MsMpEng.exe Antimalware Service Executable

Have you been experiencing high CPU usage lately? Like every computer users, you check your Windows Task Manager whenever your system starts slowing down or hanged. If you checked in Task Manager and looked at the processes tab, you have probably seen the Antimalware Service Executable program consuming up all the available CPU. This program is responsible for making your system slow by taking high CPU or Disk usage.

What is Antimalware Service Executable?

The Antimalware Service Executable is a process run by the operating system’s Windows Defender. This is commonly pre-installed in the latest Windows versions and it is actually an excellent program as it helps the computer by securing it from harmful programs, viruses, malwares, spywares and other suspicious threads.

Because Windows Defender has a Real-Time Protection feature, it causes high CPU usage that slows down the system. The Antimalware Service Executable program monitors your computer’s system continuously in order to protect your computer from virus and other kinds of malware. Since the program scans your files and other related applications in real time to get rid of suspicious threads, high CPU or Disk usage problem can occur in the middle of your working time.

The two most common reasons for the MsMpEng(MsMpEng.exe) Antimalware Service Executable to be taking high CPU usage are:

  • Real-time feature
  • Full Scan feature

The Full Scan feature scans all files when it is connected to a network or when it wakes up from sleep, or when it is scheduled to run all the time. During full scan, your operating system can experience hanging and slow response because your CPU is taken over by Windows Defender.

But do not worry when this happens. Simply let the process do its work and scan your system. If there are many files, it may take longer and you can wait for it to finish as it is also for the sake of your computer’s protection. Once the MsMpEng process is done, the usage of CPU will decrease and will go back to normal. Another thing is that Full scan should only be done at least once per month and not daily.

Antimalware Service Executable

Here are some solutions that you can do to solve the issue.

1. Change Windows Defender’s Schedule

Windows Defender has Real-Time Protection feature that continuously scans your operating system even when you are working. Even though it is recommended to turn the feature on in order to keep your computer safe from threats, you can change its schedule to stop the program from slowing down your system whenever you need it. To change Window’s Defender’s schedule, follow these steps:

  1. Press Windows button + R to open Run dialog box.
  2. In Run dialog box, type msc and press Enter. This will open Windows Task Scheduler.
  3. In Windows Task Scheduler, go to Windows Defender by browsing from the left pane. Simply expand the folders to search Windows Defender. Follow this path: Task Scheduler Library >Microsoft >Windows >Windows Defender.
  4. In Windows Defender folder, look for Windows Defender Scheduled Scan. Simply click it to highlight the name.
  5. On the right pane near the bottom, click Properties
  6. From the Properties Windows, simply click the Conditions tab then uncheck the boxes under Idle, Power and Network. This will stop those tasks to run automatically.

Usually, only one condition is ticked which is the Start the task only if the computer is on AC power. Simply uncheck everything that is ticked.

  1. Click OK to save your setting.

This solution is one of the easiest solutions for Antimalware Service Executable. This also works for thousands of users. Once you are finish, you can also reschedule your Window’s Defender.

  1. Click Properties again from the right pane and select the Triggers
  2. In Triggers tab, you can choose either Weekly or Monthly from Settings. Simply choose your preferred setting as well as the days of the week.
  3. Check the box next to Enabled then click OK.

This method will re-schedule your Windows Defender and knowing exactly when the program will run allows you to maximize the use of your computer’s operating system.

If changing the Defender’s schedule is not helpful, you can try the next method to fix the problem.

2. Exclude Directory for Scanning

In Task Manager, if you right-click the Antimalware Service Executable process and then click the Open file location, it will show you MsMpEng.exe which is in the program files of Windows Defenders. This is actually the main file that is making the issue.

If you want to continue using Windows Defender, you can fix the high CPU or Disk usage problem by excluding Windows Defender directory from being scanned. The process scans itself which takes up almost all your CPU. Knowing the path of the file can prevent the Windows Defender to exclude some files and locations from scanning. This means that you can also exclude the directory so every time the program run, it will automatically skip that path.

To do this solution, follow these steps:

  1. Open Task Manager and click the Process tab (Windows 7 users) or Details tab (Windows 8/10) and look for exe with Antimalware Service Executable in description.
  2. Right click MsMpEng.exe and click Open file location to see its root directory.
  3. Once the directory is open, simply copy the root directory path. ( C:\Program Files\Windows Defender )
  4. After copying the directory path, open Windows Defender from Control Panel.
  5. Click Tools and select Options.
  6. Scroll down to Advanced Options and open Excluded files and locations or Add an exclusion.
  7. Enter or paste the path that you copied before.
  8. Click the Add button to include the path from the excluded files and location.
  9. Click Save changes.
  10. Restart your computer in order to see the difference.

If this solution does not work, you can disable your Windows Defender and just use a better alternative.

3. Turn Off Windows Defender

If the solutions above were not helpful, it is possible that your Defender became corrupted from continuous scanning of files. But there is no need to worry as there are many better alternatives that you can use to protect your computer’s system. You can also try using paid antivirus software if necessary.

To turn off Windows Defender:

  1. Open Windows Defender from Control Panel.
  2. Click Options and go to Administrator options.
  3. Simply uncheck the box next to Use Windows Defender.
  4. Click Save.

After disabling your Windows Defender, there will be no more msmpeng.exe tasks in your taskbar. However, your system will be at risk and may get virus, malware, spyware and other malicious programs. Make sure that you install one of the best antivirus programs such as AVG Antivirus, Avast and Avira’s.

4. Disable Windows Defender using Registry Editor

If you experience the same problem using a different antivirus after removing Windows Defender, you will have to clear registry of your old antivirus program. To disable Windows Defender from Registry Editor:

  1. In the search box, type regedit and press Enter button. This will open Registry Editor.
  2. Go to the path HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender.
  3. Right-click Windows Defender and click New. Select DWORD.
  4. Double click the new DWORD and type DisableAntiSpyware for its name.
  5. Set its value to 1 to permanently disable Windows Defender.