Writing C:\Program Files\winbuzzer\Winbuzzer.exe instead would only skip the scanning of the file in that particular folder. If you manually edited your list and only defined Winbuzzer.exe, an attacker could send you any file named Winbuzzer.exe and have it skip past your defenses. Let’s say you want to exclude Winbuzzer.exe from scanning.
In a similar vein, you should always add the direct path to your file in your exclusion list.
Excluding it would allow them to slip past your defenses. Though you’re right in thinking that PowerShell.exe, wmic.exe, or svchost.exe are safe in their normal form an attack could modify the file to be malicious. In general, you shouldn’t add Windows Defender exceptions for Microsoft processes, either. When you want to add Windows Defender exclusions for file extensions, you should avoid the following types: You should additionally avoid excluding your Java folder in Program Files, and the following directories:
Firstly, when you add an exception to Windows Defender, you should avoid excluding your system, or C: drive, as a whole.
