Content reorg and rebranding changes

2025-05-15 23:07:23 +00:00 · 2018-08-09 15:40:41 -07:00 · 2018-08-09 15:40:41 -07:00 · c5ad334960
commit c5ad334960
parent a62b0855f1
36 changed files with 344 additions and 678 deletions
--- a/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data-update-compliance.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data-update-compliance.md
@ -1,6 +1,6 @@
 ---
 title: Collect diagnostic data for Update Compliance and antivirus
-description: Use a tool to collect data to troubleshoot Update Compliance issues when using the Windows Defender AV Assessment add in
+description: Use a tool to collect data to troubleshoot Update Compliance issues when using the antivirus Assessment add in
 keywords: troubleshoot, error, fix, update compliance, oms, monitor, report, windows defender av
 search.product: eADQiWindows 10XVcnh
 ms.pagetype: security
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-remediation-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-remediation-windows-defender-antivirus.md
@ -1,6 +1,6 @@
 ---
-title: Remediate and resolve infections detected by Windows Defender AV
+title: Remediate and resolve infections detected by antivirus
-description: Configure what Windows Defender AV should do when it detects a threat, and how long quarantined files should be retained in the quarantine folder
+description: Configure what antivirus should do when it detects a threat, and how long quarantined files should be retained in the quarantine folder
 keywords: remediation, fix, remove, threats, quarantine, scan, restore
 search.product: eADQiWindows 10XVcnh
 ms.pagetype: security
@ -14,16 +14,7 @@ ms.author: v-anbic
 ms.date: 07/10/2018
 ---
-
+# Configure remediation for antivirus scans
 # Configure remediation for Windows Defender AV scans
 **Applies to**
 -   Windows 10
 **Audience**
 - Enterprise security administrators
 **Manageability available with**
@ -33,7 +24,7 @@ ms.date: 07/10/2018
 - Windows Management Instrumentation (WMI)
 - Microsoft Intune
-When Windows Defender Antivirus runs a scan, it will attempt to remediate or remove threats that it finds. You can configure how Windows Defender AV should react to certain threats, whether it should create a restore point before remediating, and when it should remove remediated threats.
+When antivirus runs a scan, it will attempt to remediate or remove threats that it finds. You can configure how antivirus should react to certain threats, whether it should create a restore point before remediating, and when it should remove remediated threats.
 This topic describes how to configure these settings with Group Policy, but you can also use [System Center Configuration Manager](https://docs.microsoft.com/en-us/sccm/protect/deploy-use/endpoint-antimalware-policies#threat-overrides-settings) and [Microsoft Intune](https://docs.microsoft.com/en-us/intune/device-restrictions-configure).
@ -45,40 +36,38 @@ You can configure how remediation works with the Group Policy settings described
 To configure these settings:
-1.  On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
+1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
-3.  In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
+2. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
-5.  Expand the tree to **Windows components > Windows Defender Antivirus** and then the **Location** specified in the table below.
+3. Expand the tree to **Windows components > Windows Defender Antivirus** and then the **Location** specified in the table below.
 6. Double-click the policy **Setting** as specified in the table below, and set the option to your desired configuration. Click **OK**, and repeat for any other settings.
 4. Double-click the policy **Setting** as specified in the table below, and set the option to your desired configuration. Click **OK**, and repeat for any other settings.
 Location | Setting | Description | Default setting (if not configured)
 ---|---|---|---
 Scan | Create a system restore point | A system restore point will be created each day before cleaning or scanning is attempted | Disabled
 Scan | Turn on removal of items from scan history folder | Specify how many days items should be kept in the scan history | 30 days
-Root | Turn off routine remediation | You can specify whether Windows Defender AV automatically remediates threats, or if it should ask the endpoint user what to do. | Disabled (threats are remediated automatically)
+Root | Turn off routine remediation | You can specify whether antivirus automatically remediates threats, or if it should ask the endpoint user what to do. | Disabled (threats are remediated automatically)
 Quarantine | Configure removal of items from Quarantine folder | Specify how many days items should be kept in quarantine before being removed | Never removed
-Threats | Specify threat alert levels at which default action should not be taken when detected | Every threat that is detected by Windows Defender AV is assigned a threat level (low, medium, high, or severe). You can use this setting to define how all threats for each of the threat levels should be remediated (quarantined, removed, or ignored) | Not applicable
+Threats | Specify threat alert levels at which default action should not be taken when detected | Every threat that is detected by antivirus is assigned a threat level (low, medium, high, or severe). You can use this setting to define how all threats for each of the threat levels should be remediated (quarantined, removed, or ignored) | Not applicable
 Threats | Specify threats upon which default action should not be taken when detected | Specify how specific threats (using their threat ID) should be remediated. You can specify whether the specific threat should be quarantined, removed, or ignored | Not applicable
 >[!IMPORTANT]
->Windows Defender Antivirus detects and remediates files based on many factors.  Sometimes, completing a remediation requires a reboot.  Even if the detection is later determined to be a false positive, the reboot must be completed to ensure all additional remediation steps have been completed.
+>Antivirus detects and remediates files based on many factors. Sometimes, completing a remediation requires a reboot. Even if the detection is later determined to be a false positive, the reboot must be completed to ensure all additional remediation steps have been completed.
 ></p>
->If you are certain Windows Defender AV quarantined a file based on a false positive, you can restore the file from quarantine after the device reboots. See [Restore quarantined files in Windows Defender AV](restore-quarantined-files-windows-defender-antivirus.md).
+>If you are certain antivirus quarantined a file based on a false positive, you can restore the file from quarantine after the device reboots. See [Restore quarantined files in antivirus](restore-quarantined-files-windows-defender-antivirus.md).
 ></p>
->To avoid this problem in the future, you can exclude files from the scans. See [Configure and validate exclusions for Windows Defender AV scans](configure-exclusions-windows-defender-antivirus.md).
+>To avoid this problem in the future, you can exclude files from the scans. See [Configure and validate exclusions for antivirus scans](configure-exclusions-windows-defender-antivirus.md).
-
+Also see [Configure remediation-required scheduled full antivirus scans](scheduled-catch-up-scans-windows-defender-antivirus.md#remed) for more remediation-related settings.
 Also see the [Configure remediation-required scheduled full scans for Windows Defender AV](scheduled-catch-up-scans-windows-defender-antivirus.md#remed) topic for more remediation-related settings.
 ## Related topics
- [Configure scanning options in Windows Defender AV](configure-advanced-scan-types-windows-defender-antivirus.md)
+- [Configure antivirus scanning options](configure-advanced-scan-types-windows-defender-antivirus.md)
- [Configure scheduled scans for Windows Defender AV](scheduled-catch-up-scans-windows-defender-antivirus.md)
+- [Configure scheduled antivirus scans](scheduled-catch-up-scans-windows-defender-antivirus.md)
- [Configure and run on-demand Windows Defender AV scans](run-scan-windows-defender-antivirus.md)
+- [Configure and run on-demand antivirus scans](run-scan-windows-defender-antivirus.md)
 - [Configure the notifications that appear on endpoints](configure-notifications-windows-defender-antivirus.md)
- [Configure end-user interaction with Windows Defender AV](configure-end-user-interaction-windows-defender-antivirus.md)
+- [Configure end-user antivirus interaction](configure-end-user-interaction-windows-defender-antivirus.md)
- [Customize, initiate, and review the results of Windows Defender AV scans and remediation](customize-run-review-remediate-scans-windows-defender-antivirus.md)
+- [Customize, initiate, and review the results of antivirus scans and remediation](customize-run-review-remediate-scans-windows-defender-antivirus.md)
- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)
+- [Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-server-exclusions-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-server-exclusions-windows-defender-antivirus.md
@ -1,7 +1,7 @@
 ---
-title: Automatic and customized exclusions for Windows Defender AV on Windows Server 2016
+title: Configure antivirus exclusions on Windows Server 2016
-description: Windows Server 2016 includes automatic exclusions, based on Server Role. You can also add custom exclusions.
+description: Windows Server 2016 includes automatic exclusions, based on server role. You can also add custom exclusions.
-keywords: exclusions, server, auto-exclusions, automatic, custom, scans
+keywords: exclusions, server, auto-exclusions, automatic, custom, scans, antivirus
 search.product: eADQiWindows 10XVcnh
 ms.pagetype: security
 ms.prod: w10
@ -14,17 +14,7 @@ ms.author: v-anbic
 ms.date: 05/17/2018
 ---
-# Configure exclusions in Windows Defender AV on Windows Server
+# Configure antivirus exclusions on Windows Server
 **Applies to:**
 - Windows Server 2016
 **Audience**
 - Enterprise security administrators
 **Manageability available with**
@ -32,25 +22,25 @@ ms.date: 05/17/2018
 - PowerShell
 - Windows Management Instrumentation (WMI)
-If you are using Windows Defender Antivirus to protect Windows Server 2016 machines, you are automatically enrolled in certain exclusions, as defined by your specified Windows Server Role. A list of these exclusions is provided at [the end of this topic](#list-of-automatic-exclusions).
