Information
Windows Defender helps protect your PC against malware (malicious software) like viruses, spyware, and other potentially unwanted software. Malware can infect your PC without your knowledge: it might install itself from an email message, when you connect to the Internet, or when you install certain apps using a USB flash drive, CD, DVD, or other removable media. Some malware can also be programmed to run at unexpected times, not only when it's installed.
You can set a group policy that allows you to manage whether or not Windows Defender scans for malicious software and unwanted software in the contents of removable drives, such as USB flash drives, when running a full scan.
Removable drives can always be scanned during a quick scan and custom scan.
This tutorial will show you how to enable or disable Windows Defender to include scan removable drives during a full scan in Windows 10.
You must be signed in as an administrator to enable or disable scan removable drives during a full scan.
CONTENTS:
- Option One: To Enable or Disable Scan Removable Drives during Full Scan in PowerShell
- Option Two: To Enable or Disable Scan Removable Drives during Full Scan in Group Policy
- Option Three: To Enable or Disable Scan Removable Drives during Full Scan using a REG file
EXAMPLE: Windows Defender
OPTION ONE
To Enable or Disable Scan Removable Drives during Full Scan in PowerShell
1. Open an
elevated PowerShell.
2. Enter the command below you want to use into PowerShell, and press Enter. (see screenshots below)
(Enable)
Set-MpPreference -DisableRemovableDriveScanning 0
OR
(Disable)
Set-MpPreference -DisableRemovableDriveScanning 1
3. When finished, you can close PowerShell if you like.
OPTION TWO
To Enable or Disable Scan Removable Drives during Full Scan in Group Policy
Note
Local Group Policy Editor is only available in the
Windows 10 Pro,
Enterprise, and
Education editions.
All editions can use
Option One or
Option Three.
1. Open the
Local Group Policy Editor.
2. In the left pane of Local Group Policy Editor, navigate to the location below. (see screenshot below)
Computer Configuration/Administrative Templates/Windows Components/Windows Defender/Scan
3. In the right pane of
Scan in Local Group Policy Editor, double click/tap on the
Scan removable drives policy to edit it. (see screenshot above)
4. Do
step 5 (enable) or
step 6 (disable) below for what you would like to do.
5. To Enable Scan Removable Drives during Full Scan
A) Select (dot)
Enabled, click/tap on
OK, and go to
step 7 below. (see screenshot below)
6. To Disable Scan Removable Drives during Full Scan
A) Select (dot)
Not Configured or
Disabled, click/tap on
OK, and go to
step 7 below. (see screenshot below)
NOTE: Not Configured is the default setting.
7. When finished, you can close the Local Group Policy Editor if you like.
OPTION THREE
To Enable or Disable Scan Removable Drives during Full Scan using a REG file
Note
The .reg files below will add and modify the DWORD value in the registry key below.
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Scan
DisableRemovableDriveScanning DWORD
0 or (delete) = enable scan
1 = disable scan
1. Do
step 2 (enable) or
step 3 (disable) below for what you would like to do.
2. To Enable Scan Removable Drives during Full Scan
A) Click/tap on the Download button below to download the file below, and go to
step 4 below.
Enable_scan_removable_drives_in_WD_full_scan.reg
Download
3. To Disable Scan Removable Drives during Full Scan
NOTE: This is the default setting.
A) Click/tap on the Download button below to download the file below, and go to
step 4 below.
Disable_scan_removable_drives_in_WD_full_scan.reg
Download
4. Save the .reg file to your desktop.
5. Double click/tap on the downloaded .reg file to merge it.
6. If prompted, click/tap on
Run,
Yes (
UAC),
Yes, and
OK to approve the merge.
7. Restart the computer to apply.
8. If you like, you can now delete the downloaded .reg file.
That's it,
Shawn Brink