What is “Antimalware Service Executable” and How to Fix it?

antimalware service executable high disk

Windows 10 is one of the most popular operating systems, and the antimalware Service Executable program is a part of it. Windows has a series of programs running in the background, such as task manager, windows defender, antivirus, and more. Antimalware Service Executable is part of the Windows Defender and is responsible for checking files for malware. This is a background process and sometimes consumes high CPU or disk usage that can slow down your PC. In this guide, we will fix “Antimalware Service Executable” using a simple step-by-step guide.

Also read: 4 Best Ways To Disable Windows 10 Auto Update.

What is Antimalware Service Executable Program?

Antimalware Service Executable is a program that is part of the “Windows Defender” service. It runs in the background and checks for files containing malware that can affect the computer. This service is also responsible for checking background system scans, installing antivirus updates, and anything that the windows defender asks for.

If you have keenly noticed, you might have encountered a pop-up on your windows screen while installing dangerous software. The Antimalware Service is responsible for checking and restricting such files. It is Microsoft’s inbuilt security system that is stopping the malicious services from overriding the system.

Other than restricting dangerous software, Antimalware Executable Service is also responsible for updating the virus definitions. Windows defender uses these virus definitions to avoid basic virus attacks on your windows system.

antimalware service executable high cpu

It is also known as the MsMpEng.exe file and is bundled with the Windows Operating System. The problem can arise on any Windows OS, including Windows 10, Windows 8,8.1, Windows 7, or Windows XP. One common doubt that needs to be addressed is the future update will not reduce the High CPU or Disk Usage or fix this issue.

Windows defender is not that efficient compared to the latest malware. Devices must be secured and alerted at the right time. This is the main reason why we use BitDefender Antimalware software. It is the #1 antimalware and antivirus system which is also available at a lower price. After using it for the past 5 years, we highly recommend our readers to check it out once.

Problem

The major problem that users face with the Antimalware Executable Service is high CPU or disk space usage. There can be several reasons for this problem and sometimes caused due to high-level malware.

But how? Isn’t the service responsible for checking such files? The answer to this is simple; high-level malware easily bypasses such security as they run their own service with the same name; Antimalware Executable Service.

BitDefender Antimalware

BitDefender Total Security

5 Devices | 2 Years of Protection

Features:

  1. #1 Malware Detection
  2. More than Virus Protection.
  3. Compatible with Windows, Mac OS, iOS and Android.
  4. Webcam protection.
  5. Multi-layer ransomware protection.
  6. Secure online transactions, anti-theft & anti-loss tools

It also includes BitDefender VPN service (200MB/day), Password Manager, File Shredder, Anti-tracker, and PC Optimiser.


How to Fix Antimalware Service Executable

Several issues can cause or interfere with Antimalware Executable Service in the task manager. A few problems include the malware acting as faux and consume the CPU power in such situations. Here are a few solutions that help in solving the MsMpEng.exe high CPU or disk usage issue.

1. Change Windows Defender Scheduling

Antimalware Executable Service is associated with the Windows Defender program and runs in the background. If the MsMpEng.exe is consuming high CPU or disk usage, it mainly scans files in the background. One of the solutions is to reschedule the windows defender real-time protection service.

Here is the step-by-step process/guide –

  • Open the “Run” window on your windows computer using Windows Logo Key + R.
  • In the dialog box, enter taskschd.msc and click on the enter option. This should open the Task Scheduler Library window.
  • From the Task Scheduler Library, navigate to Windows Defender. You can find it at Task Scheduler Library > Microsoft > Windows > Windows Defender.

    Task Scheduler Library

  • Double-click on the Windows Defender Scheduled Scan from the right-side pane.
  • In the General tab, uncheck the option “Run with the highest privilege.”. This option is responsible for running Windows Defender on the highest priority, which consumes high CPU or disk usage.
  • The next step is to click on the “Conditions” tab and untick all the options.
  • Confirm the changes and boot your Windows computer.