+Antivirus on Windows Server 2016 computers automatically enrolls you in certain exclusions, as defined by your specified server role. See [the end of this topic](#list-of-automatic-exclusions) for a list of these exclusions.
 These exclusions will not appear in the standard exclusion lists shown in the [Windows Defender Security Center app](windows-defender-security-center-antivirus.md#exclusions).
-You can still add or remove custom exclusions (in addition to the Server Role-defined automatic exclusions) as described in the other exclusion-related topics:
+You can still add or remove custom exclusions (in addition to the server role-defined automatic exclusions) as described in these exclusion-related topics:
 - [Configure and validate exclusions based on file name, extension, and folder location](configure-extension-file-exclusions-windows-defender-antivirus.md)
 - [Configure and validate exclusions for files opened by processes](configure-process-opened-file-exclusions-windows-defender-antivirus.md)
-Custom exclusions take precedence over the automatic exclusions.
+Custom exclusions take precedence over automatic exclusions.
 > [!TIP]
 > Custom and duplicate exclusions do not conflict with automatic exclusions.
-Windows Defender AV uses the Deployment Image Servicing and Management (DSIM) tools to determine which roles are installed on your computer.
+Antivirus uses the Deployment Image Servicing and Management (DISM) tools to determine which roles are installed on your computer.
 ## Opt out of automatic exclusions
-In Windows Server 2016 the predefined exclusions delivered by definition updates only exclude the default paths for a role or feature. If you installed a role or feature in a custom path, or you want to manually control the set of exclusions, you need to opt-out of the automatic exclusions delivered in definition updates.
+In Windows Server 2016, the predefined exclusions delivered by definition updates only exclude the default paths for a role or feature. If you installed a role or feature in a custom path, or you want to manually control the set of exclusions, you need to opt out of the automatic exclusions delivered in definition updates.
 > [!WARNING]
 > Opting out of automatic exclusions may adversely impact performance, or result in data corruption. The exclusions that are delivered automatically are optimized for Windows Server 2016 roles.
@ -58,17 +48,17 @@ In Windows Server 2016 the predefined exclusions delivered by definition updates
 > [!NOTE]
 > This setting is only supported on Windows Server 2016. While this setting exists in Windows 10, it doesn't have an effect on exclusions.
-You can disable the auto-exclusions lists with Group Policy, PowerShell cmdlets, and WMI.
+You can disable the automatic exclusion lists with Group Policy, PowerShell cmdlets, and WMI.
 **Use Group Policy to disable the auto-exclusions list on Windows Server 2016:**
-1.  On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
+1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
-3.  In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
+2. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
-5.  Expand the tree to **Windows components > Windows Defender Antivirus > Exclusions**.
+3. Expand the tree to **Windows components > Windows Defender Antivirus > Exclusions**.
-6. Double-click the **Turn off Auto Exclusions** setting and set the option to **Enabled**. Click **OK**. 
+4. Double-click **Turn off Auto Exclusions** and set the option to **Enabled**. Click **OK**. 
 **Use PowerShell cmdlets to disable the auto-exclusions list on Windows Server 2016:**
@ -91,7 +81,6 @@ DisableAutoExclusions
 See the following for more information and allowed parameters:
 - [Windows Defender WMIv2 APIs](https://msdn.microsoft.com/en-us/library/dn439477(v=vs.85).aspx)
 ## List of automatic exclusions
 The following sections contain the exclusions that are delivered with automatic exclusions file paths and file types.
@ -327,8 +316,6 @@ This section lists the file and folder exclusions and the process exclusions tha
  - *%systemroot%*\System32\dns.exe
 ### File and Storage Services exclusions
 This section lists the file and folder exclusions that are delivered automatically when you install the File and Storage Services role. The exclusions listed below do not include exclusions for the Clustering role.
@ -389,13 +376,10 @@ This section lists the folder exclusions that are delivered automatically when y
 - *%systemroot%*\SoftwareDistribution\Download
 ## Related topics
- [Configure and validate exclusions for Windows Defender AV scans](configure-exclusions-windows-defender-antivirus.md)
+- [Configure and validate exclusions for antivirus scans](configure-exclusions-windows-defender-antivirus.md)
 - [Configure and validate exclusions based on file name, extension, and folder location](configure-extension-file-exclusions-windows-defender-antivirus.md)
 - [Configure and validate exclusions for files opened by processes](configure-process-opened-file-exclusions-windows-defender-antivirus.md)
- [Customize, initiate, and review the results of Windows Defender AV scans and remediation](customize-run-review-remediate-scans-windows-defender-antivirus.md)
+- [Customize, initiate, and review the results of antivirus scans and remediation](customize-run-review-remediate-scans-windows-defender-antivirus.md)
- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)
+- [Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-windows-defender-antivirus-features.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-windows-defender-antivirus-features.md
@ -1,7 +1,7 @@
 ---
-title: Configure Windows Defender Antivirus features (Windows 10)
+title: Configure antivirus features
-description: You can configure features for Windows Defender Antivirus using Configuration Manager, MDM software (such as Intune), PowerShell, and with Group Policy settings.
+description: You can configure antivirus features with Intune, System Center Configuration Manager, Group Policy, and PowerShell.
-keywords: windows defender antivirus, antimalware, security, defender, configure, configuration, Config Manager, System Center Configuration Manager, SCCM, Intune, MDM, mobile device management, GP, group policy, PowerShell
+keywords: antivirus, antimalware, security, defender, configure, configuration, Config Manager, System Center Configuration Manager, SCCM, Intune, MDM, mobile device management, GP, group policy, PowerShell
 search.product: eADQiWindows 10XVcnh
 ms.pagetype: security
 ms.prod: w10
@ -14,25 +14,15 @@ ms.author: v-anbic
 ms.date: 08/26/2017
 ---
-# Configure Windows Defender Antivirus features
+# Configure antivirus features
 You can configure antivirus with a number of tools, including:
-**Applies to:**
+- Microsoft Intune
 - Windows 10
 **Audience**
 - Enterprise security administrators
 Windows Defender Antivirus can be configured with a number of tools, including:
 - Group Policy settings
 - System Center Configuration Manager
 - Group Policy
 - PowerShell cmdlets
 - Windows Management Instrumentation (WMI)
 - Microsoft Intune
 The following broad categories of features can be configured:
@ -40,17 +30,13 @@ The following broad categories of features can be configured:
 - Always-on real-time protection, including behavioral, heuristic, and machine-learning-based protection
 - How end-users interact with the client on individual endpoints
-The topics in this section describe how to perform key tasks when configuring Windows Defender AV. Each topic includes instructions for the applicable configuration tool (or tools).
+The topics in this section describe how to perform key tasks when configuring antivirus. Each topic includes instructions for the applicable configuration tool (or tools).
 You can also review the [Reference topics for management and configuration tools](configuration-management-reference-windows-defender-antivirus.md) topic for an overview of each tool and links to further help.
 ## In this section
 Topic | Description
 :---|:---
-[Utilize Microsoft cloud-provided protection in Windows Defender Antivirus](utilize-microsoft-cloud-protection-windows-defender-antivirus.md) | Cloud-delivered protection provides an advanced level of fast, robust antivirus detection
+[Utilize Microsoft cloud-provided antivirus protection](utilize-microsoft-cloud-protection-windows-defender-antivirus.md) | Cloud-delivered protection provides an advanced level of fast, robust antivirus detection
-[Configure behavioral, heuristic, and real-time protection](configure-protection-features-windows-defender-antivirus.md)|Enable behavior-based, heuristic, and real-time protection in Windows Defender AV
+[Configure behavioral, heuristic, and real-time protection](configure-protection-features-windows-defender-antivirus.md)|Enable behavior-based, heuristic, and real-time antivirus protection
-[Configure end-user interaction with Windows Defender Antivirus](configure-end-user-interaction-windows-defender-antivirus.md)|Configure how end-users interact with Windows Defender AV, what notifications they see, and if they can override settings
+[Configure end-user antivirus interaction](configure-end-user-interaction-windows-defender-antivirus.md)|Configure how end-users interact with antivirus, what notifications they see, and whether they can override settings
--- a/windows/security/threat-protection/windows-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus.md
@ -1,7 +1,7 @@
 ---
 title: Run and customize scheduled and on-demand scans
-description: Customize and initiate scans using Windows Defender AV on endpoints across your network.
+description: Customize and initiate antivirus scans on endpoints across your network.
-keywords: scan, schedule, customize, exclusions, exclude files, remediation, scan results, quarantine, remove threat, quick scan, full scan
+keywords: scan, schedule, customize, exclusions, exclude files, remediation, scan results, quarantine, remove threat, quick scan, full scan, antivirus
 search.product: eADQiWindows 10XVcnh
 ms.pagetype: security
 ms.prod: w10
@ -14,29 +14,17 @@ ms.author: v-anbic
 ms.date: 08/26/2017
 ---
-# Customize, initiate, and review the results of Windows Defender AV scans and remediation
+# Customize, initiate, and review the results of antivirus scans and remediation
 **Applies to:**
 - Windows 10
 **Audience**
 - Enterprise security administrators
 You can use Group Policy, PowerShell, and Windows Management Instrumentation (WMI) to configure scans run by Windows Defender Antivirus.
