cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Limit Windows Defender CPU Usage

philippwree
Copper Contributor

‎Jul 09 2020 02:44 AM - edited ‎Jul 09 2020 02:46 AM

‎Jul 09 2020 02:44 AM - edited ‎Jul 09 2020 02:46 AM

Limit Windows Defender CPU Usage

I have the problem that our Clients use too much CPU during a FullScan. Actually, the usage is limited to 20%, but the setting seems to have no effect. Whether I set it via Configuration Manager or GPO, the result is the same.

 

Does anyone have a similar problem or even better... a solution?

 

HighCPU.PNG

79.7K Views
1 Like
17 Replies
Reply
17 Replies
Kapil Arya

‎Jul 11 2020 12:37 AM - edited ‎Feb 20 2024 04:54 AM

‎Jul 11 2020 12:37 AM - edited ‎Feb 20 2024 04:54 AM

Re: Limit Windows Defender CPU Usage

Hello @philippwree,

 

Refer this guide:

 

https://www.kapilarya.com/limit-cpu-usage-during-a-windows-defender-scan

 

Let us know if this helps! 

 

Note: Included link in this reply refers to blog post by a trusted Microsoft MVP.

 

*This reply was updated to make sure it is valid.

1 Like
Reply
mongrel15

‎Jul 14 2020 08:58 AM

‎Jul 14 2020 08:58 AM

Betreff: Limit Windows Defender CPU Usage

Have the same problem as @philippwree!

In the Configuration Manager, we defined a CPU load of 30% for our windows servers in the default defender policy. The setting has also been correctly transmitted to the agents.

Checked local via powershell "Get-MpPreference" and in the registry "HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows Defender \ Scan \ AvgCPULoadFactor". The values ​​are correctly limited to 30%.

 

Despite the throttling, the process "MsMpEng.exe" uses up to 100% CPU for scheduled and manual defender scans (full and quick).

 

Possibly a bug in a microsoft defender update?

0 Likes
Reply
mongrel15

‎Aug 31 2020 03:08 AM

‎Aug 31 2020 03:08 AM

Re: Limit Windows Defender CPU Usage

Did you find any solution for the Windows Defender problem @philippwree?

 

We are currently distributing the load on our host by running the scans of the VMs at different times. However, we still have the problem with the load on the CPU.

0 Likes
Reply
Daniel_Larsson

‎Oct 14 2020 01:12 AM

‎Oct 14 2020 01:12 AM

Re: Limit Windows Defender CPU Usage

@philippwree We have the same issue, CPU limit is completely ignored. Is there a solution anywhere? iv been searching but cant find anything usefull

0 Likes
Reply
mongrel15

‎Oct 14 2020 05:44 AM - edited ‎Oct 14 2020 06:06 AM

‎Oct 14 2020 05:44 AM - edited ‎Oct 14 2020 06:06 AM

Re: Limit Windows Defender CPU Usage

@Daniel_Larsson In your antimalware policy under “Scheduled Scans”, switch the option “Start a scheduled scan only when the computer is idle” to no. That solved the problem for us.
It seems that the check by Microsoft is flawed. If Endpoint thinks the system is idle, he ignores the CPU limit.

 

1329E006-9EF4-4761-B969-6E6C6AB87146.jpeg

0 Likes
Reply
AJP123

‎Jan 15 2021 04:51 AM

‎Jan 15 2021 04:51 AM

Re: Limit Windows Defender CPU Usage

@mongrel15 

Changing the following setting to NO doesn't make any difference for us -  "Start a scheduled scan only when the computer is idle” / "“ScanOnlyIfIdle”  doesn't make any difference for us.

 

I tried setting "AvgCPULoadFactor"n in the registry to 1% and it would still hit up to 68%.

 

0 Likes
Reply
Salbert89

‎Apr 13 2021 05:14 AM - edited ‎Apr 13 2021 05:15 AM

‎Apr 13 2021 05:14 AM - edited ‎Apr 13 2021 05:15 AM

Re: Limit Windows Defender CPU Usage

@AJP123 

Hey,

based on the docs article for Set-MpPreference, its not a hard limit, see text below.

 

Set-MpPreference (Defender) | Microsoft Docs

 

-ScanAvgCPULoadFactor

Specifies the maximum percentage CPU usage for a scan. The acceptable values for this parameter are: integers from 5 through 100, and the value 0, which disables CPU throttling. Windows Defender does not exceed the percentage of CPU usage that you specify. The default value is 50.

