I was working on my Windows 8.1 PC, doing nothing unusual, but noticed the CPU fan is on full blast and loud. I launched Task Manager and noticed that the CPU usage is at 56%, which is really high considering I'm using a quad core i7 CPU with hyper threading on (for a total of 8 virtual cores). It's pretty much taking up 100% of one of the cores. It turned out that the culprit was MsMpEng.exe
, which is the Windows 8 built-in Windows Defender Service anti-virus software (running as Antimalware Service Executable) by Microsoft.
I thought- okay it's probably doing some scan so I'll wait a bit. After over 30 minutes, I had enough. So I right-clicked on the process, then picked End Task, but was greeted with the message:
Unable to terminate process. The operation could not be completed. Access is denied.
WTH? I then launched CMD.exe with Administrator rights (shift + right-click on the CMD.exe icon), then ran the command:
taskill /im msmpeng.exe
That should do it, I thought. But nope, it came back with the message:
ERROR: The process "MsMpEng.exe" with PID 3400 could not be terminated. Reason: Access is denied.
In the past, when it was sucking up too much CPU cycles, I was able to easily terminate the Windows Defender process, and then it would automatically restart and the issue would go away. But who knows after which update Microsoft has altered the behavior of the AV program to such elevated rights that even the admin can't kill the task. Because I didn't want to restart my computer just to fix this problem, I wondered if there was another way. So I went to Control Panel
, and found the Windows Defender
icon there, and clicked on it.
I then navigated to the Settings tab
, and under "Real-time protection" (the default & first selected choice), I unchecked
the box that says "Turn on real-time protection (recommended)". After a few seconds, the MsMpEng.exe process was gone- terminated. I then re-checked the box to re-enable the protection. MsMpEng.exe re-appeared, and started to take up 10 to 15% CPU, but after 5 seconds or so, it was back to its regular good behavior of not eating up much CPU usage.
Hope this tip on how to shutdown MsMpEng.exe on Windows 8.1 helps those of you encountering this occasional issue.