Customize, initiate, and review the results of Microsoft Defender Antivirus scans and remediation
Applies to:
- Microsoft Defender XDR
- Microsoft Defender for Endpoint Plan 2
- Microsoft Defender for Business
- Microsoft Defender for Endpoint Plan 1
- Microsoft Defender Antivirus
You can use Group Policy, PowerShell, and Windows Management Instrumentation (WMI) to configure Microsoft Defender Antivirus scans.
| Article | Description |
|---|---|
| Configure and validate file, folder, and process-opened file exclusions in Microsoft Defender Antivirus scans | You can exclude files (including files modified by specified processes) and folders from on-demand scans, scheduled scans, and always-on real-time protection monitoring and scanning |
| Configure Microsoft Defender Antivirus scanning options | You can configure Microsoft Defender Antivirus to include certain types of email storage files, back-up or reparse points, and archived files (such as .zip files) in scans. You can also enable network file scanning |
| Configure remediation for scans | Configure what Microsoft Defender Antivirus should do when it detects a threat, and how long quarantined files should be retained in the quarantine folder |
| Configure scheduled scans | Set up recurring (scheduled) scans, including when they should run and whether they run as full or quick scans |
| Configure and run scans | Run and configure on-demand scans using PowerShell, Windows Management Instrumentation, or individually on endpoints with the Windows Security app |
| Review scan results | Review the results of scans using Microsoft Endpoint Configuration Manager, Microsoft Intune, or the Windows Security app |
Tip
Do you want to learn more? Engage with the Microsoft Security community in our Tech Community: Microsoft Defender for Endpoint Tech Community.