Enable Microsoft Defender with your Other Favorite Antivirus Solution

Why have one antivirus product enabled on your Windows 10 system when you can have two? This blog describes how to enable Microsoft Defender for periodic scanning when using another antivirus product and why you would want to do this. An embedded video is below that provides additional information.

Every Windows 10 system comes with Microsoft Defender enabled by default at no cost. Microsoft Defender is now rated as “the best antivirus tool for Windows 10 PCs” so should remain enabled for threat protection. That said, there are many other great antivirus products on the market from trusted companies used by millions of customers. Symantec, Trend Micro, Kaspersky, and McAfee all come to mind.

When another antivirus application is installed on Windows 10, Microsoft Defender automatically goes into disabled mode to allow the other product to take on the primary threat protection role . While it is never recommended to have two active antivirus agents running at the same time on the same system, what if you could continue to use your favorite antivirus product for your primary threat protection service and Microsoft Defender in a passive mode?  In this case the primary antivirus product is one of the non-Microsoft products listed above while Microsoft Defender is enabled in a passive mode for limited periodic scanning services. In this scenario, you would be protected by two threat protection agents that would not interfere with each other while adding an additional layer of defense. Two products using different methods and cyber security intelligence to protect your Windows 10 system.

Note: Microsoft only recommends this configuration for consumers using Windows 10. It is not recommended for Enterprise environments where a primary antivirus solution should be chosen and deployed. When using Microsoft Defender in passive mode, the product will only use a subset of Microsoft Defender capabilities to detect malware and potentially unwanted software. To enable this configuration on a Windows Server, a registry setting is available. View this table for additional information.

The best part about this configuration is that it is so easy to implement! Let’s run through an example below.

1. Click on the Windows Icon and then click Settings

2. In Settings, click Update & Security

Update & Security 
Windows Update, reccvery, 
backup

3. In the Update & Security area, click Windows Security

Update & Security 
Windows Update 
Delivery Optimization 
Windows Security

4. In Windows Security, click to Open Windows Security

Windows Security 
Windows Security is your home to view and manage the security and 
health of your device. 
Open Windows Security

5. In the Windows Security area, click Virus & Threat Protection

Virus & threat protection 
No action needed.

6. Here, notice that I have the Sentinel Agent installed as my primary antivirus client (this is another agent I like). Click on the Windows Defender Antivirus Options link at the bottom of the screen.

7. Click on the Period scanning so it slides to the On position

8. You may receive a prompt similar to the one below. Click Yes.

9. New information will now appear from the Microsoft Defender application that is now configured to run in Passive Mode.

10. In the Virus & Threat Protection Settings area, click on Manage Settings. Now notice how you cannot enable real-time scanning because “You’re using other antivirus products.”

Conclusion: Microsoft Defender is now configured in Passive Mode where a subset of its protection features are enabled. You now have the functionality to run on-demand scans using Microsoft Defender when ready.

Author: KMartins

Microsoft full time employee specializing in security and collaboration products available in Office 365 and Azure. https://www.linkedin.com/in/kevin-martins-/

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.