Also read: How to Resolve tcpip.sys BSOD on Windows 10/8/7


2. Add Antimalware Executable Service to Exclusion List

Adding MsMpEng.exe service to the exclusion list is one of the best ways to solve the high CPU usage issue. Moreover, the Windows Defender’s scanning system is added to exclusion and removes the security on your computer. To protect the computer, you can use BitDefender Security, an external antimalware and antivirus software known for overall protection.

Here is how to add the MsMpEng.exe service to the exclusion list –

  • Launch Windows Defender program and click on Virus and threat protection feature.
  • In the Virus and Threat protection feature, look for Exclusions and then click on Add/Remove Exclusions.
  • Click on Add Exclusions. You can find a drop-down below right beside it; select “Process” under the drop-down menu.
  • Add MsMpEng.exe service to the exclusion and click on the Add button to confirm it.
  • Now, the MsMpEng.exe service is added to the exclusions list and should no longer use high CPU or disk usage.

If you have trouble adding exclusions to the list, you can check this Microsoft guide on defining exclusions.

Also read: How to Update Windows 7/8 to Windows 10 For Free.


3. Disabling Windows Defender

If the above two solutions don’t work for you, the best alternative is to disable the entire Windows Defender service. The problem with doing this action is, it will remove protection from your Windows Computer. However, If you do so, it is recommended to install any other antivirus or antimalware software.

Also read: How to Record PC Screen for Free using Powerpoint [PPT] on Windows [7,8,&10] and Mac

How to disable Antispyware, Step-by-Step guide –

  1. Open the Run program on your Windows Computer key using the start menu or Windows logo key + R shortcut.
  2. We need to open the Registry Editor to disable the Antispyware; use the command regedit and click on ok.
  3. On the left side pane, navigate to the following location – HKEY_LOCAL_MACHINE\
    SOFTWARE\Policies\Microsoft > Windows Defender
  4. Here, you can find the “DisableAntispyware” service; double-click on it and set the value to “1” to disable it.
  5. If you cannot find the “DisableAntispyware” service, we need to create it using the following actions.
  6. Right-click on the main Registry Editor pane and select New > DWORD (32 bit) Value.
  7. Name this new registry edit as “DisableAntispyware” and then perform step 4.

Also read: How to Install WSL 2 on Windows 10? | Step-by-Step Guide


How to Disable Antimalware Service Executable?

Antimalware service executable is annoying, and if you are using another antimalware software, it is best to disable the default one.

1. Disable Microsoft Defender

MsMpEng.exe or Antimalware service executable can be stopped by disabling the Microsoft Defender. There are two ways of disabling the Microsoft defender: first, using the Registry Editor, and second, using the Command Prompt.

Disable Microsoft Defender using CMD Prompt

You can disable the Microsoft Defender using both Registry Editor and Command Prompt. The fastest and easiest way is to use the command prompt.

But how to disable Microsoft Defender using CMD?

  1. Open the Windows Menu and look for command prompt; you can also use the Windows search bar.
  2. Right-Click on command prompt and run command prompt as administrator.

    Run command prompt as administrator

  3. Now, enter the following command –

    REG ADD "hklm\software\policies\microsoft\windows defender" /v DisableAntiSpyware /t REG_DWORD /d 1 /f

  4. After the command is successfully executed, you can find the Antimalware Service Executable disabled.
  5. It is important to run command prompt as administrator to fully utilize the admin priviledges and make changes in Windows Defender.

Also read: How to Check if your PC is TPM Compatible for Windows 11?

Disabling Microsoft Defender using Registry Editor

You can disable the Microsoft Defender program using the Registry Editor,, and it much simpler method to stop Antimalware Service Executable.

