What is Antimalware Service Executable? High CPU Disk Usage Explained

What is Antimalware Service Executable?

Antimalware Service Executable is a part of the Microsoft Defender antivirus that comes pre-installed with Windows. It is responsible for scanning files and processes in the background and updating virus definitions to help protect your computer from malware and other threats. This process runs under ‘msmpeng.exe’ and operates discreetly to ensure your system remains secure.

While it is a crucial component of your system’s security, the Antimalware Service Executable can sometimes cause high CPU and disk usage. This occurs when the process is actively scanning your files and programs for potential threats. Since it is a real-time protection service, it needs resources to scan all activities on your PC thoroughly.

Although the process may use a significant amount of CPU and disk space, it is important to remember that it serves a vital purpose in safeguarding your computer. However, if the high resource consumption becomes problematic, you can consider installing a different antivirus program, which may result in disabling the Antimalware Service Executable. Turning off Microsoft Defender without installing a suitable alternative may leave your system vulnerable to attacks.

In summary, the Antimalware Service Executable is an essential component of the Microsoft Defender antivirus program, which helps protect your computer from malware and other security threats. While it may cause high CPU and disk usage, its function is crucial for maintaining a secure and stable system.

/10

IT Quiz

Test your knowledge about topics related to technology

1 / 10

'.BAK' extension usually refers to what kind of file?

Backup file

Audio file

Animation/movie file

MS Encarta document

2 / 10

Which of the following AI domain attempts to extract information from spoken and written words using algorithms?

Neural Network

Computer Vision

Data Science

Natural Language Processing

3 / 10

'.MOV' extension usually refers to what kind of file?

Image file

Animation/movie file

Audio file

MS Office document

4 / 10

Which of the following most advanced form of AI?

Neural Nework

Machine Learning

Data Science

Deep Learning

5 / 10

Which American Computer Company is also known by the nick name "Big Blue"

Microsoft

Apple

Compaq Corporation

IBM

6 / 10

Which of the following is not an electronic device?

A mobile

A computer

A magnifying glass

A keyboard

7 / 10

What is the radix of the octal number system?

8 / 10

Who is considered as the father of computing

Claude Shannon

Charles Babbage

Von Neumann

Graham Bell

9 / 10

Firewall in computer is used for

Security

Data Transmission

Authentication

Monitoring

10 / 10

Which is an Input device

Monitor

Printer

Mouse

None of the above

Your score is

Why does Antimalware Service Executable use a lot of CPU?

Antimalware Service Executable, also known as MsMpEng.exe, is a background process run by Windows Defender. Its main function is to scan your computer for potential threats such as malware, viruses, and other harmful software. While this process is essential for maintaining your system’s security, it can sometimes cause high CPU and disk usage.

One reason for the high CPU usage is that Antimalware Service Executable performs periodic system scans. These scans can be resource-intensive, especially when scanning large files or multiple folders. Sometimes, the process might scan its own folder, located at C:\Program Files\Windows Defender. This can lead to unnecessary consumption of CPU resources.

Another factor that might contribute to the high CPU usage is the real-time protection feature of Windows Defender. This feature monitors your system continuously, checking for potential threats in files, downloads, and installations. While real-time protection is essential to keep your system safe, it may cause a surge in CPU and disk usage.

To mitigate excessive CPU usage by the Antimalware Service Executable, you can try the following methods:

Scan Manually: Configure Windows Defender to perform manual scans instead of automatic scans. This way, you control when the scans occur, reducing the chances of experiencing high CPU usage at inopportune times.
Turn Off/On Real-Time Protection: Temporarily disable real-time protection if you find that it is causing high CPU usage. However, remember that this may leave your system vulnerable to threats, so re-enable the feature immediately.
Change Defender’s Schedule: Adjust the frequency and time of scheduled scans to ensure they don’t interfere with your computer usage. For example, you could schedule the scans to run when you’re not using your PC, like overnight or during your lunch break.

Remember that while addressing the high CPU usage issue is important, it’s crucial to maintain a balance between system performance and security. Always ensure that an up-to-date antivirus program protects your computer.

How to Stop Antimalware Service Executable from Using Too Much CPU

Solution 1: Prevent Antimalware Service Executable from Scanning its Own Folder

You can prevent Antimalware Service Executable from scanning its folder to reduce CPU usage.

Open Windows Security and navigate to Virus & threat protection.
Click on Manage settings under Virus & threat protection settings and scroll down to Exclusions.
Click on Add or remove exclusions, then Add an exclusion, and choose Folder.

Browse to the following folder and select it:

C:\ProgramData\Microsoft\Windows Defender

Solution 2: Disable Realtime Protection and Reschedule Scans

You can reduce CPU usage by disabling Real-time protection and rescheduling scans.

Go to Windows Security > Virus & threat protection > Manage settings.
Toggle off Real-time protection.
To reschedule scans, go to Task Scheduler > Task Scheduler Library > Microsoft > Windows > Windows Defender.
Right-click on Windows Defender Scheduled Scan and select Properties.
Under the Triggers tab, click Edit.

Solution 3. Add Antimalware Service Executable to Windows Defender’s Exclusion List

You can reduce CPU usage by adding Antimalware Service Executable to Windows Defender’s exclusion list.

Go to Windows Security > Virus & threat protection > Manage settings > Exclusions > Add or remove exclusions.
Click on Add an exclusion and choose Process.
Enter MsMpEng.exe and click OK.

Solution 4. Disable Windows Defender in Registry

Disabling Windows Defender in the registry can help reduce CPU usage.

Press Win + R and type regedit.
Click OK. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender.
Right-click on an empty space, click New and choose DWORD (32-bit) Value.
Name it DisableAntiSpyware and set its value to 1.
Restart the computer.

Warning: Editing the registry can cause serious problems. Proceed with caution and create a backup before making changes.

Solution 5. Update all Available Device Drivers

Outdated device drivers can cause high CPU usage. Update your drivers by going to Device Manager. Expand each category, right-click on each device, and choose Update driver. Select Search automatically for drivers.

Solution 6: Roll Back Windows Defender Definition Updates

Rolling back Windows Defender definition updates may help with high CPU usage.

Go to Settings > Update & Security > Windows Security > Virus & threat protection.
Click on Virus & threat protection updates and then Update history.
Look for the latest definition update, right-click on it, and choose Uninstall.

One request?

I’ve put so much effort writing this blog post to provide value to you. It’ll be very helpful for me, if you consider sharing it on social media or with your friends/family. SHARING IS ♥️

Facebook Tweet Pin Print Email

Sandeep Bhandari

Sandeep Bhandari holds a Bachelor of Engineering in Computers from Thapar University (2006). He has 20 years of experience in the technology field. He has a keen interest in various technical fields, including database systems, computer networks, and programming. You can read more about him on his bio page.