msmpeng.exe

Discussion in 'PC' started by Helvetica, Feb 16, 2021.

Tags:
  1. Helvetica

    Helvetica Producer

    Joined:
    Jul 21, 2017
    Messages:
    170
    Likes Received:
    115
    Location:
    US
    Hi,

    Clean windows install, Ableton 10, Fabfilter, Waves, TruePiano, all releases from R2R. No other software installed except browser and notepad.

    I recently noticed my hexa-core going absurdly hard on cycles per second. Apparently only 20% of CPU RAM and SSD are being used at maximum, but it really, really ... does not sound like it. Windows Defender seems to be the one causing the spike. Well, falsely enough, since it uses around 100mb of RAM, which is nothing. So I do not really know what is going on under the hood. No updates either.

    Since Task Manager can't really give me an accurate look at what is going on. Could I be infected?

    Is this a chance of malicious code being run outside of the OS's reachability?

    Thanks.

    Update: Found a newly created folder named Windows Defender Advanced Threat Protection in C:/Program Files

    Which is not the same as the original Windows Defender. It has different modification dates and includes .exe's related to Sense.

    Is this legit? I have never heard of this folder separation before.

    Look at its resources now:

    [​IMG]

    I am thinking of a Botnet ongoing process OR one of my plugins is behaving angrily since it must've checked if its genuine.

    How can I make sure no extra malicious bits are added to one of those uploaded mirrors? SHA-512 sumchecks?
     
    Last edited: Feb 22, 2021
  2.  
  3. SEnki

    SEnki Producer

    Joined:
    May 22, 2013
    Messages:
    165
    Likes Received:
    148
    Just create exceptions for your vst folder in windows defender. Also add the windows defender directory as an exception and disable automatic scans. Windows defender has a tendency to scan itself an cause high cpu usage.
     
  4. Helvetica

    Helvetica Producer

    Joined:
    Jul 21, 2017
    Messages:
    170
    Likes Received:
    115
    Location:
    US
    So you think MS Defender is doing all the work? Or could a foreign process use camouflage in order to look like a genuine antimalware process, even inject it?


    It seems dull to me that task manager does not detect any high activity whatsoever.
     
    Last edited by a moderator: Feb 16, 2021
  5. Ozuna baby

    Ozuna baby Ultrasonic

    Joined:
    Feb 11, 2021
    Messages:
    74
    Likes Received:
    27
    Sorry but if only 20% of cpu is being used, how do you know your cpu is working "too hard"? where do you see this spike?
     
  6. Smoove Grooves

    Smoove Grooves Audiosexual

    Joined:
    Jan 26, 2019
    Messages:
    5,209
    Likes Received:
    1,980
    "dull"?
    In your op you said that 20% was used but that it seems like way more, yeah?
     
  7. The Pirate

    The Pirate Audiosexual

    Joined:
    Dec 20, 2018
    Messages:
    5,183
    Likes Received:
    4,405
    Location:
    NOYMFB
    Are you looking at processes from all users? Is Windows indexing/search disabled?
     
  8. danfuerth

    danfuerth Kapellmeister

    Joined:
    Mar 1, 2012
    Messages:
    235
    Likes Received:
    68
    "The Microsoft Malware Protection Engine is like an angry ex wife taking you to the cleaners"

    Grab a copy of Puppy Linux, install it to a small flash usb drive , boot it and delete that "Call center scam" garbage out of your machine.

    My Windows 10 Desktop has ZERO CPU activity for days on end if I don't use the system.
    In fact on a system that is not running anything ( like serving ) Zero CPU activity should be seen.
    The issue is Microsoft is being ran and Windows 10 is developed now by a a bunch of Call Center scammers who are turning Windows 10 into a Call Center Scam tool for them.

    With that Puppy Linux boot flash drive Delete Cortana and the Microsoft Malware Protection Engine.
     
    • Like Like x 3
    • Disagree Disagree x 3
    • Funny Funny x 1
    • Winner Winner x 1
    • List
  9. Sampling

    Sampling Newbie

    Joined:
    Feb 17, 2021
    Messages:
    1
    Likes Received:
    0
    :wink:Thanks for the tips
     
  10. Ozuna baby

    Ozuna baby Ultrasonic

    Joined:
    Feb 11, 2021
    Messages:
    74
    Likes Received:
    27
    Cortana might be shit, Windows might have too many hidden processes running, but Microsoft Malware Protection Engine is needed if you use that PC online and/or with not retail softwares. It would be really silly to delete it. Furthermore a normal user is probably not able to go and find Cortana and other single components inside Windows system folders without breaking the OS.....
     
