Easy workaround to enable Defender to scan network files

Mar 24, 2020 09:35 GMT  ·  By

Windows Defender is the pre-loaded antivirus solution on Windows 10, and given the performance that it offers, which is often on par with the one of third-party security products, it’s no surprise that many users just stick with it to protect their data.

More recently, however, Windows Defender has started to experience what appears to be an issue causing scans, be they quick or full, to skip certain files, with an error message then displayed in the Action Center on Windows 10.

According to a BornCity, this is happening because Windows Defender no longer scans network files due to what appears to be an updated behavior silently implemented by Microsoft at some point recently.

So technically, the behavior comes down to enabling Windows Defender to scan network files once again. This can be done in several ways, including using the Group Policy Editor on Windows 10 versions where this tool exists, with the Registry Editor or with a quick PowerShell command.

First and foremost, let’s start with the easiest method, which is the PowerShell trick that anyone can use.

Launch a PowerShell prompt with administrator privileges (Windows key + X > Windows PowerShell Admin) and then type the following command:


Set-MpPreference –DisableScanningNetworkFiles
Make sure you are logged in with an administrator account and you launch the PowerShell version with admin rights. Otherwise no changes can be made to system files.

Microsoft explains the following about this command:

“Indicates whether to scan for network files. If you specify a value of $False or do not specify a value, Windows Defender scans network files. If you specify a value of $True, Windows Defender does not scan network files. We do not recommend that you scan network files.”

When it comes to the registry editor method, this is also pretty simple. So launch the registry editor by typing regedit.exe in the Start menu and then navigate to the following location:


HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Scan
Again, make sure you log in with administrator rights and launch the registry editor with admin privileges . Otherwise, you can’t make any changes to the existing registry settings.

What you need to do at the aforementioned path is create a 32-bit DWORD value called:


DisableScanningNetworkFiles
You must give this new key value 0 to enable the scanning of network files.

And then, the Group Policy Editor allows you to do the same thing on systems where this tool is available. Launch the app by typing gpedit.msc in the Start menu and then navigate to the following path:


Computer Configuration > Administrative Templates > Windows Components > Windows Defender Antivirus > Scan
Double-click the policy called Scan network files and then switch it to enabled. By default, the policy isn’t configured. Making changes in the Group Policy Editor also requires an administrator account.

Windows Defender has evolved to become a fully-featured security product in Windows 10, so in addition to a powerful antivirus engine, it also comes with more advanced functionality like cloud-delivered protection, ransomware protection, and parental controls.

In the latest versions of Windows 10, Windows Defender is the heart of a security hub called Windows Security and grouping all these features. Of course, while Windows Defender is the pre-loaded antivirus, users can also install third-party security products. Once this happens, Windows Defender is automatically disabled to avoid any compatibility issues.

The aforementioned issue causing some files to be skipped is happening on all supported versions of Windows 10, including Windows 10 version 1909 (the latest stable release).