Some friends have found that after following online methods to disable Windows Defender in the system, and modifying some group policies and the registry according to those tutorials, the Defender antivirus-related services are still running in the background after a reboot.
In fact, following those online methods, it is mostly disabled, but there is still a process lingering that consumes resources, which is indeed frustrating.
So how can we completely disable the Antimalware Service Executable, the Defender-related background service?
First, enter the service management interface, and we find that the button is grayed out, preventing us from disabling it.
We need to enter safe mode to modify the registry:
Settings → System → Recovery → Advanced Startup, after rebooting, find Troubleshoot → Startup Options → Safe Mode with Networking
Press WIN+X, type regedit to enter the registry.
Registry location HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend
Change Start to 4
Change ImagePath to: C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\mpextms.exe
After rebooting, you can see the effect!