Configure Microsoft SpyNet Reporting

Adjusts membership in Microsoft SpyNet.

Microsoft SpyNet is the online community that helps you choose how to respond to potential spyware threats. The community also helps stop the spread of new spyware infections.

Here's how it works. When Windows Defender detects software or changes by software not yet classified for risks, you see how other members responded to the alert. In turn, the action you apply help other members choose how to respond. Your actions also help Microsoft choose which software to investigate for potential threats. You can choose to send basic or additional information about detected software. Additional information helps improve how Windows Defender works. It can include, for example, the location of detected items on your computer if harmful software has been removed. Windows Defender will automatically collect and send the information.

If you enable this policy setting and choose "No Membership" from the drop-down list, SpyNet membership will be disabled. At this setting, no information will be sent to Microsoft. You will not be alerted if Windows Defender detects unclassified software running on your computer. Local users will not be able to change their SpyNet membership.

If you enable this policy setting and choose "Basic" from the drop-down list, SpyNet membership is set to "Basic". At this setting, basic information about the detected items and the actions you apply will be shared with the online community. You will not be alerted if Windows Defender detects software that has not yet been classified for risks.

If you enable this policy setting and choose "Advanced" from the drop-down list, SpyNet membership is set to "Advanced". At this setting, you send your choices and additional information about detected items. You are alerted so you can take action when Windows Defender detects changes to your computer by unclassified software. Your decisions to allow or block changes help Microsoft create new definitions for Windows Defender and better detect harmful software. In some instances, personal information may be sent but no information is used to contact you.

If you disable or do not configure this policy setting, by default SpyNet membership is disabled. At this setting, no information will be sent to Microsoft. You will not be alerted if Windows Defender detects unclassified software running on your computer. Local users will still be able to change their SpyNet membership.

Supported on: At least Windows Vista

Registry HiveHKEY_LOCAL_MACHINE
Registry PathSoftware\Policies\Microsoft\Windows Defender\SpyNet
Value NameSpyNetReporting
Value TypeREG_DWORD
Enabled Value1
Disabled Value0

Microsoft SpyNet Membership


  1. No Membership
    Registry HiveHKEY_LOCAL_MACHINE
    Registry PathSoftware\Policies\Microsoft\Windows Defender\SpyNet
    Value NameSpyNetReporting
    Value TypeREG_DWORD
    Value0
  2. Basic
    Registry HiveHKEY_LOCAL_MACHINE
    Registry PathSoftware\Policies\Microsoft\Windows Defender\SpyNet
    Value NameSpyNetReporting
    Value TypeREG_DWORD
    Value1
  3. Advanced
    Registry HiveHKEY_LOCAL_MACHINE
    Registry PathSoftware\Policies\Microsoft\Windows Defender\SpyNet
    Value NameSpyNetReporting
    Value TypeREG_DWORD
    Value2


windowsdefender.admx

Administrative Templates (Computers)

Administrative Templates (Users)