Hi @Brian_L
This KB should clarify all scenarios: https://kc.mcafee.com/corporate/index?page=content&id=KB88214
Hello,
McAfee will uninstall Defender. I would request you to follow : https://kc.mcafee.com/corporate/index?page=content&id=KB88214&_ga=2.79930449.774973739.1588568569-11...
ENS uninstalls Windows Defender per Microsoft guidelines: https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/windo.... You must reboot the server to fully uninstall Windows Defender. On ENS uninstall, Windows Defender is reinstalled.
Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!
We have seen that McAfee ENS is the defacto virus and threat prevention product in the Windows Security settings. However, even after weeks or months of reboots, we still have some level of interaction with Windows Defender as evidenced by Windows Event logs which refer to a block from Outlook (see images below). This occurred shortly after upgrading Windows 10 from v1709 to 1809 last month. Does the Windows Upgrade somehow reset Windows Defender allowing it to override McAfee policies? Our imaging team informed me that they placed the registry value to disable Windows Defender in the image but it does not appear on several of the systems that we checked after the Windows 10 v1809 Upgrade in Place (UiP).
Hi @Brian_L
Not that I'm aware of however this would be something you'd need to ask Microsoft. Not us 🙂
We do not actively check for running Windows Defender and terminate it once the installation has been completed.
Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA