Windows is big on security, and thanks to Microsoft Defender—previously known as Windows Defender—users have access to a free, built-in anti-malware program on Windows devices. By default, Microsoft Defender automatically enables real-time protection. The antivirus software detects, blocks, and neutralizes spyware, ransomware, viruses, and other malware.

Sometimes, however, the antivirus program can be over-protective and detect trusted files as threats, blocking them in the process. To fix this, you'll need to add the files to Microsoft Defender's exclusion list. Here, we'll walk you through the steps of excluding a file you don't want Microsoft Defender to scan.

What Is Whitelisting?

Whitelisting is the practice of allowing a list of administrator-approved entities, including programs and files, to be present and active on a computer system. Whatever is not on the list is blocked.

Be careful when excluding items; only exclude those you're confident are safe. Allowing files and folders flagged as malicious by Microsoft Defender can harm your computer and files.

If malware infects your computer, it could infect the excluded files. If the excluded files are compromised, it would be hard for the antivirus program to detect the malware, putting your entire PC at risk of infection.

How to Exclude Files Out of Windows 11 Defender Scans

To whitelist a file in Microsoft Defender, you must add it to the exclusion list. Carefully follow the instructions below to avoid any confusion.

  1. Open the Start menu and click on Settings.
  2. Navigate to Privacy & security and select Windows Security.
  3. Under Protection areas, select Virus & threat protection.
    Windows Security's Protection areas
  4. Navigate to Virus & threat protection settings and select Manage settings. Then, scroll down to Exclusions, and click on Add or remove exclusions.
    Microsoft Defender's Virus & threat protection settings
  5. Click on Add an exclusion and choose the file, folder, file type, or process to exclude. To exclude an individual file, click on File from the drop-down list and select the file you want to exclude from future scans. Then, close Windows Security to save your settings.
    An excluded file displayed under Add an exclusion

Here are the items you can exclude from Microsoft Defender and what each choice means.

  • File: Excludes a single file from future scans.
  • Folder: Excludes a folder and its contents, including subfolders.
  • File type: Excludes all files with a particular extension. For example, ".txt" would exclude all files ending with the .txt extension from scans.
  • Process: Excludes a process by name. For example, "test.exe" would exclude files opened by c:\sample\test.exe.

Benefits of Whitelisting in Microsoft Defender

Whitelisting can be a handy approach to security; it improves defenses and reduces cyber threats. Here are the benefits of whitelisting.

  1. It helps prevent false positives. Adding the file, folder, or process in question to the Microsoft Defender exclusion list stops the program from blocking or alerting you about the harmless files.
  2. To protect computers and networks from potentially harmful threats. For example, companies with BYOD policies often whitelist applications and websites they consider safe for employees to provide some level of protection to personal devices when connected to the company network.
  3. It can improve performance for some tasks. During its scans, Microsoft Defender checks all items on your computer, which could lead to occasional system lags. Whitelisting specific files and processes can fix this.

Optimize Your PC With Microsoft Defender Exclusions

Microsoft Defender protects your Windows device in real-time. It automatically runs in the background, checking files you downloaded or copied from portable hard drives, even before opening them. The antivirus software does a decent job scanning malware files, flagging phishing sites, and blocking exploits and network-based attacks.

As much as we love Microsoft Defender, it flags some trusted files and folders as malicious. And this is why you should instruct the antivirus software to exclude certain files from getting scanned and blocked.