Does an Excluded Directory in Windows 10 Defender Also Include the Sub Directories?

I know how to exclude a file or folder (directory) from Windows Defender in Windows 10. What I'm not sure about is whether this exclusion applies to all sub directories within that directory? It seems to me like it should, but I couldn't find anything from a quick Google search that revealed the answer. Thanks!

Update
I'm hoping to get some actual documentation for this. I agree that it seems like it should, but I couldn't find definitive source for the answer, other than my own assumptions.

Nick DeVore

Posted 2016-09-07T14:51:43.757

Reputation: 347

Yes; It does indeed include directories and files within an excluded directory. – Ramhound – 2016-09-07T14:55:00.037

Kinda-sorta. It appears that that when transferring files from a local drive to a remote drive, with both sources excluded, Antimaleware Service Executable spikes hard in little bursts slowing down the copy-operations. I'm guessing each file is being assessed as to whether or not it's in a white-listed location, so it's not scanning them but it's still slowing stuff down, just not as much as it would if it performed a scan on each file. – kayleeFrye_onDeck – 2019-04-13T02:15:15.580

The funny thing is, if they updated Windows Defender to use WinRT for that location-check, they'd only ever need to check the top-level directory node (not the files inside them) one time instead of N times and then use the WinRT data structure to iterate through all the items in that node, where N represents the amount of filesystem objects. sigh – kayleeFrye_onDeck – 2019-04-13T02:21:02.003

Answers

Yes, excluding a directory in Defender will also exclude all files and subdirectories recursively.

RaptorFactor

Posted 2016-09-07T14:51:43.757

Reputation: 238

5Any chance you've got a source? Experience counts :) – Nick DeVore – 2016-09-20T23:39:10.343

4This is one of my personal SO/SU accounts, but I work for Microsoft on the Windows Defender team. – RaptorFactor – 2016-09-22T19:48:23.053

Well, I suppose that's good enough ;) Reminds me of Mark Adler's comment from his answer about the code he wrote http://stackoverflow.com/a/20765054/1380

– Nick DeVore – 2016-09-22T23:33:23.233

Yes, subdirectories are covered by exclusions. HOWEVER, exclusions only apply to scanning, not to Real-Time Protection. If Real-Time Protection is active, every loaded executable is scanned, even those loaded from an excluded directory.

RashaMatt

Posted 2016-09-07T14:51:43.757

Reputation: 161

1+1 to mention that it does no apply to real time protection scanning. – bebbo – 2018-08-11T16:55:55.173

The documentation says differently: "The exclusions apply to scheduled scans, on-demand scans, and always-on real-time protection and monitoring. Exclusions for process-opened files only apply to real-time protection." Source: https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/configure-exclusions-windows-defender-antivirus

– Helge Klein – 2018-10-09T21:28:19.560

1In my actual experience at least one excluded directory did get scanned. I know because one of the files got flagged. – RashaMatt – 2018-10-10T22:07:46.507

Oh, so that's what's going on. Every time I compile our application, Windows Defender sits at 100% CPU usage for an hour afterwards, even without moving bytes. I added everything in Exclusions, now I know why. – Brain2000 – 2018-11-30T21:26:30.533

sub directories are excluded, too. documented here: https://support.microsoft.com/en-sg/help/4028485/windows-10-add-an-exclusion-to-windows-defender-antivirus

weberjn

Posted 2016-09-07T14:51:43.757

Reputation: 325