Microsoft Antimalware
What is Microsoft Antimalware?
Microsoft Antimalware is an antivirus software (AV) product that fights malware (malicious software), including computer viruses, spyware, Trojan horses and rootkits. The software runs on Windows XP, Windows Vista and Windows 7. Built upon the same virus definitions and scanning engine as other Microsoft antivirus products, Microsoft Antimalware Service provides real-time protection, constantly monitoring activities on the computer and scanning new files as they are downloaded or created and disabling detected threats. Microsoft Antimalware Service provides real-time protection, constantly monitoring activities on the computer and scanning new files as they are downloaded or created.
Overview
Upon being installed, the software adds a Windows Service which is designed to run continuously in the background. Manually stopping the service has been seen to cause the program to stop functing properly. It adds a background controller service that is set to automatically run. Delaying the start of this service is possible through the service manager. A scheduled task is added to Windows Task Scheduler in order to launch the program at various scheduled times (the schedule varies depending on the version). The setup package generally installs about 20 files.
Program details
Installation folder: C:\Program Files\Microsoft Security Client\Antimalware
Uninstaller: MsiExec.exe /X{05BFB060-4F22-4710-B0A2-2801A1B606C5}
(The Windows Installer is used for the installation, maintenance, and removal.)
Files installed by Microsoft Antimalware
-
NisSrv.exe - Microsoft Network Inspection System
-
MpCmdRun.exe - Microsoft Malware Protection (Microsoft Malware Protection Command Line Utility)
-
MpOAv.dll - IOfficeAntiVirus Module
-
MsMpEng.exe - Antimalware Service Executable
-
IpsConsumer.dll
-
MpAsDesc.dll
-
MpClient.dll
-
MpCommu.dll
-
mpevmsg.dll
-
MpRTP.dll
-
MpSvc.dll
-
MpUtil.dll
-
MsMpCom.dll
-
MsMpLics.dll
-
NisIpsPlugin.dll
-
NisLog.dll
-
NisNetIP.dll
-
NisPerformanceProvider.dll
-
NisRes.dll
-
NisWFP.dll
Behaviors exhibited
Scheduled Task
- MpCmdRun.exe is scheduled as a task named 'MpIdleTask' (runs when idle).
2 Services
- NisSrv.exe runs as a service named 'NisSrv'.
- MsMpEng.exe runs as a service named 'MsMpSvc'.
Resource utilization averages
Show technical details
| NisSrv.exe |
| Memory: | 7.33 MB | |
| Total CPU: | 0.0424496482% | |
| Kernel CPU: | 0.01959958% | |
| User CPU: | 0.02285007% | |
| CPU cycles/sec: | 689,841 | |
| I/O reads/min: | 20.13 KB | |
| I/O writes/min: | 13.89 KB | |
| MsMpEng.exe |
| Memory: | 80.86 MB | |
| Total CPU: | 0.0069467276% | |
| Kernel CPU: | 0.00503107% | |
| User CPU: | 0.00191565% | |
| CPU cycles/sec: | 11,033,175 | |
| Switches/sec: | 8 | |
| I/O reads/min: | 564.96 KB | |
| I/O writes/min: | 95.24 KB | |
How do I remove Microsoft Antimalware?
You can uninstall Microsoft Antimalware from your computer by using the Add/Remove Program feature in the Window's Control Panel.
- On the Start menu (for Windows 8, right-click the screen's bottom-left corner), click Control Panel, and then, under Programs, do one of the following:
- Windows Vista/7/8/10: Click Uninstall a Program.
- Windows XP: Click Add or Remove Programs.
- When you find the program Microsoft Antimalware, click it, and then do one of the following:
- Windows Vista/7/8/10: Click Uninstall.
- Windows XP: Click the Remove or Change/Remove tab (to the right of the program).
- Follow the prompts. A progress bar shows you how long it will take to remove Microsoft Antimalware.
HOW IT RUNS
Windows Service? Yes
(Installs a service)
|
|
USER ACTIONS
 |
Uninstall it 3%
Keep it 97%
|
|
|
MOST USED OS
~99%
Windows 7 (SP1)
|
About Microsoft
Microsoft Corporation develops, manufactures, licenses and supports a variety of products and services related to computing.
Publisher URL: www.microsoft.com