Here are the steps to disable Microsoft Defender using the Registry Editor –

  1. Open the Run window using Windows + R shortcut, you can alternatively also use the search in windows menu and open the Run window.
  2. Enter the following command –

    regedit

    Registry Editor to disable Antimalware

  3. Now, navigate to the following location –

    HKEY_LOCAL_MACHINE/SOFTWARE/Policies/Microsoft/Windows Defender

    Disable Antimalware Executable Service

  4. In the left pane, you can find a list of registry folders. Right-Click on the Windows defender and select New > DWORD. In most of the cases, it is DWORD 32-bit.
  5. A new DWORD registry is now created. Double-click on the file and then name it DisableAntiSpyware.
  6. The final step is to set the value of DisableAntiSpyware to 1.

You should now be able to disable the Antimalware Service Executable and Windows Defender in general. It is in the best interest to have an Antivirus and Antimalware installed after disabling the Windows Defender.


2. Use Group Policy Editor

The second best method to disable Antimalware Service Executable and Windows Defender are to use Group Policy Editor. Ensure you have first installed the group policy editor on your Windows computer.

  1. Open the Run window using Windows + R shortcut, you can alternatively also use the search in windows menu and open the Run window.
  2. Enter the following command –

    gpedit.msc

    Group policy Editor antimalware executable service

  3. From the left pane, navigate to the following directory –

    Computer Configuration/Administrative Templates/Windows Components/Microsoft Defender Antivirus/Real-time Protection

  4. Turn off the real-time protection and then select the “Enabled” option.
  5. Click on “Apply” and save the changes to disable the antimalware service executable and Windows Defender.

It is worth to note this will disable the antivirus system on your Windows computer. To protect the PC, ensure you install a secure antivirus and antimalware on your Windows PC.

Our best recommendation is BitDefender Antivirus and Antimalware,, which is both highly secure and budget-friendly.

Also read: How to Fix DPC WATCHDOG VIOLATION Error on WINDOWS 10


3. Stop Windows Defender Service

If you are unable to disable the Antimalware Executable Service, you alternatively stop the service. This is the best option to temporarily stop the Windows Defender from scanning the system and consuming high-CPU usage.

  1. Open the Run window using Windows + R shortcut, you can alternatively also use the search in windows menu and open the Run window.
  2. Enter the following command –

    services.msc

  3. Now, you can see a list of services on your Windows computer.
  4. Look for “Windows Defender Antivirus Service” from the entire list.
  5. Right-Click on “Windows Defender Antivirus Service” and set the startup type to automatic.
  6. Now, click on “Stop” button and this will temporarily disable the Antimalware Executable Service on your Windows PC.

Also read: How to Use Clubhouse on PC | Windows, Mac, and Linux


Why Antimalware Executable Service uses High Disk Memory?

Most people have this common question, why does Antimalware Executable Service consume high CPU usage?

When your PC is infected by a malware, there is a best chance that it replaces the Antimalware Executable Service program with an infected one. This infected program that acts as a Windows Defender service uses all the resources of the CPU at an extent to make it fail.

So, when you see an Antimalware Executable Service is using high CPU / disk memory, it is actually the infected program.

This program continuously scans the memory and utlise all your resources making it unavailable for other uses.

You may also like,


Frequently Asked Questions

What is MsMpEng EXE?


MsMpEng.exe or Antimalware Executable Service is a program of Windows Defender Service. It is responsible for checking for malware and virus threats in the background.

How do I fix MsMpEng EXE’s high CPU usage?


There are several solutions to solve the MsMpEng.exe is using high CPU or disk usage; a few of them are:
– Change Windows Defender Scheduling.
– Add Antimalware Executable Service to the Exclusion List.
– Disabling Windows Defender on Windows Computer.

Can I end the antimalware service executable?


Yes, you can end the antimalware service from the task manager when you see it using high CPU or disk usage. If the problem persists, reschedule the Windows Defender or disable it entirely.

Also read: How To Recover Deleted Files On Windows – Easiest way.

Final Words

These are simple steps on how to solve Antimalware Executable Service using a high CPU or disk. Remember, using any of the above solutions can leave your computer at risk of cyber-attacks; it is recommended you have a strong antivirus and anti-malware installed on your computer. We recommend using BitDefender.

Leave a Reply

Your email address will not be published. Required fields are marked *