![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(70.4, 39%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERC%3C/text%3E%3C/svg%3E)
Microsoft System Center
A suite of Microsoft systems management products that offer solutions for managing datacenter resources, private clouds, and client devices.
894 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 17%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(147.20000000000002, 27%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EV%3C/text%3E%3C/svg%3E)
The error message "Failed to remove Windows Defender Advanced Threat Protection ETW autologger. Failure code: 0xD0000121" indicates that there was an issue removing the ETW (Event Tracing for Windows) autologger for Windows Defender Advanced Threat Protection (ATP). Here are a few steps you can try to troubleshoot and resolve this issue:
Run the script with administrative privileges: Ensure that you are running the "offboarding" script with administrative privileges. Right-click on the script and select "Run as administrator" to ensure proper permissions.
Disable Windows Defender ATP manually: If the script fails to remove the ETW autologger, you can try disabling Windows Defender ATP manually. Open an elevated Command Prompt and run the following command:
bashCopy code
wdavideoconfig.exe -disable
This command disables Windows Defender ATP by stopping the Windows Defender ATP service.
Check for conflicting security software: If you have any other security software or antivirus solutions installed on your system, they might conflict with the removal process. Temporarily disable or uninstall any third-party security software and then run the "offboarding" script again.
Update Windows Defender ATP: Ensure that you have the latest updates installed for Windows Defender ATP. Check for and install any available Windows updates, including security updates and feature updates.
Contact Microsoft Support: If the issue persists and you are still unable to remove the ETW autologger for Windows Defender ATP, it's recommended to contact Microsoft Support for further assistance. They can provide you with specific guidance and troubleshooting steps based on your environment and the specific error code you are encountering.
Please note that modifying or disabling security features like Windows Defender ATP should be done with caution, and it's important to have alternative security measures in place to protect your system against threats.
