Speeding up WSL I/O up than 5x fast + saving a lot of battery life & CPU usage

Posted on: https://leandrw.com.br/speedup-wsl-by-disabling-windows-real-time-protection/

Image for post
Image for post
Ubuntu running inside WSL trying to update some packages behind Windows Real-time protection bad guy

While being helpful detecting some common Windows malwares, Windows Defender in GNU/Linux side it’s so inefficient and actually unhelpful.

Every time you try to access/read/write some file/folder, Windows Defender intercept WSL requisition for antivirus scanning, slowing down things until you hate everything in WSL!

Let’s Disable Windows Defender

So, to do so, first get the UbuntuOnLinux (or your distro of choice) installation path going to %USERPROFILE%\AppData\Local\Packages and lookup for something like CanonicalGroupLimited.UbuntuonWindows_79rhkp1fndgsc.

Copy the entire path from Explorer.exe address bar, then go to Settings > Update & Security > Windows Defender > Open Windows Defender Secutiry Central > Protection Against Viruses & Threats > Advanced Config… > Exclusions > Add or Remove > Add > Folder and finally: paste the previous copied path.

Warning: High security sometimes means Low performance

Image for post
Image for post
Windows Defender Real-time slow down… protection

The tip above may speedup things a little bit, but not so. There is one more thing bringing your performance down: Window Defender real-time protection.

As noticed by David Tansey in this WSL issue, real-time protection have a HUGE impact in developer tools like Visual Studio build tool and tools like Kubernetes and etc., including WSL.

We will disable it, but be aware: you will may be more vulnerable for some common attacks through malicious script execution.

So, let’s disable:

Image for post
Image for post
Use Group Policy (gpedit.msc) to disable real-time protection

Use Group Policy to disable real-time protection:

  1. On your Group Policy management machine, open the Group Policy Management Console, right-click the Group Policy Object you want to configure and click Edit.
  2. In the Group Policy Management Editor go to Computer configuration.
  3. Click Policies then Administrative templates.
  4. Expand the tree to Windows components > Windows Defender Antivirus > Real-time protection.
  5. Double-click the Turn off real-time protection setting and set the option to Enabled. Click OK.

I’ve only tested superficially, but I can ensure a great performance speed up.

Disclaimer: I have plans to improve my English skill, but my willing to help is bigger than that.


Configure always-on real-time protection in Windows Defender AV | Microsoft Docs — https://docs.microsoft.com/en-us/windows/threat-protection/windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store