IT Support Blog

Insights
How to Stop Antimalware Service Executable from High CPU Disk Usage

How to Stop Antimalware Service Executable from High CPU Disk Usage

June 1, 2022

Written by

It's happening again: Your computer has suspiciously high CPU usage.

You've closed background programs, done a restart to clear the RAM, and run system's diagnostics to figure out what's going on.

No dice.

For anyone who isn't familiar with IT support services, this might be a hair-pulling moment. But don't stress, there may be an unexpected culprit: Window Defender. Specifically, the antimalware service executable.

In this article, you'll learn whether your computer is affected by this executable, and how to fix it.

Antimalware Service Executable? What Is That?

Msmpeng.exe, which stands for Microsoft Malware Protection Engine, is the core of Microsoft's Windows Defender antivirus service. This is the program that detects malicious code of all kinds and then decides whether to delete or quarantine it.

While this is an essential program that keeps your computer safe, it has been known to misbehave. Some users may find that disabling it will provide a needed boost in system performance.

Should You Disable the Executable?

Keep in mind that without additional antivirus, Windows Defender is the only thing standing between your computer and malware. Disabling msmpeng.exe puts your computer at risk of contracting digital viruses that would otherwise have been dealt with quietly in the background.

That said, many people already have a third-party antivirus running on top of Windows Defender. Before deciding whether to disable it, IT consulting services may help determine if your third-party antivirus is performing at better efficiency than Windows Defender.

Is Windows Defender a Reliable Antivirus?

Antivirus companies have done such an excellent job marketing their products that many are led to believe that extra antivirus is essential. However, in recent years Windows Defender (particularly with Windows 10) has improved by leaps and bounds.

There are many great options for antivirus out there, such as Avast, which has a free version that may hog fewer system resources than the Windows default.

If you want to disable Windows Defender to prioritize your third-party antivirus, then read ahead. If not, then skip down to see methods that lessen its system impact.

How to Disable the Antimalware Executable

There are several methods for disabling msmpeng.exe. Don't stress if one method doesn't work. There is always help if you need it.

Option 1: Disabling the Real-Time Protection

Real-time protection allows Windows Defender to scan files continuously in the background, keeping you safe in the event malicious code enters your system.

  1. Open the Start Menu, then type Windows Security. Select the first option.
  2. Find Virus & threat protection on the sidebar.
  3. Under Virus & threat protection settings, click the Manage Settings option.
  4. Toggle the Real-time threat protection button to off.

Keep in mind that this is a temporary option. Windows will automatically restart the real-time protection service.

Option 2: Using the Registry Editor to Disable

For a permanent option, you can disable Defender completely in the Windows registry.

  1. Open the Start Menu and search for Registry Editor.
  2. Using the sidebar, find HKEY_LOCAL_MACHINE. Drop down the menu to SOFTWARE, then Microsoft, then Windows Defender
  3. Right-click Windows Defender (this is a folder) and choose New, then DWORD (32-bit) Value
  4. In the value field, enter DisableAntiSpyware. In Value Data, put 1.
  5. After pressing OK, make sure to save changes. Your system will need a restart before these changes take effect.

How to Minimize the Impact of Defender on CPU Usage

For users that prefer less hassle, Windows Defender may be a perfectly fine option to keep your system safe. Luckily, there are methods to reduce the impact it has on your system resources.

Option 1: Using Scheduling to Control When Defender Runs

Windows Defender is often running scans in the background. One cause of high CPU usage may be a full scan running while you're using other programs. This option will reschedule Windows scans to when you are not using your computer.

  1. From the Start Menu, search Task Scheduler.
  2. Double-click on Task Scheduler Library. Expand folders until you reach Library, Microsoft, Windows, and finally Windows Defender.
  3. From the Windows Defender folder, double-click Windows Defender Scheduled Scan.
  4. Under the Conditions tab, uncheck all the options. Then click OK. But we don't want to stop here, since this will prevent windows from scanning your computer completely!
  5. Next, you should schedule scans for times when your computer is idle. For example, when you leave your computer on and go eat lunch. Select Windows Defender Scheduled Scan, then Triggers, then New.
  6. This step is up to you. Ideally, schedule a scan at least once a week. Choose times when your computer would not be in use.
  7. You'll need to repeat this process as well for Windows Defender Verification, Windows Defender Cache Maintenance, and Windows Defender Cleanup. These can be found in the same place, under Library, Microsoft, Windows, then the Windows Defender folder.

If you're the type of person who leaves their computer on overnight, it may be ideal to have scans running at that time. Repeat these steps if you ever need to change your schedule.

Option 2: Excluding the Antimalware Executable From Defender’s Scans

Windows doesn't skip any files when it scans your computer. Meaning that Defender will scan itself, causing lag.

  1. Open Windows Task Manager by pressing Ctrl, Shift, and Esc at the same time.
  2. From the process list, search Antimalware Service Executable. Right-click on it and choose Open File Location.
  3. Click the address bar (which has the path of the Antimalware Executable) to copy the location path.
  4. From the Start menu, search Windows Defender. Choose the first result.
  5. After selecting Virus & threat protection, click Virus & threat protection settings.
  6. Find Exclusions, then click Add or remove exclusions. Choose Add an exclusion. After clicking Folder, paste the location path (this is the MsMpEng.exe mentioned earlier) in the address bar. Click Open. Now, the folder will not be included in future scans.

Final Thoughts

You've done it. You've fixed the high CPU usage from the antimalware service executable!

However, one problem may be the compounded result of several computer issues. If your computer(s) continue to suffer from heavy resource usage, consider managed IT support to achieve maximum performance.

Contact us to learn more about the services we offer.

Next Level Technologies

Our Latest Blog Posts

IT Recovery: Strategic Incident Management Tips

Master IT incident management to boost efficiency and customer satisfaction while reducing downtime with key strategies and tools.

December 17, 2024

From Chaos to Control: Managing IT Disaster Recovery

Master IT disaster recovery planning with strategies for data protection, risk assessment, and continuity. Ensure business resilience today.

December 17, 2024