Skip to content

Instantly share code, notes, and snippets.

@Braytiner

Braytiner/Windows Defender Exclusions VS 2022.ps1

Last active November 1, 2024 12:53
Show Gist options
  • Save Braytiner/be2497d1a06f5a9d943dc7760693d460 to your computer and use it in GitHub Desktop.
Save Braytiner/be2497d1a06f5a9d943dc7760693d460 to your computer and use it in GitHub Desktop.
Download ZIP
Adds Windows Defender exclusions for Visual Studio 2022
Raw
Windows Defender Exclusions VS 2022.ps1
$userPath = $env:USERPROFILE
$pathExclusions = New-Object System.Collections.ArrayList
$processExclusions = New-Object System.Collections.ArrayList
$pathExclusions.Add('C:\Windows\Microsoft.NET') > $null
$pathExclusions.Add('C:\Windows\assembly') > $null
$pathExclusions.Add($userPath + '\Downloads\HeidiSQL_11.3_64_Portable') > $null
$pathExclusions.Add($userPath + '\.dotnet') > $null
$pathExclusions.Add($userPath + '\.librarymanager') > $null
$pathExclusions.Add($userPath + '\AppData\Local\Microsoft\VisualStudio') > $null
$pathExclusions.Add($userPath + '\AppData\Local\Microsoft\VisualStudio Services') > $null
$pathExclusions.Add($userPath + '\AppData\Local\GitCredentialManager') > $null
$pathExclusions.Add($userPath + '\AppData\Local\GitHubVisualStudio') > $null
$pathExclusions.Add($userPath + '\AppData\Local\Microsoft\dotnet') > $null
$pathExclusions.Add($userPath + '\AppData\Local\Microsoft\VSApplicationInsights') > $null
$pathExclusions.Add($userPath + '\AppData\Local\Microsoft\VSCommon') > $null
$pathExclusions.Add($userPath + '\AppData\Local\Temp\VSFeedbackIntelliCodeLogs') > $null
$pathExclusions.Add($userPath + '\AppData\Roaming\Microsoft\VisualStudio') > $null
$pathExclusions.Add($userPath + '\AppData\Roaming\NuGet') > $null
$pathExclusions.Add($userPath + '\AppData\Roaming\Visual Studio Setup') > $null
$pathExclusions.Add($userPath + '\AppData\Roaming\vstelemetry') > $null
$pathExclusions.Add($userPath + '\AppData\Roaming\HeidiSQL') > $null
$pathExclusions.Add('C:\ProgramData\Microsoft\VisualStudio') > $null
$pathExclusions.Add('C:\ProgramData\Microsoft\NetFramework') > $null
$pathExclusions.Add('C:\ProgramData\Microsoft Visual Studio') > $null
$pathExclusions.Add('C:\ProgramData\MySQL') > $null
$pathExclusions.Add('C:\Program Files\Microsoft Visual Studio') > $null
$pathExclusions.Add('C:\Program Files\dotnet') > $null
$pathExclusions.Add('C:\Program Files\Microsoft SDKs') > $null
$pathExclusions.Add('C:\Program Files\Microsoft SQL Server') > $null
$pathExclusions.Add('C:\Program Files\MySQL') > $null
$pathExclusions.Add('C:\Program Files\IIS') > $null
$pathExclusions.Add('C:\Program Files\IIS Express') > $null
$pathExclusions.Add('C:\Program Files (x86)\Microsoft Visual Studio') > $null
$pathExclusions.Add('C:\Program Files (x86)\dotnet') > $null
$pathExclusions.Add('C:\Program Files (x86)\Microsoft SDKs') > $null
$pathExclusions.Add('C:\Program Files (x86)\Microsoft SQL Server') > $null
$pathExclusions.Add('C:\Program Files (x86)\IIS') > $null
$pathExclusions.Add('C:\Program Files (x86)\IIS Express') > $null
$processExclusions.Add('ServiceHub.SettingsHost.exe') > $null
$processExclusions.Add('ServiceHub.IdentityHost.exe') > $null
$processExclusions.Add('ServiceHub.VSDetouredHost.exe') > $null
$processExclusions.Add('ServiceHub.Host.CLR.x86.exe') > $null
$processExclusions.Add('Microsoft.ServiceHub.Controller.exe') > $null
$processExclusions.Add('PerfWatson2.exe') > $null
$processExclusions.Add('sqlwriter.exe') > $null
Write-Host "This script will create Windows Defender exclusions for common Visual Studio 2022 folders and processes."
Write-Host ""
$projectsFolder = Read-Host 'What is the path to your Projects folder? (example: c:\source)'
Write-Host ""
Write-Host "Adding Path Exclusion: " $projectsFolder
Add-MpPreference -ExclusionPath $projectsFolder
foreach ($exclusion in $pathExclusions)
{
Write-Host "Adding Path Exclusion: " $exclusion
Add-MpPreference -ExclusionPath $exclusion
}
foreach ($exclusion in $processExclusions)
{
Write-Host "Adding Process Exclusion: " $exclusion
Add-MpPreference -ExclusionProcess $exclusion
}
Write-Host ""
Write-Host "Your Exclusions:"
$prefs = Get-MpPreference
$prefs.ExclusionPath
$prefs.ExclusionProcess
Write-Host ""
Write-Host "Enjoy faster build times and coding!"
Write-Host ""
@mitykas
Copy link

mitykas commented Nov 16, 2021

Hello Braytiner!

Thank you for sharing your work. I understand that the code is simple, but I'm a layman in this and I want to clarify few things. Do I understand correctly that PsExec needs to be used for silent execution? And what the code will be if the path is known. ? Without user interaction. For example "c:\dir\file.exe ". Maybe you can Pastebin it, if it's possible. Thanks, sorry for the stupid question.
Have a nice day!

@bazcurtis
Copy link

bazcurtis commented Jan 4, 2022
edited
Loading

This is very helpful thank you. Can you point me to the Microsoft article that references these locations. I need it for my change control and for future review should Microsoft make changes to it.

@joejoe
Copy link

joejoe commented Jul 4, 2022

Thanks!

@jeffjmc
Copy link

jeffjmc commented Nov 2, 2022

Thanks!!!

@Braytiner
Copy link
Author

Thanks!!!

You're welcome!

@Braytiner
Copy link
Author

Thanks!

You're welcome!

@digitalsigi
Copy link

Thx!

@tianxiaode
Copy link

Thx!

@dolunay
Copy link

dolunay commented Jun 9, 2023

Thx!

@pgrider
Copy link

pgrider commented Sep 27, 2023

Thanks, this fixed my VS problem

@Braytiner
Copy link
Author

Thanks, this fixed my VS problem

I'm glad to help

@dliedke
Copy link

dliedke commented Oct 10, 2023

Amazing, thank you so much! This solved the copy to clipboard issue in VS.NET 2022 because of high CPU usage in Windows Defender Endpoint. 👍👍

@Braytiner
Copy link
Author

Amazing, thank you so much! This solved the copy to clipboard issue in VS.NET 2022 because of high CPU usage in Windows Defender Endpoint. 👍👍

I'm happy to help

@dvygolov
Copy link

Great work, thank you! The only thing: I think that ServiceHub.RoslynCodeAnalysisService.exe should also be in process exclusions

@Braytiner
Copy link
Author

Braytiner commented Dec 29, 2023
edited
Loading

Great work, thank you! The only thing: I think that ServiceHub.RoslynCodeAnalysisService.exe should also be in process exclusions

Thanks for your contribution

@BrendonOSullivan
Copy link

I ran this from a powershell v7.4.1 shell with admin rights and got this error message:

Add-MpPreference: Operation failed with the following error: 0x%1!x!

@BrendonOSullivan
Copy link

This looks very specific to your own setup,
'\Downloads\HeidiSQL_11.3_64_Portable'

@ecw
Copy link

ecw commented Apr 25, 2024

Thanks!

@jzabroski
Copy link

Hi @Braytiner . I just upgraded from Windows Server 2016 Data Center Edition (AWS Workspace) to a bare metal desktop computer running Windows 11, and iisexpress.exe is incredibly slow. I don't think my IT department will allow us to add these exclusions as it adds risk for a confused deputy attack whereby an attacker uses a vulnerability in one of the dlls in one of these many paths to gain enhanced privileges to the system. Just wondering if you have any tips on troubleshooting iisexpress.exe slowness in general, as requests are taking like 30-45 seconds on my computer when calling BeginRequest. The bottleneck seems to be on Autofac Resolve but I'm sure that's a red herring as the same code on the same Autofac dependency version was working vine on Windows Server 2016 Data Center Edition. Thanks and would be happy to buy you a coffee in advance!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment