Windows Defender Real Time Protection Service slowing down file access

I noticed after a recent Windows 10 update that Windows Defender's real-time protection dramatically slows file system access. 

I timed how long it took to build a (Delphi XE6) project with Windows Defender's real-time protection off and on in order to get a sense of how bad it is.

 I did nothing but alternate between real-time protection off and on (no reboots required, physical hardware):

Trial Real-time protection status Build time (s)
1 On 86.4 s
2 Off 4.0 s
3 On 84.0 s
4 Off 4.0 s
5 On 86.9 s
6 Off 4.1 s
7 On 87.4 s
8 Off 3.9 s

Which means:

  • Build time with real-time protection off:  4.0 s  (sd: 0.082 s)
  • Build time with real-time protection on: 86.2 s  (sd: 1.51 s)

This means that Windows Defender in Windows 10 has now entered the realm of other crappy anti-virus products - that are a detriment to the user's PC rather than a benefit.

  • Of course i'm not going to wipe my PC and reinstall everything.
  • Of course there is no other anti-virus software installed.
  • Of course i made no changes to this PC prior to this happening.
  • Of course this is not a virtual machine.
  • It spontaneously started Wednesday October 19.
  • I have no idea what could have happened to my PC between 5pm on October 18th, and 9am on October 19th:

No idea whatsoever. 

Without disabling Windows Defender Real-time protection, how do I make Windows Defender not perform file-scans before an application attempts to open a file? That is: how do i make Microsoft's own anti-virus software as fast at it used to be in Windows Vista, Windows 7, Windows 8, Windows 8.1, and Windows 10 before a recent update?


Bonus Reading

This question has of course already been asked, and ignored, on these forums.

***Post moved by the moderator to the appropriate forum category.***

 

Question Info


Last updated December 13, 2019 Views 27,448 Applies to:

Solution

The issue that is Windows Defender's Real-time protection is blocking an application from being able to read a file until it has read the file. It should, of course, be scanning in parallel - not synchronously delaying file access.

Fortunately, Windows Defender has the capability to skip synchronous checking of files based on a file extension - called Exclusions:

What you can do is under Windows Defender, click Add an exclusion. Under File Types, click Exclude a file extension. Individually add the extensions:

  • pas - Delphi Source File
  • dfm - Delphi Form
  • dpr - Delphi Project
  • dproj - Delphi Project File
  • dcu - DCU file
  • cs - C# source file
  • txt - Text File
  • pst - Outlook mailbox 
  • docx - Word document
  • xlsx - Excel spreadsheet
  • gif - Graphics Interface Format image
  • jpg - Joint Photographic Experts Group image
  • bmp - Bitmap
  • res - Compiled resource
  • bpl - Borland Package Library (a dll with a different extension)
  • dll - Dynamiclly Linked Library
  • exe - Application
  • com - Application
  • bat - Batch File
  • cmd - Command file
  • scr - Screen saver
  • cpl - Control Panel Applet
  • et cetera

This way you get all the security of real-time protection, with the blazing speed of unimpeded native file access performance.

This change improved my build times:

  • Before: 86.2 s
  • After: 4.7 s 

A 94.5% improvement!

57 people were helped by this reply

·

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.

I'm surprised there aren't more comments on this. I just moved from OSX to start front end development on my desktop Windows 10 machine and this Antimalware Service Executable is crippling everything; especially when staging new repositories or unzipping stuff. I just unzipped a small archive; it took 3 seconds with real time protection off, and 20 with it on.

This is great, thank you. One question - this effectively stops Defender from ... defending ... your computer; if you're going to get a virus, won't it usually come in the form of .exe? Not all of the extensions in your post are safe to ignore.

Disclaimer: Not a real superhero

23 people were helped by this reply

·

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.