1. PDQ Connect Help Center
  2. Documentation
  3. PDQ Connect Overview

Antivirus Exceptions

In some cases, you may need to exclude PDQ Connect services and working directories from real-time (on-access) scanning by antivirus or antimalware software.

Required Antivirus Exceptions

At minimum, the PDQConnectAgent service must be allowed as an exclusion in your antivirus. We also recommend excluding the PDQConnectUpdater service.

Optional Antivirus Exceptions

The PDQ Connect Agent install directory and runner directory may need to be excluded from your antivirus. 

  • PDQ Connect Agent Install Directory: C:\Program Files\PDQ 
  • PDQ Connect Agent Runner Directory: C:\ProgramData\PDQ\
  • PDQ Remote Desktop Agent Directory (on each endpoint): C:\Program Files (x86)\PDQ\PDQ Remote Desktop Agent
  • PDQ Remote Desktop Local Viewer application (on admin user machine): C:\Program Files (x86)\PDQ\PDQ RD Viewer

Microsoft Defender Exceptions

For additional guidance, please see Microsoft's documentation on how to Address false positives/negatives in Microsoft Defender for Endpoint
 
To check and update your threat detection definitions in Defender, see this page:
https://www.microsoft.com/en-us/wdsi/defenderupdates

Adding Exclusions: Windows Defender (Consumer)
For Windows 10 and 11 (Home, Pro, etc.), follow these steps:
  • Open Settings and navigate to Update & Security > Windows Security.
  • Select Virus & threat protection.
  • Under Virus & threat protection settings, click Manage settings.
  • Scroll down to Exclusions and click Add or remove exclusions.
  • Choose Add an exclusion, then select the type (File, Folder, File Type, or Process), and provide the required path or details as outlined above. We recommend starting with the required exceptions first and only adding optional exceptions if needed.
Adding Exclusions: Windows Defender (Enterprise)
For enterprise environments (managed via Intune, Group Policy, or other management tools):
  • Microsoft Intune (Endpoint Security/Antivirus Policy):
    • Go to Microsoft Intune admin center > Endpoint security > Antivirus.
    • Create a new policy or edit an existing one.
    • Under the policy's configuration settings, look for Microsoft Defender Antivirus Exclusions.
    • Enter your exclusions for paths, extensions, processes, or files as required (one per line), as outlined above. We recommend starting with the required exceptions first and only adding optional exceptions if needed.
    • Save and deploy the policy.
  • Group Policy Editor (GPO):
    • Open Group Policy Management Editor.
    • Navigate to Computer Configuration > Administrative Templates > Windows Components > Microsoft Defender Antivirus > Exclusions.
    • Specify exclusions by path, extension, or process, as outlined above. We recommend starting with the required exceptions first and only adding optional exceptions if needed.
  • PowerShell. Use the following command example to add the exclusions, as appropriate
Add-MpPreference -ExclusionPath "C:\Example\Path"
Add-MpPreference -ExclusionProcess "example.exe"
Add-MpPreference -ExclusionExtension ".ext"

In rare situations, behavioral analysis on some antivirus modules may block or flag as false-positive PDQ Connect Agent executables, processes, or Windows PowerShell (powershell.exe) during routine PDQ Connect activity or updates. 

In the case of PowerShell, it is an essential component of the PDQ Connect Agent, so we recommend working with your antivirus vendor to resolve this.

Corey Collins
Updated
Was this article helpful?

Related articles