Merge pull request #783 from FH-Inway/782-add-vs2022-windows-defender

update windows defender rules
d365collaborative · Dec 4, 2023 · 6e6098c · 6e6098c
2 parents 7265214 + c1ee462
commit 6e6098c
Showing 1 changed file with 32 additions and 0 deletions.
diff --git a/d365fo.tools/functions/add-d365windowsdefenderrules.ps1 b/d365fo.tools/functions/add-d365windowsdefenderrules.ps1
@@ -62,26 +62,50 @@ function Add-D365WindowsDefenderRules {
         Add-MpPreference -ExclusionProcess "C:\Program Files (x86)\Microsoft Visual Studio\2017\Enterprise\Common7\IDE\devenv.exe"
         Add-MpPreference -ExclusionProcess "C:\Program Files (x86)\Microsoft Visual Studio\2017\Enterprise\Common7\IDE\Extensions\TestPlatform\testhost.exe"
         Add-MpPreference -ExclusionProcess "C:\Program Files (x86)\Microsoft Visual Studio\2019\Professional\Common7\IDE\devenv.exe"
+        Add-MpPreference -ExclusionProcess "C:\Program Files (x86)\Microsoft Visual Studio\2019\Professional\Common7\IDE\qtagent32_40.exe"
         Add-MpPreference -ExclusionProcess "C:\Program Files (x86)\Microsoft Visual Studio\2019\Professional\Common7\IDE\Extensions\TestPlatform\testhost.exe"
+        Add-MpPreference -ExclusionProcess "C:\Program Files (x86)\Microsoft Visual Studio\2019\Professional\Common7\IDE\CommonExtensions\Microsoft\TestWindow\vstest.console.exe"
         Add-MpPreference -ExclusionProcess "C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise\Common7\IDE\devenv.exe"
+        Add-MpPreference -ExclusionProcess "C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise\Common7\IDE\qtagent32_40.exe"
         Add-MpPreference -ExclusionProcess "C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise\Common7\IDE\Extensions\TestPlatform\testhost.exe"
+        Add-MpPreference -ExclusionProcess "C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise\Common7\IDE\CommonExtensions\Microsoft\TestWindow\vstest.console.exe"
         Add-MpPreference -ExclusionProcess "C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe"
+        Add-MpPreference -ExclusionProcess "C:\Program Files\Microsoft Visual Studio\2022\Professional\Common7\IDE\devenv.exe"
+        Add-MpPreference -ExclusionProcess "C:\Program Files\Microsoft Visual Studio\2022\Professional\Common7\IDE\qtagent32_40.exe"
+        Add-MpPreference -ExclusionProcess "C:\Program Files\Microsoft Visual Studio\2022\Professional\Common7\IDE\Extensions\TestPlatform\testhost.exe"
+        Add-MpPreference -ExclusionProcess "C:\Program Files\Microsoft Visual Studio\2022\Professional\Common7\IDE\CommonExtensions\Microsoft\TestWindow\vstest.console.exe"
+        Add-MpPreference -ExclusionProcess "C:\Program Files\Microsoft Visual Studio\2022\Enterprise\Common7\IDE\devenv.exe"
+        Add-MpPreference -ExclusionProcess "C:\Program Files\Microsoft Visual Studio\2022\Enterprise\Common7\IDE\qtagent32_40.exe"
+        Add-MpPreference -ExclusionProcess "C:\Program Files\Microsoft Visual Studio\2022\Enterprise\Common7\IDE\Extensions\TestPlatform\testhost.exe"
+        Add-MpPreference -ExclusionProcess "C:\Program Files\Microsoft Visual Studio\2022\Enterprise\Common7\IDE\CommonExtensions\Microsoft\TestWindow\vstest.console.exe"
         Add-MpPreference -ExclusionProcess "C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
         Add-MpPreference -ExclusionProcess "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\MSBuild.exe"
         Add-MpPreference -ExclusionProcess "C:\Program Files (x86)\MSBuild\14.0\Bin\MSBuild.exe"
