Use Configuration Manager to review scan results
Use PowerShell cmdlets to review scan results
The following cmdlet will return each detection on the endpoint. If there are multiple detections of the same threat, each detection will be listed separately, based on the time of each detection:
You can specify
-ThreatID to limit the output to only show the detections for a specific threat.
If you want to list threat detections, but combine detections of the same threat into a single item, you can use the following cmdlet:
See Use PowerShell cmdlets to configure and run Microsoft Defender Antivirus and Defender Antivirus cmdlets for more information on how to use PowerShell with Microsoft Defender Antivirus.
Use Windows Management Instruction (WMI) to review scan results
Use the Get method of the MSFT_MpThreat and MSFT_MpThreatDetection classes.