MsMpEng.exe
Antimalware Service Executable by Microsoft Corporation (Signed)
This is a Windows system installed file with Windows File Protection (WFP) enabled.
Overview
There are 10 versions of msmpeng.exe in the wild, the latest version being 6.2.8250.0 (winmain_win8beta.120217-1520). It is started as a Windows Service called 'Servizio Windows Defender' with the name 'WinDefend' and described as “Contribuisce a proteggere gli utenti da malware e altro software potenzialmente indesiderato”. . In addition, it is run under the context of the SYSTEM account with extensive privileges (the administrator accounts have the same privileges). The average file size is about 17.28 KB. The file is a digitally signed and issued to Microsoft Corporation by Microsoft Corporation. During the process's lifecycle, the typical CPU resource utilization is about 0.0054% including both foreground and background operations, the average private memory consumption is about 77.82 MB with the maximum memory reaching around 112.08 MB. Addionally, typically read and write I/O disk operations is about 2.68 MB per minute for reads and 266.45 KB per minute for writes.
What is msmpeng.exe?
MsMpEng.exe is the back-end of Microsoft Security Essentials. It is important to remember that this process is actually used by both Windows Defender and MSE. When you install Microsoft Security Essentials, then Windows Defender is automatically turned off and Microsoft Security Essentials uses this process. This is the main process that runs the program and takes quite some system memory. If you end this process then Microsoft Security Essentials will be disabled and an alert will be shown aski
About msmpeng.exe (from Microsoft Corporation)
“Windows Defender is software that helps protect your computer against pop-ups, slow performance, and security threats caused by spyware and other unwanted software by detecting and removing known spyw”
 Details
|
| File name: | msmpeng.exe |
| Publisher: | Microsoft Corporation |
| Product name: | Antimalware Service Executable |
| Description: | Microsoft® Windows® Operating System |
| Typical file path: | C:\Program Files\windows defender\msmpeng.exe |
| Certificate |
| Issued to: | Microsoft Corporation |
| Authority (CA): | Microsoft Corporation |
| Expiration date: | Tuesday, July 9, 2013 |
| Windows Service |
| Service name: | WinDefend |
| Display name: | Servizio Windows Defender |
| Description: | “Contribuisce a proteggere gli utenti da malware e altro software potenzialmente indesiderato” |
| Type: | Win32OwnProcess |
Behaviors
(Note, the behaviors below are for all versions of msmpeng.exe, select a unique version for details.)
Services
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
- 'WinDefend' (Servizio Windows Defender)
- WinDefend
All file variations of msmpeng.exe
Distribution by Windows OS
| OS version | distribution |
| Windows 8 Pro |
44.40% |
|
| Windows 8 |
19.40% |
|
| Windows 8 Pro with Media Center |
10.07% |
|
| Windows 8.1 |
7.84% |
|
| Windows 8 Enterprise |
4.10% |
|
| Windows 8.1 Pro |
3.73% |
|
| Windows 8 Release Preview |
1.87% |
|
| Windows 8.1 Pro Preview |
1.49% |
|
| Windows 8 Enterprise N |
1.12% |
|
| Windows 8 Single Language |
1.12% |
|
| Windows 8.1 Single Language |
0.75% |
|
| Windows 8.1 Pro with Media Center |
0.75% |
|
| Windows 8.1 Enterprise |
0.75% |
|
| Windows Developer Preview |
0.75% |
|
| Windows 8 Enterprise Evaluation |
0.75% |
|
| Windows 8.1 Single Language Preview |
0.37% |
|
| Windows 8.1 Pro Preview with Media Center |
0.37% |
|
| Windows 8 Consumer Preview |
0.37% |
|
Distribution by country
United States installs about 37.45% of Antimalware Service Executable.
Distribution by PC manufacturer
| PC Manufacturer | distribution |
| ASUS |
20.51% |
|
| Hewlett-Packard |
17.31% |
|
| Dell |
12.82% |
|
| Toshiba |
10.26% |
|
| Acer |
8.97% |
|
| Sony |
8.97% |
|
| Lenovo |
7.69% |
|
| GIGABYTE |
5.77% |
|
| Intel |
2.56% |
|
| Medion |
1.28% |
|
| Packard Bell |
1.28% |
|
| MSI |
1.28% |
|
| Alienware |
0.64% |
|
| Samsung |
0.64% |
|
