How to Force Windows Defender to Scan ZIP, RAR & CAB Archive Files

For improved security, you can make Windows Defender scan archive files like ZIP, RAR, and CAB. Let me show the best way to do it.

As the majority of you know Windows Defender may be the built-in antivirus and antimalware software in Windows 10. It runs silently without anyone’s knowledge and provides you real-time protection from a variety of threats. Among the best things about Windows Defender is that it is pretty lightweight and bother its users with unnecessary notifications and upgrade prompts. In case you are wondering, Windows Defender is among the top-ranked antivirus solutions. Personally, Windows Defender is my primary antivirus for years now and it works perfectly.

Automatically, Windows Defender can occasionally ignore archive files and never scan them for threats. If you wish to make sure Windows Defender scan anything and everything, there’s a simple method to tell Windows Defender to scan files like .zip, .rar, and .cab.

So, without further ado, allow me to show how you can do it in simple steps.

Configure Windows Defender to Scan Archives

There are several ways to do force Windows Defender to scan archives. I’ll show two methods. Follow the first method if you are using Windows 10 Pro or Windows 10 Enterprise edition. Stick to the second method if you are using Windows 10 Home edition.

1] Change Group Policy to Scan Archives

The easiest way is by using the Group Policy Editor. However, Group Policy Editor is only open to Windows 10 Pro or Enterprise users. If you work with Windows 10 Home edition, stick to the second method.

1. First, open the beginning menu, look for “Edit Group Policy” and then click the result to open the Group Policy Editor.

2. After opening the Group Policy Editor, you will see a lot of folders around the left panel. Expand the folder tree and go to the following location.

Computer Configuration → Administrative Templates → Windows Components → Windows Defender Antivirus → Scan

3. Around the right panel, find and double-click on the “Scan archive files” policy.

4. The above mentioned action will open the Policy Properties window. Here, select the “Enabled” radio option. Click the “Apply” and “Ok” buttons to save changes.

5. Close the audience Policy Editor and reboot Windows to make the changes take effect.

That is it. From now on, Windows will scan the archive files like every other file. Should you ever want to revert back, either select “Not Configured” or “Disabled” in the policy properties window and you are good to go.

2] PowerShell Command to Scan Archives

If you’re unable to use the first method or if you prefer to get the hands dirty with PowerShell commands then this is perfect for you. Though sounds complicated, all you need to do is perform single line command and you are done.

1. First, open the beginning menu, look for “PowerShell” and click on the “Run as Administrator” option appearing around the right panel.

2. After opening the PowerShell, execute the below command to allow archive scanning.

To enable archive scanning:

Set-MpPreference -DisableArchiveScanning 0

3. Close PowerShell window and reboot Windows to help make the changes take effect.

That’s it. In the future, Windows will scan the archive files like any other file. If you ever wish to revert back, replace “0” in the above command with “1”. Once the replaced, the command will look like this.

To disable archive scanning:

Set-MpPreference -DisableArchiveScanning 1