Skip to content

Instantly share code, notes, and snippets.

@kevlawz

kevlawz/Windows Defender Exclusions for Developer.md

Forked from dknoodle/Windows Defender Exclusions VS 2017.ps1
Last active December 24, 2020 20:24
Show Gist options
  • Save kevlawz/0d6c5557fbc6ff08c989556fd5685ef2 to your computer and use it in GitHub Desktop.
Save kevlawz/0d6c5557fbc6ff08c989556fd5685ef2 to your computer and use it in GitHub Desktop.
Download ZIP
Windows Defender exclusions for Visual Studio 2017 and Flutter
Raw
Windows Defender Exclusions for Developer.md

Windows Defender exclusions for Visual Studio 2017/Android Studio/VSCode/Flutter

I've tried to strike a balance between performamce and security. I've commented out many of the individual file exceptions, however I also left the commented line for future reference/tweaking if needed. WSL2 only. WSL1 exclusions are different and not included here.

Refrerences (some)

Hyper-V exclusions (Taken from Windows Server 2016/2019 Microsoft Best Practices)

This section lists the file type exclusions, folder exclusions, and process exclusions that are delivered automatically when you install the Hyper-V role on Windows Server. I applied them to my developer laptop because both WSL2 and Docker make use of virtualization and VHD/VHDX files.

File type exclusions:
    *.vhd
    *.vhdx
    *.avhd
    *.avhdx
    *.vsv
    *.iso
    *.rct
    *.vmcx
    *.vmrs
Folder exclusions:
    %ProgramData%\Microsoft\Windows\Hyper-V
    %ProgramFiles%\Hyper-V
    %SystemDrive%\ProgramData\Microsoft\Windows\Hyper-V\Snapshots
    %Public%\Documents\Hyper-V\Virtual Hard Disks
Process exclusions:
    %systemroot%\System32\Vmms.exe
    %systemroot%\System32\Vmwp.exe

Powershell Script (does not include the Hyper-V file type exclusions)

$userPath = $env:USERPROFILE
$pathExclusions = New-Object System.Collections.ArrayList
$processExclusions = New-Object System.Collections.ArrayList

$pathExclusions.Add('C:\Windows\Microsoft.NET') > $null
$pathExclusions.Add('C:\Windows\assembly') > $null

# Android Studio
$pathExclusions.Add($userPath + '\.AndroidStudio4.0\system') > $null
$pathExclusions.Add($userPath + '\.gradle') > $null
$pathExclusions.Add($userPath + '\AppData\Local\Android\Sdk') > $null

# WSL2 - WARNING: THIS LOCATION WILL CHANGE!!!
$pathExclusions.Add($userPath + '\AppData\Local\Packages\CanonicalGroupLimited.Ubuntu20.04onWindows_79rhkp1fndgsc') > $null

# Docker (Not needed if the .vhd/.vhdx fole type exclusions are added)
$pathExclusions.Add($userPath + '\AppData\Local\Docker\wsl\data') > $null
$pathExclusions.Add($userPath + '\AppData\Local\Docker\wsl\distro') > $null

# Hyper-V
$processExclusions.Add('%systemroot%\System32\Vmms.exe') > $null
$processExclusions.Add('%systemroot%\System32\Vmwp.exe') > $null
$pathExclusions.Add('%ProgramData%\Microsoft\Windows\Hyper-V') > $null
$pathExclusions.Add('%ProgramFiles%\Hyper-V') > $null
$pathExclusions.Add('%SystemDrive%\ProgramData\Microsoft\Windows\Hyper-V\Snapshots') > $null
$pathExclusions.Add('%Public%\Documents\Hyper-V\Virtual Hard Disks') > $null

