Administration Adware Spyware Apache Bluetooth DOS Commands Edge General Internet Connection Internet Explorer Media Center Media Player Mozilla Firefox MS Access Performance PHP Programming Security Silverlight Tips Tools Tutorials Windows 10 Windows 7 Windows 8 Windows Phone Windows Server 2008 Windows Server 2012 Windows Server 2016 Windows Vista Windows XP

"MsMpEng.exe" Process on Windows 8

Q

What is the "MsMpEng.exe" process on Windows 8? Is the "MsMpEng.exe" process a virus? Can I terminate the "MsMpEng.exe" process?

✍: FYIcenter.com

A

"MsMpEng.exe - Antimalware Service Executable" process is a service that helps protect users from malware and other potentially unwanted software.

On the Processes tab of "Task Manager", "MsMpEng.exe" process may be listed as: 

Image Name   PID  User Name   Memory    Description

MsMpEng.exe  928  SYSTEM     07%  70,608 K  Antimalware Service Executable

Additional information about "MsMpEng.exe" process: 

Command line:
   c:\Program Files\Microsoft Security Client\MsMpEng.exe
   
Started by: service.exe

Files used:
   C:\Program Files\Microsoft Office 15\root\office15
   C:\Program Files\Microsoft Security Client\...
   C:\ProgramData\Microsoft\Microsoft Antimalware\...
   C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft
     \SystemCertificates\My
   C:\Windows\System32\drivers\MpFilter.sys
   C:\Windows\System32\drivers\NisDrvWFP.sys
   C:\Windows\System32\en-US\KernelBase.dll.mui
   C:\Windows\System32\en-US\WinSATAPI.dll.mui
   C:\Windows\System32\en-US\winhttp.dll.mui
   C:\Windows\System32\ntdll.dll
   C:\Windows\System32\ntkrnlpa.exe
   C:\Windows\Temp\TMP0000027AAE84E1DFC9C3A61E

Registry keys:
Key	HKCR\PROTOCOLS\Filter\text/xml
Key	HKCU\Software\Classes
Key	HKLM\SOFTWARE
Key	HKLM\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\...
Key	HKLM\SOFTWARE\Microsoft\EnterpriseCertificates\...
Key	HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN
Key	HKLM\SOFTWARE\Microsoft\Microsoft Antimalware
Key	HKLM\SOFTWARE\Microsoft\Security Center
Key	HKLM\SOFTWARE\Microsoft\SystemCertificates\...
Key	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\...
Key	HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion
Key	HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\...
Key	HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
Key	HKLM\SOFTWARE\MozillaPlugins
Key	HKLM\SOFTWARE\Policies
Key	HKLM\SYSTEM\ControlSet001\Control\Nls\Sorting\Versions
Key	HKLM\SYSTEM\ControlSet001\Control\Session Manager
Key	HKLM\SYSTEM\ControlSet001\Control\Session Manager\Environment
Key	HKLM\SYSTEM\ControlSet001\services\WinSock2\Parameters\NameSpace_Catalog5
Key	HKLM\SYSTEM\ControlSet001\services\WinSock2\Parameters\Protocol_Catalog9
Key	HKLM\SYSTEM\ControlSet001\services\crypt32
Key	HKU\.DEFAULT\Control Panel\International
Key	HKU\.DEFAULT\Software\Microsoft\SystemCertificates\...
Key	HKU\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion
Key	HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings
Key	HKU\.DEFAULT\Software\Policies
Key	HKU\.DEFAULT\Software\Policies\Microsoft\SystemCertificates

"MsMpEng.exe" process is not a virus. You can terminate "MsMpEng.exe" process, or disable the "Microsoft Antimalware Service". if it consumes too much CPU resources. And you enable and start "Microsoft Antimalware Service" later if you want it back.

 

⇒ "unsecapp.exe" Process on Windows 8

⇐ "ibmpmsvc.exe" Process on Windows 8

⇑ System Service Processes on Windows 8

⇑⇑ Windows 8 Processes Tutorials

2016-12-30, 1258👍, 0💬

Administration Adware Spyware Apache Bluetooth DOS Commands Edge General Internet Connection Internet Explorer Media Center Media Player Mozilla Firefox MS Access Performance PHP Programming Security Silverlight Tips Tools Tutorials Windows 10 Windows 7 Windows 8 Windows Phone Windows Server 2008 Windows Server 2012 Windows Server 2016 Windows Vista Windows XP