Disable: 'Scan removable drives' This policy setting allows you to manage whether or not to scan for malicious software and unwanted software in the contents of removable drives, such as USB flash drives, when running a full scan. If you enable this setting, removable drives will be scanned during any type of scan. If you disable or do not configure this setting, removable drives will not be scanned during a full scan. Removable drives may still be scanned during quick scan and custom scan. Counter Measure: Configure this setting depending on your organization's requirements. Potential Impact: Scanning can impact performance.

[enable/disable]

(1) GPO: Computer ConfigurationAdministrative TemplatesWindows ComponentsWindows DefenderScanScan removable drives (2) REG: HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftWindows DefenderScanDisableRemovableDriveScanning