By default, Windows Defender in Windows 10 does not scan mapped network drives. SMB shares that you mapped as a drive letter can also include malware. For better security and protection, you can enable this feature. The Defender app does not include an option to control scanning of mapped network drives in the user interface, but there are at least two methods to enable this feature. Let's see how.
Windows Defender is the built-in security app bundled by default with Windows since Windows Vista. Although Microsoft claims that it offers only baseline antivirus protection, it's better to have it preinstalled and running than to have no anti-malware at all. In Windows 10, Windows Defender protection is enabled out of the box and Microsoft have made it harder to disable but not impossible.
If you are using Windows Defender as your primary protection software, you might be interested in enabling scanning of network drives during the full scan. Here is how it can be done.
Enable Network Drive Scan with Windows Defender in Windows 10
Method 1. Using a Registry tweak
- Open Registry Editor.
- Go to the following Registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Scan
Tip: How to jump to the desired Registry key with one click. If you don't have such a key, then create it.
- Here, create a new 32-bit DWORD value named DisableScanningMappedNetworkDrivesForFullScan. Note: Even if you are running 64-bit Windows you must still create a 32-bit DWORD value.
Leave its value data as 0 to enable scanning of network drives. Set its value data to 1 to disable scanning of network drives. - Restart Windows 10.
You can download ready-to-use Registry files including the undo file:
To avoid Registry editing, you can use PowerShell to configure network drive scanning.
Method 2. Using PowerShell
With a single PowerShell command, you can enable or disable scanning of network drives quickly.
- Open an elevated PowerShell prompt.
- Type or copy-paste one of the following commands:
To enable scanning of network drives:Set-MpPreference -DisableScanningMappedNetworkDrivesForFullScan 0
To disable scanning of network drives:Set-MpPreference -DisableScanningMappedNetworkDrivesForFullScan 1
The changes will be applied immediately. Restarting Windows is not required.
That's it.
Support us
Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options:
Going through these instructions it looks like you are disabling network scan rather than enabling them as you heading indicated. What do I do to enable my mapped drives to be scanned?