Listen to this Post
If your Windows 10/11 PC is slowing down due to Microsoft Defender’s Antimalware Service Executable (MsMpEng.exe) consuming high CPU—even when no scan is running—you’re not alone! This background process can sometimes go rogue. Here are some quick fixes to reclaim your system’s performance.
You Should Know:
Fix 1: Add MsMpEng.exe as an Exclusion
- Open Windows Security → Virus & Threat Protection.
- Under Virus & Threat Protection Settings, click Manage Settings.
- Scroll to Exclusions → Add an exclusion → Select Process.
4. Type MsMpEng.exe → Click Add.
Why this works: This stops Defender from scanning its own process, reducing resource conflicts.
Fix 2: Tweak Task Scheduler
- Press Win + S → Type Task Scheduler → Open it.
- Navigate to Task Scheduler Library → Microsoft → Windows → Windows Defender.
3. Double-click Windows Defender Scheduled Scan.
4. Under General, uncheck “Run with highest privileges”.
- Under Conditions, uncheck all options → Click OK.
Why this works: This prevents aggressive background scans from triggering unnecessarily.
Fix 3: Use SysInternals Tools for Advanced Troubleshooting
- Download Process Explorer and Process Monitor from SysInternals.
- Use Process Explorer to identify high CPU usage by MsMpEng.exe.
- Use Process Monitor to log and analyze Defender’s file and registry activity during scans.
- Exclude problematic files or paths (e.g., large
.iso,.vhdx, or network shares) from Defender scans.
Fix 4: Optimize Defender Performance
1. Open PowerShell as Administrator.
- Run the following command to disable real-time scanning temporarily:
Set-MpPreference -DisableRealtimeMonitoring $true
3. To re-enable it, use:
Set-MpPreference -DisableRealtimeMonitoring $false
4. Schedule scans during off-peak hours using:
Set-MpPreference -ScanParameters 2 -ScanScheduleDay 8 -ScanScheduleTime 02:00
Fix 5: Tune Defender with Performance Analyzer
- Download and run Microsoft Defender Performance Analyzer from Microsoft Docs.
- Analyze scan performance and adjust settings based on the report.
What Undercode Say:
Microsoft Defender is a robust tool, but it can sometimes overburden your system. By excluding its own process, tweaking Task Scheduler, and using advanced tools like SysInternals, you can optimize its performance. Always ensure you’re not compromising security by blindly excluding processes or files. For enterprise environments, schedule scans during non-working hours and use performance analyzers to fine-tune Defender. Remember, Defender is your first line of defense—handle it wisely!
Relevant URLs:
References:
Reported By: Fazeelriskhan Windowstips – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅



