I want to turn on the Windows Defender Option preventing malware spreading from USB stick.
2 Answers
- Make sure autoplay is turned off for USB drives.
- Change a Windows Defender Setting and create a scheduled task to auto scan devices when they are plugged in.
Option 1 To Enable or Disable Scan Removable Drives during Full Scan in PowerShell
Open an elevated PowerShell.
Enter the command below you want to use into PowerShell, and press Enter.
(Enable) Set-MpPreference -DisableRemovableDriveScanning 0
OR
(Disable) Set-MpPreference -DisableRemovableDriveScanning 1
- When finished, you can close PowerShell if you like.
Option 2 To Enable or Disable Scan Removable Drives during Full Scan using a registry key
Locate the registry key as below and modify the DWORD value to 0 or 1.
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Scan
DisableRemovableDriveScanning DWORD
0 or (delete) = enable scan 1 = disable scan
-
Thank you for the reply. I don’t want to scan USB sticks completely. I want the Defender to protect me from malicious software on the stick. That means the moment I put the stick on the PC and some software is „getting active“ defender should block it when it’s harmful. Or when I copy from stick to PC a certain file defender should stop copying when this file is harmful. I can summarize: I just put a USB stick in the PC and know I am safe. Commented Oct 20, 2020 at 9:30