Microsoft Defender Antivirus in the Windows Security app

  • Article
  • 5 minutes to read

Applies to:

  • Microsoft Defender for Endpoint Plan 1
  • Microsoft Defender for Endpoint Program 2

In Windows 10, version 1703 and later, the Windows Defender app is part of the Windows Security.

Settings that were previously part of the Windows Defender client and main Windows Settings have been combined and moved to the new app, which is installed past default equally part of Windows 10, version 1703.

Important

Disabling the Windows Security app service does non disable Microsoft Defender Antivirus or Windows Defender Firewall. These are disabled automatically when a third-party antivirus or firewall product is installed and kept up to date.

If you do disable the Windows Security app service, or configure its associated Group Policy settings to prevent it from starting or running, the Windows Security app might brandish stale or inaccurate data about any antivirus or firewall products you lot accept installed on the device. It might likewise prevent Microsoft Defender Antivirus from enabling itself if you have an old or outdated 3rd-party antivirus, or if you uninstall any 3rd-political party antivirus products yous might have previously installed. This will significantly lower the protection of your device and could pb to malware infection.

See the Windows Security commodity for more data on other Windows security features that can be monitored in the app.

The Windows Security app is a client interface on Windows ten, version 1703 and later. It is non the Microsoft 365 Defender web portal that is used to review and manage Microsoft Defender for Endpoint.

Review virus and threat protection settings in the Windows Security app

Virus and threat protection settings in Windows Security app

  1. Open the Windows Security app past clicking the shield icon in the job bar or searching the start carte for Windows Security.

  2. Select the Virus & threat protection tile (or the shield icon on the left carte bar).

The following sections describe how to perform some of the most common tasks when reviewing or interacting with the threat protection provided by Microsoft Defender Antivirus in the Windows Security app.

Notation

If these settings are configured and deployed using Group Policy, the settings described in this department volition exist greyed-out and unavailable for employ on private endpoints. Changes made through a Grouping Policy Object must starting time be deployed to individual endpoints before the setting will be updated in Windows Settings. The Configure end-user interaction with Microsoft Defender Antivirus topic describes how local policy override settings tin can exist configured.

Run a scan with the Windows Security app

  1. Open the Windows Security app by searching the start card for Security, and and then selecting Windows Security.

  2. Select the Virus & threat protection tile (or the shield icon on the left menu bar).

  3. Select Quick scan. Or, to run a full browse, select Scan options, and then select an option, such as Full scan.

Review the security intelligence update version and download the latest updates in the Windows Security app

Security intelligence version number

  1. Open the Windows Security app by searching the start menu for Security, and and so selecting Windows Security.

  2. Select the Virus & threat protection tile (or the shield icon on the left menu bar).

  3. Select Virus & threat protection updates. The currently installed version is displayed along with some information about when it was downloaded. You lot tin can check your electric current against the latest version available for manual download, or review the alter log for that version. Come across Security intelligence updates for Microsoft Defender Antivirus and other Microsoft antimalware.

  4. Select Cheque for updates to download new protection updates (if in that location are whatsoever).

Ensure Microsoft Defender Antivirus is enabled in the Windows Security app

  1. Open the Windows Security app by searching the showtime menu for Security, and and then selecting Windows Security.

  2. Select the Virus & threat protection tile (or the shield icon on the left card bar).

  3. Select Virus & threat protection settings.

  4. Toggle the Existent-time protection switch to On.

    Annotation

    If yous switch Existent-time protection off, information technology will automatically turn back on after a short delay. This is to ensure y'all are protected from malware and threats. If you install another antivirus production, Microsoft Defender Antivirus automatically disables itself and is indicated as such in the Windows Security app. A setting will appear that volition allow you to enable limited periodic scanning.

Add together exclusions for Microsoft Defender Antivirus in the Windows Security app

  1. Open the Windows Security app past searching the start menu for Security, and and so selecting Windows Security.

  2. Select the Virus & threat protection tile (or the shield icon on the left menu bar).

  3. Under Virus & threat protection settings, select Manage settings.

  4. Nether Exclusions, select Add or remove exclusions.

  5. Select the plus icon (+) to choose the type and set the options for each exclusion.

The following table summarizes exclusion types and what happens:


Exclusion type Defined past What happens
File Location
Example: c:\sample\sample.test 		The specific file is skipped by Microsoft Defender Antivirus.
Folder Location
Example: c:\test\sample 		All items in the specified folder are skipped by Microsoft Defender Antivirus.
File type File extension
Example: .test 		All files with the .test extension anywhere on your device are skipped by Microsoft Defender Antivirus.
Process Executable file path
Example: c:\test\process.exe 		The specific process and any files that are opened by that process are skipped past Microsoft Defender Antivirus.

To learn more, come across the following resources:

  • Configure and validate exclusions based on file extension and binder location
  • Configure exclusions for files opened by processes

Review threat detection history in the Windows Defender for Cloud app

  1. Open the Windows Security app by searching the showtime menu for Security, and and so selecting Windows Security.

  2. Select the Virus & threat protection tile (or the shield icon on the left menu bar).

  3. Select Protection history. Any recent items are listed.

Set ransomware protection and recovery options

  1. Open the Windows Security app past searching the start menu for Security, then selecting Windows Security.

  2. Select the Virus & threat protection tile (or the shield icon on the left card bar).

  3. Under Ransomware protection, select Manage ransomware protection.

  4. To change Controlled folder access settings, run into Protect important folders with Controlled folder access.

  5. To ready up ransomware recovery options, select Gear up under Ransomware data recovery and follow the instructions for linking or setting upwardly your OneDrive business relationship so you can easily recover from a ransomware attack.

See also

  • Microsoft Defender Antivirus