# Visual Studio
$pathExclusions.Add($userPath + '\AppData\Local\Microsoft\VisualStudio') > $null
$pathExclusions.Add('C:\ProgramData\Microsoft\VisualStudio\Packages') > $null
$pathExclusions.Add('C:\Program Files (x86)\MSBuild') > $null
$pathExclusions.Add('C:\Program Files (x86)\Microsoft Visual Studio 14.0') > $null
$pathExclusions.Add('C:\Program Files (x86)\Microsoft Visual Studio 10.0') > $null
$pathExclusions.Add('C:\Program Files (x86)\Microsoft Visual Studio') > $null
$pathExclusions.Add('C:\Program Files (x86)\Microsoft SDKs\NuGetPackages') > $null
$pathExclusions.Add('C:\Program Files (x86)\Microsoft SDKs') > $null
$processExclusions.Add('devenv.exe') > $null
# $processExclusions.Add('vbcscompiler.exe') > $null
# $processExclusions.Add('nuget.exe') > $null
# $processExclusions.Add('vshost-clr2.exe') > $null
# $processExclusions.Add('VSInitializer.exe') > $null
# $processExclusions.Add('VSIXInstaller.exe') > $null
# $processExclusions.Add('VSLaunchBrowser.exe') > $null
# $processExclusions.Add('vsn.exe') > $null
# $processExclusions.Add('VsRegEdit.exe') > $null
# $processExclusions.Add('VSWebHandler.exe') > $null
# $processExclusions.Add('VSWebLauncher.exe') > $null
# $processExclusions.Add('XDesProc.exe') > $null
# $processExclusions.Add('Blend.exe') > $null
# $processExclusions.Add('DDConfigCA.exe') > $null
# $processExclusions.Add('FeedbackCollector.exe') > $null
# $processExclusions.Add('Microsoft.VisualStudio.Web.Host.exe') > $null
# $processExclusions.Add('mspdbsrv.exe') > $null
# $processExclusions.Add('MSTest.exe') > $null
# $processExclusions.Add('PerfWatson2.exe') > $null
# $processExclusions.Add('Publicize.exe') > $null
# $processExclusions.Add('QTAgent.exe') > $null
# $processExclusions.Add('QTAgent_35.exe') > $null
# $processExclusions.Add('QTAgent_40.exe') > $null
# $processExclusions.Add('QTAgent32.exe') > $null
# $processExclusions.Add('QTAgent32_35.exe') > $null
# $processExclusions.Add('QTAgent32_40.exe') > $null
# $processExclusions.Add('QTDCAgent.exe') > $null
# $processExclusions.Add('QTDCAgent32.exe') > $null
# $processExclusions.Add('StorePID.exe') > $null
# $processExclusions.Add('T4VSHostProcess.exe') > $null
# $processExclusions.Add('TailoredDeploy.exe') > $null
# $processExclusions.Add('TCM.exe') > $null
# $processExclusions.Add('TextTransform.exe') > $null
# $processExclusions.Add('TfsLabConfig.exe') > $null
# $processExclusions.Add('UserControlTestContainer.exe') > $null
# $processExclusions.Add('vb7to8.exe') > $null
# $processExclusions.Add('VcxprojReader.exe') > $null
# $processExclusions.Add('VsDebugWERHelper.exe') > $null
# $processExclusions.Add('VSFinalizer.exe') > $null
# $processExclusions.Add('VsGa.exe') > $null
# $processExclusions.Add('VSHiveStub.exe') > $null
# $processExclusions.Add('vshost.exe') > $null
# $processExclusions.Add('vshost32.exe') > $null
# $processExclusions.Add('vshost32-clr2.exe') > $null

# VS Code
$processExclusions.Add('Code - Insiders.exe') > $null
$processExclusions.Add('code.exe') > $null
$processExclusions.Add('codehelper.exe') > $null

# Android Studio
$processExclusions.Add('studio64.exe') > $null

# Runtimes, build tools
$processExclusions.Add('node.exe') > $null
$processExclusions.Add('node.js') > $null
$processExclusions.Add('perfwatson2.exe') > $null
$processExclusions.Add('msbuild.exe') > $null
$processExclusions.Add('dotnet.exe') > $null
$processExclusions.Add('ServiceHub.Host.Node.x86.exe') > $null

# I do not use these
# $processExclusions.Add('mono.exe') > $null
# $processExclusions.Add('mono-sgen.exe') > $null
# $processExclusions.Add('java.exe') > $null
# $processExclusions.Add('java64.exe') > $null

# VCS
# $processExclusions.Add('git.exe') > $null

# Shells
# $processExclusions.Add('git-bash.exe') > $null
# $processExclusions.Add('bash.exe') > $null
# $processExclusions.Add('powershell.exe') > $null
# $processExclusions.Add('pwsh.exe') > $null

