Virus Scanning USB

Hi, hope someone can help with this wee question; my laptop is Windows 10s, and I want to transfer some photos to my laptop from a USB flash drive, to share with family. Ideally, I'd like virus scanning to run automatically as soon as I plug in the USB, but from what I have read, it looks as if you need to manually do this. Any help would be very much appreciated, thanks in advance :-)

If I reading correctly and you didn't just make a slip-up while typing, you've indicated "may laptop is Windows 10s", by which I assume you actually mean Windows 10 running in S mode, since Microsoft dropped the original Windows 10s version about 2 years  ago.

What is Windows 10 in S Mode?

What this implies is that neither the command prompt nor the PowerShell command mentioned would be available, since as the following paragraph from that article states, S mode can't use command-line shells, since those are one of the most popular methods used by malware to subvert a system.

"Windows 10 in S Mode can’t use command-line shells like PowerShell, Command Prompt, or Bash, either. Various other developer tools are also off limits. You don’t have direct access to the Windows Registry via the Registry Editor, either."

However, on the other hand, that's also the reason that what you're requesting relating to scanning the USB really isn't necessary, since unlike legacy desktop Windows, Windows 10 in S mode isn't susceptible to any of the malware that's traditionally delivered via USB drives and Autoruns,  The reason for this is that what Autoruns is typically used to invoke is some sort of executable file including exe or script, but since Windows 10 S mode won't allow these to launch and in fact won't even allow them to be downloaded to the local file system, it's not possible to infect an S mode based Windows in this manner.

There's a potential weird side effect here though that I'd never before needed to consider, since I have one of these Windows 10 S mode systems myself running on an original installation Microsoft Surface Go tablet.  The possible issue is that I'm not certain the S mode version of Windows Defender can actually detect many of the millions of malware that affect other legacy Windows operating systems, since there's no need for these to be detected to protect a Windows 10 S mode operating system, as there's no way they can truly execute and infect it in the first place.

Now there were only a handful of GDI-Plus based modifications that could affect some very old versions of Windows back in the Windows XP days if I recall correctly, but since these wouldn't affect either Windows 10 (any version) or others since Vista, those shouldn't matter anyway.

Since in general Windows S mode wouldn't allow you to even copy an executable file to the local system, that should avoid your being able to transfer one into whatever storage you use to share those pictures.  However, in theory it's possible you might manage to copy some old picture containing a GDI-Plus modification, though again, without the associated executable file or script that would typically be intended to run, that's fundamentally a dead end as well.

So the conclusion I'm coming to here is that despite you can't do what you wanted to with Windows 10 S mode, it truly doesn't matter, since none of the malware you're concerned about should ever manage to operate on that laptop due to S mode and since it should also result in blocking the copy of any executable to the share, it's unlikely you'd manage to pass anything of concern on to others through that system as well.

FYI, I used the EICAR test file, copying that (fake) virus executable file and even a ZIP containing it as well to my Surface Go and it alerted immediately.  Refusing at first to allow the download via the new Chromium based Edge browser using SmartScreen and then after I purposefully disabled that, Windows Defender antivirus alerted and blocked the executable file itself.

Rob