Tuesday, June 2, 2015

Microsoft Antimalware has 100% CPU load on the Primary Site server

Recently I did some maintenance on a existing ConfigMgr 2012 R2 environment. On the Primary Site server, which was very slow, I started task manager and see a 100% CPU usage. This because of the MsMpEng.exe proces which is the Antimalware Service. Strange because there are already some exceptions in place.

After adding some additional exclusions everthing went fine again. Just add the following exclusions for that:
Excluded files and folders:
-C:\Program Files\Microsoft Security Client\MsMpEng.exe
-C:\ProgramData\Microsoft\Microsoft Antimalware

Excluded processes:
-C:\Program Files\Microsoft Security Client\MsMpEng.exe

Much better this way. Still strange I didn't see this behavior before! When you have 100% CPU load on the Primary Site server (or other systems) too, just add this exclusions. Hope it helps!

Update: After one day the server is still in responsive state.


  1. What do you mean by add exclusions?

    1. You can add exclusions in an anti-malware policy. That way the files and process is skipped during scanning.