 You can use Group Policy, PowerShell, and Windows Management Instrumentation (WMI) to configure antivirus scans.
 ## In this section
 Topic | Description
 ---|---
-[Configure and validate file, folder, and process-opened file exclusions in Windows Defender AV scans](configure-exclusions-windows-defender-antivirus.md) | You can exclude files (including files modified by specified processes) and folders from on-demand scans, scheduled scans, and always-on real-time protection monitoring and scanning
+[Configure and validate file, folder, and process-opened file exclusions in antivirus scans](configure-exclusions-windows-defender-antivirus.md) | You can exclude files (including files modified by specified processes) and folders from on-demand scans, scheduled scans, and always-on real-time protection monitoring and scanning
-[Configure scanning options in Windows Defender AV](configure-advanced-scan-types-windows-defender-antivirus.md) | You can configure Windows Defender AV to include certain types of email storage files, back-up or reparse points, and archived files (such as .zip files) in scans. You can also enable network file scanning
+[Configure antivirus scanning options](configure-advanced-scan-types-windows-defender-antivirus.md) | You can configure antivirus to include certain types of email storage files, back-up or reparse points, and archived files (such as .zip files) in scans. You can also enable network file scanning
-[Configure remediation for scans](configure-remediation-windows-defender-antivirus.md) | Configure what Windows Defender AV should do when it detects a threat, and how long quarantined files should be retained in the quarantine folder
+[Configure remediation for scans](configure-remediation-windows-defender-antivirus.md) | Configure what antivirus should do when it detects a threat, and how long quarantined files should be retained in the quarantine folder
 [Configure scheduled scans](scheduled-catch-up-scans-windows-defender-antivirus.md) | Set up recurring (scheduled) scans, including when they should run and whether they run as full or quick scans
 [Configure and run scans](run-scan-windows-defender-antivirus.md) | Run and configure on-demand scans using PowerShell, Windows Management Instrumentation, or individually on endpoints with the Windows Defender Security Center app
 [Review scan results](review-scan-results-windows-defender-antivirus.md) | Review the results of scans using  System Center Configuration Manager, Microsoft Intune, or the Windows Defender Security Center app
--- a/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md
@ -1,6 +1,6 @@
 ---
-title: Deploy, manage, and report on Windows Defender Antivirus
+title: Deploy, manage, and report on antivirus
-description: You can deploy and manage Windows Defender Antivirus with Group Policy, Configuration Manager, WMI, PowerShell, or Intune
+description: You can deploy and manage antivirus with Intune, System Center Configuration Manager, Group Policy, PowerShell, or WMI
 keywords: deploy, manage, update, protection, windows defender antivirus
 search.product: eADQiWindows 10XVcnh
 ms.pagetype: security
@ -14,46 +14,36 @@ ms.author: v-anbic
 ms.date: 07/19/2018
 ---
-# Deploy, manage, and report on Windows Defender Antivirus
+# Deploy, manage, and report on antivirus
-**Applies to:**
+You can deploy, manage, and report on antivirus in a number of ways.
- Windows 10
+Because the antivirus client is installed as a core part of Windows 10, traditional deployment of a client to your endpoints does not apply.
-**Audience**
+However, in most cases you will still need to enable the protection service on your endpoints with Microsoft Intune, System Center Configuration Manager, Azure Security Center, or Group Policy Objects, which is described in the following table.
 - IT administrators
 You can deploy, manage, and report on Windows Defender Antivirus in a number of ways. 
 As the Windows Defender AV client is installed as a core part of Windows 10, traditional deployment of a client to your endpoints does not apply.
 However, in most cases you will still need to enable the protection service on your endpoints with System Center Configuration Manager, Microsoft Intune, Azure Security Center, or Group Policy Objects, which is described in the following table.
 You'll also see additional links for:
- Managing Windows Defender Antivirus protection, including managing product and protection updates
+
- Reporting on Windows Defender Antivirus protection
+- Managing antivirus protection, including managing product and protection updates
 - Reporting on antivirus protection
 > [!IMPORTANT]
-> In most cases, Windows 10 will disable Windows Defender Antivirus if it finds another antivirus product running and up-to-date. You must disable or uninstall third-party antivirus products before Windows Defender Antivirus will be functioning. If you re-enable or install third-party antivirus products, then Windows 10 will automatically disable Windows Defender Antivirus. 
+> In most cases, Windows 10 will disable antivirus if it finds another antivirus product that is running and up-to-date. You must disable or uninstall third-party antivirus products before antivirus will function. If you re-enable or install third-party antivirus products, then Windows 10 automatically disables antivirus.
 Tool|Deployment options (<a href="#fn2" id="ref2">2</a>)|Management options (network-wide configuration and policy or baseline deployment) ([3](#fn3))|Reporting options  
 ---|---|---|---  
 System Center Configuration Manager ([1](#fn1))|Use the [Endpoint Protection point site system role][] and [enable Endpoint Protection with custom client settings][]|With [default and customized antimalware policies][] and [client management][]|With the default [Configuration Manager Monitoring workspace][] and [email alerts][]  
 Microsoft Intune|[Add endpoint protection settings in Intune](https://docs.microsoft.com/en-us/intune/endpoint-protection-configure)|[Configure device restriction settings in Intune](https://docs.microsoft.com/en-us/intune/device-restrictions-configure)| [Use the Intune console to manage devices](https://docs.microsoft.com/en-us/intune/device-management)  
-Windows Management Instrumentation|Deploy with Group Policy, System Center Configuration Manager, or manually on individual endpoints.|Use the [Set method of the MSFT_MpPreference class][] and the [Update method of the MSFT_MpSignature class][]|Use the [MSFT_MpComputerStatus][] class and the get method of associated classes in the [Windows Defender WMIv2 Provider][]
+System Center Configuration Manager ([1](#fn1))|Use the [Endpoint Protection point site system role][] and [enable Endpoint Protection with custom client settings][]|With [default and customized antimalware policies][] and [client management][]|With the default [Configuration Manager Monitoring workspace][] and [email alerts][]  
 PowerShell|Deploy with Group Policy, System Center Configuration Manager, or manually on individual endpoints.|Use the [Set-MpPreference][] and [Update-MpSignature] [] cmdlets available in the Defender module|Use the appropriate [Get- cmdlets available in the Defender module][]
 Group Policy and Active Directory (domain-joined)|Use a Group Policy Object to deploy configuration changes and ensure Windows Defender Antivirus is enabled.|Use Group Policy Objects (GPOs) to [Configure update options for Windows Defender Antivirus][] and [Configure Windows Defender features][]|Endpoint reporting is not available with Group Policy. You can generate a list of [Group Policies to determine if any settings or policies are not applied][]
 PowerShell|Deploy with Group Policy, System Center Configuration Manager, or manually on individual endpoints.|Use the [Set-MpPreference][] and [Update-MpSignature] [] cmdlets available in the Defender module|Use the appropriate [Get- cmdlets available in the Defender module][]
 Windows Management Instrumentation|Deploy with Group Policy, System Center Configuration Manager, or manually on individual endpoints.|Use the [Set method of the MSFT_MpPreference class][] and the [Update method of the MSFT_MpSignature class][]|Use the [MSFT_MpComputerStatus][] class and the get method of associated classes in the [Windows Defender WMIv2 Provider][]
 Microsoft Azure|Deploy Microsoft Antimalware for Azure in the [Azure portal, by using Visual Studio virtual machine configuration, or using Azure PowerShell cmdlets](https://docs.microsoft.com/en-us/azure/security/azure-security-antimalware#antimalware-deployment-scenarios). You can also [Install Endpoint protection in Azure Security Center](https://docs.microsoft.com/en-us/azure/security-center/security-center-install-endpoint-protection)|Configure [Microsoft Antimalware for Virtual Machines and Cloud Services with Azure PowerShell cmdlets](https://docs.microsoft.com/en-us/powershell/servicemanagement/azure.antimalware/v3.4.0/azure.antimalware) or [use code samples](https://gallery.technet.microsoft.com/Antimalware-For-Azure-5ce70efe)|Use [Microsoft Antimalware for Virtual Machines and Cloud Services with Azure PowerShell cmdlets](https://docs.microsoft.com/en-us/powershell/servicemanagement/azure.antimalware/v3.4.0/azure.antimalware) to enable monitoring. You can also review usage reports in Azure Active Directory to determine suspicious activity, including the [Possibly infected devices][] report and configure an SIEM tool to report on [Windows Defender Antivirus events][] and add that tool as an app in AAD.
