PowerShell script for Windows 10 and Windows Server 2016+ for implementing Antivirus exceptions for mining software executables. This enables you to keep your Defender anitvirus application working without giving up all protection in order to mine sucessfully.
VMAVE.v.x.y.ps1 is the primary PowerShell script for setting antivirus exceptions for Windows Defender in Windows 10 and Windows Server 2016+. "x" and "y" are the major and minor versions respectively.
2021-05-14 - v.1.2: This initial version targets exceptions for the Nicehash mining suite.
The presumption is that Windows Defender is your ONLY Antivirus/antimalware/antispam/privacy application (The new MS Edge adds app blocking as well so watch out as it is NOT scoped in this post. Other browsers may have similar features). Additional presumptions:
- there is no malware/unwanted apps trying to maintain process control over your computer already.
- drivers are up to date
- you or your other applications (non-Nicehash miners for example) have not set any other process exclusions in Windows Defender - these will be over written.
If you are running Windows 10/Server 2016+ and only using Windows Defender, yo may add a default set of process exclusions as follows:
- Close all Nicehash instances and miners.
- Start PowerShell_ISE.exe as an Administrator
- Open the following PowerShell script - VMAVE.v.1.2.ps1; download from https://github.com/V8por5m1n3R/Mining-AV-Exceptions
- If you receive a message that the running of script is disabled you may use this command to enable script execution, then re-run the above script: Set-ExecutionPolicy -ExecutionPolicy RemoteSigned
- Change this line to match the folder you launch Nicehash from: $RootFolder = "C:\CCMN\Miners" # Replace this with the path to your Nicehash folder
- Consider removing miners from the $MFLJ variable that you are NOT using.
- Run the script
- A reboot may not be necessary, but is recommended before restarting Nicehash.
To verify the exclusions in Windows Defender for Nicehash suite miners are in place:
- Start PowerShell_ISE.exe as an Administrator
- Run (Get-MpPreference).ExclusionProcess
- The Defender ExclusionProcess list should match the list in the $MFLJ variable in the script or be a super set of the $MFLJ variable if you have added other process exclusions.
To verify if any Nicehash suite miners are quarantined by Windows Defender:
- Start PowerShell_ISE.exe as an Administrator
- Run ."$ENV:ProgramFiles\Windows Defender\MpCmdRun.exe" -Restore -ListAll
TO BE DONE:
- Will add how-to section to help add the script as a computer startup script -- if your ExlusionsProcess list is wiped by future Windows and/or Defender updates, rebooting will put them back without the need to manually run the script.
- Add how-to un-quarantine/restore applications blocked by Defender using ."$ENV:ProgramFiles\Windows Defender\MpCmdRun.exe" -Restore from a PowerShell prompt.
- Check if Nicehash.exe is present in a folder below the level of $RootFolder; stop the script if Nicehash.exe is not found.
If this script helps you, please send a donation: USDC - 0xd1d107bcE3F196A612e0e839D2D956f265Ddbf2C
BTC - 3EDXrh16ficV1Q6HmAMr3rXWNCMHbFwRra
LTC - MMbh94XJUY95Gdeo9G7gK1qY6esNbPdaR1
ETH - 0x4Fe21b7b1178888745F3b53EDc0e22f25D5cd3b1
ETC - 0x852971f07775cB2078b92ffcb2840E218DB0E06a