In this blog post I like to take up a tiresome topic. It is about the performance and stability problems caused by virus scanners on Windows 10 clients as well as on server environments. What is the cause and what can I do?
The background to all of this: I have now been contacted twice by blog readers in March 2020 about the issues of Windows Defender as a performance brake on Windows Server 2016/2019. The blog readers have disabled Windows Defender on Windows Server 2016/2019 in order to work with reasonable performance. The whole issue has been addressed in the two articles linked at the end of this article.
Microsoft knows about the issues
When I researched the internet for alternative antivirus solutions for Windows Server (see my article Solution for slow start of Windows Server 2016?), I came across the Microsoft article Virus scanning recommendations for Enterprise computers that are running currently supported versions of Windows. The article was last updated in early March 2020.
The problem is that Windows Defender probably does not define exclude lists of files to be excluded from a scan. Then, for example, during update installation, the effect is that files in use would have to be scanned, but Defender cannot. This results in stability and performance problems. Windows Server 2016 may take an incredibly long time to restart during the installation of updates.
Instead of disabling Defender, Microsoft recommends in the linked support article what to do if you have stability and performance problems in Windows. The advice in this article applies to:
- Windows Server 2012, all editions
- Windows Server 2012 R2, all editions
- Windows Server 2016, all editions
- Windows Server 2019, all editions
- Windows 7, all editions
- Windows 8.1, all editions
- Windows 10, alle Editionen