Skip to main content

We like to remove Windows Defender Antivirus exclusions. The problem is that there are a lot of exclusions, and when we go to the Microsoft virus & threat protection settings, it takes a lot of time to remove them manually. That’s because you can’t select multiple exclusions and remove them. An excellent approach to remove Windows Defender exclusions is with PowerShell. So let’s look at the fastest way to clear Windows Defender Antivirus exclusions with PowerShell.

Microsoft Defender Antivirus

Microsoft Defender Antivirus (formerly Windows Defender) is Microsoft Windows virus and threat protection software. Microsoft Defender Antivirus is available in Windows 10, Windows 11, and in versions of Windows Server. It comes default with the Windows operating system. It can be run next to your non-Microsoft antivirus/antimalware product, in active mode, passive mode, and disabled mode.

When you go to the Windows Defender Antivirus exclusions, a list with all the exclusions shows up. Unfortunately, there is no select-all button or a checkbox to select the exclusions and remove them. Instead, there is only a Remove button for every exclusion.

Clear Microsoft Defender Antivirus exclusions with PowerShell list

Prepare clear Windows Defender Antivirus exclusions PowerShell script

Before you start, you want to place the files in the right place. We recommend creating two folders on the (C:) drive:

  • Scripts
  • Temp

Another option is to copy and paste the below code into Notepad. Give it the name Clear-WindowsDefenderExcl.ps1 and place it in the C:\scripts folder.

# PowerShell script to clear the ExclusionPath, ExclusionProcess, and ExclusionExtension
# associated with Windows Defender Antivirus

# Start transcript
$Logs = "C:\temp\Clear-WindowsDefenderExcl.txt"
Start-Transcript $Logs -Append -Force

# Get Windows Defender preferences
$x = Get-MpPreference

# Get exclusion path
if ($x.ExclusionPath -ne $NULL) {
    Write-Host("================================================")
    Write-Host("Removing the following ExclusionPath entries:")
    foreach ($i in $x.ExclusionPath) {
        Remove-MpPreference -ExclusionPath $i
        Write-Host($i)
    }
    Write-Host("================================================")
    Write-Host("Total ExclusionPath entries deleted:", $x.ExclusionPath.Count)
}
else {
    Write-Host("No ExclusionPath entries present. Skipping...")
}

# Get exclusion process
if ($x.ExclusionProcess -ne $NULL) {
    Write-Host("================================================")
    Write-Host("Removing the following ExclusionProcess entries:")
    foreach ($i in $x.ExclusionProcess) {
        Remove-MpPreference -ExclusionProcess $i
        Write-Host($i)
    }
    Write-Host("================================================")
    Write-Host("Total ExclusionProcess entries deleted:", $x.ExclusionProcess.Count)
}
else {
    Write-Host("No ExclusionProcess entries present. Skipping...")
}

# Get exclusion extension
if ($x.ExclusionExtension -ne $NULL) {
    Write-Host("================================================")
    Write-Host("Removing the following ExclusionExtension entries:")
    foreach ($i in $x.ExclusionExtension) {
        Remove-MpPreference -ExclusionExtension $i
        Write-Host($i)
    }
    Write-Host("================================================")
    Write-Host("Total ExclusionExtension entries deleted:", $x.ExclusionExtension.Count)
}
else {
    Write-Host("No ExclusionExtension entries present. Skipping...")
}

# Summary
Write-Host("================================================")
Write-Host("SUMMARY")
Write-Host($x.ExclusionPath.Count, "ExclusionPath entries deleted.")
Write-Host($x.ExclusionProcess.Count, "ExclusionProcess entries deleted.")
Write-Host($x.ExclusionProcess.Count, "ExclusionExtension entries deleted.")
Write-Host(($x.ExclusionPath.Count + $x.ExclusionProcess.Count + $x.ExclusionExtension.Count), "Total entries deleted")
Write-Host("")
Write-Host("Done.")
Stop-Transcript
  • Line 5: Edit the transcript log path

Run clear Windows Defender Antivirus exclusions PowerShell script

To clear Windows Defender Antivirus exclusions:

  1. Run PowerShell as administrator
  2. Change the path to the scripts folder
  3. Run the PowerShell script to remove all exclusions from Windows Defender Antivirus
  4. Wait till the PowerShell script completes
PS C:\> cd c:\scripts
PS C:\scripts> .\Clear-WindowsDefenderExcl.ps1

Note: The Windows PowerShell console will show a list of the deleted exclusions entries and a summary with the total count. Also, it will show the output in a log because a transcript is added to the PS script.

This is an example of what it looks like after running the Clear-WindowsDefenderExcl.ps1 PowerShell script.

Clear Microsoft Defender Antivirus exclusions with PowerShell PowerShell script

Verify Windows Defender Antivirus exclusions removal

You can always find the log output in the C:\temp folder and open the Clear-WindowsDefenderExcl.txt file.

Clear Microsoft Defender Antivirus exclusions with PowerShell transcript log

Verify that the script successfully removed all the exclusions from Windows Defender Antivirus.

Clear Microsoft Defender Antivirus exclusions with PowerShell empty exclusions

Leave a Reply