Microsoft Entra Suite Tech Accelerator
Aug 14 2024, 07:00 AM - 09:30 AM (PDT)
Microsoft Tech Community
SOLVED

No active antivirus provider

Iron Contributor

Hello,

 

I have uninstalled 3rd party AV on the endpoints in my organization and have enabled Windows Defender AV by pushing endpoint security (Antivirus) policy through Intune.

 

Still I am getting the message that there is 'No active antivirus provider. Your device is vulnerable' (Refer the attached screenshot).

 

Any suggestions on how to fix it for all the endpoints.

8 Replies

@AnuragSrivastava Do you see the endpoints on Intune/MEM portal on the Antivirus policy as successfully updated?

Yes , I can see the endpoints on the Intune portal with policy status as successful.

@AnuragSrivastava Could you please share a screenshot of the below registry entry?

 

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender

best response confirmed by Yong Rhee (Microsoft)
Solution
Hi Ambarish,

Thank you for your reply. The issue was due to 'DisableAntiSpyware' registry key under HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender which was set to 1. Now we have the changed the value to 0 and we can see the Microsoft Defender as the active antivirus.
Glad it worked for you! :)

@AnuragSrivastava Can you help me out too i am also facing the same issue .. It says no active antivirus provider

@Trideep_Dutta
you can try this, it worked for me - The issue was due to 'DisableAntiSpyware' registry key under HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender which was set to 1. Now we have the changed the value to 0 and we can see the Microsoft Defender as the active antivirus.

If anyone reading this is looking for step-by-step guidance on how to install Microsoft Defender for Endpoint, be sure to review the Defender setup guide in the Microsoft 365 admin center. 


The guide has a great feature where it can detect settings in your tenant to provide tailored guidance.

 

Additionally, the setup guide is used to view and configure features as well as save time with automated investigation and response. 


Note: If you don't have Microsoft 365 admin permissions, open the guide in a test or POC tenant to get instructions.

1 best response

Accepted Solutions
best response confirmed by Yong Rhee (Microsoft)
Solution
Hi Ambarish,

Thank you for your reply. The issue was due to 'DisableAntiSpyware' registry key under HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender which was set to 1. Now we have the changed the value to 0 and we can see the Microsoft Defender as the active antivirus.

View solution in original post