mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-05-16 15:27:22 +00:00
Made fixes to various files for antivrus rebrand build
This commit is contained in:
Jeff Reeds (Aquent LLC)
parent
3d55e52eeb
commit
27472d3487
@ -46,12 +46,12 @@
|
||||
|
||||
#### [Hardware-based isolation]()
|
||||
##### [Hardware-based isolation in Windows 10](microsoft-defender-atp/overview-hardware-based-isolation.md)
|
||||
##### [Hardware-based isolation evaluation](windows-defender-application-guard/test-scenarios-wd-app-guard.md)
|
||||
##### [Hardware-based isolation evaluation](microsoft-defender-application-guard/test-scenarios-md-app-guard.md)
|
||||
|
||||
##### [Application isolation]()
|
||||
###### [Application guard overview](windows-defender-application-guard/wd-app-guard-overview.md)
|
||||
###### [System requirements](windows-defender-application-guard/reqs-wd-app-guard.md)
|
||||
###### [Install Windows Defender Application Guard](windows-defender-application-guard/install-wd-app-guard.md)
|
||||
###### [Application guard overview](microsoft-defender-application-guard/md-app-guard-overview.md)
|
||||
###### [System requirements](microsoft-defender-application-guard/reqs-md-app-guard.md)
|
||||
###### [Install Windows Defender Application Guard](microsoft-defender-application-guard/install-md-app-guard.md)
|
||||
|
||||
##### [Application control](windows-defender-application-control/windows-defender-application-control.md)
|
||||
###### [Audit Application control policies](windows-defender-application-control/audit-windows-defender-application-control-policies.md)
|
||||
|
||||
@ -58,7 +58,7 @@ To exclude files opened by a specific process, see [Configure and validate exclu
|
||||
The exclusions apply to [scheduled scans](scheduled-catch-up-scans-microsoft-defender-antivirus.md), [on-demand scans](run-scan-microsoft-defender-antivirus.md), and [real-time protection](configure-real-time-protection-microsoft-defender-antivirus.md).
|
||||
|
||||
>[!IMPORTANT]
|
||||
>Exclusion list changes made with Group Policy **will show** in the lists in the [Windows Security app](windows-defender-security-center-antivirus.md#exclusions).
|
||||
>Exclusion list changes made with Group Policy **will show** in the lists in the [Windows Security app](microsoft-defender-security-center-antivirus.md#exclusions).
|
||||
>
|
||||
>Changes made in the Windows Security app **will not show** in the Group Policy lists.
|
||||
|
||||
@ -165,7 +165,7 @@ For more information, see [Windows Defender WMIv2 APIs](https://msdn.microsoft.c
|
||||
|
||||
### Use the Windows Security app to configure file name, folder, or file extension exclusions
|
||||
|
||||
See [Add exclusions in the Windows Security app](windows-defender-security-center-antivirus.md#exclusions) for instructions.
|
||||
See [Add exclusions in the Windows Security app](microsoft-defender-security-center-antivirus.md#exclusions) for instructions.
|
||||
|
||||
<a id="wildcards"></a>
|
||||
|
||||
@ -206,10 +206,10 @@ You can retrieve the items in the exclusion list using one of the following meth
|
||||
- [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/protect/deploy-use/endpoint-antimalware-policies#exclusion-settings)
|
||||
- MpCmdRun
|
||||
- PowerShell
|
||||
- [Windows Security app](windows-defender-security-center-antivirus.md#exclusions)
|
||||
- [Windows Security app](microsoft-defender-security-center-antivirus.md#exclusions)
|
||||
|
||||
>[!IMPORTANT]
|
||||
>Exclusion list changes made with Group Policy **will show** in the lists in the [Windows Security app](windows-defender-security-center-antivirus.md#exclusions).
|
||||
>Exclusion list changes made with Group Policy **will show** in the lists in the [Windows Security app](microsoft-defender-security-center-antivirus.md#exclusions).
|
||||
>
|
||||
>Changes made in the Windows Security app **will not show** in the Group Policy lists.
|
||||
|
||||
|
||||
@ -31,7 +31,7 @@ For example, it may be necessary to allow certain user groups (such as security
|
||||
|
||||
The default setting for these policies is **Disabled**.
|
||||
|
||||
If they are set to **Enabled**, users on endpoints can make changes to the associated setting with the [Windows Security](windows-defender-security-center-antivirus.md) app, local Group Policy settings, and PowerShell cmdlets (where appropriate).
|
||||
If they are set to **Enabled**, users on endpoints can make changes to the associated setting with the [Windows Security](microsoft-defender-security-center-antivirus.md) app, local Group Policy settings, and PowerShell cmdlets (where appropriate).
|
||||
|
||||
The following table lists each of the override policy setting and the configuration instructions for the associated feature or setting.
|
||||
|
||||
|
||||
@ -112,7 +112,7 @@ You will also see a detection under **Quarantined threats** in the **Scan histor
|
||||
|
||||
|
||||
>[!NOTE]
|
||||
>Versions of Windows 10 before version 1703 have a different user interface. See [Microsoft Defender Antivirus in the Windows Security app](windows-defender-security-center-antivirus.md).
|
||||
>Versions of Windows 10 before version 1703 have a different user interface. See [Microsoft Defender Antivirus in the Windows Security app](microsoft-defender-security-center-antivirus.md).
|
||||
|
||||
The Windows event log will also show [Windows Defender client event ID 2050](troubleshoot-microsoft-defender-antivirus.md).
|
||||
|
||||
|
||||
@ -31,7 +31,7 @@ You can also configure how standard notifications appear on endpoints, such as n
|
||||
|
||||
## Configure the additional notifications that appear on endpoints
|
||||
|
||||
You can configure the display of additional notifications, such as recent threat detection summaries, in the [Windows Security app](windows-defender-security-center-antivirus.md) and with Group Policy.
|
||||
You can configure the display of additional notifications, such as recent threat detection summaries, in the [Windows Security app](microsoft-defender-security-center-antivirus.md) and with Group Policy.
|
||||
|
||||
> [!NOTE]
|
||||
> In Windows 10, version 1607 the feature was called **Enhanced notifications** and could be configured under **Windows Settings** > **Update & security** > **Windows Defender**. In Group Policy settings in all versions of Windows 10, it is called **Enhanced notifications**.
|
||||
|
||||
@ -38,7 +38,7 @@ When you add a process to the process exclusion list, Microsoft Defender Antivir
|
||||
|
||||
The exclusions only apply to [always-on real-time protection and monitoring](configure-real-time-protection-microsoft-defender-antivirus.md). They don't apply to scheduled or on-demand scans.
|
||||
|
||||
Changes made with Group Policy to the exclusion lists **will show** in the lists in the [Windows Security app](windows-defender-security-center-antivirus.md#exclusions). However, changes made in the Windows Security app **will not show** in the Group Policy lists.
|
||||
Changes made with Group Policy to the exclusion lists **will show** in the lists in the [Windows Security app](microsoft-defender-security-center-antivirus.md#exclusions). However, changes made in the Windows Security app **will not show** in the Group Policy lists.
|
||||
|
||||
You can add, remove, and review the lists for exclusions in [Group Policy](#gp), [Microsoft Endpoint Configuration Manager, Microsoft Intune, and with the Windows Security app](#man-tools), and you can [use wildcards](#wildcards) to further customize the lists.
|
||||
|
||||
@ -127,7 +127,7 @@ See the following for more information and allowed parameters:
|
||||
|
||||
### Use the Windows Security app to exclude files that have been opened by specified processes from scans
|
||||
|
||||
See [Add exclusions in the Windows Security app](windows-defender-security-center-antivirus.md#exclusions) for instructions.
|
||||
See [Add exclusions in the Windows Security app](microsoft-defender-security-center-antivirus.md#exclusions) for instructions.
|
||||
|
||||
<a id="wildcards"></a>
|
||||
|
||||
@ -149,7 +149,7 @@ Environment variables | The defined variable will be populated as a path when th
|
||||
|
||||
## Review the list of exclusions
|
||||
|
||||
You can retrieve the items in the exclusion list with MpCmdRun, PowerShell, [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/protect/deploy-use/endpoint-antimalware-policies#exclusion-settings), [Intune](https://docs.microsoft.com/intune/device-restrictions-configure), or the [Windows Security app](windows-defender-security-center-antivirus.md#exclusions).
|
||||
You can retrieve the items in the exclusion list with MpCmdRun, PowerShell, [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/protect/deploy-use/endpoint-antimalware-policies#exclusion-settings), [Intune](https://docs.microsoft.com/intune/device-restrictions-configure), or the [Windows Security app](microsoft-defender-security-center-antivirus.md#exclusions).
|
||||
|
||||
If you use PowerShell, you can retrieve the list in two ways:
|
||||
|
||||
|
||||
@ -38,7 +38,7 @@ To enable and configure always-on protection:
|
||||
2. Under **Best match**, click **Edit group policy** to launch **Local Group Policy Editor**.
|
||||
|
||||
2. In the left pane of **Local Group Policy Editor**, expand the tree to **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Microsoft Defender Antivirus**.
|
||||
|
||||
|
||||
3. Configure the Microsoft Defender Antivirus antimalware service policy settings. To do this:
|
||||
1. In the **Microsoft Defender Antivirus** details pane on right, double-click the policy setting as specified in the following table:
|
||||
|
||||
@ -75,7 +75,7 @@ To enable and configure always-on protection:
|
||||
|
||||
5. Configure the Microsoft Defender Antivirus scanning policy setting. To do this:
|
||||
1. From the **Microsoft Defender Antivirus** tree on left pane, click **Scan**.
|
||||
|
||||
|
||||
|
||||
2. In the **Scan** details pane on right, double-click the policy setting as specified in the following table:
|
||||
|
||||
|
||||
@ -22,7 +22,7 @@ ms.custom: nextgen
|
||||
|
||||
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
|
||||
|
||||
Microsoft Defender Antivirus on Windows Server 2016 and 2019 automatically enrolls you in certain exclusions, as defined by your specified server role. See the [list of automatic exclusions](#list-of-automatic-exclusions) (in this article). These exclusions do not appear in the standard exclusion lists that are shown in the [Windows Security app](windows-defender-security-center-antivirus.md#exclusions).
|
||||
Microsoft Defender Antivirus on Windows Server 2016 and 2019 automatically enrolls you in certain exclusions, as defined by your specified server role. See the [list of automatic exclusions](#list-of-automatic-exclusions) (in this article). These exclusions do not appear in the standard exclusion lists that are shown in the [Windows Security app](microsoft-defender-security-center-antivirus.md#exclusions).
|
||||
|
||||
> [!NOTE]
|
||||
> Automatic exclusions only apply to Real-time protection (RTP) scanning. Automatic exclusions are not honored during a Full/Quick or On-demand scan.
|
||||
|
||||
@ -75,7 +75,7 @@ Microsoft Defender Antivirus blocks detected PUA files and any attempts to downl
|
||||
|
||||
When a PUA file is detected on an endpoint, Microsoft Defender Antivirus sends a notification to the user ([unless notifications have been disabled](configure-notifications-microsoft-defender-antivirus.md)) in the same format as other threat detections. The notification will be prefaced with _PUA:_ to indicate its content.
|
||||
|
||||
The notification appears in the usual [quarantine list within the Windows Security app](windows-defender-security-center-antivirus.md#detection-history).
|
||||
The notification appears in the usual [quarantine list within the Windows Security app](microsoft-defender-security-center-antivirus.md#detection-history).
|
||||
|
||||
#### Configure PUA protection in Microsoft Defender Antivirus
|
||||
|
||||
|
||||
@ -88,7 +88,7 @@ In passive and automatic disabled mode, you can still [manage updates for Micros
|
||||
If you uninstall the other product, and choose to use Microsoft Defender Antivirus to provide protection to your endpoints, Microsoft Defender Antivirus will automatically return to its normal active mode.
|
||||
|
||||
> [!WARNING]
|
||||
> You should not attempt to disable, stop, or modify any of the associated services used by Microsoft Defender Antivirus, Microsoft Defender ATP, or the Windows Security app. This includes the *wscsvc*, *SecurityHealthService*, *MsSense*, *Sense*, *WinDefend*, or *MsMpEng* services and process. Manually modifying these services can cause severe instability on your endpoints and open your network to infections and attacks. It can also cause problems when using third-party antivirus apps and how their information is displayed in the [Windows Security app](windows-defender-security-center-antivirus.md).
|
||||
> You should not attempt to disable, stop, or modify any of the associated services used by Microsoft Defender Antivirus, Microsoft Defender ATP, or the Windows Security app. This includes the *wscsvc*, *SecurityHealthService*, *MsSense*, *Sense*, *WinDefend*, or *MsMpEng* services and process. Manually modifying these services can cause severe instability on your endpoints and open your network to infections and attacks. It can also cause problems when using third-party antivirus apps and how their information is displayed in the [Windows Security app](microsoft-defender-security-center-antivirus.md).
|
||||
|
||||
|
||||
## Related topics
|
||||
|
||||
@ -26,7 +26,7 @@ Microsoft Defender Offline is an antimalware scanning tool that lets you boot an
|
||||
|
||||
You can use Microsoft Defender Offline if you suspect a malware infection, or you want to confirm a thorough clean of the endpoint after a malware outbreak.
