Share via

Disable stop or uninstall endpoint protection service

Marc Loranger 0 Reputation points
2026-04-18T16:26:08.4566667+00:00

Suddunly showed up in my task manager and consume large amount of cpu capability

Microsoft Security | Microsoft Defender | Other
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Q&A Assist
    2026-04-18T16:26:18.5833333+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    Endpoint Protection / Microsoft Defender Antivirus is the built-in security for Windows and should not be permanently disabled or uninstalled, but the high CPU usage can be reduced and the service can be checked.

    Follow these steps in order:

    1. Restart the device
    • Close all apps and restart Windows.
    • This often clears a stuck scan or service state that causes high CPU.
    1. Check the Windows Defender Antivirus service
    2. Press Win+R, type services.msc, and press Enter.
    3. Find Windows Defender Antivirus Service.
    4. Make sure Startup type is set to Automatic.
    5. In the Action menu, select Start.
      • If Start is greyed out, select Stop, wait for it to stop, then select Start again.
    6. Note any error messages that appear; if there are errors, contact Microsoft Support and provide those details.
    7. Remove conflicting third‑party security software (if present)
    8. Press Win+R, type appwiz.cpl, and press Enter.
    9. In Programs and Features, uninstall any third‑party antivirus or security suites.
    10. Restart the computer. Caution: While third‑party security software is removed and before Defender is fully working again, the device may be temporarily unprotected.
    11. Confirm the high CPU is from Defender
    12. Press Ctrl+Shift+Esc to open Task Manager.
    13. On the Details tab, check if MsMpEng.exe (Microsoft Defender Antivirus) is the process using high CPU.
    14. If the spike happens only during a scheduled scan, wait for the scan to complete and see if CPU returns to normal.
    15. If high CPU persists (advanced)
    • For admins, Microsoft Defender for Endpoint provides a troubleshooting mode and guidance:
      1. Confirm MsMpEng.exe is the cause in Task Manager.
      2. Capture activity with Process Monitor (ProcMon) during the CPU spike and identify specific files, folders, or processes causing heavy scanning.
      3. In an elevated PowerShell window, add targeted exclusions based on ProcMon findings, for example:
        • Set-MpPreference -ExclusionPath "C:\\Path\\To\\HeavyFolder"
        • Set-MpPreference -ExclusionExtension ".ext"
        • Set-MpPreference -ExclusionProcess "C:\\Path\\To\\App.exe"
      4. Re-check CPU usage after adding exclusions.

    Do not fully disable or uninstall Defender/Endpoint Protection unless another trusted enterprise security solution is in place and managed by an administrator, as this leaves the system exposed to malware.

    References:

    Was this answer helpful?

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.