Does anyone know if you are able to scan a machine for defaults accounts (like guest or anonymous) and not turn on authenticated scanning?
There is no way to enumerate those findings without authenticated scanning.
Is there anyway to start the scan as authenticated (using a default account to try and login) and then if the default login doesn't work, roll back to an unauthenticated scan?
I am not entirely sure what you mean by "default" account. Have you given the Windows authenticated scanning documentation a read? https://www.qualys.com/docs/version/8.5/source/qualys-authenticated-scanning-windows.pdf
If you try to setup authenticated scanning via guest or anonymous accounts you will receive extremely limited results. I would assume that most scans would fail to authenticate. The scan would then perform an unauthenticated one. In my experience the results returned from an unauthenticated Windows scan isn't worth the network bandwidth. It's definitely worth setting up proper authenticated scanning.
This is always possible. If a host matches an authentication record, it will attempt to login, and if it fails, then will roll back to unauthenticated scanning of the device and flag a QID for Authentication Failed.
Retrieving data ...