Note: This is not a hard limit but rather a guidance for the scanning engine to not exceed this maximum on average.

0 Likes
Reply
Andrew Porter

‎Apr 13 2021 05:51 AM

‎Apr 13 2021 05:51 AM

Re: Limit Windows Defender CPU Usage

@Salbert89 Thanks, yes. There were two microsoft docs related to this setting. One said it was a hard limit and one said it was not. I contributed to both docs about the difference and they changed the one that said it was a hard limit to say it wasn't.

0 Likes
Reply
Daniel_Larsson

‎Apr 13 2021 06:15 AM

‎Apr 13 2021 06:15 AM

Re: Limit Windows Defender CPU Usage

@Salbert89  It really should be a hard limit though... 

 

I have a bunch of HP computers that completely ignores it and becomes useless everytime they run a fullscan. It's not model specific, OS specific or anything else from what we can tell, its like 1 in 50 machines just does not give a ****. We can tell they have all the settings, but it just goes to 99% CPU and stays there... leaving the users to get angry and restarts the computers to be able to continue working.

 

I have looked all over the internet for a solution to this, and tried them all, Nothing works.

 

0 Likes
Reply
MAlv68

‎May 05 2021 12:35 PM

‎May 05 2021 12:35 PM

Re: Limit Windows Defender CPU Usage

I also have the same issue. I understand that the value set in -ScanAvgCPULoadFactor is not a "hard value" but is used as an average for the duration of the scan. (-ScanAvgCPULoadFactor Specifies the maximum percentage CPU usage for a scan. The acceptable values for this parameter are: integers from 5 through 100, and the value 0, which disables CPU throttling. Windows Defender does not exceed the percentage of CPU usage that you specify. The default value is 50.

Note: This is not a hard limit but rather a guidance for the scanning engine to not exceed this maximum on average.)

However, when the process utilizes 90% and above for several minutes, I find it hard to believe that the average will fall below my customized threshold of 30%. Is there a performance log that can be checked after a scan completes?

Thanks!
0 Likes
Reply
Andrew Porter

‎May 05 2021 01:05 PM

‎May 05 2021 01:05 PM

Re: Limit Windows Defender CPU Usage

@MAlv68 I had a ticket open with Microsoft support for months about this but didn't get anywhere. The one useful comment was that a manually run scan will ignore any CPU limits like  ScanAvgCPULoadFactor. 

1 Like
Reply
MAlv68

‎May 05 2021 01:23 PM

‎May 05 2021 01:23 PM

Re: Limit Windows Defender CPU Usage

@Andrew Porter 

Thanks Andrew! I was wondering about "manual" scans vs. "Scheduled" scans. I appreciate your information. Seems kind of strange that there would be a difference but I understand it. Thanks again!

0 Likes
Reply
Andrew Porter

‎May 05 2021 01:56 PM

‎May 05 2021 01:56 PM

Re: Limit Windows Defender CPU Usage

I've posted a change to the Microsoft Docs on this, hopefully they will confirm whether the Microsoft Support Expert was right. Very hard to test changes against scheduled full scans though.
0 Likes
Reply
Rob Nicholson

‎Aug 07 2021 04:56 AM

‎Aug 07 2021 04:56 AM

Re: Limit Windows Defender CPU Usage

>The one useful comment was that a manually run scan will ignore any CPU limits like ScanAvgCPULoadFactor.

I concur with this. I run a full scan of my client's file server manually each month. Normally do it over the weekend because despite having this value set to 10, a full scan flatlines the dual vCPU cores for about 30 hours.

This needs fixing!
0 Likes
Reply
rahul_malgun

‎Feb 19 2024 10:37 AM

‎Feb 19 2024 10:37 AM

Re: Limit Windows Defender CPU Usage

@Rob Nicholson 

 

Hello is there any fix for the windows server 2016 , high cpu utilization as we are still facing the issue. antimalware service executable is taking more than 80 % for our production environment

0 Likes
Reply
rahul_malgun

‎Feb 20 2024 02:11 AM

‎Feb 20 2024 02:11 AM

Re: Limit Windows Defender CPU Usage

Hello do we got any solution for the cpu utilization which is consuming more than 80 % for the antimalware service executable ?
0 Likes
Reply
DanXC

‎Feb 20 2024 09:38 AM

‎Feb 20 2024 09:38 AM

Re: Betreff: Limit Windows Defender CPU Usage

Yes... It would be great if the setting actually worked, eh?
:(
0 Likes
Reply