GPO to enable Windows Defender periodic scanning

Posted on by michaelf

Create a new GPO, edit

Goto Computer configuration – preferences – windows settings – Registry.

Add the following keys

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=dword:00000000 "DisableAntiVirus"=dword:00000000 "PassiveMode"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WdBoot] "Group"="Early-Launch" "Start"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WdFilter] "Start"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend] "Start"=dword:00000002

Periodic scanning will be enabled alongside your current AV after a reboot.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.