Before we show you how to do that, though, there are some best practices you should be aware of. Users commonly exclude folders and types of files that will compromise their security in the future. Best practices for adding exceptions to Windows Defender Firstly, when you add an exception to Windows Defender, you should avoid excluding your system, or C: drive, as a whole. That includes C:, and C:*. You should additionally avoid excluding your Java folder in Program Files, and the following directories:
C:\Windows\Prefetch (and other variations) C:\Windows\System32\Spool (and other variations) Temporary folders, including C:\Windows\Temp, local app data, and LocalLow.
When you want to add Windows Defender exclusions for file extensions, you should avoid the following types: .7z, .bat, .bin, .cab, .cmd, .com, cpl, .dll, .exe,.fla, .gif, .gz, .hta, .inf. .java, .jar, .job, .jpeg, .jpg, .js, .ko, .ko.gz, .msi, .ocx, .png, .ps1, .py, .rar, .reg, .scr, .sys, .tar, .tmp, .URL, .vbe, .vbs, .wsf, .zip. In general, you shouldn’t add Windows Defender exceptions for Microsoft processes, either. Though you’re right in thinking that PowerShell.exe, wmic.exe, or svchost.exe are safe in their normal form an attack could modify the file to be malicious. Excluding it would allow them to slip past your defenses. In a similar vein, you should always add the direct path to your file in your exclusion list. Let’s say you want to exclude Winbuzzer.exe from scanning. If you manually edited your list and only defined Winbuzzer.exe, an attacker could send you any file named Winbuzzer.exe and have it skip past your defenses. Writing C:\Program Files\winbuzzer\Winbuzzer.exe instead would only skip the scanning of the file in that particular folder. With that lengthy disclaimer out of the way, let’s get down to showing you how to add Windows Defender exclusions via the Windows Security app.
How to Exclude a Folder, File, Process, or File Type from Windows Defender Scans
Now that you know how to add an exception to Windows Defender, you may want to tighten your security in other ways. The following guides will show you how to enable Windows Defender Application Guard and the Hidden Adware scanner. Here’s how you can add items to your Windows Defender exceptions list:
Alternatively, if you want to add an exception to Windows Defender that’s a file, file type, or process, click that option.