product icon

How to Run Microsoft Defender Antivirus Scans

Run Microsoft Defender antivirus scans on your devices in quick, full, or custom mode.

Note: Available on Windows only.
Important: To use this feature, the user must be authenticated with zero trust authentication, which serves the security of the session. Authentication is required only once when you run a Remote Execution step.
  1. On the Devices > Remote Execution page, select Create new job.
    Can't find the page in the left menu? That's probably because the Devices menu is collapsed. Click the arrow to expand it.
  2. On the Create job page, choose the platform where you want to run automation steps.
  3. Add one of the following step to the list on the left:
    • Microsoft Defender quick scan - Looks at all the locations where there could be malware registered to start with the system, such as registry keys and known Windows startup folders.
    • Microsoft Defender full scan - Runs a quick scan and then continues with scanning file of all mounted fixed disks and removable/network drives (if the full scan is configured to do so). A full scan may take a few hours or days to complete.
    • Microsoft Defender custom scan - Runs a quick scan on the files and folders that you specify in the Path to file or folder field.
    • Microsoft Defender update - Updates Microsoft Defender to the latest version.
  4. Click Next.
  5. From the list of Devices define the devices or a group of devices that will receive the script.
    You can organize your devices by selecting a grouping option from the top of the list.
  6. Click Next.
  7. Name the job in a way that is easy to remember later on.
    Optionally, you can schedule jobs up to one year in advance. To do so, toggle Schedule this job and set the time and date for the job to run. In the Date and time field, either type a date or click the calendar icon to choose it from a date picker.
    Remember: You can select offline devices for scheduled jobs, but when a job runs, devices must be online; otherwise, the job will fail on that device. Scheduled jobs run on each remote device's local time.
  8. Click Run.
    Note: A preset timeout pertains to both the job and the step.

    A timeout for every step is set to two hours, meaning that GoTo Resolve waits two hours for the script to finish on the remote computer. When the script finishes, GoTo Resolve starts the next step and waits another two hours for that step to finish. If a step does not finish on a remote computer in two hours, then it times out and the whole job fails.

Article last updated: 21 July, 2022