当您感染了难以删除的顽固恶意软件时，您可能会急于安装第三方防病毒或反恶意软件解决方案。虽然这些工作正常，但 Windows 10 有自己的高质量防病毒保护，称为Microsoft Defender（以前称为Windows Defender），您可以使用它来代替。

这种保护是使Windows独一无二的数百种Windows服务和进程之一。^(Windows)其中包括Windows 内核 (ntoskrnl.exe)^{(Windows kernel (ntoskrnl.exe))}和其他重要进程，例如Antimalware Service Executable，这是 Microsoft Defender 保护的一个组成部分。这是您需要了解的内容。

什么是反恶意软件服务可执行进程，它是否安全？^{(What is the Antimalware Service Executable Process and Is It Safe?)}

大多数用户不熟悉Antimalware Service Executable进程，但顾名思义，它在您的 PC 的内置恶意软件感染防御中发挥着重要作用。特别是，这个重要的系统进程是Microsoft Defender的后台进程。

正如我们已经提到的，Microsoft Defender是 Windows 自己的防病毒和反恶意软件保护。这可确保市场上的每台Windows 10 PC 都具有针对恶意软件、病毒和其他可能危及您的 PC 并窃取（或破坏）您的数据的威胁的内置保护。

如果您发现任务管理器^{(Task Manager)}中运行的Antimalware Service Executable进程（或相关的Microsoft Defender 防病毒服务^{(Microsoft Defender Antivirus Service)}） ，请不要惊慌——几乎可以肯定，这与Microsoft Defender背后的正版系统进程相同。

只要Microsoft Defender处于活动状态，反恶意软件服务可执行文件^{(Antimalware Service Executable)}就会在您的 PC 后台运行。它执行并激活所有重要的Microsoft Defender功能，例如在打开文件之前检查文件、对文件运行定期背景检查以及自动更新其威胁数据库。

如果您切换到第三方防病毒解决方案（例如Avast 或 Malwarebytes^{(Avast or Malwarebytes)}），Microsoft Defender将切换到禁用模式，确保没有冲突。这意味着Antimalware Service Executable进程应该处于非活动状态，不使用系统资源，并且在重新激活Microsoft Defender之前保持不可用。

可执行的反恶意软件服务如何导致高 CPU 和 RAM 问题^{(How Antimalware Service Executable Causes High CPU and RAM Issues)}

大多数情况下，Antimalware Service Executable使用最少的系统资源保持非活动状态。但是，如果您发现它在您的 PC 上使用大量CPU或RAM，则可能表明Microsoft Defender正在执行操作。

这可能是对文件或应用程序运行防病毒扫描，检查来自 Microsoft 服务的新威胁更新，防止第三方网络威胁等等。这些都是标准防病毒程序的典型操作，因此您不应（通常）将某些CPU或RAM使用视为问题。

使用 Microsoft Defender 解决高 CPU 和 RAM 问题^{(Troubleshooting High CPU and RAM Issues with Microsoft Defender)}

但是，如果Microsoft Defender经常使用大量系统资源，则可能表明您的 PC 存在其他可能需要解决的问题，例如损坏的系统文件。如果没有执行明显的操作（例如正在进行的恶意软件扫描），则尤其如此。

如果这成为一个严重的稳定性问题，您可以暂时禁用Microsoft Defender，但您可能需要首先检查您的系统文件是否完好，以及Windows是否已完全更新到最新的错误修复。

1. 为此，请右键单击“开始^(Start)”菜单并选择“设置”^(Settings)。

1. 在“设置”^{(Settings )}菜单中选择“更新和安全”^{(Update & Security )} > “ Windows 更新”^{(Windows Update )} > “检查更新^{(Check for Updates)}”以检查任何可用的更新（如果已有可用更新，请按“下载并安装”）。^{(Download and Install)}安装任何可用更新后，重新启动您的 PC。

如果您的 PC 已更新，您可以使用系统文件检查器^{(System File Checker)}工具检查系统文件的完整性问题。

1. 首先^(Start)右键单击“开始^(Start)”菜单并选择“ Windows PowerShell (Admin) ” 。

1. 在新的PowerShell窗口中，键入sfc /scannow并选择Enter。SFC工具将根据标准安装映像检查您的系统文件并自动修复任何潜在问题。

对于大多数用户来说，这应该可以解决Windows 10^{(Windows 10)}安装损坏的常见问题，这些问题可能会导致不稳定问题，例如高CPU或RAM问题。但是，如果您的 PC 较旧且遇到问题，您可能需要考虑重置 Windows 10^{(resetting Windows 10)}或升级您的 PC^{(upgrading your PC)}以解决问题。

如何禁用反恶意软件服务可执行进程^{(How to Disable the Antimalware Service Executable Process)}

作为一个主要的系统进程，也是 Windows 自身防病毒保护的后台进程，几乎可以肯定，您将在任务管理器中看到运行的^{(Task Manager)}Antimalware Service Executable进程是真实的并且可以安全运行。

没有现成的报告表明任何已知的恶意软件正在尝试（或以前曾尝试）在Windows上伪造此进程。只有在启用Microsoft Defender^{(Microsoft Defender)}时，您才会看到它处于活动状态。如果您担心系统稳定性并想要关闭Microsoft Defender，您可以在Windows 设置^{(Windows Settings)}中进行。

但是，您只能暂时禁用Microsoft Defender 。虽然它可以在有限的时间内关闭，但Windows会在您下次重新启动 PC 时自动将其重新打开，除非您安装了第三方防病毒软件。保持Microsoft Defender关闭的唯一方法是安装另一个防病毒软件。

还强烈建议^{(strongly advised)}您仅在安装了第三方解决方案时才禁用Microsoft Defender 。让你的电脑没有激活Microsoft Defender或第三方保护（即使是在有限的时间内）可能会导致恶意软件感染和数据丢失，你无法从中恢复。

1. 如果要暂时禁用Microsoft Defender（以及扩展的Antimalware Service Executable进程），则需要右键单击“开始^(Start)”菜单并选择“设置”^(Settings)。

1. 在设置^{(Settings )}菜单中，选择更新和安全^{(Update & Security )}> Windows 安全^{(Windows Security )}>打开 Windows 安全^{(Open Windows Security)}。 

1. 在新的Windows 安全^{(Windows Security )}菜单中，选择病毒和威胁防护^{(Virus & threat protection )}>管理设置^{(Manage settings)}。

1. 将实时保护^{(Real-time protection )}滑块选择到关闭^(Off)位置。

关闭Microsoft Defender^{(Microsoft Defender)}的实时保护将停止 Antimalware Service Executable 进程的任何活动^{(Antimalware Service Executable)}。这可以帮助您确定您的稳定性问题是否特定于Microsoft Defender（以及，通过扩展，特定于Windows本身）并需要进一步调查。

Windows 10 的进一步故障排除^{(Further Troubleshooting for Windows 10)}

Antimalware Service Executable进程是适用于Windows 10 PC的安全且合法的系统进程，因此您不必害怕在任务管理器^{(Task Manager)}中看到它。与dwm.exe等一样，这个进程只有在长时间消耗大量系统资源时才会引起警报。

如果是这种情况，您将需要进行一些额外的故障排除和维护。您应该保持 Windows 更新^{(keep Windows updated)}以安装最新的错误修复并设置自动计划^{(set up an automated schedule)}以检查新的威胁和感染。但是，如果所有其他方法都失败了，您可能需要考虑将Windows 10 恢复出厂设置^{(factory reset of Windows 10)}以重新开始。

What is the Antimalware Service Executable Process & Is It Safe?

When you’re infected with stubbоrn malware that you find difficult to remove, you might rush to install a third-pаrty antivirus or anti-malware sоlution. While these work fine, Windows 10 has іts own high-quality antivirus protection called Microsoft Defender (previously Windows Defender) that you can use instead.

This protection is among the hundreds of Windows services and processes that make Windows unique. These include the Windows kernel (ntoskrnl.exe) and other important processes such as Antimalware Service Executable, an integral part of Microsoft Defender’s protection. Here’s what you need to know about it.

What is the Antimalware Service Executable Process and Is It Safe?

Most users won’t be familiar with the Antimalware Service Executable process but, as the name suggests, it plays an important role in your PC’s built-in defenses against malware infections. In particular, this important system process is the background process for Microsoft Defender.

As we’ve mentioned already, Microsoft Defender is Windows’ own antivirus and antimalware protection. This ensures that every Windows 10 PC on the market has built-in protection against malware, viruses, and other threats that could compromise your PC and steal (or destroy) your data.

If you spot the Antimalware Service Executable process (or the related Microsoft Defender Antivirus Service) running in Task Manager, don’t be alarmed—it’s almost  a certainty that this is the same genuine system process behind Microsoft Defender.

As long as Microsoft Defender is active, the Antimalware Service Executable will run in the background of your PC. It performs and activates all of the important Microsoft Defender features, such as checking files before you open them, running regular background checks on your files, and updating its threat database automatically.

If you switch to a third-party antivirus solution (such as Avast or Malwarebytes), Microsoft Defender will switch to disabled mode, ensuring no conflicts. This means that the Antimalware Service Executable process should be inactive, using no system resources, and remaining unavailable until Microsoft Defender is reactivated.

How Antimalware Service Executable Causes High CPU and RAM Issues

Most of the time, the Antimalware Service Executable remains inactive, using minimal system resources. However, if you spot it using a high amount of CPU or RAM usage on your PC, it’s probably a sign that Microsoft Defender is performing an action.

