Comment by Aerroon

2 years ago

>The issue is Defender in sync mode/other AV/other file system filters.

I've had folders take a full minute to open on an SSD.

It got to the point where I went to open the folder, it started loading. I needed the file quickly, so I searched for it online, found it, and opened it before windows finished loading that folder for me.

After exempting that folder from Windows Defender the folder loads instantly. For the life of me I cannot understand why Defender blocks Explorer.

2 comments

Aerroon

Reply
layer8  2 years ago

Probably because Explorer hosts shell hooks which can potentially execute arbitrary code.

Just one example: File icons or thumbnails can be dynamically generated by shell extensions based on the file contents. A maliciously crafted file could potentially exploit a vulnerability in such a shell extension.

nullindividual  2 years ago

> For the life of me I cannot understand why Defender blocks Explorer.

I suppose if you wanted to find out, you could use dtrace/ETW.

Explorer has other things going on, though, including other apps that hook into it (shell extensions, like Adobe Reader, TortiseGit/SVN, and so on) which can certainly cause performance issues.