How to set up windows defender to scan removable drives automatically in Windows 10

I just switched from McAfee live safe to windows defender on my windows 10 laptop. and then i came to know that windows defender doesn't scan removable drives automatically. We need to do a scan manually every-time we connect a removable drive.

I have checked all the settings available for windows defender but couldn't find the right setting. 

Please tell me if there is anyway to set up the windows defender in such a manner that it scans every removable drive automatically the moment it is connected.

 

Question Info


Last updated June 22, 2019 Views 12,640 Applies to:
Answer
Answer

The only built-in option with Windows Defender is to include the scanning of removable drives (flash drives) in on-demand scans:

-DisableRemovableDriveScanning<Boolean>

Indicates whether to scan for malicious and unwanted software in removable drives, such as flash drives, during a full scan. If you specify a value of $True, Windows Defender scans removable drives during any type of scan. If you specify a value of $False or do not specify a value, Windows Defender does not scan removable drives during a full scan. Windows Defender can still scan removable drives during quick scans or custom scans.

https://technet.microsoft.com/en-us/library/dn433291.aspx?f=255&MSPPError=-2147217396

The documentation for this setting is incorrect, and it should read like this:

If you specify a value of $False, Windows Defender scans removable drives during any type of scan. If you specify a value of $True or do not specify a value, Windows Defender does not scan removable drives during a full scan.

This feature is disabled by default (disabled true), but it can be enabled by running this command at the elevated PowerShell prompt:

Set-MpPreference -DisableRemovableDriveScanning $False

There is no option for scanning flash drives automatically (on connection) with Windows Defender. However, this is possible with a DIY scheduled task that runs a command line Custom Scan when it's triggered by a drive connection event:

http://answers.microsoft.com/en-us/protect/forum/protect_defender-protect_scanning/how-do-i-scan-a-particular-part-usb-for-instance/9d8415fe-b6b2-4cc3-bdf6-f9f493072ce6

This might be a "bit much" for home users but if I was still active as an administrator, I’d have this task deployed on every machine.

GreginMich

10 people were helped by this reply

·

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.