Last week i had several Servers on 100% CPU load.

100% CPU

100% CPU load due to msmpeng.exe

Since most of the servers were in Production I had to act quickly so i added them to SCEP Exclusion settings:

Excluded files and folders:
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\ProgramData\Microsoft\Microsoft Antimalware

And also Excluded processes:
MsMpEng.exe

After i had time to investigate more, i found out that MsMpEng.exe was scanning quite a lot the %windir%\System Volume Information\DFSR

So i added the \System Volume Information\DFSR to exceptions also.

The problem was fixed and it did not appear anymore.

 

 

Follow on Feedly