Some friends have found that after following online methods to disable Windows Defender in the system, and modifying some group policies and the registry according to those tutorials, the Defender antivirus-related services are still running in the background after a restart.
In fact, according to those online methods, it is probably mostly disabled, but there is still a process lingering that occupies resources, which is indeed frustrating.
So how can we completely disable the Antimalware Service Executable, the Defender-related background service?
First, enter the service management interface, and we find that the button is grayed out, making it impossible to disable it.
We need to enter safe mode to modify the registry:
Settings → System → Recovery → Advanced Startup, after restarting, find Troubleshoot → Startup Options → Safe Mode with Networking
Press WIN+X, type regedit to enter the registry.
Registry location HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend
Change Start to 4
Change ImagePath to: C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\mpextms.exe
After restarting, you can see the effect!