This could be running an antivirus scan on a file or app, checking for new threat updates from Microsoft’s services, preventing third-party network threats, and more. These are all typical actions of a standard antivirus program, so you shouldn’t (usually) consider some CPU or RAM usage as a problem.

Troubleshooting High CPU and RAM Issues with Microsoft Defender

However, if Microsoft Defender is using a large amount of your system resources regularly, it could point to other issues with your PC that may need resolving, such as corrupt system files. This is especially true if no obvious actions are being performed (such as an in-progress malware scan).

You can temporarily disable Microsoft Defender if this becomes a serious stability issue, but you may want to check that your system files are intact and that Windows is fully up-to-date with the latest bug fixes first.

1. To do this, right-click the Start menu and select Settings.

1. Select Update & Security > Windows Update > Check for Updates in the Settings menu to check for any available updates (or press Download and Install if there are already updates available). Restart your PC once any available updates are installed.

If your PC is updated, you can check your system files for integrity issues using the System File Checker tool.

1. Start by right-clicking the Start menu and selecting Windows PowerShell (Admin).

1. In the new PowerShell window, type sfc /scannow and select Enter. The SFC tool will check your system files against the standard installation image and automatically fix any potential issues.

For most users, this should resolve common problems with a corrupted Windows 10 installation that may cause instability issues such as high CPU or RAM issues. However, if your PC is older and struggling, you may need to consider resetting Windows 10 or upgrading your PC to resolve the problem.

How to Disable the Antimalware Service Executable Process

As a major system process, and the background process for Windows’ own antivirus protection no less, it’s almost certain that the Antimalware Service Executable process you’ll see running in Task Manager is genuine and safe to run.

No reports are readily available suggesting that any known malware is attempting (or has previously attempted) to fake this process on Windows. You should only see it active if Microsoft Defender is enabled. If you’re worried about system stability and want to switch Microsoft Defender off, you can do so in Windows Settings.

You can only disable Microsoft Defender temporarily, however. While it can be switched off for a limited period, Windows will automatically switch it back on the next time you restart your PC unless you have a third-party antivirus installed. The only way to keep Microsoft Defender switched off is to install another antivirus.

It’s also strongly advised that you only disable Microsoft Defender if you have a third-party solution installed. Leaving your PC without either Microsoft Defender or third-party protection active (even for a limited period) could result in a malware infection and data loss that you can’t recover from.

1. If you want to disable Microsoft Defender (and, by extension, the Antimalware Service Executable process) temporarily, you’ll need to right-click the Start menu and select Settings.

1. In the Settings menu, select Update & Security > Windows Security > Open Windows Security. 

1. In the new Windows Security menu, select Virus & threat protection > Manage settings.

1. Select the Real-time protection slider to the Off position.

Switching Microsoft Defender’s real-time protection off will stop any activity by the Antimalware Service Executable process. This can help you determine if your stability issues are specific to Microsoft Defender (and, by extension, to Windows itself) and require further investigation.

Further Troubleshooting for Windows 10

The Antimalware Service Executable process is a safe and legitimate system process for Windows 10 PCs, so you shouldn’t fear seeing it in the Task Manager. Like dwm.exe and others, this process should only be cause for alarm when it uses up a large amount of your system resources over a long period.

If that’s the case, you’ll need to proceed with some additional troubleshooting and maintenance. You should keep Windows updated to install the latest bug fixes and set up an automated schedule to check for new threats and infections. If all else fails, however, you may need to consider a factory reset of Windows 10 to start afresh.

Related posts

• 什么是 Shell 基础架构主机进程，它是否安全？

• 什么是 Waasmedic 服务，它安全吗？

• Windows 10中的splwow64.exe进程是什么，我可以禁用吗？

• Windows 10中的Device Census（deviceCensus.exe）文件是什么？

• 如何在Windows 10启用或禁用IP Helper Service

• 什么是atiesrxx.exe在Windows 10 Task Manager中？

• 如何在Windows 10中更改CPU Process Priority

• 什么是 wudfhost.exe，它安全吗？

• Windows 10上的Bonjour Service是什么？

• 什么是 Windows 音频设备图隔离（它是否安全）

• 如何在Windows 10上禁用Windows Insider Service

• 什么是 Bonjour 服务（您是否需要它）

• 什么是 Windows 中的 mrt.exe，它安全吗？

• 如何在 Windows 10 中修复系统服务异常停止代码

• 什么是 TrustedInstaller，它安全吗？

• 如何在Windows 10 Boot至Safe Mode

• Windows 10 上的 Easy Anti-Cheat 是什么，它安全吗？

• 如何修复 Windows 更新服务未运行

• 在 Windows 10 中退出安全模式的 2 种方法

• 7 Ways至Windows 10中的Fix Critical Process Died