 1. <span id="fn1" />The availability of some functions and features, especially related to cloud-delivered protection, differ between System Center Configuration Manager (Current Branch) and System Center Configuration Manager 2012. In this library, we've focused on Windows 10, Windows Server 2016, and System Center Configuration Manager (Current Branch). See [Use Microsoft cloud-provided protection in Windows Defender Antivirus](utilize-microsoft-cloud-protection-windows-defender-antivirus.md) for a table that describes the major differences. [(Return to table)](#ref2)
 2.	<span id="fn2" />In Windows 10, Windows Defender Antivirus is a component available without installation or deployment of an additional client or service. It will automatically be enabled when third-party antivirus products are either uninstalled or out of date ([except on Windows Server 2016](windows-defender-antivirus-on-windows-server-2016.md)). Traditional deployment therefore is not required. Deployment here refers to ensuring the Windows Defender Antivirus component is available and enabled on endpoints or servers. [(Return to table)](#ref2)
-3. <span id="fn3" />Configuration of features and protection, including configuring product and protection updates, are further described in the [Configure Windows Defender Antivirus features](configure-notifications-windows-defender-antivirus.md) section in this library. [(Return to table)](#ref2)
+3. <span id="fn3" />Configuration of features and protection, including configuring product and protection updates, are further described in the [Configure antivirus features](configure-notifications-windows-defender-antivirus.md) section in this library. [(Return to table)](#ref2)
 [Endpoint Protection point site system role]: https://docs.microsoft.com/en-us/sccm/protect/deploy-use/endpoint-protection-site-role
 [default and customized antimalware policies]:  https://docs.microsoft.com/en-us/sccm/protect/deploy-use/endpoint-antimalware-policies
@ -79,13 +69,10 @@ Microsoft Azure|Deploy Microsoft Antimalware for Azure in the [Azure portal, by
 [Possibly infected devices]: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-reporting-sign-ins-from-possibly-infected-devices
 [Windows Defender Antivirus events]: troubleshoot-windows-defender-antivirus.md
 ## In this section
 Topic | Description
 ---|---
-[Deploy and enable Windows Defender Antivirus protection](deploy-windows-defender-antivirus.md) | While the client is installed as a core part of Windows 10, and traditional deployment does not apply, you will still need to enable the client on your endpoints with System Center Configuration Manager, Microsoft Intune, or Group Policy Objects.
+[Deploy and enable antivirus protection](deploy-windows-defender-antivirus.md) | While the client is installed as a core part of Windows 10, and traditional deployment does not apply, you will still need to enable the client on your endpoints with System Center Configuration Manager, Microsoft Intune, or Group Policy Objects.
-[Manage Windows Defender Antivirus updates and apply baselines](manage-updates-baselines-windows-defender-antivirus.md) | There are two parts to updating Windows Defender Antivirus: updating the client on endpoints (product updates), and updating definitions (protection updates). You can update definitions in a number of ways, using System Center Configuration Manager, Group Policy, PowerShell, and WMI.
+[Manage antivirus updates and apply baselines](manage-updates-baselines-windows-defender-antivirus.md) | There are two parts to updating antivirus: updating the client on endpoints (product updates), and updating definitions (protection updates). You can update definitions in a number of ways, using System Center Configuration Manager, Group Policy, PowerShell, and WMI.
-[Monitor and report on Windows Defender Antivirus protection](report-monitor-windows-defender-antivirus.md) | You can use System Center Configuration Manager, the Update Compliance add-in for Microsoft Operations Management Suite, a third-party SIEM product (by consuming Windows event logs), or Microsoft Intune to monitor protection status and create reports about endpoint protection
+[Monitor and report on antivirus protection](report-monitor-windows-defender-antivirus.md) | You can use Microsoft Intune, System Center Configuration Manager, the Update Compliance add-in for Microsoft Operations Management Suite, or a third-party SIEM product (by consuming Windows event logs) to monitor protection status and create reports about endpoint protection.
--- a/windows/security/threat-protection/windows-defender-antivirus/deploy-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/deploy-windows-defender-antivirus.md
@ -1,7 +1,7 @@
 ---
-title: Deploy and enable Windows Defender Antivirus 
+title: Deploy and enable antivirus 
-description: Deploy Windows Defender AV for protection of your endpoints with Configuration Manager, Microsoft Intune, Group Policy, PowerShell cmdlets, or WMI.
+description: Deploy antivirus for protection of your endpoints with Microsoft Intune, System Center Configuration Manager, Group Policy, PowerShell cmdlets, or WMI.
-keywords: deploy, enable, windows defender av
+keywords: deploy, enable, antivirus
 search.product: eADQiWindows 10XVcnh
 ms.pagetype: security
 ms.prod: w10
@ -14,29 +14,18 @@ ms.author: v-anbic
 ms.date: 04/30/2018
 ---
-# Deploy and enable Windows Defender Antivirus
+# Deploy and enable antivirus
 Depending on the management tool you are using, you may need to specifically enable or configure antivirus protection.
-**Applies to:**
+See the table in [Deploy, manage, and report on antivirus](deploy-manage-report-windows-defender-antivirus.md#ref2) for instructions on how to enable protection with Microsoft Intune, System Center Configuration Manager, Group Policy, Active Directory, Microsoft Azure, PowerShell cmdlets, and Windows Management Instruction (WMI).
- Windows 10
+Some scenarios require additional guidance on how to successfully deploy or configure antivirus protection, such as Virtual Desktop Infrastructure (VDI) environments.
-**Audience**
+The remaining topic in this section provides end-to-end advice and best practices for [setting up antivirus on virtual machines (VMs) in a VDI or Remote Desktop Services (RDS) environment](deployment-vdi-windows-defender-antivirus.md).
 - Network administrators
 - IT administrators
 Depending on the management tool you are using, you may need to specifically enable or configure Windows Defender AV protection.
 See the table in the [Deploy, manage, and report on Windows Defender AV](deploy-manage-report-windows-defender-antivirus.md#ref2) topic for instructions on how to enable protection with System Center Configuration Manager, Group Policy, Active Directory, Microsoft Azure, Microsoft Intune, PowerShell cmdlets, and Windows Management Instruction (WMI).
 Some scenarios require additional guidance on how to successfully deploy or configure Windows Defender AV protection, such as Virtual Desktop Infrastructure (VDI) environments.
 The remaining topic in this section provides end-to-end advice and best practices for [setting up Windows Defender AV on virtual machines (VMs) in a VDI or Remote Desktop Services (RDS) environment](deployment-vdi-windows-defender-antivirus.md).
 ## Related topics
- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)
+- [Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)
- [Deploy, manage updates, and report on Windows Defender Antivirus](deploy-manage-report-windows-defender-antivirus.md)
+- [Deploy, manage updates, and report on antivirus](deploy-manage-report-windows-defender-antivirus.md)
- [Deployment guide for Windows Defender Antivirus in a virtual desktop infrastructure (VDI) environment](deployment-vdi-windows-defender-antivirus.md)
+- [Deployment guide for antivirus in a virtual desktop infrastructure (VDI) environment](deployment-vdi-windows-defender-antivirus.md)
--- a/windows/security/threat-protection/windows-defender-antivirus/deployment-vdi-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/deployment-vdi-windows-defender-antivirus.md
@ -16,26 +16,16 @@ ms.date: 04/30/2018
 # Deployment guide for Windows Defender Antivirus in a virtual desktop infrastructure (VDI) environment
 **Applies to:**
 - Windows 10
 **Audience**
 - Enterprise security administrators
 **Manageability available with**
 - System Center Configuration Manager (current branch)
 - Group Policy
-
+In addition to standard on-premises or hardware configurations, you can also use antivirus in a remote desktop (RDS) or virtual desktop infrastructure (VDI) environment.
 In addition to standard on-premises or hardware configurations, you can also use Windows Defender Antivirus (Windows Defender AV) in a remote desktop (RDS) or virtual desktop infrastructure (VDI) environment. 
 Boot storms can be a problem in large-scale VDIs; this guide will help reduce the overall network bandwidth and performance impact on your hardware.
-We recommend setting the following when deploying Windows Defender AV in a VDI environment:
+We recommend setting the following when deploying antivirus in a VDI environment:
 Location | Setting | Suggested configuration
 ---|---|---
@ -46,17 +36,20 @@ Root | Randomize scheduled task times | Enabled
 Signature updates | Turn on scan after signature update | Enabled
 Scan | Turn on catch up quick scan | Enabled
-For more details on the best configuration options to ensure a good balance between performance and protection, including detailed instructions for Group Policy and System Center Configuration Manager, see the [Configure endpoints for optimal performance](#configure-endpoints-for-optimal-performance) section.
+For more details on the best configuration options to ensure a good balance between performance and protection, including detailed instructions for System Center Configuration Manager and Group Policy, see the [Configure endpoints for optimal performance](#configure-endpoints-for-optimal-performance) section.
 See the [Microsoft Desktop virtualization site](https://www.microsoft.com/en-us/server-cloud/products/virtual-desktop-infrastructure/) for more details on Microsoft Remote Desktop Services and VDI support.
 For Azure-based virtual machines, you can also review the [Install Endpoint Protection in Azure Security Center](https://docs.microsoft.com/en-us/azure/security-center/security-center-install-endpoint-protection) topic.