|
||||
|
||||
In Windows 10, Microsoft Defender Offline can be run with one click directly from the [Windows Security app](windows-defender-security-center-antivirus.md). In previous versions of Windows, a user had to install Microsoft Defender Offline to bootable media, restart the endpoint, and load the bootable media.
|
||||
In Windows 10, Microsoft Defender Offline can be run with one click directly from the [Windows Security app](microsoft-defender-security-center-antivirus.md). In previous versions of Windows, a user had to install Microsoft Defender Offline to bootable media, restart the endpoint, and load the bootable media.
|
||||
|
||||
## prerequisites and requirements
|
||||
|
||||
@ -132,7 +132,7 @@ See the following for more information:
|
||||
|
||||
## Review scan results
|
||||
|
||||
Microsoft Defender Offline scan results will be listed in the [Scan history section of the Windows Security app](windows-defender-security-center-antivirus.md#detection-history).
|
||||
Microsoft Defender Offline scan results will be listed in the [Scan history section of the Windows Security app](microsoft-defender-security-center-antivirus.md#detection-history).
|
||||
|
||||
|
||||
## Related articles
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
|
||||
# [Microsoft Defender Antivirus in Windows 10](microsoft-defender-antivirus-in-windows-10.md)
|
||||
|
||||
## [Windows Defender AV in the Microsoft Defender Security Center app](windows-defender-security-center-antivirus.md)
|
||||
## [Windows Defender AV in the Microsoft Defender Security Center app](microsoft-defender-security-center-antivirus.md)
|
||||
|
||||
## [Windows Defender AV on Windows Server 2016](microsoft-defender-antivirus-on-windows-server-2016.md)
|
||||
|
||||
@ -51,7 +51,7 @@
|
||||
### [Configure scheduled scans](scheduled-catch-up-scans-microsoft-defender-antivirus.md)
|
||||
### [Configure and run scans](run-scan-microsoft-defender-antivirus.md)
|
||||
### [Review scan results](review-scan-results-microsoft-defender-antivirus.md)
|
||||
### [Run and review the results of a Windows Defender Offline scan](windows-defender-offline.md)
|
||||
### [Run and review the results of a Windows Defender Offline scan](microsoft-defender-offline.md)
|
||||
|
||||
|
||||
## [Review event logs and error codes to troubleshoot issues](troubleshoot-microsoft-defender-antivirus.md)
|
||||
|
||||
@ -234,4 +234,4 @@ No.
|
||||
|
||||
[Get an overview of Microsoft Defender ATP E5](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp)
|
||||
|
||||
[Better together: Microsoft Defender Antivirus and Microsoft Defender Advanced Threat Protection](why-use-microsoft-antivirus.md)
|
||||
[Better together: Microsoft Defender Antivirus and Microsoft Defender Advanced Threat Protection](why-use-microsoft-defender-antivirus.md)
|
||||
|
||||
@ -61,7 +61,7 @@ See [Use the mpcmdrun.exe commandline tool to configure and manage Microsoft Def
|
||||
|
||||
## Use the Windows Security app to run a scan
|
||||
|
||||
See [Run a scan in the Windows Security app](windows-defender-security-center-antivirus.md#scan) for instructions on running a scan on individual endpoints.
|
||||
See [Run a scan in the Windows Security app](microsoft-defender-security-center-antivirus.md#scan) for instructions on running a scan on individual endpoints.
|
||||
|
||||
## Use PowerShell cmdlets to run a scan
|
||||
|
||||
|
||||
@ -28,7 +28,7 @@ You can configure attack surface reduction with a number of tools, including:
|
||||
|
||||
Article | Description
|
||||
-|-
|
||||
[Enable hardware-based isolation for Microsoft Edge](../windows-defender-application-guard/install-wd-app-guard.md) | How to prepare for and install Application Guard, including hardware and software requirements
|
||||
[Enable hardware-based isolation for Microsoft Edge](../microsoft-defender-application-guard/install-md-app-guard.md) | How to prepare for and install Application Guard, including hardware and software requirements
|
||||
[Enable application control](../windows-defender-application-control/windows-defender-application-control.md)|How to control applications run by users and protect kernel mode processes
|
||||
[Exploit protection](./enable-exploit-protection.md)|How to automatically apply exploit mitigation techniques on both operating system processes and on individual apps
|
||||
[Network protection](./enable-network-protection.md)|How to prevent users from using any apps to access dangerous domains
|
||||
|
||||
@ -34,7 +34,7 @@ These capabilities help prevent attacks and exploitations from infecting your or
|
||||
- [Evaluate exploit protection](./evaluate-exploit-protection.md)
|
||||
- [Evaluate network protection](./evaluate-exploit-protection.md)
|
||||
- [Evaluate controlled folder access](./evaluate-controlled-folder-access.md)
|
||||
- [Evaluate application guard](../windows-defender-application-guard/test-scenarios-wd-app-guard.md)
|
||||
- [Evaluate application guard](../windows-defender-application-guard/test-scenarios-md-app-guard.md)
|
||||
- [Evaluate network firewall](../windows-firewall/evaluating-windows-firewall-with-advanced-security-design-examples.md)
|
||||
|
||||
## Evaluate next generation protection
|
||||
|
||||
@ -34,7 +34,7 @@ Help reduce your attack surfaces, by minimizing the places where your organizati
|
||||
Article | Description
|
||||
-|-
|
||||
[Attack surface reduction](./attack-surface-reduction.md) | Reduce vulnerabilities (attack surfaces) in your applications with intelligent rules that help stop malware. (Requires Microsoft Defender Antivirus).
