Recently we are experiencing that this process is causing high CPU. On several portals I read that this is quite normal and even worse some suggestions goes to disable Defender. However, we use Defender for Endpoint as antivirus solution and disabling it is not an option. Any ideas and maybe possible solutions for this?
@davordmitric, as henryjs mentioned, it depends on when the high cpu usage occurs. If it's during a 'scheduled scan' (quick or full scan), then it would be expected. If it's not during a 'scheduled scan' or 'on-demand' scan, then there might be either an app compatibility where the app/script is doing something that MDE's AV (msmpeng.exe, Antimalware Service Executable, Microsoft Defender Antivirus Service, WInDefend) is observing. The Perf Analyzer for MDAV is the easiest way to figure out what's causing the high cpu usage. And where you could find what process/patch/extension you can add to provide relief.
Thank you both, henryj and Yong for reply. I have to say it did happen outside scheduled scan period hence raising question about CPU usage, which was in that time almost 50%. However, MDAV Pref Analyser should possibly give us more insight.
