This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 70%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EB%3C/text%3E%3C/svg%3E)
HI,
I need to change the local policy on multiple machines, the registry key is here: \HKEY_USERS\S-1-5-21-3566209664-22381059-3937490802-1173\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects{57612E20-D3E8-4AA5-8625-DFEE4939DA39}Machine\Software\Policies\Microsoft\Windows Defender
DisableAntiSpyware from a 1 to a 0
My issue is that the policy number varies from machine to machine so how do I apply the change across all my machines using a PS script? I also need to apply this using Intune.
Any advice would be greatly helpful.
According to this site, Microsoft is doing away with that option.
microsoft-deprecates-the-disableantispyware-option-to-disable-defender
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 28.999999999999996%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVW%3C/text%3E%3C/svg%3E)
Hi,
Thank you for posting in our forum
If you want to use scripts to solve problems, I recommend you to post on the script forum
reference:https://social.technet.microsoft.com/Forums/Windows/en-US/home?forum=winserverpowershell
Best wishes
Vicky
Hi,
Just checking in to see if the information provided was helpful. Please let us know if you would like further assistance.
Best Regards,
Vicky
HI VickyWang,
I posted the question in the PS forum link you gave and got a rather cold response from the admin that that site is for questions not people asking for scripts. I posted the same question there as here, I wasn't looking for the script (though if someone had one that would be helpful) but more if what I was asking was even doable.
Anyway, I'm remoting into each machine manually to make the change.
Consider this question closed.
If the machines are domain joined, we can move all machines that need to be changed to an OU, create and link a new domain level GPO to these machines.
If the machine is not domain joined, we can only achieve the goal by changing the local registry. As you said, I think we can do this without the powershell command.
2. The information about this GPO is as follows:
Scope:Machine
Policy path: Windows Components\Windows Defender Antivirus
registry path:HKLM\Software\Policies\Microsoft\Windows Defender!DisableAntiSpyware
explanation:
"This policy setting turns off Windows Defender Antivirus. If you enable this policy setting, Windows Defender Antivirus does not run, and computers are not scanned for malware or other potentially unwanted software. If you disable or do not configure this policy setting, by default Windows Defender Antivirus runs and computers are scanned for malware and other potentially unwanted software."