Enable Network Drive Scan with Windows Defender in Windows 10

By default, Windows Defender in Windows 10 does not scan mapped network drives. SMB shares that you mapped as a drive letter can also include malware. For better security and protection, you can enable this feature. The Defender app does not include an option to control scanning of mapped network drives in the user interface, but there are at least two methods to enable this feature. Let's see how.


Windows Defender is the built-in security app bundled by default with Windows since Windows Vista. Although Microsoft claims that it offers only baseline antivirus protection, it's better to have it preinstalled and running than to have no anti-malware at all. In Windows 10, Windows Defender protection is enabled out of the box and Microsoft have made it harder to disable but not impossible.

If you are using Windows Defender as your primary protection software, you might be interested in enabling scanning of network drives during the full scan.  Here is how it can be done.

Enable Network Drive Scan with Windows Defender in Windows 10

Method 1. Using a Registry tweak

  1. Open Registry Editor.
  2. Go to the following Registry key:
     HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Scan

    Tip: How to jump to the desired Registry key with one click. If you don't have such a key, then create it.

  3. Here, create a new 32-bit DWORD value named DisableScanningMappedNetworkDrivesForFullScan. Note: Even if you are running 64-bit Windows you must still create a 32-bit DWORD value.
    Leave its value data as 0 to enable scanning of network drives. Set its value data to 1 to disable scanning of network drives.
  4. Restart Windows 10.

You can download ready-to-use Registry files including the undo file:

Download Registry Files

To avoid Registry editing, you can use PowerShell to configure network drive scanning.

Method 2. Using PowerShell

With a single PowerShell command, you can enable or disable scanning of network drives quickly.

  1. Open an elevated PowerShell prompt.
  2. Type or copy-paste one of the following commands:
    To enable scanning of network drives:

    Set-MpPreference -DisableScanningMappedNetworkDrivesForFullScan 0


    To disable scanning of network drives:

    Set-MpPreference -DisableScanningMappedNetworkDrivesForFullScan 1

The changes will be applied immediately. Restarting Windows is not required.

That's it.

Leave a Reply

Your email address will not be published. Required fields are marked *