Windows 10’s built-in Windows Defender is failing to fully complete virus scans with a notification alert saying: ”Items skipped during scan – The Windows Defender Antivirus scan skipped an item due to exclusion or network scanning settings”.
This notification alert, affecting Windows 10 only, is popping up following a Windows Defender scan and, over the past few weeks, has been widely reported by a substantial number of Windows 10 users. Until very recently it was unclear exactly what was causing this issue or what the solution might be. However, a German tech writer, Günter Born, has since discovered a likely scenario and simple fix.
Fix Items Skipped During Scan
The Cause: It seems that, in earlier versions of Windows Defender, network scanning was enabled by default. However, in the latest Defender, network scanning is now disabled by default. Why Microsoft decided to make this change is anyone’s guess, but the alerts appear to merely indicate that the scanning of network files has been skipped, as it obviously would be with this option disabled by default. More MS craziness.
The Cure: The solution then is to simply enable network scanning in Windows Defender which, thankfully, is a fairly straight forward process. Strangely, in its comprehensive guide to configuring Windows Defender scan preferences, Microsoft does not recommend scanning network files, yet leaving network scanning disabled will continue displaying these notification alerts.
Personally, I would tend to leave network scanning disabled and simply ignore the notification alerts. I would also suggest utilizing a reputable third-party scanner as an alternative, at least until Microsoft fixes this silly discrepancy. I use and recommend the excellent malware scanner that’s included with the portable and free Emsisoft Emergency Kit.
That said, if these alerts are annoying you, they can quite easily be done away with. There are actually three methods to enable network scanning in Windows Defender:
- Via the Group Policy Editor (Windows 10 Pro only)
- Via editing the registry (Windows 10 Home and Pro)
- Via PowerShell command (Windows 10 Home and Pro)
We’re going to use the PowerShell command option because it is the simplest and applies to both Home and Pro versions. Here’s how:
- Open a PowerShell (Admin)
- Type or copy/paste the following command to enable scanning network files:
Set-MpPreference –DisableScanningNetworkFiles 0
- You can confirm that this change has been made by entering the following command before and after the above command:
Get-MpPreference | findstr /i net
- To disable scanning network files again
Set-MpPreference –DisableScanningNetworkFiles 1
NOTE: False = scanning network files is enabled. True = scanning network files is disabled.
- Credit to Günter Born who first discovered this glitch and came up with the remedy: Windows 10: Fix for skipped Defender scans
- Also to Lawrence Abrams at BleepingComputer who discovered what is causing this anomaly: Windows Defender Fix For Windows 10: Enable Network Scanning