Currently one of the operations that we do most with our computer is to use our favorite email client. It is certainly a widely used method to send different types of documents as an attachment. Surely we have noticed on more than one occasion that when we are about to open any attached file, Windows will take care of analyzing it previously either with Microsoft Defender or another antivirus, something that some users can be annoying.
If we are users who constantly receive emails with attachments for work reasons, we find ourselves with the annoyance of having to go through the antivirus every time we want to access them. This is done for our own safety, although it may not be to our liking.
Why Windows Defender Scans Attachments
Windows takes care, through Defender or the antivirus that we have installed, to automatically scan any attached file that arrives by email. This task is done to ensure our safety. Since ransomware is one of the biggest threats to our computer and it spreads easily through attachments. And is that this powerful malware is responsible for restricting access to certain parts or files of the infected operating system, asking for a ransom in exchange for removing protection. That is why it is always convenient that we never open attachments in the event that we do not know their sender and always have an updated backup of our most important files.
But, if, for some reason, we do not want Windows Defender to be in charge of analyzing our email attachments, we must know that there are ways to disable it. It is possible to disable this security feature in Windows 10, and carry it out in two different ways. For this we can use both the “Registry Editor” and the “Windows Group Policy Editor” as we will see below.
Disable attachment scanning using Windows Registry Editor
One of the options we have to prevent Windows Defender from scanning the attachments that come to us by email is to use the Windows Registry Editor . Thanks to this editor, both system administrators and people with advanced computer skills can review any type of configuration of the different system parameters.
In order to access the Registry Editor, press the “Windows + R” key to open the “Run” tool. We will write “regedit” and click on “OK”. Once in the registry we must navigate to the route:
HEKY_CURRENT_USER / SOFTWARE / Microsoft / Windows / CurrentVersion / Policies / Attachments
In the event that within the “Policies” folder we cannot find the “Attachments” folder, we must create it . To do this, right click on “Policies”, access “New”, then go to “Password” and assign the name “Attachments”. Next, we right-click on “Attachments”, select “New” and “DWORD Value (32 bits)” and name it ScanWithAntiVirus. Now we double click on ScanWithAntiVirus and set the value data as 1 and click OK to save the changes. Setting 1 as the value will disable the attachment scanning feature.
Re-enable attachment scanning
In case we want to re-enable the analysis of attachments we must return to the path HEKY_CURRENT_USER / SOFTWARE / Microsoft / Windows / CurrentVersion / Policies / Attachments
We will double click on ScanWithAntiVirus and in the value information we will put 3 . This will enable the scan again.
Disable attachment scanning via Group Policy Editor
The Windows Group Policy Editor is a powerful tool with which we can enable or disable access to different hardware and software parameters of the system, allowing us to obtain a more controlled administration of the use of the system. Through group policies, we will be able to edit advanced values at the computer level and user accounts that are not configurable from the Control Panel.
Access the editor with the gpedit.msc command
Therefore, through the Windows 10 Group Policy Editor we can disable the option for Windows Defender to examine attachments, stopping the analysis of emails when we open them. For this we must follow the following steps:
The first thing is to activate the “Execute” command, for this we will press the keyboard shortcut “Windows + R” and write “gpedit.msc” and click on “OK”. Once the editor is open, we will navigate to the following route:
User Configuration> Administrative Templates> Windows Components> Attachment Manager
Next, on the right side, in the first of the settings it says “Notify antivirus programs when attachments are opened” . Click on it and on the left side click on “Edit policy settings”, a new window will appear. Now we will click on the “Disabled” box, and finally on the “Apply” and “OK” buttons.
In this way, using the policy configuration editor we have been able to manage the behavior to notify registered antivirus that we do not want them to scan attached files . In the event that we have several antivirus, the notification will affect all of them. When disabling the policy setting or if we leave it marked as “Not configured”, Windows will not notify the installed antivirus when we decide to open any attached file of an email.
Re-enable policy settings at any time
In the event that we want to enable the “Notify antivirus programs when attachments are opened” function, Windows will tell the antivirus to scan an attached file when we open it. If the antivirus fails, the opening of said file is blocked.
When we want to enable this option, we will have to reopen the “Group Policy Editor” and access the path:
User Configuration> Administrative Templates> Windows Components> Attachment Manager
On this occasion, when editing the configuration of the directive, we must mark the option “Enabled” , click on “Apply” and “OK”.
