Windows Defender Using High CPU? 11 Easy Fixes to Bring It Back to Normal

Windows Defender is a great built‑in antivirus for Windows 11 and 10, but sometimes it misbehaves. One of the most common issues is Windows Defender causing high CPU usage, making your PC slow, fans loud, and everything laggy.

If you see Antimalware Service Executable (MsMpEng.exe) or Windows Defender Antivirus Service constantly at the top of Task Manager, this guide is for you.

In this article, we’ll walk you through simple, practical fixes to stop Windows Defender from hogging your CPU.

Why Microsoft Defender High CPU usage?

You may experience this issue while the MsMpEng.exe process is performing resource-intensive tasks, such as full-system scans or real-time file monitoring, or when it encounters conflicts with other software.

Here are some common reasons for high CPU usage:

• Real-time scanning: Constantly checking files, scripts (like obfuscated ones), or complex formats (HTA, CHM) uses significant resources.
• Initial/Catch-up Scans: Full system scans or scans after missed schedules (catch-up scans) naturally increase CPU.
• Application Conflicts: Other security software or specific apps (like VMware, certain databases) can trigger excessive scanning.
• Configuration Issues: Misspelled exclusions or non-existent paths can make Defender search endlessly.
• Unsigned Binaries: Files without proper digital signatures require deeper inspection.
• Security Intelligence Updates: Cloud protection updates can cause temporary spikes. 

Restart Your PC and Let Defender Finish Any Running Scan

Before trying advanced fixes, start with the basics.

1. Save your work and close all apps.
2. Restart your PC.
3. After the restart, wait a few minutes and check the Task Manager again.

Sometimes, Windows Defender is simply in the middle of a full scan or background scan. Allowing it to finish may automatically reduce CPU usage.

If high CPU usage persists for more than 15–20 minutes without a drop in usage, proceed to the next steps.

Check Which Process Is Using High CPU

It’s important to confirm that Windows Defender is actually the cause.

1. Press Ctrl + Shift + Esc to open Task Manager.
2. Go to the Processes tab.
3. Look for:
   • Antimalware Service Executable
   • Microsoft Defender Antivirus Service
4. Check the CPU column.

If you see these processes consistently using high CPU (30–100%) for a long time, apply the fixes below.

Update Windows and Defender Definitions

Outdated Windows or Defender definitions can cause scanning loops or bugs that trigger high CPU usage.

Update Windows

1. Press Windows + I to open Settings.
2. Go to Windows Update.
3. Click Check for updates.
4. Download and install any available updates.
5. Restart your PC if required.

Update Defender Virus Definitions

1. Open Windows Security from the Start menu.
2. Click Virus & threat protection.
3. Under Virus & threat protection updates, click protection updates then Check for updates.

After updating, monitor Task Manager to see if CPU usage improves.

Run a Quick Scan Instead of a Full Scan

If Defender is stuck in a heavy full scan, switching to a quick scan can help.

1. Open Windows Security.
2. Click Virus & threat protection.
3. Under Current threats, click Quick scan.

Let the quick scan complete, then check whether the Antimalware Service Executable still uses high CPU.

If needed, you can schedule a full scan at a time when you’re not actively using your PC.

Change Windows Defender’s Scheduled Scan Time

By default, Defender may run intensive scheduled scans while you’re working, causing lag and high CPU.

You can adjust this using Task Scheduler.

1. Press Windows + R, type taskschd.msc, and press Enter.
2. In the left pane, navigate to:
   • Task Scheduler Library > Microsoft > Windows > Windows Defender (or Microsoft Defender on newer builds).
3. Double‑click Windows Defender Scheduled Scan.
4. Go to the Triggers tab.
5. Select an existing trigger and click Edit, or click New to create one.
6. Set it to run at a time when you rarely use your PC (for example, late at night or early in the morning).

Click OK to save your changes.

Exclude Large or Constantly Changing Folders From Scans

If you have:

• Very large folders (e.g., game libraries, virtual machines, databases), or
• Folders where files change constantly (e.g., development environments)

Defender may keep scanning them repeatedly, causing high CPU usage.

You can safely exclude specific folders you trust.

• Open Windows Security.
• Click Virus & threat protection.
• Under Virus & threat protection settings, click Manage settings.

• Scroll to Exclusions and click Add or remove exclusions.

• Click Add an exclusion > Folder.
• Select the folder you want to exclude and click Select Folder.

Use this carefully — only exclude folders you fully trust, such as:

• Game install folders
• Developer build folders
• Virtual machine directories

After adding exclusions, check if CPU usage drops.

