All programs and services that run on the computer load their own process on the PC. This is the indication that something is running, it allows us to know details about its operation (such as CPU or RAM use) and gives us certain information about it, as well as control to be able to close it by force if we do not want it to run or It has been locked. Having controlled the processes of our PC allows us to know what is running and avoid having unwanted software loaded on the PC. However, there are always some processes that we may not know well and make us think that we have malware on our PC. And one of them is Antimalware Service Executable .
What is the Antimalware Service Executable process
Antimalware Service Executable is a Windows process. Unless it has been modified by some other software, this process is 100% legitimate and reliable, we do not have to worry if it is loaded in memory. This process is related to Windows Defender and the different security measures that Windows 10 includes as standard. Contrary to what many may think, it is not a fake antivirus installed on Windows , or a virus posing as Windows software. security. This is a Windows-specific legal process.
This process is loaded by the “MsMpEng.exe” executable of the operating system. Because Windows Defender is integrated into the Windows kernel itself (unlike what happens when we install independent security software), this process will always be loaded in memory, even when we use a third-party antivirus.
Generally, this process does not consume resources on the PC while it is idle. It will only use CPU, RAM and disk when we launch a system scan for threats. But it may happen that, for various reasons, this process triggers your resource consumption and makes your PC slow.
Prevent MsMpEng.exe from consuming a lot of CPU or RAM
If we use Windows Defender as the main antivirus, this process can trigger its consumption when it is analyzing the security of our PC. For example, when we download files from the Internet, we unzip a file or when we connect an external hard drive to the PC. As long as we are not generating file movements, it will not consume resources, unless a manual analysis is launched.
If for some reason this process is consuming a lot of RAM or a lot of CPU , we can carry out the following checks to make sure everything is correct.
Check that there is no malware on the PC
One of the main reasons why the resource consumption of this process can skyrocket is due to the presence of malware. It may happen, for example, that a virus has crept into the PC without being detected by the antivirus and is trying to do its thing for the PC. Therefore, Windows Defender is detecting suspicious activity and is working to find out what is happening. And the use of resources increases exponentially.
We can try to run a portable antivirus, or a security software like Malwarebytes, to scan the PC in parallel with Windows Defender . In this way, if there is a hidden malware, we will detect it, delete it and the Antimalware Service Executable process will consume what it always does.
Check the integrity of Windows files
It may happen that the problem is not in the antivirus itself, but in Windows. Over time there are files that get damaged and cause the PC to malfunction. Every 6 months, with the new versions of Windows, the system is reinstalled automatically and usually fixes many of the problems of this type. However, it never hurts to run a full system check with the following CMD commands:
chkdsk C: /F /R
We can also run the following commands to analyze and repair other aspects of the operating system:
sfc /scannow Dism /Online /Cleanup-Image /ScanHealth
After restarting the computer, Windows should work normally again, and none of the operating system functions should cause problems again.
Correctly configure Windows Defender features
This process may also be giving us problems due to having it incorrectly configured. This happens, for example, if it launches automatic analyzes while we are using the PC (instead of when it is idle) or by analyzing itself.
In the first case, what we must do is correctly configure the program task to launch automatic analyzes. To do this, we will execute the command “taskschd.msc” in the Windows 10 browser, and we will go to the directory: Task Scheduler Library> Microsoft> Windows> Windows Defender. Here we locate the ” Windows Defender Scheduled Scan ” task, and we check the conditions we have configured in the triggers tab.
If we want, we can create a new trigger at a time when we are not using the PC.
We can also create a new exclusion within Windows Defender settings so that it ignores and does not scan the Antimalware Service Executable process. This will avoid the annoying delays that occur when trying to analyze yourself.
Disable Antimalware Service Executable
The only way to disable and remove this process would be to disable Windows Defender. And of course, this is something we do not recommend doing. Apart from Microsoft not letting you do it (not even with the registry), removing this security program would endanger your computer. Therefore, it is better not to. Even if we install a third-party antivirus, it will take care of disabling it and taking control of it.
If you still want to disable it, it is necessary to resort to programs such as Defender Control or NoDefender that allow us to carry out this practice.
What we can do if Antimalware Service Executable is consuming a lot of CPU or RAM is to disable Windows Defender’s real-time protection . By doing so, we will be putting our computer at risk a bit, but we will prevent this process from making the PC slow. We can disable this protection from the Windows Defender configuration itself.
Of course, after doing so, it will be better to install other security software. To avoid problems.