-There are three main steps in this guide to help roll out Windows Defender AV protection across your VDI:
+There are three main steps in this guide to help roll out antivirus protection across your VDI:
 1. [Create and deploy the base image (for example, as a virtual hard disk (VHD)) that your virtual machines (VMs) will use](#create-and-deploy-the-base-image)
 2. [Manage the base image and updates for your VMs](#manage-your-vms-and-base-image)
 3. [Configure the VMs for optimal protection and performance](#configure-endpoints-for-optimal-performance), including:
    - [Randomize scheduled scans](#randomize-scheduled-scans)
    - [Use quick scans](#use-quick-scans)
    - [Prevent notifications](#prevent-notifications)
@ -67,34 +60,36 @@ There are three main steps in this guide to help roll out Windows Defender AV pr
 > While the VDI can be hosted on Windows Server 2012 or Windows Server 2016, the virtual machines (VMs) should be running Windows 10, 1607 at a minimum, due to increased protection technologies and features that are unavailable in earlier versions of Windows.
 >[!NOTE]
->When you manage Windows with System Center Configuration Manager, Windows Defender AV protection will be referred to as Endpoint Protection or System Center Endpoint Protection. See the [Endpoint Protection section at the Configuration Manager library]( https://docs.microsoft.com/en-us/sccm/protect/deploy-use/endpoint-protection) for more information.
+>When you manage Windows with System Center Configuration Manager, antivirus protection will be referred to as Endpoint Protection or System Center Endpoint Protection. See the [Endpoint Protection section at the Configuration Manager library]( https://docs.microsoft.com/en-us/sccm/protect/deploy-use/endpoint-protection) for more information.
 ## Create and deploy the base image
 The main steps in this section include:
 1. Create your standard base image according to your requirements
 2. Apply Windows Defender AV protection updates to your base image
 3. Seal or “lock” the image to create a “known-good” image
 4. Deploy your image to your VMs
 ### Create the base image  
 First, you should create your base image according to your business needs, applying or installing the relevant line of business (LOB) apps and settings as you normally would. Typically, this would involve creating a VHD or customized .iso, depending on how you will deploy the image to your VMs.
 ### Apply protection updates to the base image
-After creating the image, you should ensure it is fully updated. See [Configure Windows Defender in Windows 10]( https://technet.microsoft.com/en-us/itpro/windows/keep-secure/configure-windows-defender-in-windows-10) for instructions on how to update Windows Defender AV protection via WSUS, Microsoft Update, the MMPC site, or UNC file shares. You should ensure that your initial base image is also fully patched with Microsoft and Windows updates and patches.
+
 After creating the image, you should ensure it is fully updated. See [Configure Windows Defender in Windows 10]( https://technet.microsoft.com/en-us/itpro/windows/keep-secure/configure-windows-defender-in-windows-10) for instructions on how to update antivirus protection via WSUS, Microsoft Update, the MMPC site, or UNC file shares. You should ensure that your initial base image is also fully patched with Microsoft and Windows updates and patches.
 ### Seal the base image
 When the base image is fully updated, you should run a quick scan on the image.
-After running a scan and buliding the cache, remove the machine GUID that uniquely identifies the device in telemetry for both Windows Defender Antivirus and the Microsoft Security Removal Tool. This key is located here:
+After running a scan and buliding the cache, remove the machine GUID that uniquely identifies the device in telemetry for both antivirus and the Microsoft Security Removal Tool. This key is located here:
 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemovalTools\MRT'
 Remove the string found in the 'GUID' value
-This “sealing” or “locking” of the image helps Windows Defender AV build a cache of known-good files and avoid scanning them again on your VMs. In turn, this can help ensure performance on the VM is not impacted.
+This “sealing” or “locking” of the image helps antivirus build a cache of known-good files and avoid scanning them again on your VMs. In turn, this can help ensure performance on the VM is not impacted.
 You can run a quick scan [from the command line](command-line-arguments-windows-defender-antivirus.md) or via [System Center Configuration Manager](run-scan-windows-defender-antivirus.md).
@ -104,8 +99,8 @@ You can run a quick scan [from the command line](command-line-arguments-windows-
 >Therefore, when considering performance – especially for creating a new or updated image in preparation for deployment – it makes sense to use a quick scan only.
 >A full scan, however, can be useful on a VM that has encountered a malware threat to identify if there are any inactive components lying around and help perform a thorough clean-up.
 ### Deploy the base image
 You'll then need to deploy the base image across your VDI. For example, you can create or clone a VHD from your base image, and then use that VHD when you create or start your VMs.
 The following references provide ways you can create and deploy the base image across your VDI:
@ -116,44 +111,46 @@ The following references provide ways you can create and deploy the base image a
 - [Create a virtual machine in Hyper-V (with a VHD)](https://technet.microsoft.com/en-us/windows-server-docs/compute/hyper-v/get-started/create-a-virtual-machine-in-hyper-v)
 - [Build Virtual Desktop templates]( https://technet.microsoft.com/en-us/library/dn645526(v=ws.11).aspx)
 ## Manage your VMs and base image
 How you manage your VDI will affect the performance impact of Windows Defender AV on your VMs and infrastructure.
-Because Windows Defender AV downloads protection updates every day, or [based on your protection update settings](manage-protection-updates-windows-defender-antivirus.md), network bandwidth can be a problem if multiple VMs attempt to download updates at the same time.  
+Because antivirus downloads protection updates every day, or [based on your protection update settings](manage-protection-updates-windows-defender-antivirus.md), network bandwidth can be a problem if multiple VMs attempt to download updates at the same time.  
 Following the guidelines in this means the VMs will only need to download “delta” updates, which are the differences between an existing definition set and the next one. Delta updates are typically much smaller (a few kilobytes) than a full definition download (which can average around 150 mb).
 ### Manage updates for persistent VDIs
 If you are using a persistent VDI, you should update the base image monthly, and set up protection updates to be delivered daily via a file share, as follows:  
 1. Create a dedicated file share location on your network that can be accessed by your VMs and your VM host (or other, persistent machine, such as a dedicated admin console that you use to manage your VMs).
 2. Set up a scheduled task on your VM host to automatically download updates from the MMPC website or Microsoft Update and save them to the file share (the [SignatureDownloadCustomTask PowerShell script](https://www.powershellgallery.com/packages/SignatureDownloadCustomTask/1.4/DisplayScript) can help with this).
 3. [Configure the VMs to pull protection updates from the file share](manage-protection-updates-windows-defender-antivirus.md).
 4. Disable or delay automatic Microsoft updates on your VMs. See [Update Windows 10 in the enterprise](https://technet.microsoft.com/en-us/itpro/windows/manage/waas-update-windows-10) for information on managing operating system updates with WSUS, SCCM, and others.
 5. On or just after each Patch Tuesday (the second Tuesday of each month), [update your base image with the latest protection updates from the MMPC website, WSUS, or Microsoft Update](manage-protection-updates-windows-defender-antivirus.md) Also apply all other Windows patches and fixes that were delivered on the Patch Tuesday. You can automate this by following the instructions in [Orchestrated offline VM Patching using Service Management Automation](https://blogs.technet.microsoft.com/privatecloud/2013/12/06/orchestrated-offline-vm-patching-using-service-management-automation/).
-5. [Run a quick scan](run-scan-windows-defender-antivirus.md) on your base image before deploying it to your VMs.
+
 6. [Run a quick scan](run-scan-windows-defender-antivirus.md) on your base image before deploying it to your VMs.
 A benefit to aligning your image update to the monthly Microsoft Update is that you ensure your VMs will have the latest Windows security patches and other important Microsoft updates without each VM needing to individually download them.
 ### Manage updates for non-persistent VDIs
 If you are using a non-persistent VDI, you can update the base image daily (or nightly) and directly apply the latest updates to the image.
 An example:  
 1. Every night or other time when you can safely take your VMs offline, update your base image with the latest [protection updates from the MMPC website, WSUS, or Microsoft Update](manage-protection-updates-windows-defender-antivirus.md).
 2. [Run a quick scan](run-scan-windows-defender-antivirus.md) on your base image before deploying it to your VMs.
 ## Configure endpoints for optimal performance
 There are a number of settings that can help ensure optimal performance on your VMs and VDI without affecting the level of protection, including:
 - [Randomize scheduled scans](#randomize-scheduled-scans)
 - [Use quick scans](#use-quick-scans)
 - [Prevent notifications](#prevent-notifications)
@ -162,12 +159,9 @@ There are a number of settings that can help ensure optimal performance on your
 These settings can be configured as part of creating your base image, or as a day-to-day management function of your VDI infrastructure or network.
 ### Randomize scheduled scans
-Windows Defender AV supports the randomization of scheduled scans and signature updates. This can be extremely helpful in reducing boot storms (especially when used in conjunction with [Disable scans from occurring after every update](#disable-scans-after-an-update) and [Scan out-of-date machines or machines that have been offline for a while](#scan-vms-that-have-been-offline).
+Antivirus supports the randomization of scheduled scans and signature updates. This can be extremely helpful in reducing boot storms (especially when used in conjunction with [Disable scans from occurring after every update](#disable-scans-after-an-update) and [Scan out-of-date machines or machines that have been offline for a while](#scan-vms-that-have-been-offline).
 Scheduled scans run in addition to [real-time protection and scanning](configure-real-time-protection-windows-defender-antivirus.md).
@ -177,17 +171,17 @@ The start time of the scan itself is still based on the scheduled scan policy
 **Use Group Policy to randomize scheduled scan start times:**
-1.  On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
+1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
-3.  In the **Group Policy Management Editor** go to **Computer configuration**.
