This particular worklet looks for any system set to never run a full scan and changes it to run on Wednesdays. You could obviously alter it to look for a different condition and set it how you wish. For example…
You could look for systems not set to do a full scan every day in the evaluation and change it to do so…
Evaluation: if ($Preferences.RemediationScheduleDay -ne 0)
Remediation: Set-MpPreference -RemediationScheduleDay 0
Or conversely, if you want Defender to never do a full scan…
Evaluation: if ($Preferences.RemediationScheduleDay -ne 8)
Remediation: Set-MpPreference -RemediationScheduleDay 8
The acceptable values for this parameter are:
- 0: Everyday
- 1: Sunday
- 2: Monday
- 3: Tuesday
- 4: Wednesday
- 5: Thursday
- 6: Friday
- 7: Saturday
- 8: Never
Evaluation:
# Determine if full Defender scans are set to never run
$Preferences = Get-MpPreference
if ($Preferences.RemediationScheduleDay -eq 8)
{ exit 1 }
else
{ exit 0 }
Remediation:
# Set a full Defender scan to run on Wednesdays
Set-MpPreference -RemediationScheduleDay 4
