Forum Discussion
No active antivirus provider
Hello,
I have uninstalled 3rd party AV on the endpoints in my organization and have enabled Windows Defender AV by pushing endpoint security (Antivirus) policy through Intune.
Still I am getting the message that there is 'No active antivirus provider. Your device is vulnerable' (Refer the attached screenshot).
Any suggestions on how to fix it for all the endpoints.
- Hi Ambarish,
Thank you for your reply. The issue was due to 'DisableAntiSpyware' registry key under HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender which was set to 1. Now we have the changed the value to 0 and we can see the Microsoft Defender as the active antivirus.
- Justin_RayMicrosoft
If anyone reading this is looking for step-by-step guidance on how to install Microsoft Defender for Endpoint, be sure to review the Defender setup guide in the Microsoft 365 admin center.
The guide has a great feature where it can detect settings in your tenant to provide tailored guidance.Additionally, the setup guide is used to view and configure features as well as save time with automated investigation and response.
Note: If you don't have Microsoft 365 admin permissions, open the guide in a test or POC tenant to get instructions. - ambarishrhIron Contributor
AnuragSrivastava Do you see the endpoints on Intune/MEM portal on the Antivirus policy as successfully updated?
- AnuragSrivastavaIron ContributorYes , I can see the endpoints on the Intune portal with policy status as successful.
- ambarishrhIron Contributor
AnuragSrivastava Could you please share a screenshot of the below registry entry?
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender