Fix: Antimalware service executable (msmpeng.exe) High CPU Usage

Antimalware service executable is a Service executed by the process of msmpeng.exe. This service is used by the windows defender program to avoid any Malware from entering your System.

This is one of the most ram consuming feature in Any Windows version, There might be two very strong reasons why Antimalware service executable consumes so much ram. One is that as it is an Antimalware service so it constantly runs in background defending the PC from Malware.

The second Reason why msmpeng.exe is consuming so much ram is that whenever a PC Wakes up or boots up the Antimalware service starts scanning the entire system for unwanted files which results in High Cpu and ram usage.

The easiest way to understand this is whenever this service Scans your full system then you might see that your PC starts lagging a lot, Also the time to Switch between apps also increase. As the service is provided by default and backed by Microsoft itself so you need not worry about this.

The First and best method to reduce the high usage of system resources is by Waiting for at least 2-3 minutes after the first boot, As this is the time when defender service is on its peak and consumes the maximum amount of ram. usually waiting for a while slows down the peak usage and your problem gets solved.

Scanning PC for possible risks is a good option but this should not be done more often as it may interfere with your daily usage. Most of the users’ Schedule a full scan whenever PC wakes from Sleep or whenever they boot PC.

You can also Turn off Windows defender service and see if this solves your problem or not, If now also you are facing the problem of High CPU usage then you should follow some of the Troubleshooting methods we are mentioning below:

Stop High CPU Usage by Antimalware Service Executable

To Stop High usage By Antimalware Service executable in Windows 7, Windows 8, and Windows 10 you can Follow some of the methods given below:

Method 1: Repair Corrupt Defender Files

The First and foremost thing you should do is Check for Repair corrupted files on your System. Corrupted files interfere with the system which also shows a peak in the ram and CPU usage.

Once you find any corrupted file or Driver make sure that you immediately repair or replace the file. After Removing reboot your System for the changes to take effect.

Method 2: Reschedule Windows Defender again

  • Open Administrative tools by Clicking on the Menu on the left side, Alternatively, you can also search for “Administrative Tools” on the Left bottom search bar.
  • Now choose Task Scheduler from Administrative Tools and Click (2 times) to open it.
  • Once the Task scheduler gets opened, head over to the below-given path
  • Library/Microsoft/Windows/Windows defender
  • Now from the Windows defender folder tap on Windows Defender Scheduled Scan, Now Click on it and Locate properties present on the right side of the desktop.
  • Now uncheck “Run With the Highest privileges” from the general Tab
  • Now Un-check the options under Idle, Power and Network and Click Apply( Present Under Properties tab)
  • Now We have to reschedule Windows Defender. Click on Properties and tap on Trigger Tab Present Between “General” and “Actions” Tab.
  • Now From the drop-down menu choose New trigger.
  • From the New, Trigger choose Weekly or Monthly. It is preferred to Set Schedule as monthly.
  • Now as you have set the Schedule to monthly then the Antimalware service executable will only run once a month.
  • If you have already a Scan running on then wait for it to complete, Interrupting a windows scan may cause more problems so it’s recommended you wait until the ongoing scan completes.
  • Incase if you are still getting high CPU usage then you can perform the same procedure with three more similar services of windows.
  1. Windows Defender Cache Maintenance
  2. Windows Defender Verification
  3. Windows Defender Cleanup
  • It is Your choice if you want the next scan weekly or monthly, We will recommend you to set the next Schedule on a monthly basis.

After Scheduling the Antimalware service executable you will see a significant amount of decrease in High CPU usage and Ram usage.

Method 3: Turn off Windows Defender

Windows Defender works in real-time, As the service protects our PC from Malwares and virus so it is pretty obvious that Windows defender will work in the background even when you are Playing a Game, Surfing the internet or transferring the data from your phone to PC.

Many users reported that After turning off the windows defender they noticed a good percentage of decline in the CPU and Ram usage. Windows defender is the Default antivirus which comes as a system app in Windows 10, Now if you are planning to Turn off this feature or completely remove then you should consider installing any third-party antivirus on your system.

Installing a third-party antivirus may reduce the consumption of System resources. You may also see improvement in the performance of your computer.

To Turn off Windows defender we will use Group policy editor, As of now this Utility is only available for Windows Enterprise and Pro Editions of Windows 10. In case if you are using any other version of the OS then you have to use the Registry Tweak.

Below we have mentioned process for both Windows 10 and Lower versions:

Using the Local Group Policy Editor

  • Launch Run dialog box by pressing Windows+R, After that type Gpedit.msc and click OK
  • Now head over to Computer Configuration > Administrative Templates > Windows Components > Windows Defender (Local Group Policy Editor)
  • If you See “Windows Cannot find gpedit.msc” then you have to skip this method and follow the Registry tweak method.
  • Now Click on Turn off Windows Defender and Double click again to turn it off, To Disable Windows defender you have to tap on Enabled and then tap on Apply.
  • Now Restart your PC and see if the high usage by Antimalware service executable is solved or not.

The Above method was only for Windows Enterprise and Pro Editions of Windows 10 and Above. If you are using a lower variant then you can follow the registry tweak method

Using the Registry

  • Launch the Run dialog box by pressing Windows+R, After that type regedit and click OK
  • Now head over to HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender
  • Now you have to Edit DisableAntiSpyware registry, To edit double click on it and change the value to 1.

Thats all !! this is how you can turn off Window Defender using Registry tweak. This method works on all the versions of windows that are older than Windows 10 pro editions.

Method 4: Add Antimalware Service Executable to Windows Defender Exclusion List

The best way to Reduce Antimalware Service Executable high ram consumption is by adding it to the exclusion list, After feedback from many users, we got to know that this shows a significant amount of Drop in the ram and cpu usage.

  • Open Windows Task Manager by Pressing Ctrl + ALT + Del.
  • Under the Tab -“Process” Look for Antimalware Service Executable.
  • Right, Click and select “Open File Location”. Now you will see MsMpEng, Click on the address of the file and copy location.
  • Now Click on Windows Key+I, Choose update and security then choose windows Defender.
  • Now Select> Add an exclusion > Exclude a .exe, .com or .scr process or File Type, and paste MsMpEng.exe in the Path
  • Paste the full path to the folder you copied earlier and then add \MsMpEng.exe to it, After that Tap on Apply to make changes.
  • Now again go to task manager and Investigate how much ram this service is using, For us the Consumption of resources reduced in a good amount.

It is advised to make a reboot of your PC, Sometimes the MsMpEng.exe process is stored in the cache and it will be deleted only after reboot.

Method 5: Scan For Malware

The Actual work of this service is to fight with all malware and virus that try to attack your PC, Now if by chance any of the Malware has entered your System then MsMpEng.exe will be activated to flush out it from your PC.

When MsMpEng is running then you will see that a particular service is consuming too much amount of System resources, So it is suggested that you should scan for malware using any of the Third-party malware cleaners (Malwarebytes here).

If the scanner detects malware in your system then you should immediately delete it from your System as it may corrupt the files present on your device.

Method 6: Remove Bad Updates

Updating Windows is a good practice but not always, Sometimes Windows defender is updated with false-positive algo which means it will detect harmless files as harmful which can increase the ram usage on your system.

Windows Defender updates are based on the feedback given by users. Imaging 100s of users reporting a file as malware than in the next update Windows defender will mark the file as malware and it will keep running in the background.

  • Open the Run Dialogue box by pressing Windows+R together
  • Now type CMD in the box, Along with that press “Shift” + “Ctrl” + “Enter to give administrative privileges to the Command.
  • Now confirm the action by clicking on Yes
  • Type following command in box and press “Enter

“%PROGRAMFILES%\Windows Defender\MPCMDRUN.exe” -RemoveDefinitions -All

  • Now again type the following command and hit enter

“%PROGRAMFILES%\Windows Defender\MPCMDRUN.exe” -SignatureUpdate

Note: Make sure that you use Comma while using both the commands.

  • Command Processing might take around 20-40 seconds, once the process is completed reboot your PC

Now check if the Issue is solved or not. For most of the users, all these methods solved the High ram usage by Antimalware service executable. Also please tell us which method worked for you in the comments section below.

FAQs about Antimalware Service Executable

Can i end antimalware service executable?

Ending the process is Impossible as this is the inbuild Antivirus/Defender provided with the windows itself. Although you can turn off the real-time process Consider switching to a third party malware protector for your system.

Is Antimalware Service Executable a virus?

No MsMpEng.exe is not a virus. It is a Defender utility provided with Windows to protect your system from harmful viruses and Malware. The process keeps on running in the background to protect your Computer from Risks. So as long as it is running when you use PC it is normal.

Should I disable antimalware service executable?

You Can disable the Service, But make sure that you also install any third party Antivirus to protect your Computer from harmful files. Third-party Antivirus usually consumes fewer system resources compared to the Windows defender.

How do I fix antimalware service executable high CPU usage?

You can use All the Methods Given Above to fix the high usage. It is also recommended that you schedule the scanning interval on a monthly basis.

Read Next

Leave a Comment