|
||||
[Hardware-based isolation](../windows-defender-application-guard/wd-app-guard-overview.md) | Protect and maintain the integrity of a system as it starts and while it's running. Validate system integrity through local and remote attestation. And, use container isolation for Microsoft Edge to help guard against malicious websites.
|
||||
[Hardware-based isolation](../microsoft-defender-application-guard/md-app-guard-overview.md) | Protect and maintain the integrity of a system as it starts and while it's running. Validate system integrity through local and remote attestation. And, use container isolation for Microsoft Edge to help guard against malicious websites.
|
||||
[Application control](../windows-defender-application-control/windows-defender-application-control.md) | Use application control so that your applications must earn trust in order to run.
|
||||
[Exploit protection](./exploit-protection.md) | Help protect operating systems and apps your organization uses from being exploited. Exploit protection also works with third-party antivirus solutions.
|
||||
[Network protection](./network-protection.md) | Extend protection to your network traffic and connectivity on your organization's devices. (Requires Microsoft Defender Antivirus)
|
||||
|
||||
@ -25,6 +25,6 @@ Hardware-based isolation helps protect system integrity in Windows 10 and is int
|
||||
|
||||
| Feature | Description |
|
||||
|------------|-------------|
|
||||
| [Windows Defender Application Guard](../windows-defender-application-guard/wd-app-guard-overview.md) | Application Guard protects your device from advanced attacks while keeping you productive. Using a unique hardware-based isolation approach, the goal is to isolate untrusted websites and PDF documents inside a lightweight container that is separated from the operating system via the native Windows Hypervisor. If an untrusted site or PDF document turns out to be malicious, it still remains contained within Application Guard’s secure container, keeping the desktop PC protected and the attacker away from your enterprise data. |
|
||||
| [Windows Defender Application Guard](../microsoft-defender-application-guard/md-app-guard-overview.md) | Application Guard protects your device from advanced attacks while keeping you productive. Using a unique hardware-based isolation approach, the goal is to isolate untrusted websites and PDF documents inside a lightweight container that is separated from the operating system via the native Windows Hypervisor. If an untrusted site or PDF document turns out to be malicious, it still remains contained within Application Guard’s secure container, keeping the desktop PC protected and the attacker away from your enterprise data. |
|
||||
| [Windows Defender System Guard](../windows-defender-system-guard/system-guard-how-hardware-based-root-of-trust-helps-protect-windows.md) | System Guard protects and maintains the integrity of the system as it starts and after it's running, and validates system integrity by using attestation. |
|
||||
|
||||
|
||||
@ -30,7 +30,7 @@ In Windows 10, version 1803, this section also contains information and settings
|
||||
|
||||
IT administrators and IT pros can get more information and documentation about configuration from the following:
|
||||
|
||||
- [Microsoft Defender Antivirus in the Windows Security app](../microsoft-defender-antivirus/windows-defender-security-center-antivirus.md)
|
||||
- [Microsoft Defender Antivirus in the Windows Security app](../microsoft-defender-antivirus/microsoft-defender-security-center-antivirus.md)
|
||||
- [Microsoft Defender Antivirus documentation library](../microsoft-defender-antivirus/microsoft-defender-antivirus-in-windows-10.md)
|
||||
- [Protect important folders with Controlled folder access](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/controlled-folders-exploit-guard)
|
||||
- [Defend yourself from cybercrime with new Office 365 capabilities](https://blogs.office.com/en-us/2018/04/05/defend-yourself-from-cybercrime-with-new-office-365-capabilities/)
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user