Some improvements to the defender disable/enable scripts

2026-02-01 18:36:52 -05:00 · 2026-02-01 18:36:52 -05:00 · bade7f762a
commit bade7f762a
parent 01edb8f277
3 changed files with 49 additions and 27 deletions
--- a/.aliases
+++ b/.aliases
@ -1140,8 +1140,8 @@ alias yt-1440-shortname='download_youtube_vid   "620+234" $SHORTNAME_OFF $TRANSC
 alias yt-1080p='download_youtube_vid            "616+234" $SHORTNAME_OFF $TRANSCRIBE_OFF'
 alias yt-1080p-shortname='download_youtube_vid  "616+234" $SHORTNAME_ON  $TRANSCRIBE_OFF'
 # Normal
-alias yt-1080='download_youtube_vid             "270+234" $SHORTNAME_OFF $TRANSCRIBE_OFF'
+alias yt-1080='download_youtube_vid             "137+ba[ext=m4a]" $SHORTNAME_OFF $TRANSCRIBE_OFF'
-alias yt-1080-shortname='download_youtube_vid   "270+234" $SHORTNAME_ON  $TRANSCRIBE_OFF'
+alias yt-1080-shortname='download_youtube_vid   "137+ba[ext=m4a]" $SHORTNAME_ON  $TRANSCRIBE_OFF'
 alias yt-720='download_youtube_vid              "136+234" $SHORTNAME_OFF $TRANSCRIBE_OFF'
 alias yt-720-shortname='download_youtube_vid    "136+234" $SHORTNAME_ON  $TRANSCRIBE_OFF'
--- a/dotfiles/bin/antimalware-service-disable.bat
+++ b/dotfiles/bin/antimalware-service-disable.bat
@ -1,22 +1,32 @@
@setlocal enableextensions enabledelayedexpansion
@echo off
-
+setlocal enableextensions enabledelayedexpansion
 rem Make sure we're running as admin. Got this garbage from https://stackoverflow.com/a/40388766
 if not "%1"=="am_admin" (
    powershell -Command "Start-Process -Verb RunAs -FilePath '%0' -ArgumentList 'am_admin'"
    exit /b
 )
 rem NOTE: Defender may see this file as malware, so you might need to exclude this before things can be disabled.
-rem
+
-rem Modified version of
+rem Modified version of:
-rem https://raw.githubusercontent.com/mattreecebentley/win10_disable_defender/main/win10_enable_defender.bat
+rem https://github.com/ggannann/win10_disable_defender
-rem https://gist.github.com/xezrunner/a7a42dbc1096a40b0c78f09488fe5a2b
+rem https://gist.github.com/xezrunner/a7a42dbc1096a40b0c78f09488fe5a2b (as of Jan 2026 this seems to have been deleted or made private)
 rem ============================
 rem Self-elevate via UAC if needed
 rem - Detect admin by checking membership in Administrators (SID S-1-5-32-544)
 rem - Relaunch this script elevated using PowerShell Start-Process -Verb RunAs
 rem ============================
 rem Test for membership in Administrators group
 whoami /groups | find "S-1-5-32-544" >nul
 if errorlevel 1 (
    echo Requesting administrative privileges...
    rem Relaunch the same script elevated, preserving args and working directory
    powershell -NoProfile -Command ^
        "Start-Process -FilePath '%~f0' -ArgumentList '%*' -Verb RunAs -WorkingDirectory (Get-Location).Path"
    exit /b
 )
 echo Running with administrative privileges.
 echo.
 reg query HKLM\SYSTEM\Setup /v DisabledDefenderServices | find "0x1"
 if %errorlevel% == 0 goto already_patched
 echo.
 echo Please note that Defender can only be disabled in Win10 v2004 and upwards if Tamper Protection is disabled.
 echo This setting can be found in Window settings (hint: search for 'tamper'). Please do this now and then,
 pause
@ -104,3 +114,4 @@ echo Defender has already been disabled by this script.
 :eof
 echo.
 pause
--- a/dotfiles/bin/antimalware-service-enable.bat
+++ b/dotfiles/bin/antimalware-service-enable.bat
@ -1,17 +1,11 @@
@setlocal enableextensions enabledelayedexpansion
@echo off
 setlocal enableextensions enabledelayedexpansion
-rem Make sure we're running as admin. Got this garbage from https://stackoverflow.com/a/40388766
+rem NOTE: Defender may see this file as malware, so you might need to exclude this before things can be disabled.
 if not "%1"=="am_admin" (
    powershell -Command "Start-Process -Verb RunAs -FilePath '%0' -ArgumentList 'am_admin'"
    exit /b
 )
-rem USE AT OWN RISK AS IS WITHOUT WARRANTY OF ANY KIND !!!!!
+rem Modified version of:
-rem
+rem https://github.com/ggannann/win10_disable_defender
-rem Modified version of
+rem https://gist.github.com/xezrunner/a7a42dbc1096a40b0c78f09488fe5a2b (as of Jan 2026 this seems to have been deleted or made private)
 rem https://raw.githubusercontent.com/mattreecebentley/win10_disable_defender/main/win10_enable_defender.bat
 rem https://gist.github.com/xezrunner/a7a42dbc1096a40b0c78f09488fe5a2b
 rem
 rem Resources:
 rem https://docs.microsoft.com/en-us/powershell/module/defender/set-mppreference?view=win10-ps
@ -19,7 +13,23 @@ rem https://docs.microsoft.com/en-us/windows/threat-protection/windows-defender-
 rem https://github.com/AndyFul/ConfigureDefender
 rem https://github.com/AndyFul/Hard_Configurator
 rem ============================
 rem Self-elevate via UAC if needed
 rem - Detect admin by checking membership in Administrators (SID S-1-5-32-544)
 rem - Relaunch this script elevated using PowerShell Start-Process -Verb RunAs
 rem ============================
 rem Test for membership in Administrators group
 whoami /groups | find "S-1-5-32-544" >nul
 if errorlevel 1 (
    echo Requesting administrative privileges...
    rem Relaunch the same script elevated, preserving args and working directory
    powershell -NoProfile -Command ^
        "Start-Process -FilePath '%~f0' -ArgumentList '%*' -Verb RunAs -WorkingDirectory (Get-Location).Path"
    exit /b
 )
 echo Running with administrative privileges.
 echo.
 echo Enabling Windows Defender
 reg query HKLM\SYSTEM\Setup /v DisabledDefenderServices | find "0x0"
 if %errorlevel% == 0 goto already_patched
@ -106,3 +116,4 @@ echo Defender has already been enabled by this script.
 :eof
 echo.
 pause