Tuesday, August 7, 2012

MsMpEng.exe Hell

MsMpEng.exe is the antispyware component of Microsoft Defender antivirus software suite.  It's also part of the commercial Microsoft ForeFront antivirus software suite.

I run a Intel Core i5 M520 dual core processor running at 2.40 GHz, however, when MsMpEng.exe kicks in, the CPU utilization spikes to 100%.  The system becomes completely unresponsive until MsMpEng.exe completes.

Supposedly there's a log file somewhere that indicates which files MsMpEng.exe is scanning that is an expensive operation, but I haven't been able to find it, but adding processes to the list of processes to ignore has eliminated the problem of the system being unresponsive.

To add processes to the ignore list, goto Home -> Tools -> Options and scroll down to the bottom of the Options page.

I've been adding processes steadily and here's my list of processes to ignore:
  • googledrivesync.exe - GoogleDrive
  • communicator.exe - Microsoft Lync
  • crecplayer.exe - Microsoft Lync
  • devenv.exe - Microsoft Visual Studio
  • MsDtsSrvr.exe - Microsoft SQL Server
  • msmdsrv.exe - Microsoft SQL Server
  • ReportingServicesService.exe - Microsoft SQL Server
  • sqlservr.exe - Microsoft SQL Server
  • VBoxSVC.exe - VirtualBox
  • VirtualBox.exe - VirtualBox
  • SkyDrive.exe - Microsoft SkyDrive
  • googletalk.exe - GoogleTalk
  • mstsc.exe - Microsoft Terminal Server Client
  • tvnserver.exe - TightVNC Server
  • vncviewer.exe - TightVNC Client

1 comment:

  1. Thanks for this post! I have been having this problem with Msmpeng.exe slowing things down for a while and it was driving me crazy! Every time I would download a file from say giveawayoftheday.com or a video from Youtube (firefox extension "downloadhelper" works great for that), msmpeng.exe would kick in and start using up between 50 - 95 % of my CPU during the download and for about 2 - 5 minutes afterwords slowing even typing to a crawl. I tried googling a bunch of stuff to fix the problem that said to exclude some folders, re-install MS Security Essentials, etc. etc. which I did but to no avail. I never even thought about excluding processes (doh!) until I read your post. I then started up task manager in Windows 7 and excluded any process that I thought had to do with any possible traffic with the internet like windows live mail (one I strongly suspected) and a few others. And presto magico problem solved!

    Thank you, you have made my day and saved my sanity!

    Bill

    ReplyDelete