How to stop Antimalware Service Executable from hogging cpu on Windows 10

Everyday, about 4-6 times, the anti-malware service executable will start hogging my cpu for 10-15 minutes. I have windows 10 and I am not sure how to solve the problem. I tried some solutions that Windows 8 users did, but it did not work. Can someone help me?

[Moved from Windows]

 

Question Info


Last updated January 21, 2019 Views 307,172 Applies to:
Answer

The Windows 8/8.1/10 Automatic Maintenance scan isn’t constrained by CPU throttling like the MSE scheduled scan is, so it can be quite resource intensive – but in its default mode, Automatic Maintenance only runs when the system is in an idle state. So it should have zero impact on system performance whenever you’re using your PC. Instead of sharing the system's resources with you, Automatic Maintenance is designed to take its turn with the system’s resources when you’re not using them. That way you both get your work done faster and without any interference. So when Automatic Maintenance is working properly it will spike the CPU, but only when you’re taking your coffee break, which shouldn’t be an issue.

Now Automatic Maintenance can sometimes malfunction and refuse to yield control when you start using your PC. This doesn’t happen very often, but if you can confirm that a Quick Scan is running when this happens (by opening the Windows Defender user interface), then you can either reschedule Automatic Maintenance or temporarily disable the Windows Defender Scheduled Scan task. That’s done by right-clicking on the task and selecting Disable. Unchecking the AC power option in the Conditions tab will not disable the scheduled scan task (if you really think that I’m the one with the credibility problem here, then all you have to do is just try it and see). If the scheduled scan is misbehaving, then you should follow the steps below for the malware/antimalware cleanup – and you might also want to scan Windows for errors:

http://answers.microsoft.com/en-us/windows/wiki/windows_10-update/system-file-check-sfc-scan-and-repair-system-files/bc609315-da1f-4775-812c-695b60477a93

But most likely the CPU issue doesn’t have anything to do with the scheduled scan. This issue has been with us since the days of OneCare, and we know that it’s normally caused by some process that conflicts with Defender’s real-time protection. Real-time protection is implemented with a file system filter driver that continuously scans files as they’re accessed. The conflict comes in when a process generates a high level of read/write activity, because on-access protection has to go into high gear (high resource consumption) in order to scan the active process itself, and also the file that’s being accessed by the active process, with each read/write operation. Most of the time, the problematic process turns out to be a component of a third-party AV app that hasn’t been uninstalled, or that didn’t uninstall cleanly. Other processes that might be responsible for this issue would include malware, a bad device driver, or any app with an extremely high level of read/write activity.

Another major factor that comes into play with the Windows 10 upgrade is that many of the available third-party AV apps aren’t yet fully compatible with windows 10, so they can sometimes fail to register properly with the Security Center and consequently Windows Defender might not get properly disabled when it’s replaced by the third-party app. The original problem in the old thread was that MSE wasn’t removed with a Windows 8 upgrade, and we’ve seen plenty of that with the Windows 10 upgrade, which is massive by comparison. And we’ve also seen lots of cases where AV apps that aren’t fully compatible with Windows 10 have failed to shut down Defender properly, with the same net result – two real-time AV apps chasing each other’s tails and eating up all the PC’s resources.

Now you can’t solve this conflict by uninstalling Windows Defender because it’s part of Windows 10 – but if Defender isn’t automatically disabled when you install a third-party AV app, you can turn it off via Group Policy. So if you’ve already installed a third-party AV app in Windows 10, and Defender didn't get turned off; or if your AV app wasn’t removed by the upgrade, and Defender is currently active; then you should first visit the AV vendor’s website for compatibility information – and follow the directions there for removing the old version and installing the latest version, or for reinstalling the latest version.  

If the issue persists with a purportedly compatible version of the AV app, then you might want to first try running the cleanup tools for any previously installed or preinstalled AV apps – and maybe stopping and restarting the Security Center service:

http://answers.microsoft.com/en-us/protect/wiki/mse-protect_start/list-of-anti-malware-product-removal-tools/2bcb53f7-7ab4-4ef9-ab3a-6aebfa322f75 

And if that doesn’t work, then go ahead and switch off Defender by following the instructions in this Ten Forums tutorial:

http://www.tenforums.com/tutorials/5918-windows-defender-turn-off-windows-10-a.html  

On the other hand, if Windows Defender is your current AV app, and you’ve run into one of these intractable issues that people sometimes have with it:

  • Continuous or frequent high CPU utilization by the Antimalware Service 

  • Persistent update problems with undecipherable error messages

  • Frequent requests to start the app (crashing Antimalware Engine)

  • Defender doesn’t seem to be effective at stopping malware

Then you should turn off Defender by simply replacing it with a third-party AV app. When you install a new AV app that’s compatible with Windows 10, the Windows Security Center should register that app as your antivirus provider and automatically disable Windows Defender in order to prevent it from conflicting with the new app. Since we know that the primary cause of a failed installation or malfunctioning with any AV app is the presence of either malware or a conflicting antivirus program, you can minimize the chance of having a problem with the new AV app if you first remove both of these potential sources of trouble. And by the same token, these same two simple steps might possibly serve as a quick fix for Defender:

First, scan your PC for malware with an online scanner, e.g.:  

http://www.eset.com/us/online-scanner/

Then download and run the cleanup tools for any antivirus apps that you previously installed, or that came preinstalled:  

http://answers.microsoft.com/en-us/protect/wiki/mse-protect_start/list-of-anti-malware-product-removal-tools/2bcb53f7-7ab4-4ef9-ab3a-6aebfa322f75 

If that doesn’t fix Windows Defender, or if you just want to try out another AV app, then go ahead and install one of the free AV apps that are compatible with Windows 10. The Security Center should automatically disable Windows Defender when any fully compatible antivirus app is installed.  

http://www.pcmag.com/article2/0,2817,2388652,00.asp

http://www.pandasecurity.com/usa/homeusers/solutions/free-antivirus/

https://www.avast.com/windows-10-antivirus

http://free.avg.com/in-en/free-antivirus-download

http://www.bitdefender.com/solutions/free.html

http://www.avira.com/en/avira-free-antivirus

If the new antivirus program installs successfully, but Windows Defender isn’t automatically disabled, then you can turn it off via Group Policy with one of the methods in this tutorial; or by manually editing the registry (advanced users only):  

http://www.tenforums.com/tutorials/5918-windows-defender-turn-off-windows-10-a.html  

GreginMich

224 people were helped by this reply

·

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.