
| [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PlutonHeci] | ||
|
|
||
| [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Hsp] | ||
| ; File: E:\Projects\Development\GitHub Repos\Listed Repos\windows-defender-remover\Remove_SecurityComp_moduled\RemoveSecurityandMaintenance.reg | ||
|
|
||
| [-HKEY_CLASSES_ROOT\CLSID\{BB64F8A7-BEE7-4E1A-AB8D-7D8273F7FDB6}] | ||
|
|
||
| [-HKEY_CLASSES_ROOT\WOW6432Node\CLSID\{BB64F8A7-BEE7-4E1A-AB8D-7D8273F7FDB6}] | ||
|
|
||
| [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB64F8A7-BEE7-4E1A-AB8D-7D8273F7FDB6}] | ||
|
|
||
| [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{BB64F8A7-BEE7-4E1A-AB8D-7D8273F7FDB6}] | ||
|
|
||
| [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel\NameSpace\{BB64F8A7-BEE7-4E1A-AB8D-7D8273F7FDB6}] | ||
|
|
||
| [-HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\CLSID\{BB64F8A7-BEE7-4E1A-AB8D-7D8273F7FDB6}] | ||
|
|
||
| [-HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel\NameSpace\{BB64F8A7-BEE7-4E1A-AB8D-7D8273F7FDB6}] | ||
| ; File: E:\Projects\Development\GitHub Repos\Listed Repos\windows-defender-remover\Remove_SecurityComp_moduled\RemoveWindowsDefenderFirewallRules.reg | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System] | ||
| "WebThreatDefSvc_Allow_In"=- | ||
| "WebThreatDefSvc_Allow_Out"=- | ||
| "WebThreatDefSvc_Block_In"=- | ||
| "WebThreatDefSvc_Block_Out"=- | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System] | ||
| "{2A5FE97D-01A4-4A9C-8241-BB3755B65EE0}"=- | ||
| "72e33e44-dc4c-40c5-a688-a77b6e988c69"=- | ||
| "b23879b5-1ef3-45b7-8933-554a4303d2f3"=- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| Windows Registry Editor Version 5.00 | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection] | ||
| "DisableAsyncScanOnOpen"=dword:00000001 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,14 @@ | ||
| Windows Registry Editor Version 5.00 | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System] | ||
| "RunAsPPL"=dword:00000000 | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] | ||
| "restrictanonymous"=dword:00000001 | ||
| "everyoneincludesanonymous"=dword:00000000 | ||
| "restrictanonymoussam"=dword:00000001 | ||
| "SCENoApplyLegacyAuditPolicy"=dword:00000000 | ||
| "LsaConfigFlags"=dword:00000000 | ||
| "RunAsPPL"=dword:00000000 | ||
| "RunAsPPLBoot"=dword:00000000 | ||
| "LmCompatibilityLevel"=- |
13 changes: 13 additions & 0 deletions
13
Remove_SecurityComp_moduled/DisableMaintenanceTaskreportinginSecurityHealthUI.reg
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| Windows Registry Editor Version 5.00 | ||
|
|
||
| ; disables reporting of things from Maintenance Task in Windows Security App | ||
|
|
||
| [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Security Health] | ||
|
|
||
| [-HKEY_CURRENT_USER\Software\Microsoft\Windows Security Health] | ||
|
|
||
| [HKEY_CURRENT_USER\Software\Microsoft\Windows Security Health\State] | ||
| "Disabled"=dword:00000001 | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Security Health\Platform] | ||
| "Registered"=dword:00000000 |
4 changes: 4 additions & 0 deletions
4
Remove_SecurityComp_moduled/DisableMicrosoftVulnerabileDriverBlocklist.reg
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| Windows Registry Editor Version 5.00 | ||
|
|
||
| [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CI\Config] | ||
| "VulnerableDriverBlocklistEnable"=dword:00000000 |
Oops, something went wrong.