+2. In the **Group Policy Management Editor** go to **Computer configuration**.
-4.  Click **Policies** then **Administrative templates**.
+3. Click **Policies** then **Administrative templates**.
-5.  Expand the tree to **Windows components > Windows Defender** and configure the following setting:
+4. Expand the tree to **Windows components > Windows Defender** and configure the following setting:
-    1.  Double-click the **Randomize scheduled task times** setting and set the option to **Enabled**. Click **OK**. This adds a true randomization (it is still random if the disk image is replicated) of plus or minus 30 minutes (using all of the intervals) to the start of the scheduled scan and the signature update. For example, if the schedule start time was set at 2.30pm, then enabling this setting  could cause one machine to scan and update at 2.33pm and another machine to scan and update at 2.14pm.
+    - Double-click **Randomize scheduled task times** and set the option to **Enabled**. Click **OK**. This adds a true randomization (it is still random if the disk image is replicated) of plus or minus 30 minutes (using all of the intervals) to the start of the scheduled scan and the signature update. For example, if the schedule start time was set at 2.30pm, then enabling this setting  could cause one machine to scan and update at 2.33pm and another machine to scan and update at 2.14pm.
-**Use Configuration Manager to randomize schedule scans:**
+**Use Configuration Manager to randomize scheduled scans:**
 See [How to create and deploy antimalware policies: Advanced settings]( https://docs.microsoft.com/en-us/sccm/protect/deploy-use/endpoint-antimalware-policies#advanced-settings) for details on configuring System Center Configuration Manager (current branch).
@ -200,14 +194,15 @@ Quick scans are the preferred approach as they are designed to look in all place
 **Use Group Policy to specify the type of scheduled scan:**
-1.  On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
+1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
 2. In the **Group Policy Management Editor** go to **Computer configuration**.
 3. Click **Policies** then **Administrative templates**.
 4. Expand the tree to **Windows components > Windows Defender > Scan** and configure the following setting:  
-    1.  Double-click the **Specify the scan type to use for a scheduled scan** setting and set the option to **Enabled** and **Quick scan**. Click **OK**. 
+
    - Double-click **Specify the scan type to use for a scheduled scan** and set the option to **Enabled** and **Quick scan**. Click **OK**.
 **Use Configuration Manager to specify the type of scheduled scan:**
@ -217,21 +212,20 @@ See [Schedule scans](scheduled-catch-up-scans-windows-defender-antivirus.md) for
 ### Prevent notifications
-Sometimes, Windows Defender AV notifications may be sent to or persist across multiple sessions. In order to minimize this problem, you can use the lock down the user interface for Windows Defender AV.
+Sometimes, antivirus notifications may be sent to or persist across multiple sessions. In order to minimize this problem, you can use the lock down the antivirus user interface.
 **Use Group Policy to hide notifications:**
-1.  On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
+1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
-3.  In the **Group Policy Management Editor** go to **Computer configuration**.
+2. In the **Group Policy Management Editor** go to **Computer configuration**.
-4.  Click **Policies** then **Administrative templates**.
+3. Click **Policies** then **Administrative templates**.
-5.  Expand the tree to **Windows components > Windows Defender > Client Interface** and configure the following settings:
+4. Expand the tree to **Windows components > Windows Defender > Client Interface** and configure the following settings:
 1.	Double-click the **Suppress all notifications** setting and set the option to **Enabled**. Click **OK**. This prevents notifications from Windows Defender AV appearing in the action center on Windows 10 when scans or remediation is performed.
 2.	Double-click the **Enable headless UI mode** setting and set the option to **Enabled**. Click **OK**. This hides the entire Windows Defender AV user interface from users.
   - Double-click **Suppress all notifications** and set the option to **Enabled**. Click **OK**. This prevents notifications from Windows Defender AV appearing in the action center on Windows 10 when scans or remediation is performed.
   - Double-click **Enable headless UI mode** and set the option to **Enabled**. Click **OK**. This hides the entire Windows Defender AV user interface from users.
 **Use Configuration Manager to hide notifications:**
@ -240,6 +234,7 @@ Sometimes, Windows Defender AV notifications may be sent to or persist across mu
 2. Go to the **Advanced** section and configure the following settings:
   1. Set **Disable the client user interface** to **Yes**. This hides the entire Windows Defender AV user interface.
   2. Set **Show notifications messages on the client computer...** to **Yes**. This hides notifications from appearing.
   3. Click **OK**.
@ -255,16 +250,15 @@ This setting will prevent a scan from occurring after receiving an update. You c
 **Use Group Policy to disable scans after an update:**
-1.  On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
+1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
-3.  In the **Group Policy Management Editor** go to **Computer configuration**.
+2. In the **Group Policy Management Editor** go to **Computer configuration**.
-4.  Click **Policies** then **Administrative templates**.
+3. Click **Policies** then **Administrative templates**.
-5.  Expand the tree to **Windows components > Windows Defender > Signature Updates** and configure the following setting:
+4. Expand the tree to **Windows components > Windows Defender > Signature Updates** and configure the following setting:
 1.  Double-click the **Turn on scan after signature update** setting and set the option to **Disabled**. Click **OK**. This prevents a scan from running immediately after an update.
   - Double-click **Turn on scan after signature update** and set the option to **Disabled**. Click **OK**. This prevents a scan from running immediately after an update.
 **Use Configuration Manager to disable scans after an update:**
@ -272,15 +266,11 @@ This setting will prevent a scan from occurring after receiving an update. You c
 2. Go to the **Scheduled scans** section and configure the following setting:
-1.	Set **Check for the latest definition updates before running a scan** to **No**. This prevents a scan after an update.
+3. Set **Check for the latest definition updates before running a scan** to **No**. This prevents a scan after an update.
 3. Click **OK**.
 2.	[Deploy the updated policy as usual](https://docs.microsoft.com/en-us/sccm/protect/deploy-use/endpoint-antimalware-policies#deploy-an-antimalware-policy-to-client-computers).
 4. Click **OK**.
 5. [Deploy the updated policy as usual](https://docs.microsoft.com/en-us/sccm/protect/deploy-use/endpoint-antimalware-policies#deploy-an-antimalware-policy-to-client-computers).
 ### Scan VMs that have been offline 
@ -290,16 +280,13 @@ This setting will help ensure protection for a VM that has been offline for some
 1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
-3.  In the **Group Policy Management Editor** go to **Computer configuration**.
+2. In the **Group Policy Management Editor** go to **Computer configuration**.
 4.  Click **Policies** then **Administrative templates**.
 5.  Expand the tree to **Windows components > Windows Defender > Scan** and configure the following setting:
 1.  Double-click the **Turn on catch-up quick scan** setting and set the option to **Enabled**. Click **OK**. This forces a scan if the VM has missed two or more consecutive scheduled scans.
 3. Click **Policies** then **Administrative templates**.
 4. Expand the tree to **Windows components > Windows Defender > Scan** and configure the following setting:
 5. Double-click the **Turn on catch-up quick scan** setting and set the option to **Enabled**. Click **OK**. This forces a scan if the VM has missed two or more consecutive scheduled scans.
 **Use Configuration Manager to disable scans after an update:**
@ -307,16 +294,14 @@ This setting will help ensure protection for a VM that has been offline for some
 2. Go to the **Scheduled scans** section and configure the following setting:
-1.	Set **Force a scan of the selected scan type if client computer is offline during...** to **Yes**. This forces a scan if the VM has missed two or more consecutive scheduled scans.
+3. Set **Force a scan of the selected scan type if client computer is offline during...** to **Yes**. This forces a scan if the VM has missed two or more consecutive scheduled scans.
 3. Click **OK**.
 2.	[Deploy the updated policy as usual](https://docs.microsoft.com/en-us/sccm/protect/deploy-use/endpoint-antimalware-policies#deploy-an-antimalware-policy-to-client-computers).
 4. Click **OK**.
 5. [Deploy the updated policy as usual](https://docs.microsoft.com/en-us/sccm/protect/deploy-use/endpoint-antimalware-policies#deploy-an-antimalware-policy-to-client-computers).
 ### Exclusions
-Windows Server 2016 contains Windows Defender Antivirus and will automatically deliver the right exclusions for servers running a VDI environment. However, if you are running an older Windows server version, you can refer to the exclusions that are applied on this page:
+Windows Server 2016 antivirus will automatically deliver the right exclusions for servers running a VDI environment. However, if you are running an older Windows server version, you can refer to the exclusions that are applied on this page:
 - [Automatic exclusions for Windows Server Antimalware](https://technet.microsoft.com/en-us/windows-server-docs/security/windows-defender/automatic-exclusions-for-windows-defender)
 ## Additional resources
--- a/windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus.md
@ -1,7 +1,7 @@
 ---
-title: Block Potentially Unwanted Applications with Windows Defender AV
+title: Block potentially unwanted applications with antivirus
-description: Enable the Potentially Unwanted Application (PUA) feature in Windows Defender Antivirus to block unwanted software such as adware.
+description: Enable the potentially unwanted application (PUA) antivirus feature to block unwanted software such as adware.
