Is Antimalware Service Executable a Virus? Is it Safe? How to Solve the Issue?

Is Antimalware Service Executable a Virus? Is it Safe? How to Solve the Issue?
Antimalware Service Executable

Antimalware Service Executable runs in the background and is associated with Windows Defender. It is a process that helps to check files and detect any presence of malware. But, before going on further into the details, you need to know what Windows Defender is. 

It is a build-in Microsoft Antivirus of Windows 10 and the Antimalware Service Executable helps by identifying defaults in your system. Thus, you can say that it is a part of the Windows Operating System. And, its file name is MsMpEng.exe. 

The Windows Defender ensures that all the users have an Antivirus installed already. Another feature is that if you have an outdated Antivirus, Windows 10 will activate Windows Defender after deactivating the outdated Antivirus. For any security application that the Windows Defender needs, the Antimalware Service Executable is responsible for that. 

The Function of Windows Defender and its Location 

You will be able to find this on the Processes tab in the Task Manager. To check the history and scan performance you need to go to the Windows Defender Security Centre application. If you want to open it, then you have to go to the Start menu and use the shortcut key. 

On the Taskbar in the Notification section, you will see the Shield icon. Right-click on the icon and open it. Or, you can also go to the Settings, and select the Update And Security option followed by Windows Defender. And, then open the Window Defender Security Centre. 

Issues Reported due to Antimalware Service Executable

There are some issues that the users face while handling Antimalware service executable. The reported issues are given below:

  • Many users have reported that it causes high memory usage and memory leak. And, to solve this particular problem you have to disable Microsoft Defender.
  • It also uses high CPU and disk usage. The fixes of this problem are listed in the next subheading. 
  • Issues the users face are only in Windows 8.1 and Windows 7. But, you should still know how to fix the problem. 
  • As it is running all the time in the background, it slows down the computer. Though by using some easy fixes you will be able to solve it.

High CPU Usage

As already discussed, Windows Defender performs regular scanning and thus Antimalware Service Executable uses most of the CPU or disk resources. The extra space usage can be the indication that it is occupied by the large files, for new malware reports from install updates. And, it is also required to scan files when you open them. 

However, as already mentioned the Antimalware Service Executable process is performing background scanning, but it may still use CPU resources. If you want to fix the high CPU usage then there are three prominent fixes. You can try any of them and fix the usage problem of the CPU. 

  1. The schedule needs to be changed

Over here the Real-Time Protection feature is held responsible for the default extra space. So, to fix the problem you just have to fix the Windows Defender’s Schedule List. First, you need to hold the Windows and R key together to display the Run dialog box. 

After the Run dialog box appears, in the space you have to type ‘taskschd.msc’ and click the Enter button. Task Schedule dialog box will appear on your screen. Click on Microsoft Windows option. Now, in the Windows option search for Windows Defender, you just need to click on it. 

Now, again you need to click on the Window Defender Scheduled Scan. Further, select the General option and scroll down to uncheck the Highest Privileged. Lastly, go to the Conditions option and uncheck the section, and then click on the OK button. 

  1. Stop the Windows Defender

You have to keep in mind that you need to install Anti-Malware for your computer before disabling Windows Defender. You need to hold the Windows and R key together to open the Run dialog box. 

Now, in the space type ‘regedit’ and click OK, the Registry Editor will open on the screen. You have to click on the folder beside the Navigation Pane. Again, click on the Disable Antispyware and then set 1 as its value.

  1. In the Exclusion list of the Windows Defender add Antimalware Service Executable

First, you need to hold the Windows and I key to open the Settings window and click on the Update And Security option. Then, click on the Windows Defender and lastly click on the Add An Exclusion. Then, you need to scroll down and click on the ‘exclude a .exe, .com or.scr process’. 

In the given space you have to type ‘MsMpEng.exe’, and then click OK. At last, you just have to add an Antimalware Service Executable, and you will see that the error is fixed.  

Methods to Stop the Antimalware Service Executable

There are few tried and tested ways to stop the antimalware service executables. One or two methods are quite similar to the high CPU usage fixes step.

  1. You need to halt Microsoft Defender

To disable Microsoft Defender, there are two ways either by Register Editor or Command Prompt. For Registry Editor, you have to first go to the Run dialog box by pressing the Windows and R key. Then, in the space type ‘regedit’ and click OK. The Registry Editor will be on your screen and you have to click on the folder next to the Navigation Pane. Lastly, disable Antispyware and set 1 as the value.          

For Command Prompt, you need to search for cmd, and then click on the Run as Administrator in the Command Prompt. Now, type the given command below –

 ‘REG ADD “hklm\software\policies\microsoft\windows defender” /v DisableAntiSpyware/tREG_DWORD/d 1/f’ 

and then click Enter. After the command, you will see that Microsoft Defender will be disabled.

  1. Third-party antivirus

You can also go for installing third-party antivirus. If you see that you are facing a problem with the Antimalware Service Executable, then you can install a third-party antivirus. Download it and click on Scan Now to detect the problem. 

  1. Use Group Policy Editor

You have to hold the Windows and R key together. After the Run dialog box appears, in the blank you have to type ‘pedit.msc’ and press Enter. It will open the Group Policy Editor. On the left, type the given command below –

Computer Configuration/Administrative Templates/Windows Components/Microsoft Defender Antivirus/Real-time Protection

Now, double click the Turn Off Real-time Protection option. Then, you will see the Enable option. Select the option and click Apply followed by OK, then disable Microsoft Defender. 


Detailed information about Antimalware Service Executable is given in this guide. The issues that the user commonly faces are also given and you can go through how to disable them through the step by step process. Thus, now you have complete knowledge about Antimalware Service Executable, so act accordingly to avoid further problems.