I'll ask it as straightly and simply as possible..
Is there anybody who knows how to STOP the MsMpEng.exe process?
PLEASE, I beg of you, don't ask me why in the world I'd want to do that or explain me what is the purpose of MsMpEng or tell me that as long as it doesn't eat 10Gb of RAM and 100% of CPU usage is as fine as it should be. I just want to know, out of human curiosity, if there is a way to KILL the process at will, or either not LET IT START with Windows and set it to manual.
I know its purpose is good, I know it comes with either MSE or WDefender (I have only the last one, disabled btw), I know that being not able to normally kill it is how it should be (MSConfig doesn't work, Services Manager doesn't work either, all greyed out), I just want to know how to do this.
The best would be to have a way to manually stop it (or prevent it) and then be able to restart it whenever I'd want to, but ComboFix is fine to me too, if there is not another way. EVERY solution to do such is much, much appreciated.
Thanks!EDIT: I also know this question has been asked many, many times before.. I'm extremely sorry to annoy you, but found NO solution whatsoever. ^^
- Edited by Banderi Monday, June 10, 2013 2:19 PM
1. It is very simple. bat or cmd script contains one row
You can write vbs script, but there is no reason for doing it.
Use elevated/priviledged and interactive parameters.
2. Change user to SYSTEM
3. Do not click Hidden
4. Run with higher proviledges
5. Give your task any name
6. In trigger set time several minutes ahead of current time
7. In action browse for script
Doesn't work.. tried with schtasks.exe to make the process visible but the privilege is not high enough. I also tried to mess around with permissions or to use PSExec instead to do the trick, but it still is not enough, even with SYSTEM account.
Oh well, I guess I'll use ComboFix, after all xD Or maybe Linux boot and remove the file manually.
Thanks for your help!