You never know where a flash drive has been.
It’s always best to scan a USB flash drive before using it.
Did you know Windows Defender can be configured to automatically scan a USB flash drive the moment it is plugged in? Below are the steps to configure Microsoft Windows to scan USB drives automatically.
By default, Windows Defender is not configured to automatically scan removable drives when the operating system is installed. This is surprising, as malware spreading through USB flash drives remains a common security issue. The likely reason is user choice—automatic scans take time, and Microsoft leaves the decision up to the user.
This tutorial takes about three minutes to complete. Read through the steps first, then return and apply the settings when ready.
We are going to create a Group Policy rule that instructs Windows Defender to scan USB flash drives.
First, open the Group Policy Editor.
Press Windows Key + R.
Type gpedit.msc and press Enter or click OK.
Under Computer Configuration, locate and expand Administrative Templates.
Scroll down and expand Windows Components.
Continue scrolling until you find Windows Defender Antivirus, then expand it.
Locate the Scan folder and click it.
On the right-hand side, look for the setting labeled Scan removable drives and double-click it.
This setting is disabled by default. Select the Enabled option to activate automatic scanning for USB flash drives.
Click Apply, then click OK.
That’s it. Your Windows computer will now automatically scan USB flash drives using Windows Defender when they are connected.
Alternatively, you can insert a USB stick, right-click the drive letter, and select Scan with Windows Defender. The problem with this approach is the USB device may have already executed malicious code before you had a chance to initiate the scan.
