Windows Defender: Resolving high Hard Disk Drive and CPU usage during scans


Windows Defender: Resolving high Hard Disk Drive and CPU usage during scans



The following article deals with resolving an issue where the system locks up. Because the Windows Defender scan causes up to a 100% usage of the systems HDD (Hard Disk Drive) and CPU (Central Processing Unit).


Table of Contents:

  1. Is your system locking up during Windows Defender scans?
  2. Why is this happening?

Is your system locking up during Windows Defender scans?

Does your system lock up during Windows Defender Scans? When you check the system performance on an application such as the Process Explorer, is MsMpEng.exe showing excessive usage of the system resources? Does this take from 80% to 100% of the system resources, causing the system to grind to a slow crawl or lock up?


Back to Top


Why is this happening?

In the following sections, we share the different methods Microsoft recommends fixing MxMpEng.exe from causing high HDD and CPU usage on your system.

  • MsMpEng.exe is the core process of the Windows Defender Antimalware Application.
  • Windows Defender comes pre-installed on Windows 10 but is an optional download on older Operating Systems like Windows 7 and 8.
  • This issue with MsMpEng.exe taking 100% of the HDD and CPU usually occurs when Windows Defender is scanning the system for malware. The Windows Defender scan is getting stuck on a few files while checking malware. When that is happening, it should be restricted/disabled to bring it back to normal use.


Back to Top


Method I: Ensure that no other Adware, Antimalware or Antivirus software is installed or not fully removed

MsMpEng.exe - Its role is to scan files for spyware, and quarantine or remove them if they are suspicious. It also scans your system for known worms, harmful software, viruses, and other such programs.

Note: Best practice is to have only ONE anti- Malware/Virus/Spyware program on your PC at one time. Do Not have multiple programs running or installed simultaneously. These programs conflict and find each other as files to be quarantined and deleted.

Windows Defender comes default installed with Windows 10.

That means any additional software will have been installed after Windows Defender - Windows defender will keep them from installing or running correctly.

  1. Right-click on the Start Icon and choose Control Panel from the menu.

  2. Go to Programs and Features and remove any of these types of programs that are listed there.

Windows Defender does not come installed with Windows 7 and 8.

Any software installed after Windows Defender - Windows defender will keep them from installing or running correctly.

If Windows Defender was installed after these other types of software - these software programs will keep Windows Defender from installing correctly.

  1. Open the Control Panel from the Start menu.

  2. Go to Programs and Features and remove any of these types of programs that are listed there, including Windows Defender.

  3. Install the program that you want to use, going forward.


Back to Top


Method II: Prevent Windows Defender from scanning a specific folder on your system

One reason for the high load is MsMpEng.exe scanning its folder. If you have a known folder on your system that is causing Windows Defender an issue, you can get Windows Defender to ignore it.

  1. Click on the Start Icon and type Windows Defender. Double-click on the icon when it appears in the search list

  2. Click on Settings and select Add an exclusion from the bottom of the window

  3. Choose Exclude a folder and enter the path of the desired directory. In this case C:\program files\windows defender

Add an Exlusion

(Figure.1 Add an Exclusion Settings Window)

  1. Open Windows Defender then Tools and then Advanced Options

  2. Open Excluded Files and Locations

  3. Enter the path of the desired directory. In this case C:\program files\windows defender


Back to Top


Method III: Slow the scan by lowering the set affinity of Windows Defender on your system

You can set the MsMpEng.exe file to use a specific processor in the system to avoid high CPU usage. However, it cuts the scan speed of Windows defender and make it run slower than usual. If slow scan speed is better for you than having high CPU usage. Apply the following steps to set the affinity in limited mode.

  1. Open Task Manager

    • Right-click on the taskbar and select Task Manager.

    • Right-click on the Start Icon, select Task Manager.

    • Click the Start Icon and type Task Manager, click on the task manager icon from results.

  2. Go to the Details tab

  3. Right-click on the process name msmpeng.exe and select Set affinity

Set Affinity in Task Manager

(Figure.2 Set Affinity in Task Manager Window)

  1. Choose the CPU limit that you allow the process to use

  1. Open Task Manager

    • Right-click on the taskbar and select Task Manager.

    • Ctrl/Alt/Del pressed together gives an onscreen menu, select Task Manager.

    • Search for Task Manager, click on icon from results.

  2. Go to the Processes tab

  3. Right-click on the process msmpeng.exe and select Set affinity

  4. Choose which cores of the CPU you allow the process to use

Note: For normal CPU usage, select 50% for MsMpEng.exe (i.e. 1 core of a dual-core CPU, 2 cores of a quad-core CPU, etc.)


Back to Top


Method IV: Disabling Windows Defender through group policies on your system

Disabling Windows Defender is a severe answer that solves your issue that is related to high CPU usage.

Note: Your Systems protection suffers without any anti-virus software installed. If you disable Windows Defender, make sure you have another Antimalware application to install in its place. This can be either free or paid, but make sure you have something that is installed in Windows Defenders place.
  1. Open a Run Window and type gpedit.msc

    • Press the Windows and R key together.

    • Open the start menu and select Run

  2. This opens the Group Policy Editor. (This is usually only available on Pro and Enterprise editions. There are ways to install it on Home editions, but this article does not cover them.)

Group Policy Editor

(Figure.3 The Group Policy Editor)

  1. Scroll down the left-hand side tree structure until you get to Computer Configuration, open it and got to Administrative Templates, then Windows Components and finally Windows Defender anti-virus

  2. In the right-hand side pane, double-click on Turn off Windows Defender anti-virus

  3. A Properties window opens, choose Enabled and click on Apply and OK to save the change, then close all the windows.


Back to Top






ID de l'article : SLN308113

Date de la dernière modification : 05/11/2020 05:10 AM

Noter cet article

Précis
Utile
Facile à comprendre
Avez-vous trouvé cet article utile ?
0/3000 characters
Veuillez attribuer une note (1 à 5 étoiles).
Veuillez attribuer une note (1 à 5 étoiles).
Veuillez attribuer une note (1 à 5 étoiles).
Veuillez indiquer si l’article a été utile ou non.
Les commentaires ne doivent pas contenir les caractères spéciaux : <>()\
caractères restants.