Customize, initiate, and review the results of Microsoft Defender Antivirus scans and remediation

Applies to:

You can use Group Policy, PowerShell, and Windows Management Instrumentation (WMI) to configure Microsoft Defender Antivirus scans.

Article	Description
Configure and validate file, folder, and process-opened file exclusions in Microsoft Defender Antivirus scans	You can exclude files (including files modified by specified processes) and folders from on-demand scans, scheduled scans, and always-on real-time protection monitoring and scanning
Configure Microsoft Defender Antivirus scanning options	You can configure Microsoft Defender Antivirus to include certain types of email storage files, back-up or reparse points, and archived files (such as .zip files) in scans. You can also enable network file scanning
Configure remediation for scans	Configure what Microsoft Defender Antivirus should do when it detects a threat, and how long quarantined files should be retained in the quarantine folder
Configure scheduled scans	Set up recurring (scheduled) scans, including when they should run and whether they run as full or quick scans
Configure and run scans	Run and configure on-demand scans using PowerShell, Windows Management Instrumentation, or individually on endpoints with the Windows Security app
Review scan results	Review the results of scans using Microsoft Endpoint Configuration Manager, Microsoft Intune, or the Windows Security app

Tip

Do you want to learn more? Engage with the Microsoft Security community in our Tech Community: Microsoft Defender for Endpoint Tech Community.

Feedback