On 12/02/2021 12:31 am, Lionel Bouton wrote:
I haven't dealt with a Windows environment for quite some time, but from what I remember an antivirus installs a driver intercepting file accesses and these drivers are still active even if you disable the antivirus (I suppose they just call a noop instead of content analysis code) and can still interfere with your system. For example some years ago I've seen what looked like a race condition involving rename for MySQL on Windows that could not be fixed by disabling the antivirus but could by uninstalling it completely. You might want to uninstall the antivirus temporarily to check this.
Thanks Lionel for this suggestion. Its the built-in Windows Defender AV which I believe can't be uninstalled, so am limited to 'disabling' it (plus it has exclusions for the PG directories & processes already). Using Procmon I can't see any AV file activity when it is disabled. Will keep monitoring it though.
Kind regards Guy
