While Windows Security does a great job when it comes to new file types that could be a threat to a Windows user, sometimes false-positive happens. You might have a file type that you know very well is not a security threat, but Windows identifies to safeguard you. The same applies to any process or program you know is not a problem. In this scenario, you can add that file type or process as an exclusion.
Add a File or Process Exclusion to Windows Security
- Type Windows Security in the Start menu, and click on it open it.
- Navigate to Virus & threat protection.
- Under Virus & threat protection settings, select Manage settings
- Under Exclusions, click on Add an exclusion button.
- Then select from files, folders, file types, or Process.
When you do it for the folder, the exclusion will apply to all subfolders within the folder as well. That said, while the File type, file, and folder exclusion is simple, Process exclusion needs a different approach.
Since there is no file browser, you need to enter the full path and filename of the process or program. This will make sure if the program launches, it will not be restricted. If you do not want to add a full path, you can add the exact name of the process. If it launches from anywhere, it will not be blocked.
You can further customize in two more ways.
- Add a path such as “C:\ProcessFolde\*” and it will exclude files opened by all processes located in that folder.
- If you use program-name*, then it will exclude files opened by all processes named test, regardless of the file extension.
- You can use environment variables in your process exclusions as well, such as %ALLUSERSPROFILE%\ProgramFolder\program-name.exe
Environmental variables allow you to exclude the program for all the users and control many scenarios.
Group Policy Method: Add a File type or Process Exclusion to Windows Security
Open Group Policy editor by typing gpedit.msc in the Run prompt( Win +R) followed by pressing the Enter key. Navigate to the following path:
Computer configuration > Administrative templates > Windows components > Microsoft Defender Antivirus > Exclusions.
You have the following exclusions—
- Path, and
It is similar to what we have shown through the Security app. Still, it can be used by IT admins to apply for multiple computers or a computer running in a corporate environment.
I hope the process was easy to understand, and you have learned how to add exclusion through the UI and the Group Policy. In case you are using Windows 11/10 Home, you can enable Group Policy for it and then use this method.