Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Friday, October 19, 2018 4:04 PM
Hi there, anyone else seeing this?
Running Windows 10 1809... But I'm pretty sure this was happening before I upgraded. My 256 GB SSD was out of disk space. I thought maybe I missed some old Windows folder backups from previous upgrades but there weren't any. I ran WinDirStat on it and there was *one* 140 GB TMP file in C:\Windows\Temp. I couldn't find any info on it other than when I tried to manually delete it, when Windows said it couldn't be deleted as it was in use by the Windows Defender antimalware service. Running disk cleanup doesn't help. Once I restarted the PC however, the 140 GB temp file was gone.
It seems Defender is creating this TMP file every day at about 6 AM, based on the time stamp. Restarting seems to be the only way to get my disk space back. That works every time.
Windows Defender has never found any malware or other problem on the computer, and it doesn't really have any system stability issues other than Defender filling up the system disk with this one temp file, which surprisingly hasn't really created a usability problem other than my annoyance at the disk being filled up. The PC has 16 GB RAM so might be why I don't really notice any performance issues though...
Thanks in advance!
Sir_Timbit
All replies (5)
Saturday, October 20, 2018 7:13 PM
From a PowerShell prompt
Get-MpComputerStatus
Does that show a scan a 6am or anything at that time?
Also Defender being a Windows component, have you tried a system file check? From a admin command prompt;
sfc /scannow
Monday, October 22, 2018 2:55 PM
I didn't see any recent scan from 6 AM but it was the weekend. The 140 GB file reappeared so I rebooted and it is gone once again. I'll check on it tomorrow morning and see if anythings changed.
But thanks for the sfc /scannow suggestion... It said it did find corrupt files and successfully repaired them. So will see what happens tomorrow.
Sir_Timbit
Tuesday, October 23, 2018 4:20 PM
Drat--File returned again at 6.13 AM. One 140 GB TMP9BCF18A33179D800. Still can't delete because the file is open in Windows Defender Antivirus Service. Will have to do some more hunting....
Wednesday, November 14, 2018 9:25 AM
Hi,
I consider that if the Windows Defender Scheduled Scan had been set in Task Scheduler.
Add Antimalware Service Executable to Windows Defender’s exclusion list to check.
1.Press Ctrl +Shift + Esc to open Windows Task Manager.
2.In the list of processes, look for Antimalware Service Executable process.
3.Right-click on the said process and select Open File Location.
4.In the address bar, the full path of Antimalware Service Executable can be found. Click on the address bar and copy the full path.
5.Open the Start menu, type “windows defender” and click on it to open the Windows Defender Security Center.
6.Click on Virus & threat protection and select Virus & threat protection settings.
7.Scroll down until “Exclusions” and click Add or remove exclusions. Then, click on Add an extension, select File and paste the path to Antimalware Service Executable (MsMpEng.exe) in the address bar. Lastly, click Open and the file will now be excluded from the scan.
Regards,
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Tuesday, November 5, 2019 2:43 PM
Any update on why Windows defender, and also System Center Endpoint Protection, create these large temp files? I am also being plagued by them on various servers. Any way to disable this?