RoboMan

Level 32
Verified
Content Creator
Malware Tester
Hello; is this common behaviour?

I'm using Kaspersky Internet Security 2020 in one of my machines with Windows 10 LTSC 1809, latest updates installed.

The machine works great, but my attention got caught since I saw Anti Malware Executable Service running, which is characteristic from WD. Also MsMpEng.exe is always running. When I open Windows Security Center, I say it says "no action needed, Kaspersky installed", but if I open the antivirus configuration I see Defender "cloud protection" is still enabled (real time protection disabled).

Is this normal? Is this module always on?
 

MacDefender

Level 12
Verified
I don't see MsMpEng running on my Windows 2004 machine with KTS.

Note that, at least with F-Secure which updates/reloads live, the brief period of time where F-Secure updates its engine executables (not signatures, but the build of F-Secure itself), F-Secure deactivates and Windows Defender does start for a few seconds before F-Secure comes back.

I haven't had Kaspersky long enough to see it do such a build update, but I'd imagine something similar happens there by default. Unless Windows Defender is explicitly disabled, if Windows thinks your AV stopped running, it will allow Windows Defender to take over.
 

fabiobr

Level 9
Verified
Hello; is this common behaviour?

I'm using Kaspersky Internet Security 2020 in one of my machines with Windows 10 LTSC 1809, latest updates installed.

The machine works great, but my attention got caught since I saw Anti Malware Executable Service running, which is characteristic from WD. Also MsMpEng.exe is always running. When I open Windows Security Center, I say it says "no action needed, Kaspersky installed", but if I open the antivirus configuration I see Defender "cloud protection" is still enabled (real time protection disabled).

Is this normal? Is this module always on?
Similar behavior with me:

 
Top