I'm having trouble with the MsMpEng.exe process, which is Windows Defender. I've tried using schtasks to run a batch file as SYSTEM to taskkill it with the command "taskkill.exe /F /IM MsMpEng.exe >foo.txt 2>&1". Unfortunately, foo.txt just says "Access is denied," and I can't even kill it from Task Manager. I've verified that Tamper Protection was disabled in Virus & Threat Protection prior to this. Is there a specific trick or method to restart this stubborn process? I don't want to disable it permanently—just to refresh it since it seems to have leaked a ton of memory, about a gig or so.
3 Answers
MsMpEng.exe is Windows Defender, and it's designed to prevent itself from being killed for security reasons. Your approach of running a script to force-terminate it might not be the best. Instead, consider checking what might be triggering it to use so much memory. High usage isn’t uncommon, but if you think it's abnormal, there could be something else causing it to misbehave.
What you’re experiencing isn't unusual; Defender's memory usage can spike due to on-demand scans or other processes triggering it. Also, keep in mind that it's running at a higher privilege level than the SYSTEM account. One thing you could consider is looking into performance metrics or checking for any triggers as outlined in Microsoft's forums for a deeper understanding.
The memory issue might also suggest a memory leak rather than just regular usage spikes. Perhaps resetting the Windows Defender settings might help, as it can rejuvenate the service. Ultimately, you have the final say over what runs on your machine!
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures