Share via

Windows10 Defender anti-virus file name exclusion

河瀬 友秀 36 Reputation points
2021-06-23T23:53:40.817+00:00

Currently, we are verifying Windows 10 anti-virus by switching from a commercial product (Symantec) to Defender anti-virus.
The matter to be consulted is about the file name to be excluded by anti-virus measures.
It seems that exclusion settings can be made by file name in commercial products, but in the case of Defender, settings cannot be saved unless a path is specified.
As a background for making this setting, exe and msi files created by our company may be falsely detected / over-detected due to business reasons, so they are excluded.
Since the save destination of exe and msi changes depending on the user, it is difficult to operate if the path is specified.
Can you give me some ideas on how to avoid this?

Microsoft Security | Intune | Configuration Manager | Other
0 comments
Accepted answer
  1. AllenLiu-MSFT 49,316 Reputation points Microsoft External Staff
    2021-06-24T07:49:21.837+00:00

    Hi, @河瀬 友秀
    Thank you for posting in Microsoft Q&A forum.
    Here is the guidance for how to configure exclusion settings for windows 10 defender in SCCM:
    https://www.nibonnet.fr/configure-antivirus-exceptions-for-sccm/

    For the exe and msi files, I think we can use the Process Exclusion, you may refer to:
    https://www.thewindowsclub.com/add-a-file-type-or-process-exclusion-to-windows-security

    (Please note: Information posted in the given links are hosted by a third party. Microsoft does not guarantee the accuracy and effectiveness of information.)

    If the response is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    1 person found this answer helpful.
    0 comments

2 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. 河瀬 友秀 36 Reputation points
    2021-06-23T23:56:59.667+00:00

    Additional Information
    Windows 10 is managed by the Microsoft Endpoint Configration manager.

    1 person found this answer helpful.
    0 comments
  2. 河瀬 友秀 36 Reputation points
    2021-06-24T11:30:17.997+00:00

    Thank you for your idea.
    I understand that exe and msi are excluded from the process so that they will not be recognized as malware when they operate.
    Let's see how it works with the operation you taught us.

    1 person found this answer helpful.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.