How to Force Windows Defender to Scan ZIP, RAR & CAB Archive Files

For improved security, you can make Windows Defender scan archive files like ZIP, RAR, and CAB. Let me show how you can do it.

As most of you know Windows Defender is the built-in antivirus and antimalware software in Windows 10. It runs silently in the background and gives you real-time protection from all sorts of threats. One of the best things about Windows Defender is that it is pretty lightweight and doesn’t bother its users with unnecessary notifications and upgrade prompts. In case you are wondering, Windows Defender is one of the top-ranked antivirus solutions. Personally, Windows Defender is my primary antivirus for years now and it works perfectly.

By default, Windows Defender can sometimes ignore archive files and not scan them for threats. If you want to make sure Windows Defender scan anything and everything, there is a simple way to tell Windows Defender to scan files like .zip, .rar, and .cab.

So, without further ado, let me show how you can do it in simple steps.

Configure Windows Defender to Scan Archives

There are several ways to do force Windows Defender to scan archives. I will show two methods. Follow the first method if you are using Windows 10 Pro or Enterprise edition. Follow the second method if you are using Windows 10 Home edition.

1] Change Group Policy to Scan Archives

The easiest way is to use the Group Policy Editor. However, Group Policy Editor is only available to Windows 10 Pro or Enterprise users. If you are using Windows 10 Home edition, follow the second method.

1. First, open the start menu, search for “Edit Group Policy” and click on the result to open the Group Policy Editor.

Windows-defender-archive-scan-open-group-policy

2. After opening the Group Policy Editor, you will see a bunch of folders on the left panel. Expand the folder tree and go to the following location.

Computer Configuration → Administrative Templates → Windows Components → Windows Defender Antivirus → Scan

Windows-defender-archive-scan-go-to-policy

3. On the right panel, find and double-click on the “Scan archive files” policy.

Windows-defender-archive-scan-open-policy

4. The above action will open the Policy Properties window. Here, select the “Enabled” radio option. Click on the “Apply” and “Ok” buttons to save changes.

Windows-defender-archive-scan-configure-policy

5. Close the Group Policy Editor and reboot Windows to make the changes take effect.

That is it. From now on, Windows will scan the archive files like any other file. If you ever want to revert back, either select “Not Configured” or “Disabled” in the policy properties window and you are good to go.

2] PowerShell Command to Scan Archives

If you are unable to use the first method or if you like to get your hands dirty with PowerShell commands then this is for you. Though sounds complicated, all you have to do is execute a single line command and you are done.

1. First, open the start menu, search for “PowerShell” and click on the “Run as Administrator” option appearing on the right panel.

Windows-defender-archive-scan-open-powershell

2. After opening the PowerShell, execute the below command to enable archive scanning.

To enable archive scanning:

Set-MpPreference -DisableArchiveScanning 0
Windows-defender-archive-scan-execute-powershell-command

3. Close PowerShell window and reboot Windows to make the changes take effect.

That is it. From now on, Windows will scan the archive files like any other file. If you ever want to revert back, replace “0” in the above command with “1”. Once the replaced, the command will look like this.

To disable archive scanning:

Set-MpPreference -DisableArchiveScanning 1

Hope that helps. If you are stuck or need some help, comment below and I will try to help as much as possible. If you like this article, do check out how to schedule Windows Defender scan in Windows 10.

Leave a Comment

Scroll to Top