  11. Helvetica

    Helvetica Producer

    Joined:
    Jul 21, 2017
    Messages:
    170
    Likes Received:
    115
    Location:
    US
    Ventilation is as lousy as it can get on idle.

    Correct. Dull, odd, you get the point.

    I looked at all users as well. Windows search is disabled.

    It seems undetectable.
     
  12. Howard Carpendale

    Howard Carpendale Platinum Record

    Joined:
    Feb 2, 2021
    Messages:
    594
    Likes Received:
    247
    Location:
    .de
    9968
    [​IMG]
     
  13. Howard Carpendale

    Howard Carpendale Platinum Record

    Joined:
    Feb 2, 2021
    Messages:
    594
    Likes Received:
    247
    Location:
    .de
    Make win10 proper before you begin to install .
    A lot of tools out there to make win10 more proper without modifying the initial ISO too .
    OR do this when you skipped the above part .
    TURN OF PSEUDO DEFENDER - TURN OF SENSELESS UPDATES (99,5 crap)
    Search forum threads for win 10 modification or better repair:winker:,
    or use a oprekin lite , or or or .

    ps. Always state your OS and specs and if you unfortunately have a online workstation or not . :trolls:

    Do you have tutorial link for that ?
    Which version you are using ?
    [​IMG]
     
    Last edited: Feb 18, 2021
  14. Helvetica

    Helvetica Producer

    Joined:
    Jul 21, 2017
    Messages:
    170
    Likes Received:
    115
    Location:
    US

    Windows 10 LTSC. When working on music I have no internet attached.

    On idle or web browsing I do.

    Chrome is not the resource taker in this case.
     
  15. danfuerth

    danfuerth Kapellmeister

    Joined:
    Mar 1, 2012
    Messages:
    235
    Likes Received:
    68
    Grab the Ubuntu Focal 64 ( latest and it's based on Ubuntu so the same look inside)

    To install the ISO to a flash drive there are many tools of course here is the simplest one

    Google Rufus usb tool ( freeware)

    1 gb flash drive is all you need. Install the ISO to it and check "Make it bootable"
    Once booted off the usb drive mount the partitions for your windows drive
    go in there and take a look at here :

    %ProgramFiles%\Windows Defender\
    rename msmpeng.exe to msmpeng.bk

    NOTE:

    On new Win10 updates those files were changed ( this had to do with people like me who told MS to F OFF)
    so they moved the files to here now
    %ProgramData%\Microsoft\Windows Defender\Platform\

    Do the same thing rename the extension to .bk

    WARNING MAKE SURE TO UNMOUNT the Partitions for your Windows drives, before rebooting back to Windows.

    One thing here that I guarantee almost none of you know ( let's hope not!!) is the Secret folder ( invisible and no rights to admin ( installed from micropimp as trusted installer) where Cortana and all the other BS microPIMP apps are located ( more like hidden)

    You need to make hidden files and folders visible from Folder Options
    then head to here :



    C:\Program Files\WindowsApps\
    This is where all the Cortana, Xbox and other crap is located.

    In Puppy linux you can see this folder.
    In Windows you need to take ownership of that folder so you can delete files and folder inside of it.

    Every Windows Desktop or Laptop I have I always add the Right Click "Take Ownership" to my right click menu

    Google "take ownership windows 10 right click"

    Open the "Tenforums" site

    Download the
    Add_Take_Ownership_to_context_menu.reg

    double click to add it to your registry. If you are curious about what is inside this reg file ( how it works)
    right click and EDIT registry file, windows notepad will open it so you can see what it does.

    I never used a desktop unless I have this right click option available due to copying files from multiple systems which could have rights from other systems on the files.
     
    Last edited: Feb 18, 2021
    • Like Like x 2
    • Useful Useful x 1
    • List
  16. Ozuna baby

    Ozuna baby Ultrasonic

    Joined:
    Feb 11, 2021
    Messages:
    74
    Likes Received:
    27
    Dude...ventilation does not equal cpu usage. loud ventilation happens for 3 reasons:

    1) badly configured fan profiles (or not configured at all)
    2) Cpu reaching high temperatures
    3) Fans starting to break or just being crap fans

    - For point 1, you can download your mobo software, usually they offer fan config profiles.
    - For point 2, change thermal paste on your cpu, remove any trace of dust from your case, add an extra intake fan mby if you have only 1. (You can monitor cpu temperatures with programs like "CPUID HWMonitor", in which you can also get a clue of your mobo, gpu and disks temperatures.
    - For point 3 check the speed of your fans, if they spinning low rpm but still make hell of a noise, they are probs breaking. search on youtube for videos of people showing fans breaking noise so you can get a clue of how that sounds like.

