Windows 10: Trying to use GPO to do daily full scans with Defender

  1.    17 Dec 2017 #1

    Trying to use GPO to do daily full scans with Defender


    Hi, using Server 2016 Essentials and 13 Windows 10 Pro 64 bit PC's. Setting GPO to various things works except when I set the WD scheduled daily scan. Options are everyday,Sunday,Monday,..., Never. When I set it to everyday and click OK, it automatically disables the policy although setting it to a specific day works. However the boss wants a daily full scan ran on all computers.
    Has anyone else come across this or is it a know bug that Microsoft should have fixed by now? And is there a feasible (i.e. practical) workaround/solution?

    Many thanks
    Adrian
      My ComputerSystem Spec

  2. dencal's Avatar
    Posts : 2,824
    W10 Pro + W10 Preview
       17 Dec 2017 #2

    Windows Defender Security is live on Build 1709.
    Anything regarded by WDS as suspect is blocked or is notified as being suspect, this would give you the choice as to whether you wish to open.
      My ComputersSystem Spec

  3.    17 Dec 2017 #3

    But it's WD/WDS I'm trying to run!!! More specifically, run at a time when the users are not there. It's the GPO side that seems to be the problem.

    Regards
    Adrian
      My ComputerSystem Spec

  4.    17 Dec 2017 #4

    You mean this GPO?

    Click image for larger version. 

Name:	Untitled.png 
Views:	2 
Size:	103.4 KB 
ID:	168559

    You could try setting value in the registry. ProcMon indicates it is here:

    HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects\{E66B3A5F-1987-43C0-9ED4-44582A3B11A9}Machine\Software\Policies\Microsoft\Windows Defender\Scan

    For daily you want to set it daily change the ScheduleDay DWORD to zero (other values in picture above). Then go to gpedit.msc and enable it.

    Updating the frequency via regedit works for me but then it also works OK if I set it to daily (i.e. doesn't disable policy) using gpedit.msc. Note I'm using 10 ProWork version 16299.125 not server.

    Worth a try though perhaps.
      My ComputerSystem Spec


 

Related Threads
how to cancel windows defender automatic scans? in AntiVirus, Firewalls and System Security
Is there a way to have real-time protection of WD, but without the automatic scans?
Windows Defender Scans daily, Can I reduce the frequency (Kenneth?) in AntiVirus, Firewalls and System Security
Hi daily Windows Defender asks to scan my computer and nags the hell out of me about it. How can I reduce this to say once a week instead?
Solved Can I schedule scans with Windows Defender? in AntiVirus, Firewalls and System Security
There does not seem to be a way to schedule an automatic daily scan with Windows Defender. I got a action center notification to run a Defender scan. Is that something I can expect regularly? Having to do a regular manual scan will be a pain.
Windows Defender - Very slow scans in AntiVirus, Firewalls and System Security
Upgraded a laptop to windows 10 Home x64 for a family member. It's an older Acer Aspire laptop. We attempted to do a Windows Defender quick-scan to try it out. However, three hours later, it's only ~50% complete. I've never had a fresh install take...
Solved Build 10074 Windows Defender scheduled task scans ? in AntiVirus, Firewalls and System Security
I installed Build 10074 as a clean install in a VM. I see Windows Defender running a quick scan MANY times per day. I would prefer it run a quick scan once a week. I disabled the built in Windows Defender Scheduled Scan scheduled task. Windows...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 18:05.
Find Us