Customize, initiate, and review the results of Windows Defender Antivirus scans and remediation

Applies to:

You can use Group Policy, PowerShell, and Windows Management Instrumentation (WMI) to configure Windows Defender Antivirus scans.

In this section

Topic Description
Configure and validate file, folder, and process-opened file exclusions in Windows Defender Antivirus scans You can exclude files (including files modified by specified processes) and folders from on-demand scans, scheduled scans, and always-on real-time protection monitoring and scanning
Configure Windows Defender Antivirus scanning options You can configure Windows Defender Antivirus to include certain types of email storage files, back-up or reparse points, and archived files (such as .zip files) in scans. You can also enable network file scanning
Configure remediation for scans Configure what Windows Defender Antivirus should do when it detects a threat, and how long quarantined files should be retained in the quarantine folder
Configure scheduled scans Set up recurring (scheduled) scans, including when they should run and whether they run as full or quick scans
Configure and run scans Run and configure on-demand scans using PowerShell, Windows Management Instrumentation, or individually on endpoints with the Windows Security app
Review scan results Review the results of scans using System Center Configuration Manager, Microsoft Intune, or the Windows Security app