What is Microsoft Defender Antivirus performance analyzer? In some cases, you might need to tune the performance of Microsoft Defender Antivirus as it scans specific files and folders. Performance analyzer is a PowerShell command-line tool that helps determine which files, file extensions, and processes might be causing performance issues on individual endpoints. This information can […]
Category: Microsoft Endpoint
Use limited periodic scanning in Microsoft Defender Antivirus
Limited periodic scanning is a special type of threat detection and remediation that can be enabled when you have installed another antivirus product on a Windows 10 or Windows 11 device. It can only be enabled in certain situations. For more information about limited periodic scanning and how Microsoft Defender Antivirus works with other antivirus […]
Schedule antivirus scans using Windows Management Instrumentation (WMI) (Microsoft)
This article describes how to configure scheduled scans using WMI. To learn more about scheduling scans and about scan types, see Configure scheduled quick or full Microsoft Defender Antivirus scans. Use Windows Management Instruction (WMI) to schedule scans Use the Set method of the MSFT_MpPreference class for the following properties: WMICopy ScanParameters ScanScheduleDay ScanScheduleTime RandomizeScheduleTaskTimes For more information and allowed […]
Schedule antivirus scans using PowerShell (Microsoft)
This article describes how to configure scheduled scans using PowerShell cmdlets. To learn more about scheduling scans and about scan types, see Configure scheduled quick or full Microsoft Defender Antivirus scans. Use PowerShell cmdlets to schedule scans Use the following cmdlets: PowerShellCopy Set-MpPreference -ScanParameters Set-MpPreference -ScanScheduleDay Set-MpPreference -ScanScheduleTime Set-MpPreference -RandomizeScheduleTaskTimes For more information, see Use PowerShell cmdlets […]
Schedule antivirus scans using Group Policy (Microsoft)
This article describes how to configure scheduled scans using Group Policy. To learn more about scheduling scans and about scan types, see Configure scheduled quick or full Microsoft Defender Antivirus scans. Configure antivirus scans using Group Policy On your Group Policy management machine, in the Group Policy Editor, go to Computer configuration > Administrative Templates > Windows Components > Microsoft Defender Antivirus > Scan. Right-click […]
Configure scheduled quick or full Microsoft Defender Antivirus scans
In addition to always-on, real-time protection and on-demand antivirus scans, you can set up regular, scheduled antivirus scans. You can configure the type of scan, when the scan should occur, and if the scan should occur after a protection update or when an endpoint is not being used. You can also set up special scans to complete remediation actions […]
Configure remediation for Microsoft Defender Antivirus detections
When Microsoft Defender Antivirus runs a scan, it attempts to remediate or remove threats that are detected. You can configure how Microsoft Defender Antivirus should address certain threats, whether a restore point should be created before remediating, and when threats should be removed. This article describes how to configure these settings by using Group Policy, […]
Enable and configure Microsoft Defender Antivirus always-on protection in Group Policy
Always-on protection consists of real-time protection, behavior monitoring, and heuristics to identify malware based on known suspicious and malicious activities. These activities include events, such as processes making unusual changes to existing files, modifying or creating automatic startup registry keys and startup locations (also known as autostart extensibility points, or ASEPs), and other changes to […]
Detect and block potentially unwanted applications (Microsoft)
Potentially unwanted applications (PUA) are a category of software that can cause your machine to run slowly, display unexpected ads, or at worst, install other software that might be unexpected or unwanted. PUA is not considered a virus, malware, or other type of threat, but it might perform actions on endpoints that adversely affect endpoint […]
Configure behavioral, heuristic, and real-time protection (Microsoft)
Microsoft Defender Antivirus uses several methods to provide threat protection: Cloud protection for near-instant detection and blocking of new and emerging threats Always-on scanning, using file and process behavior monitoring and other heuristics (also known as “real-time protection”) Dedicated protection updates based on machine-learning, human and automated big-data analysis, and in-depth threat resistance research You […]