    For sure the solution is not modifying windows. I have normal windows and my pc is super silent. Is microsoft messing on purpose with you? Obviously no. Rather be careful with what you install, and with how you install drivers and updates. It's much more likely that you may have a virus than microsoft messing up your OS. Viruses do not only come from audio software, also weird websites can get a malware on your machine.

    For me windows updates are essential, especially the big ones. Just to mention one, for example, thanks to windows update 2004, I can now use more VRAM when using my simulator.
     
  17. Haliax

    Haliax Guest

    Should really be done every 3 years for efficiency, thermal paste doesn't last forever and becomes less efficient over time.
     
    • Useful Useful x 2
    • Like Like x 1
    • List
  18. Helvetica

    Helvetica Producer

    Joined:
    Jul 21, 2017
    Messages:
    170
    Likes Received:
    115
    Location:
    US
    Thank you for your time. Does this apply to my model being a laptop? 8750h's temperatures are not that ideal when rendering 3d objects. Which I do not posses knowledge of, nor do.

    I agree. Getting a virus would, in the long run, be the one held responsible for unwanted system alterations rather than Microsoft's spyware.
     
  19. Bad Noyz

    Bad Noyz Noisemaker

    Joined:
    Dec 13, 2016
    Messages:
    7
    Likes Received:
    3
    I noticed the same case on my pc, I could discover that it was caused by Waves processes that were activated whether or not I was using a waves plugin, as I don't really use waves extensively, I uninstalled and problem solved.
     
    • Like Like x 1
    • Interesting Interesting x 1
    • List
  20. Ozuna baby

    Ozuna baby Ultrasonic

    Joined:
    Feb 11, 2021
    Messages:
    74
    Likes Received:
    27
    Actually it should be done every year, and dust removal every 6 months (if you have a good case with dust filters) or every 3/4 months with a crappy case without filters. But people are just lazy and most will prefer to wonder about their pc burning up instead of opening it up and watching tutorials on how to change thermal paste :D

    It applies to every type of computer. Laptops have fans too, just they are a lot harder to open up and do maintainance on. I would suggest you try this:

    - Step 1: find tutorials and do research on your particular model, on how to open it safely, how many fans are there inside and where and on how to change thermal paste.

    - Step 2: If you think you can do it without breaking everything, get onto it. Otherwise maybe ask a friend that knows more than you about pc, or just limit yourself to cleaning dust from fans (you can do it with compressed air spray, and a vacuum cleaner nearby to avoid dust spreading all over the room xD )

    -Step 3: If you can, backup your data, and do a fresh windows install (with original windows from microsoft media creation tool, you can google this too if you don't know how to do it, it's quite easy). In the new OS only put original software + R2R releases. Make sure you install the usual Microsoft Visual C++ 2015-2019 Redistributables. Also make sure that you use an adblocker to avoid too much crap from websites (like Ublock Origin, it's a good one).

    - Step 4: Update all drivers from your laptop brand website (eg. asus, acer, whatever it is your pc, on your laptop model page you will find all drivers and relevant software).

    - Step 5: after installing all drivers, search for possible fan tuning softwares that came with the drivers. Most brands put one in the package nowadays. (for example, asus has Fan Xpert2, in which you can set "silent mode". Really good if you need to record something in the same room of the pc).

    At this point, after you have done maintainance on your hardware, and installed a new windows, if you still have fans spinning too fast or making too much noise, they are probably just starting to break, or your laptop is too old and is overheating too fast.

    I am a laptop hater though, always felt that paying double for half the performances, just to have something that I can carry with me makes little sense :)

    @Bad Noyz That's why I would suggest to wait for R2R versions of Waves, instead of installing P2P or stuff coming from other sources :)
     
  21. muciones

    muciones Kapellmeister

    Joined:
    May 11, 2015
    Messages:
    145
    Likes Received:
    50
    It is the retarded Ableton's Indexing. Disable that shit from task manager and will be OK. Also check to be on Performance Mode, in Power settings.
    Ableton is dumb with resources.
     
Loading...