Is a file or process being blocked by Windows Defender on Windows 11/10? You can add a file type or process exclusion to Windows Security via GPEDIT or Settings.
While Windows Security does a great job when it comes to new file types that could be a threat to a Windows user, sometimes false-positive happen. You might have a file type that you know very well is not a security threat, but Windows identifies to safeguard you. The same applies to any process or program you know is not a problem. In this scenario, you can add that file type or process as an exclusion.
How to add a File type or Process Exclusion to Windows Security
To add a File or Process Exclusion to Windows Security in Windows 11/10, follow these steps:
- Type Windows Security in the Start menu, and click on it to open it.
- Navigate to Virus & threat protection.
- Under Virus & threat protection settings, select Manage settings
- Under Exclusions, click on Add an exclusion button.
- Then select from files, folders, file types, or Process.
When you do it for the folder, the exclusion will apply to all subfolders within the folder as well. That said, while the File type, file, and folder exclusion is simple, Process exclusion needs a different approach.
Since there is no file browser, you need to enter the full path and filename of the process or program. This will make sure if the program launches, it will not be restricted. If you do not want to add a full path, you can add the exact name of the process. If it launches from anywhere, it will not be blocked.
You can further customize in two more ways.
- Add a path such as C:\ProcessFolde\*, and it will exclude files opened by all processes located in that folder.
- If you use program-name*, then it will exclude files opened by all processes named test, regardless of the file extension.
- You can use environment variables in your process exclusions as well, such as %ALLUSERSPROFILE%\ProgramFolder\program-name.exe
Environmental variables allow you to exclude the program for all the users and control many scenarios.
Add a File type or Process Exclusion to Windows Security using Group Policy
Open Group Policy editor by typing gpedit.msc in the Run prompt( Win +R) followed by pressing the Enter key. Navigate to the following path:
Computer configuration > Administrative templates > Windows components > Microsoft Defender Antivirus > Exclusions.
You have the following exclusions—
- Path, and
It is similar to what we have shown through the Security app. Still, it can be used by IT admins to apply for multiple computers or a computer running in a corporate environment.
I hope the process was easy to understand and that you have learned how to add exclusion through the UI and the Group Policy.
NOTE: If you use third-party antivirus software like McAfee, Kaspersky, Norton Avast, AVG, Bitdefender, Malwarebytes, etc. then this post will show you how to add a File or Folder to the Antivirus Exception List.
If you are using Windows 11/10 Home, you can enable Group Policy for it and then use this method.
This post will help you if Windows Defender Exclusions is not working.