How to fix high CPU utilization by Antimalware Service Executable

If you notice that Antimalware Service Executable has high disk usage in Windows 10, rest assured you are not alone. Many Windows users face the problem of high memory usage when using Antimalware Service Executable.

The Antimalware Service Executable (Msmpeng.exe) is part of Windows Defender, a built-in anti-virus feature that comes with Windows 10. You can find it on the Details tab in Task Manager.

In this article by Techquack, you will learn all about Antimalware Service Executable and how to solve the Antimalware Service Executable High CPU load problem.

What are the causes of high CPU load with Antimalware Service Executable?

What are the causes of high CPU load with Antimalware Service Executable?

The two most common causes of high CPU load are the real-time feature that constantly scans files, connections, and other related applications in real-time, which is what it is supposed to do (Protect In Real Time).

The second is the Full Scan feature, which can scan all files when the computer wakes up from sleep or when it is connected to the network, as well as when it is scheduled to run every day.

How to solve the problem of the high CPU load of the antimalware executable service

How to solve the problem of the high CPU load of the antimalware executable service

Change Windows Defender runtime scheduling settings

For most users, high memory usage by Antimalware Service Executable usually occurs when Windows Defender runs a full scan. We can fix this by scheduling the scan at a time when your CPU is less busy.

  1. Open the Start menu, type “Task Scheduler” and click on the first result to start the program.
  2. In the left navigation bar, double-click the Task Scheduler Library. Expand these folders further and navigate to the next destination: Library/Microsoft/Windows/Windows Defender.
  3. With the Windows Defender folder open, double-click Windows Defender Scheduled Scan in the middle pane.
  4. Click the Conditions tab, uncheck all options, and then click OK. This will delete the scheduled scans.
  5. Scheduling new scans are important to protect your computer, but we can do it in a way that reduces the impact on your system’s performance.
  6. To do this, double-click Windows Defender Scheduled Scan, select the Triggers tab, and then click New.
  7. Create a new scanner that meets your needs and select settings that balance protection and system performance.
  8. As a recommendation, we recommend running a scan once a week (at least) at a time when you are unlikely to notice increased CPU usage.
  9. Repeat the process for the remaining three services (Windows Defender Cache Maintenance, Windows Defender Cleanup, Windows Defender Verification) located in the Library/Microsoft/Windows/Windows Defender folder.

Add the Antimalware Service executable file to the Windows Defender exceptions list

While scanning, Windows Defender checks every file on your computer, including itself. Sometimes this can lead to interesting interactions and is a frequent cause of system crashes. To avoid this, you can simply tell Windows Defender to signal itself to run a system scan.

  1. Press Ctrl + Shift + Esc to open Windows Task Manager.
  2. In the list of processes, find Antimalware Service Executable. Right-click on the process and select Open File Location.
  3. In the address bar, you will see the full path to the Antimalware Service Executable file. Click on the address bar and copy the full path.
  4. Open the Start menu, type “windows defender” and click on the first result to launch Windows Defender Security Center.
  5. Click on “Virus and Threat Protection” and then “Virus and Threat Protection Settings”.
  6. Scroll down to “Exceptions” and click Add or Remove Exceptions.
  7. On the next screen, click Add Exception, select Folder, and then paste the path to the Antimalware service executable file (MsMpEng.exe) into the address bar.
  8. Finally, click Open and the folder will now be excluded from scanning.


Disable Windows Defender

If the problem persists after applying the first two fixes, you may be tempted to disable Windows Defender completely. Remember that by doing so, you expose yourself to a number of cyberattacks. Therefore, it is important to install an effective anti-malware tool on your computer before uninstalling Windows Defender.

  1. Press the Windows + R key to open the Run dialog box.
  2. In the Run dialog box, type Regedit and click OK to open the registry editor.
  3. In the left navigation pane, double-click folders to access HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindows Defender.
  4. If you find a registry entry named DisableAntiSpyware, double-click it and set the data value to 1.
  5. If you do not see the registry entry named DisableAntiSpyware, right-click in the main registry editor area and select New -> DWORD Value (32 bits).
  6. Name this new registry entry DisableAntiSpyware. Double-click it and set the value to 1.

Frequently Asked Questions

Double-click Task Scheduler Library -> Microsoft -> Windows. Double-click Windows Defender in Windows. Then double-click on Windows Defender Scheduled Scan. Disable the Run with Highest Privileges option.

  1. Disable Windows Defender. 1.1 Disable Windows Defender using the registry editor.
  2. Use the Group Policy Editor. Press the Windows + R keys and type Gpedit.
  3. Install a third-party antivirus program to replace the Msmpeng.exe executable of Antimalware Service.

If you notice that the Antimalware Service executable process is using a lot of CPU or disk resources, it is probably scanning your computer for malware. This CPU usage may also indicate that an update is being installed, or that you have just opened a particularly large file that Windows Defender needs a little more time to analyze.

AntiMalware Service Executable is your defense against viruses. If you want to stop it, you will have to install another antivirus program. with Windows, and you cannot remove the program from Windows.