diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-exclusions-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configure-exclusions-windows-defender-antivirus.md index 03cf88d610..e0805ca3fb 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/configure-exclusions-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/configure-exclusions-windows-defender-antivirus.md @@ -12,7 +12,7 @@ ms.localizationpriority: medium author: denisebmsft ms.author: deniseb ms.custom: nextgen -ms.date: 02/05/2020 +ms.date: 03/12/2020 ms.reviewer: manager: dansimp --- diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus.md index 7f217bed68..8135fb28a9 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus.md @@ -12,7 +12,6 @@ ms.localizationpriority: medium author: denisebmsft ms.author: deniseb ms.custom: nextgen -ms.date: 12/10/2018 ms.reviewer: manager: dansimp --- @@ -33,7 +32,7 @@ You can exclude certain files from Windows Defender Antivirus scans by modifying > [!NOTE] > Automatic exclusions apply only to Windows Server 2016 and above. The default antimalware policy we deploy at Microsoft doesn't set any exclusions by default. -This topic describes how to configure exclusion lists for the files and folders. +This article describes how to configure exclusion lists for the files and folders. Exclusion | Examples | Exclusion list ---|---|--- @@ -90,21 +89,22 @@ See [How to create and deploy antimalware policies: Exclusion settings](https:// 3. Expand the tree to **Windows components > Windows Defender Antivirus > Exclusions**. -4. Double-click the **Path Exclusions** setting and add the exclusions: +4. Double-click the **Path Exclusions** setting and add the exclusions. - 1. Set the option to **Enabled**. - 2. Under the **Options** section, click **Show...**. - 3. Enter each folder on its own line under the **Value name** column. If you are entering a file, ensure you enter a fully qualified path to the file, including the drive letter, folder path, filename, and extension. Enter **0** in the **Value** column. + - Set the option to **Enabled**. + - Under the **Options** section, click **Show...**. + - Specify each folder on its own line under the **Value name** column. + - If you are specifying a file, ensure you enter a fully qualified path to the file, including the drive letter, folder path, filename, and extension. Enter **0** in the **Value** column. 5. Click **OK**. ![The Group Policy setting for file and folder exclusions](images/defender/wdav-path-exclusions.png) -6. Double-click the **Extension Exclusions** setting and add the exclusions: +6. Double-click the **Extension Exclusions** setting and add the exclusions. - 1. Set the option to **Enabled**. - 2. Under the **Options** section, click **Show...**. - 3. Enter each file extension on its own line under the **Value name** column. Enter **0** in the **Value** column. + - Set the option to **Enabled**. + - Under the **Options** section, click **Show...**. + - Enter each file extension on its own line under the **Value name** column. Enter **0** in the **Value** column. 7. Click **OK**. @@ -116,13 +116,13 @@ See [How to create and deploy antimalware policies: Exclusion settings](https:// Using PowerShell to add or remove exclusions for files based on the extension, location, or file name requires using a combination of three cmdlets and the appropriate exclusion list parameter. The cmdlets are all in the [Defender module](https://technet.microsoft.com/itpro/powershell/windows/defender/defender). -The format for the cmdlets is: +The format for the cmdlets is as follows: ```PowerShell - "" ``` -The following are allowed as the \: +The following are allowed as the ``: Configuration action | PowerShell cmdlet ---|--- @@ -130,7 +130,7 @@ Create or overwrite the list | `Set-MpPreference` Add to the list | `Add-MpPreference` Remove item from the list | `Remove-MpPreference` -The following are allowed as the \: +The following are allowed as the ``: Exclusion type | PowerShell parameter ---|--- @@ -168,6 +168,7 @@ For more information, see [Windows Defender WMIv2 APIs](https://msdn.microsoft.c See [Add exclusions in the Windows Security app](windows-defender-security-center-antivirus.md#exclusions) for instructions. + ## Use wildcards in the file name and folder path or extension exclusion lists You can use the asterisk `*`, question mark `?`, or environment variables (such as `%ALLUSERSPROFILE%`) as wildcards when defining items in the file name or folder path exclusion list. The way in which these wildcards are interpreted differs from their usual usage in other apps and languages. Make sure to read this section to understand their specific limitations. @@ -180,43 +181,17 @@ You can use the asterisk `*`, question mark `?`, or environment variables (such >- An asterisk `*` in a folder exclusion will stand in place for a single folder. Use multiple instances of `\*\` to indicate multiple nested folders with unspecified names. The following table describes how the wildcards can be used and provides some examples. - - - - - - - - - - - - - - - - -
WildcardUse in file name and file extension exclusionsUse in folder exclusionsExample useExample matches
* (asterisk)Replaces any number of characters.
Only applies to files in the last folder defined in the argument. 		Replaces a single folder.
Use multiple * with folder slashes \ to indicate multiple, nested folders.
After matching the number of wild carded and named folders, all subfolders will also be included.		 -
    -
  1. C:\MyData\*.txt
    2. -
  2. C:\somepath\*\Data
    3. -
  3. C:\Serv\*\*\Backup -
- 		-
    -
  1. C:\MyData\notes.txt
    2. -
  2. Any file in: -
      -
    • C:\somepath\Archives\Data and its subfolders
      • -
    • C:\somepath\Authorized\Data and its subfolders
      • -
    -
  3. Any file in: -
      -
    • C:\Serv\Primary\Denied\Backup and its subfolders
      • -
    • C:\Serv\Secondary\Allowed\Backup and its subfolders
      • -
    -
-
+ + +|Wildcard |Examples | +|---------|---------| +|`*` (asterisk)

In **file name and file extension inclusions**, the asterisk replaces any number of characters, and only applies to files in the last folder defined in the argument.

In **folder exclusions**, the asterisk replaces a single folder. Use multiple `*` with folder slashes `\` to indicate multiple, nested folders. After matching the number of wild carded and named folders, all subfolders are also included. | `C:\MyData\*.txt` would include `C:\MyData\notes.txt`

`C:\somepath\*\Data` would include any file in `C:\somepath\Archives\Data and its subfolders` and `C:\somepath\Authorized\Data and its subfolders`

`C:\Serv\*\*\Backup` would include any file in `C:\Serv\Primary\Denied\Backup and its subfolders` and `C:\Serv\Secondary\Allowed\Backup and its subfolders` | +|`?` (question mark) | | +|Row3 | | +|Row4 | | +|Row5 | | + + ? (question mark)