What is the "MsMpEng.exe" process on Windows 8? Is the "MsMpEng.exe" process a virus? Can I terminate the "MsMpEng.exe" process?

"MsMpEng.exe - Antimalware Service Executable" process is a service that helps protect users from malware and other potentially unwanted software.

On the Processes tab of "Task Manager", "MsMpEng.exe" process may be listed as:

Image Name   PID  User Name   Memory    Description

MsMpEng.exe  928  SYSTEM     07%  70,608 K  Antimalware Service Executable

Additional information about "MsMpEng.exe" process:

Command line:
   c:\Program Files\Microsoft Security Client\MsMpEng.exe
   
Started by: service.exe

Files used:
   C:\Program Files\Microsoft Office 15\root\office15
   C:\Program Files\Microsoft Security Client\...
   C:\ProgramData\Microsoft\Microsoft Antimalware\...
   C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft
     \SystemCertificates\My
   C:\Windows\System32\drivers\MpFilter.sys
   C:\Windows\System32\drivers\NisDrvWFP.sys
   C:\Windows\System32\en-US\KernelBase.dll.mui
   C:\Windows\System32\en-US\WinSATAPI.dll.mui
   C:\Windows\System32\en-US\winhttp.dll.mui
   C:\Windows\System32\ntdll.dll
   C:\Windows\System32\ntkrnlpa.exe
   C:\Windows\Temp\TMP0000027AAE84E1DFC9C3A61E

Registry keys:
Key	HKCR\PROTOCOLS\Filter\text/xml
Key	HKCU\Software\Classes
Key	HKLM\SOFTWARE
Key	HKLM\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\...
Key	HKLM\SOFTWARE\Microsoft\EnterpriseCertificates\...
Key	HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN
Key	HKLM\SOFTWARE\Microsoft\Microsoft Antimalware
Key	HKLM\SOFTWARE\Microsoft\Security Center
Key	HKLM\SOFTWARE\Microsoft\SystemCertificates\...
Key	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\...
Key	HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion
Key	HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\...
Key	HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
Key	HKLM\SOFTWARE\MozillaPlugins
Key	HKLM\SOFTWARE\Policies
Key	HKLM\SYSTEM\ControlSet001\Control\Nls\Sorting\Versions
Key	HKLM\SYSTEM\ControlSet001\Control\Session Manager
Key	HKLM\SYSTEM\ControlSet001\Control\Session Manager\Environment
Key	HKLM\SYSTEM\ControlSet001\services\WinSock2\Parameters\NameSpace_Catalog5
Key	HKLM\SYSTEM\ControlSet001\services\WinSock2\Parameters\Protocol_Catalog9
Key	HKLM\SYSTEM\ControlSet001\services\crypt32
Key	HKU\.DEFAULT\Control Panel\International
Key	HKU\.DEFAULT\Software\Microsoft\SystemCertificates\...
Key	HKU\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion
Key	HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings
Key	HKU\.DEFAULT\Software\Policies
Key	HKU\.DEFAULT\Software\Policies\Microsoft\SystemCertificates

"MsMpEng.exe" process is not a virus. You can terminate "MsMpEng.exe" process, or disable the "Microsoft Antimalware Service". if it consumes too much CPU resources. And you enable and start "Microsoft Antimalware Service" later if you want it back.

⇒ "unsecapp.exe" Process on Windows 8

⇐ "ibmpmsvc.exe" Process on Windows 8

⇑ System Service Processes on Windows 8

⇑⇑ Windows 8 Processes Tutorials