Limit Windows Defender’s CPU Usage via Group Policy (Pro/Enterprise)

If you’re using Windows Pro, Enterprise, or Education, you can limit how much CPU Defender is allowed to use.

1. Press Windows + R, type gpedit.msc, and press Enter.
2. Go to:
   • Computer Configuration > Administrative Templates > Windows Components > Microsoft Defender Antivirus > Scan
3. Find Specify the maximum percentage of CPU utilization during a scan.
4. Double‑click it and select Enabled.
5. Set a value, such as 30.
6. Click Apply, then OK.

Restart your PC and check Task Manager again.

Note: This doesn’t stop Defender from scanning, but it prevents it from using 100% of your CPU during scans.

Scan for Malware With an Additional On‑Demand Tool

Ironically, high CPU usage can also be caused by malware interfering with Defender or hiding from it.

You can use a reputable on‑demand scanner (that doesn’t run in the background) to double‑check your system, such as:

• Microsoft Safety Scanner
• Malwarebytes Free (on‑demand only)

Install, update, and run a full scan. If threats are found and removed, restart your PC and observe Defender’s CPU usage again.

Reset Windows Security / Defender Settings

Corrupted Defender settings can lead to abnormal behavior, including constant scanning and high CPU usage.

You can reset the Windows Security app to its default state.

1. Press Windows + I to open Settings.
2. Go to Apps > Installed apps (or Apps & features on older versions).
3. Find Windows Security in the list.
4. Click it, then select Advanced options.
5. Click Reset, then confirm.

Restart your PC and check Task Manager once more.

Temporarily Disable Real‑Time Protection

If you urgently need CPU resources for a short period (e.g., rendering, gaming, or heavy work tasks), you can temporarily disable real‑time protection.

Important: This reduces your protection. Only do this briefly and turn it back on as soon as possible.

1. Open Windows Security.
2. Click Virus & threat protection.
3. Under Virus & threat protection settings, click Manage settings.
4. Turn off Real‑time protection.

Use your PC for the task you need, then return and re‑enable real‑time protection.

If turning this off immediately lowers CPU usage, Defender’s active scanning is the cause — use the earlier steps (like exclusions and scheduling) to manage it more safely.

Consider a Lightweight Third‑Party Antivirus

If Windows Defender continues to cause constant high CPU usage even after all troubleshooting, you can:

• Install a trusted third‑party antivirus that’s lighter on your system, and
• Allow it to take over as your main protection.

When a third‑party antivirus is installed correctly, Windows Defender usually automatically disables its real‑time protection to reduce CPU usage.

Make sure you:

• Only install security software from official websites.
• Uninstall any old or conflicting antivirus tools first.

When to Worry and When It’s Normal

Normal behavior:

• Defender uses high CPU for a short time during a scan or immediately after a big update.
• CPU usage drops back to low levels (under 5–10%) once the scan finishes.

Abnormal behavior:

• High CPU usage (30–100%) continues for hours.
• Your PC is constantly slow, even when idle.
• Fans are always loud, and the system feels hot.

If your situation matches the abnormal behavior, the fixes above should help bring things back to normal.

Frequently Asked Questions (FAQ)

1. Why is Antimalware Service Executable using so much CPU?
Antimalware Service Executable (MsMpEng.exe) uses high CPU when Windows Defender is actively scanning your system or updating definitions. Sometimes misconfigured schedules, large folders, or bugs can cause it to run longer than usual.

2. Is it normal for Windows Defender to use high CPU during a scan?
Yes. It’s normal to see high CPU usage during quick or full scans, or right after a Windows update. As long as it drops back to low levels after the scan finishes, it’s usually nothing to worry about.

3. How long should Windows Defender high CPU usage last?
On most PCs, Defender’s high CPU usage should last only a few minutes to an hour during a scan. If it stays high for several hours or all the time, there’s likely a configuration or system issue that needs fixing.

4. Is it safe to disable Windows Defender to reduce CPU usage?
Temporarily disabling real‑time protection is safe only for short periods and not recommended long term. It leaves your system vulnerable. Instead, adjust scan schedules, add safe exclusions, or limit Defender’s CPU usage.

5. Will installing another antivirus reduce Windows Defender CPU usage?
Yes, in many cases. When you install a reputable third‑party antivirus, Windows Defender usually turns off its real‑time protection, which can significantly reduce CPU usage. Just make sure you don’t run multiple real‑time antivirus tools at the same time.

6. Can corrupted system files cause Windows Defender high CPU usage?
Yes. Corrupted Windows components or Defender files can cause constant scanning and high CPU usage. Running SFC and DISM scans, or performing a repair install of Windows, can often resolve these deeper issues if other methods don’t help.