Fix: yarn / npm install cause high CPU usage on Antimalware Service Executable

2

One of Microsoft’s goals with Windows 10 is to win back creators, software development is one of the categories Microsoft trying to target. With the introduction of the Windows Subsystem for Linux (WSL), Microsoft opened doors for more developers that were relying on Linux/Unix platform to come back to Windows. However, even with the addition of WSL, Windows still differs greatly in its File System.

The difference between OS’s file system has a huge impact on node.js or front-end web projects. npm or yarn that manages dependencies would often create a large number of files and directories under node_modules. This process is usually slower compared to other OS that’s running on the same hardware. The slowness would be amplified with the real-time antivirus protection by Windows Security (formerly known as Windows Defender). As you can see a regular React-based project running npm install or yarn install would yield a high CPU cycle from Antimalware Service Executable from the Task Manager.

2020 11 21 21 42 59 Window 600x593 - Fix: yarn / npm install cause high CPU usage on Antimalware Service Executable

This is because the amount of new dependencies the package manager has sourced and downloaded kicked off the real-time scanner to run through all the thousands of files and folders to scan while installing them.

Normally, a Windows system that has this real-time protection turned on (by default) compare to a Linux machine with the same hardware would be about 5-10 times slower.

To improve the speed on Windows you can disable the real-time protection so the system has more CPU cycle dedicated to the real task instead of sharing the resource by the virus scan.

2020 11 29 08 47 15 Windows Security 600x535 - Fix: yarn / npm install cause high CPU usage on Antimalware Service Executable

Go to Start > Windows Security. Under the Virus & threat protection settings go to Manage settings.

2020 11 29 08 47 41 Windows Security 600x398 - Fix: yarn / npm install cause high CPU usage on Antimalware Service Executable

Here you should see the “Real-time protection”, turn it off.

2020 11 29 08 48 04 Windows Security - Fix: yarn / npm install cause high CPU usage on Antimalware Service Executable

Now, you can test the same operation again, you shouldn’t see those processes running. CPU cycle should be now all dedicated to the command you are running from the terminal.

2020 11 29 08 54 35 Task Manager 600x355 - Fix: yarn / npm install cause high CPU usage on Antimalware Service Executable

There is an alternative way to disable real-time protection is to launch PowerShell in Administrator and enter the following command.

Set-MpPreference -DisableRealtimeMonitoring $true

By disabling this, depends on the project you are running it will help to cut down close to half of the time it was using previously. If you are running npm or yarn on a daily basis, this optimization is a must.

2 COMMENTS

  1. I’d find the executable(s) and add the rule(s) in exceptions to skip scanning “my projects” directory rather than completely disable Real Time Protection

  2. I think this a bad advice.
    Disabling real time monitoring will expose you to some attacks not related to NPM/Yarn.

    As an alternative I’d recommand to exclude from windows defender the NPM local cache and node_modules directory of your projects.

    You’ll reduce surface exposure of eventual malware.

LEAVE A REPLY

Please enter your comment!
Please enter your name here