You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: defender-endpoint/schedule-antivirus-scans-wmi.md
+2-2Lines changed: 2 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -45,7 +45,7 @@ RandomizeScheduleTaskTimes
45
45
46
46
For more information and allowed parameters, see [Windows Defender WMIv2 APIs](/previous-versions/windows/desktop/defender/windows-defender-wmiv2-apis-portal)
47
47
48
-
## WMI for scheduling scans when an endpoint is not in use
48
+
## WMI for scheduling scans when an endpoint isn't in use
49
49
50
50
Use the [Set method of the MSFT_MpPreference class](/previous-versions/windows/desktop/legacy/dn455323(v=vs.85)) for the following properties:
51
51
@@ -56,7 +56,7 @@ ScanOnlyIfIdleEnabled
56
56
For more information about APIs and allowed parameters, see [Windows Defender WMIv2 APIs](/previous-versions/windows/desktop/defender/windows-defender-wmiv2-apis-portal).
57
57
58
58
> [!NOTE]
59
-
> When you schedule scans for times when endpoints are not in use, scans do not honor the CPU throttling configuration and will take full advantage of the resources available to complete the scan as fast as possible.
59
+
> When you schedule scans for times when endpoints aren't in use, scans don't honor the CPU throttling configuration and will take full advantage of the resources available to complete the scan as fast as possible.
60
60
61
61
62
62
## WMI for scheduling scans to complete remediation
Copy file name to clipboardExpand all lines: defender-endpoint/troubleshoot-problems-with-tamper-protection.yml
+4-4Lines changed: 4 additions & 4 deletions
Original file line number
Diff line number
Diff line change
@@ -27,7 +27,7 @@ sections:
27
27
- question: |
28
28
Tamper protection is preventing my security team from managing a device. What should we do?
29
29
answer: |
30
-
If your IT or security team is prevented from performing a necessary task on a device, consider using [troubleshooting mode](enable-troubleshooting-mode.md). After troubleshooting mode ends, any changes made to tamper-protected settings are reverted to their configured state.
30
+
If your IT or security team is prevented from performing a necessary task on a device, consider using [troubleshooting mode](enable-troubleshooting-mode.md). After the troubleshooting mode ends, any changes made to tamper-protected settings are reverted to their configured state.
31
31
32
32
- question: |
33
33
Changes to Microsoft Defender Antivirus settings using Group Policy are ignored. Why is this happening, and what can we do about it?
@@ -36,7 +36,7 @@ sections:
36
36
37
37
Depending on your particular scenario, you have several options available:
38
38
39
-
- If you must make changes to a device and tamper protection is blocking those changes, you can use [troubleshooting mode](enable-troubleshooting-mode.md) to temporarily disable tamper protection on the device. After troubleshooting mode ends, any changes made to tamper-protected settings are reverted to their configured state.
39
+
- If you must make changes to a device and tamper protection is blocking those changes, you can use [troubleshooting mode](enable-troubleshooting-mode.md) to temporarily disable tamper protection on the device. After the troubleshooting mode ends, any changes made to tamper-protected settings are reverted to their configured state.
40
40
41
41
- You can use Intune or Configuration Manager to exclude devices from tamper protection.
42
42
@@ -55,9 +55,9 @@ sections:
55
55
56
56
2. Confirm that only Intune manages the device. Go to `Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender` (or `HKLM\SOFTWARE\Microsoft\Windows Defender`), and look for a `REG_DWORD` entry called **ManagedDefenderProductType**.
57
57
58
-
- If **ManagedDefenderProductType** has a value of `6`, then the device is managed by Intune only (*this value is required to protect Microsoft Defender Antivirus exclusions*).
58
+
- If ManagedDefenderProductType has a value of `6`, then the device is managed by Intune only (*this value is required to protect Microsoft Defender Antivirus exclusions*).
59
59
60
-
- If **ManagedDefenderProductType** has a value of `7`, then the device is co-managed, such as by Intune and Configuration Manager (*this value indicates that exclusions aren't currently tamper protected*).
60
+
- If ManagedDefenderProductType has a value of `7`, then the device is co-managed, such as by Intune and Configuration Manager (*this value indicates that exclusions aren't currently tamper protected*).
61
61
62
62
3. Confirm that tamper protection is deployed and that Microsoft Defender Antivirus exclusions are protected. Go to `Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Features` (or `HKLM\SOFTWARE\Microsoft\Windows Defender\Features`), and look for a `REG_DWORD` entry called **TPExclusions**.
0 commit comments