How to clear Windows Defender Protection History in Windows 10

How to clear Windows Defender Protection

History in Windows 10
Obinna@TWC

The Protection History page shows detections by Windows Defender and provides detailed and easier to
understand information about threats and available actions. Starting with Build 18305, it includes Controlled
Folder Access blocks, along with any blocks which were made through the organizational configuration of
Attack Surface Reduction Rules. In this post, we will show you how to manually clear protection history in
Windows Defender on Windows 10.

If you use the Windows Defender Offline scanning tool, any detections it makes will now also show in this
history. Additionally, you will see any pending recommendations (red or yellow states from throughout the
app) in the history list.

Delete Windows Defender Protection History

This specifies the number of days for which items are stored in the scan log folder. After this time, Windows
Defender deletes the items. If you specify a null value, Windows Defender will not remove items. If you do
not specify a value, Windows Defender will remove items from the default scan log folder, that is, 30 days.

However, if you want to clear the protection history manually, you can do so in any of the three following

1 of 4 1/9/2021, 7:57 PM
How to clear Windows Defender Protection History in Windows 10

ways;

1. Using Set-MpPreference PowerShell cmdlet

2. Delete Windows Defender Service folder from the local drive
3. Using Event Viewer

Let’s take a look at the steps involved in relation to each of the listed methods.

1] Using Set-MpPreference PowerShell cmdlet

The Set-MpPreference cmdlet configures preferences for Windows Defender scans and updates. You can
modify exclusion file name extensions, paths, or processes, and specify the default action for high,
moderate, and low threat levels.

You can specify a different delay period (in days) by running the cmdlet below in PowerShell admin mode
(press Win+X and then tap A on the keyboard):
Set-MpPreference -ScanPurgeItemsAfterDelay 1

The specified number 1 is the number of days after which the protection history log and items in the log
folder will be cleared.

2] Delete Windows Defender Service folder from the local drive

To manually clear the protection history, this method requires you to delete the Service folder under the
Windows Defender folder on the local drive.

Here’s how:

Press Windows key + R to invoke the Run dialog.

In the Run dialog, copy and paste the path below and hit Enter (if prompted, click Continue).
C:\ProgramData\Microsoft\Windows Defender\Scans\History

Now, right-click the Service folder in that location and select Delete.

You can exit File Explorer.

Next, open Windows Security > Virus & threat protection > Manage settings.
Toggle the button to Off then to On again for Real-Time protection and Cloud-delivered
protection.

3] Using Event Viewer

2 of 4 1/9/2021, 7:57 PM
How to clear Windows Defender Protection History in Windows 10

To manually clear the Windows Defender protection history using the Event Viewer (eventvwr), do the
following:

Press Windows key + R to invoke the Run dialog.

In the Run dialog, type eventvwr and hit Enter to open Event Viewer.
Under the Event Viewer (Local) section on the left-hand side of the pane, expand the Applications
and Services logs option.
Under this, expand the Microsoft option.
Click on Windows to open the list of all its files on the middle pane.
On the middle pane, scroll down to find Windows Defender from the list of files.
Right-click Windows Defender, and click on Open.
From the two options in the middle pane, right-click on Operational, and click Open to view all the
past logs.
Now, under Windows Defender folder on the left pane, right-click on Operational.
Click on Clear Log… on the menu.
Select Clear or Save and Clear based on your requirement to clear the protection history.

And the above listed are the 3 known ways to manually clear Windows Defender protection history in
Windows 10.

3 of 4 1/9/2021, 7:57 PM
How to clear Windows Defender Protection History in Windows 10

4 of 4 1/9/2021, 7:57 PM