-keywords: pua, enable, unwanted software, unwanted apps, adware, browser toolbar, detect, block, windows defender
+keywords: pua, enable, unwanted software, unwanted apps, adware, browser toolbar, detect, block, antivirus
 search.product: eADQiWindows 10XVcnh
 ms.pagetype: security
 ms.prod: w10
@ -14,43 +14,37 @@ ms.author: v-anbic
 ms.date: 07/10/2018
 ---
-# Detect and block Potentially Unwanted Applications
+# Detect and block potentially unwanted applications
 **Applies to:**
 - Windows 10
 **Audience**
 - Enterprise security administrators
 **Manageability available with**
 - Microsoft Intune
 - System Center Configuration Manager
 - PowerShell cmdlets
 - Microsoft Intune
-The Potentially Unwanted Application (PUA) protection feature in Windows Defender Antivirus can identify and block PUAs from downloading and installing on endpoints in your network.
+The potentially unwanted application (PUA) antivirus protection feature can identify and block PUAs from downloading and installing on endpoints in your network.
 These applications are not considered viruses, malware, or other types of threats, but might perform actions on endpoints that adversely affect their performance or use. PUA can also refer to applications that are considered to have a poor reputation.
 Typical PUA behavior includes:
 - Various types of software bundling
- Ad-injection into web browsers
+- Ad injection into web browsers
 - Driver and registry optimizers that detect issues, request payment to fix the errors, but remain on the endpoint and make no changes or optimizations (also known as "rogue antivirus" programs)
 These applications can increase the risk of your network being infected with malware, cause malware infections to be harder to identify, and can waste IT resources in cleaning up the applications.
 >[!TIP]
->You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the feature is working and see how it works.
+>You can also visit the Windows Defender ATP demo website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the feature is working and see how it works.
 ## How it works
 PUAs are blocked when a user attempts to download or install the detected file, and if the file meets one of the following conditions:
 - The file is being scanned from the browser
 - The file is in a folder with "**downloads**" in the path
 - The file is in a folder with "**temp**" in the path
- The file is on the user's Desktop
+- The file is on the user's desktop
 - The file does not meet one of these conditions and is not under *%programfiles%*, *%appdata%*, or *%windows%*
 The file is placed in the quarantine section so it won't run.
@ -59,7 +53,6 @@ When a PUA is detected on an endpoint, the endpoint will present a notification
 They will also appear in the usual [quarantine list in the Windows Defender Security Center app](windows-defender-security-center-antivirus.md#detection-history).
 ## View PUA events
 PUA events are reported in the Windows Event Viewer and not in System Center Configuration Manager or Intune.
@ -68,15 +61,17 @@ Hoever, PUA detections will be reported if you have set up email notifications f
 See [Troubleshoot event IDs](troubleshoot-windows-defender-antivirus.md) for details on viewing Windows Defender Antivirus events. PUA events are recorded under event ID 1160.
 ## Configure PUA protection
-## Configure the PUA protection feature
+You can enable PUA protection with Microsoft Intune, System Center Configuration Manager, or PowerShell cmdlets.
 You can enable the PUA protection feature with System Center Configuration Manager, PowerShell cmdlets, or Microsoft Intune.
 You can also use the PUA audit mode to detect PUA without blocking them. The detections will be captured in the Windows event log.
 This feature is useful if your company is conducting an internal software security compliance check and you'd like to avoid any false positives.
 **Use Intune to configure the PUA protection feature**
 See [Configure device restriction settings in Microsoft Intune](https://docs.microsoft.com/en-us/intune/device-restrictions-configure) and [Windows Defender Antivirus device restriction settings for Windows 10 in Intune](https://docs.microsoft.com/en-us/intune/device-restrictions-windows-10#windows-defender-antivirus) for more details.
 **Use Configuration Manager to configure the PUA protection feature:**
@ -101,18 +96,9 @@ Setting the value for this cmdlet to `Enabled` will turn the feature on if it ha
 Setting `AuditMode` will detect PUAs but will not block them.
-See [Use PowerShell cmdlets to configure and run Windows Defender Antivirus](use-powershell-cmdlets-windows-defender-antivirus.md) and [Defender cmdlets](https://technet.microsoft.com/en-us/library/dn433280.aspx) for more information on how to use PowerShell with Windows Defender Antivirus.
+See [Use PowerShell cmdlets to configure and run antivirus](use-powershell-cmdlets-windows-defender-antivirus.md) and [Defender cmdlets](https://technet.microsoft.com/en-us/library/dn433280.aspx) for more information on how to use PowerShell with Windows Defender Antivirus.
 **Use Intune to configure the PUA protection feature**
 See [Configure device restriction settings in Microsoft Intune](https://docs.microsoft.com/en-us/intune/device-restrictions-configure) and [Windows Defender Antivirus device restriction settings for Windows 10 in Intune](https://docs.microsoft.com/en-us/intune/device-restrictions-windows-10#windows-defender-antivirus) for more details.
 ## Related topics
- [Windows Defender Antivirus](windows-defender-antivirus-in-windows-10.md)
+- [Next gen protection](windows-defender-antivirus-in-windows-10.md)
 - [Configure behavioral, heuristic, and real-time protection](configure-protection-features-windows-defender-antivirus.md)
--- a/windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus.md
@ -16,16 +16,6 @@ ms.date: 07/10/2018
 # Enable cloud-delivered protection in Windows Defender AV
 **Applies to:**
 - Windows 10
 **Audience**
 - Enterprise security administrators
 **Manageability available with**
 - Group Policy
--- a/windows/security/threat-protection/windows-defender-antivirus/evaluate-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/evaluate-windows-defender-antivirus.md
@ -16,16 +16,6 @@ ms.date: 04/30/2018
 # Evaluate Windows Defender Antivirus protection
 **Applies to:**
 - Windows 10, version 1703 and later
 **Audience**
 - Enterprise security administrators
 If you're an enterprise security administrator, and you want to determine how well Windows Defender Antivirus protects you from viruses, malware, and potentially unwanted applications, then you can use this guide to help you evaluate Microsoft protection.
 >[!TIP]
--- a/windows/security/threat-protection/windows-defender-antivirus/limited-periodic-scanning-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/limited-periodic-scanning-windows-defender-antivirus.md
@ -18,18 +18,6 @@ ms.date: 04/30/2018
 # Use limited periodic scanning in Windows Defender AV
 **Applies to:**
 - Windows 10, version 1703 and later
 **Audience**
 - Enterprise security administrators
 **Manageability available with**
 - Windows Defender Security Center app
--- a/windows/security/threat-protection/windows-defender-antivirus/manage-event-based-updates-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/manage-event-based-updates-windows-defender-antivirus.md
@ -16,13 +16,6 @@ ms.date: 04/30/2018
 # Manage event-based forced updates
 **Applies to**
 -   Windows 10
 **Audience**
 - Network administrators
 **Manageability available with**
 - Group Policy
--- a/windows/security/threat-protection/windows-defender-antivirus/manage-outdated-endpoints-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/manage-outdated-endpoints-windows-defender-antivirus.md
@ -16,13 +16,6 @@ ms.date: 04/30/2018
 # Manage updates and scans for endpoints that are out of date
 **Applies to**
 -   Windows 10
 **Audience**
 - Network administrators
 **Manageability available with**
 - Group Policy
--- a/windows/security/threat-protection/windows-defender-antivirus/manage-protection-update-schedule-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/manage-protection-update-schedule-windows-defender-antivirus.md
@ -16,13 +16,6 @@ ms.date: 04/30/2018
 # Manage the schedule for when protection updates should be downloaded and applied
 **Applies to**
 -   Windows 10
 **Audience**
 - Network administrators
 **Manageability available with**
 - Group Policy
--- a/windows/security/threat-protection/windows-defender-antivirus/manage-protection-updates-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/manage-protection-updates-windows-defender-antivirus.md
@ -16,13 +16,6 @@ ms.date: 04/30/2018
 # Manage the sources for Windows Defender Antivirus protection updates
 **Applies to**
 -   Windows 10
 **Audience**
 - Enterprise security administrators
 **Manageability available with**
 - Group Policy
--- a/windows/security/threat-protection/windows-defender-antivirus/manage-updates-baselines-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/manage-updates-baselines-windows-defender-antivirus.md
@ -16,15 +16,6 @@ ms.date: 04/30/2018
 # Manage Windows Defender Antivirus updates and apply baselines
 **Applies to:**
 - Windows 10
 **Audience**
 - Network administrators
 There are two types of updates related to keeping Windows Defender Antivirus:
 1. Protection updates
 2. Product updates
--- a/windows/security/threat-protection/windows-defender-antivirus/manage-updates-mobile-devices-vms-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/manage-updates-mobile-devices-vms-windows-defender-antivirus.md
@ -16,13 +16,6 @@ ms.date: 04/30/2018
 # Manage updates for mobile devices and virtual machines (VMs)
 **Applies to**
 -   Windows 10
 **Audience**
 - Network administrators
 **Manageability available with**
 - Group Policy
--- a/windows/security/threat-protection/windows-defender-antivirus/prevent-end-user-interaction-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/prevent-end-user-interaction-windows-defender-antivirus.md
@ -15,18 +15,6 @@ ms.date: 04/30/2018
 ---
 # Prevent users from seeing or interacting with the Windows Defender AV user interface
 **Applies to:**
 - Windows 10
 **Audience**
 - Enterprise security administrators
 **Manageability available with**
 - Group Policy
 You can use Group Policy to prevent users on endpoints from seeing the Windows Defender Antivirus interface. You can also prevent them from pausing scans.
--- a/windows/security/threat-protection/windows-defender-antivirus/report-monitor-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/report-monitor-windows-defender-antivirus.md
@ -16,14 +16,6 @@ ms.date: 07/10/2018
 # Report on Windows Defender Antivirus protection
 **Applies to:**
 - Windows 10
 **Audience**
 - IT administrators
 There are a number of ways you can review protection status and alerts, depending on the management tool you are using for Windows Defender AV.
--- a/windows/security/threat-protection/windows-defender-antivirus/restore-quarantined-files-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/restore-quarantined-files-windows-defender-antivirus.md
@ -16,16 +16,6 @@ ms.date: 04/23/2018
 # Restore quarantined files in Windows Defender AV
 **Applies to:**
 - Windows 10
 - Windows Server 2016
 **Audience**
 - Enterprise security administrators
 **Manageability available with**
 - Windows Defender Security Center
--- a/windows/security/threat-protection/windows-defender-antivirus/review-scan-results-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/review-scan-results-windows-defender-antivirus.md
@ -16,15 +16,6 @@ ms.date: 07/10/2018
 # Review Windows Defender AV scan results
 **Applies to:**
 - Windows 10
 **Audience**
 - Enterprise security administrators
 **Manageability available with**
 - PowerShell
--- a/windows/security/threat-protection/windows-defender-antivirus/run-scan-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/run-scan-windows-defender-antivirus.md
@ -14,20 +14,8 @@ ms.author: v-anbic
 ms.date: 07/10/2018
 ---
 # Configure and run on-demand Windows Defender AV scans
 **Applies to:**
 - Windows 10
 **Audience**
 - Enterprise security administrators
 **Manageability available with**
 - Windows Defender AV mpcmdrun utility
--- a/windows/security/threat-protection/windows-defender-antivirus/scheduled-catch-up-scans-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/scheduled-catch-up-scans-windows-defender-antivirus.md
@ -14,16 +14,8 @@ ms.author: v-anbic
 ms.date: 07/26/2018
 ---
 # Configure scheduled quick or full scans for Windows Defender AV
 **Applies to**
 -   Windows 10
 **Audience**
 - Enterprise security administrators
 **Manageability available with**
--- a/windows/security/threat-protection/windows-defender-antivirus/specify-cloud-protection-level-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/specify-cloud-protection-level-windows-defender-antivirus.md
@ -16,16 +16,6 @@ ms.date: 07/19/2018
 # Specify the cloud-delivered protection level
 **Applies to:**
 - Windows 10, version 1703 and later
 **Audience**
 - Enterprise security administrators
 **Manageability available with**
 - Group Policy
--- a/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-reporting.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-reporting.md
@ -16,14 +16,6 @@ ms.date: 04/30/2018
 # Troubleshoot Windows Defender Antivirus reporting in Update Compliance
 **Applies to:**
 - Windows 10
 **Audience**
 - IT administrators
 When you use [Windows Analytics Update Compliance to obtain reporting into the protection status of machines or endpoints](/windows/deployment/update/update-compliance-using#wdav-assessment) in your network that are using Windows Defender Antivirus, you may encounter problems or issues.
 Typically, the most common indicators of a problem are:
--- a/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-windows-defender-antivirus.md
@ -16,16 +16,6 @@ ms.date: 04/16/2018
 # Review event logs and error codes to troubleshoot issues with Windows Defender AV
 **Applies to**
 -   Windows 10
 -   Windows Server 2016
 **Audience**
 - Enterprise security administrators
 If you encounter a problem with Windows Defender Antivirus, you can search the tables in this topic to find a matching issue and potential solution.
 The tables list:
--- a/windows/security/threat-protection/windows-defender-antivirus/use-group-policy-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/use-group-policy-windows-defender-antivirus.md
@ -16,10 +16,6 @@ ms.date: 04/30/2018
 # Use Group Policy settings to configure and manage Windows Defender AV
 **Applies to:**
 - Windows 10, version 1703
 You can use [Group Policy](https://msdn.microsoft.com/en-us/library/ee663280(v=vs.85).aspx) to configure and manage Windows Defender Antivirus on your endpoints.
 In general, you can use the following procedure to configure or change Windows Defender AV group policy settings:
--- a/windows/security/threat-protection/windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus.md
@ -16,10 +16,6 @@ ms.date: 12/12/2017
 # Use PowerShell cmdlets to configure and manage Windows Defender AV
 **Applies to:**
 - Windows 10
 You can use PowerShell to perform various functions in Windows Defender. Similar to the command prompt or command line, PowerShell is a task-based command-line shell and scripting language designed especially for system administration, and you can read more about it at the [PowerShell hub on MSDN](https://msdn.microsoft.com/en-us/powershell/mt173057.aspx).
 For a list of the cmdlets and their functions and available parameters, see the [Defender cmdlets](https://technet.microsoft.com/en-us/library/dn433280.aspx) topic.
--- a/windows/security/threat-protection/windows-defender-antivirus/use-wmi-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/use-wmi-windows-defender-antivirus.md
@ -16,10 +16,6 @@ ms.date: 08/26/2017
 # Use Windows Management Instrumentation (WMI) to configure and manage Windows Defender AV
 **Applies to:**
 - Windows 10
 Windows Management Instrumentation (WMI) is a scripting interface that allows you to retrieve, modify, and update settings.
 Read more about WMI at the [Microsoft Developer Network System Administration library](https://msdn.microsoft.com/en-us/library/aa394582(v=vs.85).aspx).
--- a/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md
@ -16,14 +16,6 @@ ms.date: 05/21/2018
 # Use next-gen technologies in Windows Defender Antivirus through cloud-delivered protection
 **Applies to:**
 - Windows 10, version 1703 and later
 **Audience**
 - Enterprise security administrators
 Microsoft next-gen technologies in Windows Defender Antivirus provide near-instant, automated protection against new and emerging threats. To dynamically identify new threats, these technologies work with large sets of interconnected data in the Microsoft Intelligent Security Graph and powerful artificial intelligence (AI) systems driven by advanced machine learning models.  
 To take advantage of the power and speed of these next-gen technologies, Windows Defender Antivirus works seamlessly with Microsoft cloud services. These cloud protection services, also referred to as Microsoft Advanced Protection Service (MAPS), enhances standard real-time protection, providing arguably the best antivirus defense. 
--- a/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-compatibility.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-compatibility.md
@ -14,20 +14,8 @@ ms.author: v-anbic
 ms.date: 04/04/2018
 ---
 # Windows Defender Antivirus compatibility
 **Applies to:**
 - Windows 10
 - Windows Server 2016
 **Audience**
 - Enterprise security administrators
 Windows Defender Antivirus is automatically enabled and installed on endpoints and devices that are running Windows 10.
 However, on endpoints and devices that are protected with a non-Microsoft antivirus or antimalware app, Windows Defender AV will automatically disable itself. You can then choose to enable an optional, limited protection feature, called [limited periodic scanning](limited-periodic-scanning-windows-defender-antivirus.md).
--- a/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md
@ -16,10 +16,6 @@ ms.date: 04/30/2018
 # Windows Defender Antivirus in Windows 10 and Windows Server 2016
 **Applies to**
 -   Windows 10
 -   Windows Server 2016
 Windows Defender Antivirus is a built-in antimalware solution that provides security and antimalware management for desktops, portable computers, and servers.
 This library of documentation is for enterprise security administrators who are either considering deployment, or have already deployed and are wanting to manage and configure Windows Defender AV on PC endpoints in their network.
--- a/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-on-windows-server-2016.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-on-windows-server-2016.md
@ -14,20 +14,8 @@ ms.author: v-anbic
 ms.date: 04/11/2018
 ---
 # Windows Defender Antivirus on Windows Server 2016
 **Applies to:**
 - Windows Server 2016
 **Audience**
 - Enterprise security administrators
 - Network administrators
 **Manageability available with**
 - Group Policy
--- a/windows/security/threat-protection/windows-defender-antivirus/windows-defender-offline.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/windows-defender-offline.md
@ -16,15 +16,6 @@ ms.date: 04/30/2018
 # Run and review the results of a Windows Defender Offline scan
 **Applies to:**
 - Windows 10, version 1607 and later
 **Audience**
 - Enterprise security administrators
 **Manageability available with**
 - Group Policy
--- a/windows/security/threat-protection/windows-defender-antivirus/windows-defender-security-center-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/windows-defender-security-center-antivirus.md
@ -16,14 +16,6 @@ ms.date: 04/30/2018
 # Windows Defender Antivirus in the Windows Defender Security Center app
 **Applies to**
 - Windows 10, version 1703 and later
 **Audience**
 - End-users
 **Manageability available with**
 - Windows Defender Security Center app