# All of JetBrains stuff
# $processExclusions.Add('JetBrains.EntityFramework.Runner620.exe') > $null
# $processExclusions.Add('JetBrains.MsBuild.TaskEntryPoint.exe') > $null
# $processExclusions.Add('JetBrains.Platform.Satellite.exe') > $null
# $processExclusions.Add('JetBrains.ReSharper.Features.XamlPreview.External.exe') > $null
# $processExclusions.Add('JetBrains.ReSharper.Host.exe') > $null
# $processExclusions.Add('JetBrains.ReSharper.Host64.exe') > $null
# $processExclusions.Add('JetBrains.ReSharper.Roslyn.Worker.exe') > $null
# $processExclusions.Add('JetLauncher32.exe') > $null
# $processExclusions.Add('JetLauncher32c.exe') > $null
# $processExclusions.Add('JetLauncher64.exe') > $null
# $processExclusions.Add('JetLauncher64c.exe') > $null
# $processExclusions.Add('JetLauncherIL.exe') > $null
# $processExclusions.Add('JetLauncherILc.exe') > $null
# $processExclusions.Add('OperatorsResolveCacheGenerator.exe') > $null
# $processExclusions.Add('PsiGen.exe') > $null
# $processExclusions.Add('ReSharperTestRunner32.exe') > $null
# $processExclusions.Add('ReSharperTestRunner64.exe') > $null
# $processExclusions.Add('ReSharperTestRunnerIL.exe') > $null
# $processExclusions.Add('RiderClrProcessEnumerator32.exe') > $null
# $processExclusions.Add('RiderClrProcessEnumeratorIL.exe') > $null
# $processExclusions.Add('TokenGenerator.exe') > $null
# $processExclusions.Add('xamarin-component.exe') > $null
# $processExclusions.Add('ClrStack.x64.exe') > $null
# $processExclusions.Add('ClrStack.x86.exe') > $null
# $processExclusions.Add('CsLex.exe') > $null
# $processExclusions.Add('ErrorsGen.exe') > $null
# $processExclusions.Add('JetBrains.Debugger.Worker.exe') > $null
# $processExclusions.Add('JetBrains.Debugger.Worker32c.exe') > $null
# $processExclusions.Add('JetBrains.Debugger.Worker64c.exe') > $null
# $processExclusions.Add('dotPeek32.exe') > $null
# $processExclusions.Add('dotPeek64.exe') > $null
# $processExclusions.Add('DotTabWellScattered32.exe') > $null
# $processExclusions.Add('DotTabWellScattered64.exe') > $null
# $processExclusions.Add('DotTabWellScatteredIL.exe') > $null
# $processExclusions.Add('JetBrains.Platform.Installer.Bootstrap.exe') > $null
# $processExclusions.Add('JetBrains.Platform.Installer.Cleanup.exe') > $null
# $processExclusions.Add('JetBrains.Platform.Installer.exe') > $null
# $processExclusions.Add('CleanUpProfiler.x64.exe') > $null
# $processExclusions.Add('CleanUpProfiler.x86.exe') > $null
# $processExclusions.Add('Configuration2Xml32.exe') > $null
# $processExclusions.Add('Configuration2Xml64.exe') > $null
# $processExclusions.Add('ConsoleProfiler.exe') > $null
# $processExclusions.Add('dotTrace32.exe') > $null
# $processExclusions.Add('dotTrace64.exe') > $null
# $processExclusions.Add('DotTraceLauncher.exe') > $null
# $processExclusions.Add('dotTraceView32.exe') > $null
# $processExclusions.Add('dotTraceView64.exe') > $null
# $processExclusions.Add('JetBrains.Common.ElevationAgent.exe') > $null
# $processExclusions.Add('JetBrains.Common.ExternalStorage.exe') > $null
# $processExclusions.Add('JetBrains.Common.ExternalStorage.x86.exe') > $null
# $processExclusions.Add('JetBrains.dotTrace.IntegrationDemo.exe') > $null
# $processExclusions.Add('Reporter.exe') > $null
# $processExclusions.Add('SnapshotStat.exe') > $null
# $processExclusions.Add('Timeline32.exe') > $null
# $processExclusions.Add('Timeline64.exe') > $null
# $processExclusions.Add('dotMemory.UI.32.exe') > $null
# $processExclusions.Add('dotMemory.UI.64.exe') > $null
# $processExclusions.Add('dotMemoryUnit.exe') > $null
# $processExclusions.Add('JetBrains.dotMemory.Console.SingleExe.exe') > $null
# $processExclusions.Add('JetBrains.dotMemoryUnit.Server.exe') > $null
# $processExclusions.Add('restarter.exe') > $null
# $processExclusions.Add('rider64.exe') > $null
# $processExclusions.Add('runnerw.exe') > $null
# $processExclusions.Add('runnerw64.exe') > $null
# $processExclusions.Add('WinProcessListHelper.exe') > $null
# $processExclusions.Add('elevator.exe') > $null
# $processExclusions.Add('fsnotifier.exe') > $null
# $processExclusions.Add('fsnotifier64.exe') > $null
# $processExclusions.Add('launcher.exe') > $null
# $processExclusions.Add('NGen Rider Assemblies.exe') > $null
# $processExclusions.Add('idea.exe') > $null
# $processExclusions.Add('idea64.exe') > $null
# $processExclusions.Add('JetBrains.Etw.Collector.Host.exe') > $null

Write-Host "This script will create Windows Defender exclusions for common Visual Studio 2017 folders and processes."
Write-Host ""
$projectsFolder = Read-Host 'What is the path to your Projects folder? (example: c:\projects)'

Write-Host ""
Write-Host "Adding Path Exclusion: " $projectsFolder
Add-MpPreference -ExclusionPath $projectsFolder

foreach ($exclusion in $pathExclusions) 
{
    Write-Host "Adding Path Exclusion: " $exclusion
    Add-MpPreference -ExclusionPath $exclusion
}

foreach ($exclusion in $processExclusions)
{
    Write-Host "Adding Process Exclusion: " $exclusion
    Add-MpPreference -ExclusionProcess $exclusion
}

Write-Host ""
Write-Host "Your Exclusions:"

$prefs = Get-MpPreference
$prefs.ExclusionPath
$prefs.ExclusionProcess

Write-Host ""
Write-Host "Enjoy faster build times and coding!"
Write-Host ""
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment