<# # It is recommended to test the script on a local machine for its purpose and effects. # ManageEngine Endpoint Central will not be responsible for any # damage/loss to the data/setup based on the behavior of the script. # Description: Script is designed To Turn On or Off Microsoft Defender Potentially Unwanted App (PUA) App Blocking Protection # Configuration Type - COMPUTER # Refer: https://www.tenforums.com/tutorials/32236-enable-disable-microsoft-defender-pua-protection-windows-10-a.html # Note: If the registry changes but is not reflected, the customer should check with Windows support for assistance. #> $regPath = "HKLM:\SOFTWARE\Microsoft\Windows Defender" $regName = "PUAProtection" $regValue = 1 #change the value here # 0 = Off and not block apps; 1 = On and block apps; 2 = Audit Mode - not block apps; # Check if the registry key exists if (-not (Test-Path -Path $regPath)) { # Create the registry key if it doesn't exist New-Item -Path $regPath -Force } # Check if the registry value exists if (-not (Test-Path "$regPath\$regName")) { # Add the registry value if it doesn't exist Set-ItemProperty -Path $regPath -Name $regName -Value $regValue -Type DWord } else { Write-Host "The registry value '$regName' already exists." }