         Add-MpPreference -ExclusionProcess "C:\Program Files\dotnet\dotnet.exe"
         # customize path for cloud machines
         Add-MpPreference -ExclusionProcess "$Script:BinDir\xppcAgent.exe"
         Add-MpPreference -ExclusionProcess "$Script:BinDir\SyncEngine.exe"
+        Add-MpPreference -ExclusionProcess "$Script:BinDir\bin\LabelC.exe"
+        Add-MpPreference -ExclusionProcess "$Script:BinDir\bin\SyncEngine.exe"
+        Add-MpPreference -ExclusionProcess "$Script:BinDir\bin\xppbp.exe"
+        Add-MpPreference -ExclusionProcess "$Script:BinDir\bin\xppc.dll"
+        Add-MpPreference -ExclusionProcess "$Script:BinDir\bin\xppc.exe"
+        Add-MpPreference -ExclusionProcess "$Script:BinDir\bin\xppcAgent.exe"
+        Add-MpPreference -ExclusionProcess "$Script:BinDir\bin\xppcAgent.17.0.exe"
+        Add-MpPreference -ExclusionProcess "$Script:BinDir\bin\xpppfagen.exe"
         Add-MpPreference -ExclusionProcess "$AOSPath\Batch.exe"
         Add-MpPreference -ExclusionProcess "$AOSPath\xppc.exe"
         Add-MpPreference -ExclusionProcess "$AOSPath\LabelC.exe"
         # add SQLServer
         Add-MpPreference -ExclusionProcess "C:\Program Files\Microsoft SQL Server\130\LocalDB\Binn\sqlservr.exe"
+        Add-MpPreference -ExclusionProcess "C:\Program Files\Microsoft SQL Server\150\LocalDB\Binn\sqlservr.exe"
         Add-MpPreference -ExclusionProcess "C:\Program Files\Microsoft SQL Server\MSSQL13.MSSQLSERVER\MSSQL\Binn\sqlservr.exe"
+        Add-MpPreference -ExclusionProcess "C:\Program Files\Microsoft SQL Server\MSSQL15.MSSQLSERVER\MSSQL\Binn\sqlservr.exe"
 		# add IIS and IISExpress
 		Add-MpPreference -ExclusionProcess "C:\Windows\System32\inetsrv\w3wp.exe"
 		Add-MpPreference -ExclusionProcess "C:\Program Files\IIS Express\iisexpress.exe"
+        # add Git
+        Add-MpPreference -ExclusionProcess "C:\Program Files\Git\cmd\git.exe"
 
         #Compile kicks off the defender. Exclude base path to AOS helps on that.
         Add-MpPreference -ExclusionPath $AOSServicePath
@@ -90,6 +114,7 @@ function Add-D365WindowsDefenderRules {
         Add-MpPreference -ExclusionPath "C:\Program Files (x86)\Microsoft Visual Studio 10.0"
         Add-MpPreference -ExclusionPath "C:\Program Files (x86)\Microsoft Visual Studio 14.0"
         Add-MpPreference -ExclusionPath "C:\Program Files (x86)\Microsoft Visual Studio"
+        Add-MpPreference -ExclusionPath "C:\Program Files\Microsoft Visual Studio"
         Add-MpPreference -ExclusionPath "C:\Windows\assembly"
         Add-MpPreference -ExclusionPath "C:\Windows\Microsoft.NET"
         Add-MpPreference -ExclusionPath "C:\Program Files (x86)\MSBuild"
@@ -111,6 +136,13 @@ function Add-D365WindowsDefenderRules {
 		Add-MpPreference -ExclusionPath "$Env:USERPROFILE\AppData\Local\Microsoft\VisualStudio"
 		Add-MpPreference -ExclusionPath "$Env:USERPROFILE\AppData\Local\Microsoft\WebsiteCache"
 		Add-MpPreference -ExclusionPath "$Env:USERPROFILE\AppData\Roaming\Microsoft\VisualStudio"
+
+        # Extensions
+        Add-MpPreference -ExclusionExtension "md"
+        Add-MpPreference -ExclusionExtension "man"
+        Add-MpPreference -ExclusionExtension "xml"
+        Add-MpPreference -ExclusionExtension "xpp"
+        Add-MpPreference -ExclusionExtension "netmodule"
     }
     catch {
         Write-PSFMessage -Level Host -Message "Something went wrong while configuring Windows Defender rules." -Exception $PSItem.Exception