Why Does Antimalware Service Eat RAM Too Much? And How to Disable It

Antimalware Service Executable is a name of the msmpeng.exe process which is used by Windows Defender program. The service that is associated with this program is Windows Defender Service. Based on the research, there are some common reasons for Antimalware Service to eat ram too much or consume high CPU usage.

Common reasons for high CPU or memory usage by Antimalware Service.

  • The first is the real-time feature which is constantly scanning files, connections and other related applications in real-time, that is what it is supposed to be doing (Protect In Real Time).
  • The second is the Full Scan feature that can be scanning all files, when the computer wakes up from sleep or when it is connected to a network, or if it is scheduled to run daily.

For understanding here is that when it is performing a complete scan, your system will be able to get hang, lag, and delayed access or response from your input or interactions with the system. For this case, you do not be afraid or lose patience, instead offer to run and scan, just wait a few minutes and if there are many files, it may take a few hours, so let it run and finish what it is doing for the sake of your protection. After it has completed, it is going to release the CPU and the usage of Ram/CPU/Memory will be able to drop down to its usual.

Why Does Antimalware Service Eat RAM Too Much?

How to Disable Antimalware Service Executable?

If you use Windows Defender to protect your computer, you are able to open the Windows Task Manager. Then, you can scroll down through the list of background processes. Afterwards, you will be able to see a process named Antimalware Service Executable. This process will offer Windows Defender to monitor your PC continuously for potential threats and give real-time protection against virus or malware. However, sometimes, it is also able to be the cause of disproportionately high CPU/RAM/Memory usage.

As a result, you will be able to face delays, lag, hanging and other system disruptions once it is running. Even though this can be really upsetting, it is important for you to not disable Windows Defender without first installing another IT security solution. Now, you only need to disable or fix Antimalware Service Executable.

Method 1: Disable Windows Defender

According to the research, disabling Windows Defender can help fixing the issue as this is the only way that worked for many users. When you use this method, once again we inform you that you need to install another antivirus. In this method, you are able to use the Local Group Policy Editor. For note: It only works on Windows Enterprise and Pro Editions of Windows 10 and more advanced versions of earlier OS’s. If you cannot use the Local Group Policy Editor, then you are able to use the Registry.

Using the Local Group Policy Editor

  • The first thing that you have to do is to press the Windows Key + R. After that, you are able to type in gpedit.msc in the Run dialog box and click ok to open the Local Group Policy Editor.

type in gpedit.msc

  • In the Local Group Policy Editor, you are able to navigate to Computer Configuration -> Administrative Templates -> Windows Components -> Windows Defender.

Configuration - Administrative Templates - Windows Components - Windows Defender.

  • In this Group Policy path, you need to look for the setting named Turn off Windows Defender and double click it. Make sure that you select the Enabled option to disable Windows Defender. Easily, you are able to click on Apply and ok to save the changes.

off Windows Defender and double click it

  • Now, Windows Defender will be disable instantly as well Antimalware Service. If it does not, you have to restart the computer and check to see if it is disabled.

Warning: It is worth mentioning that this method can disable antivirus protection on your computer. Therefore, your computer will be vulnerable. To protect your computer, you are able to use this method only as a temporary solution.

Using the Registry

  • The first thing that you have to do is to press the Windows Key + R. Then, you are able to type in regedit in the Run dialog box. Next, click OK to open the Windows Registry.

type in regedit in the Run dialog box

  • In the Registry Editor, you are able to navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender.

type in regedit in the Run dialog box

  • If you view a registry entry named Disable Anti Spyware, you need to double click to edit it and change its value to 1.
  • If you do not view the entry there, you will be able to double-click on this registry file and apply it to your registry.

Method 2: Change Windows Defender’s scheduling correctly.

Usually, for most users, the high CPU/RAM/Memory usage caused by Antimalware Service Executable occurs when Windows Defender is running a full scan. If you get this problem, you will be able to solve this by changing the Windows Defender’s scheduling correctly.

  • Firstly, you have to open the Start menu. Then, you are able to type Task Scheduler. Next, click the top result to launch the program.

o type Task Scheduler

  • In the navigation pane on the left, you are able to double click Task Scheduler Library. Please expand those folders and navigate to the destination: Library/Microsoft/Windows/Windows Defender.
  • After you opened the Windows Defender folder, you have to double click Windows Defender Scheduled Scan.

click Windows Defender Scheduled Scan.

  • In this step, you have to click the Conditions tab, uncheck all options and click ok. This can clear your scheduled scans.
  • To protect your PC, it is very important to schedule some new scans. You can do this in a way that will reduce the impact on your system’s performance. Please double click Windows Defender Scheduled Scan, and then choose the Triggers tab. Click New.
  • Now, you will be able to make a new scan schedule which suits your needs, selecting options which strike the balance between protection and system efficiency.
  • Repeat the process for the three remaining services: Windows Defender Cleanup, Windows Defender Cache Maintenance, and Windows Defender Verification that are found in the Library/Microsoft/Windows/Windows Defender folder.

Leave a Reply

Your email address will not be published. Required fields are marked *