Can’t Clear Protection History in Windows 11/10 Defender

Published by Nyau Wai Hoe - Updated on

Windows Defender, the built-in antivirus program in Windows 11 and Windows 10, plays a crucial role in safeguarding your system against various threats. As part of its functionality, it maintains a history of scanned files and activities to help you keep track of potential security issues. However, there may be times when you encounter issues trying to clear this protection history, whether it’s because the option appears to be grayed out or simply unresponsive. In this guide, we’ll walk you through the steps to address this problem and ensure your Windows Defender protection history is properly cleared.

Also see: How to Clear Timeline Activity History in Windows 10 or 11

Can't Clear Protection History in Windows Defender

Clearing Windows Defender Protection History via File Explorer

The Windows Defender protection history is stored in a specific directory on your system. To clear it, you’ll need to navigate to this directory and delete its contents. Here’s how you can do it.

Step 1: Enabling show hidden files and folders in File Explorer

Hidden files and folders, as the name suggests, are typically not visible to users in order to prevent accidental modification or deletion. But to be able to view the Windows Defender history files, it’s essential to make them visible first. Here’s how:

  1. Open File Explorer: You can do this by pressing the Windows key + E or by clicking the File Explorer icon on your taskbar.
  2. Navigate to the “View” Tab: Click on the “View” tab at the top of the File Explorer window. This tab is located next to the “File” tab.
  3. Click “Show”: In the “Show” section of the ribbon, you’ll find a checkbox labeled “Hidden items.” Click on this checkbox to enable the display of hidden files and folders.Show or hide hidden items Windows 11

Learn more: How to Unhide a File or Folder in Windows 11

Step 2: Deleting Protection History files from the “Service” directory

Now that you’ve enabled the viewing of hidden files and folders, clearing the protection history manually is a relatively straightforward process. Here’s a step-by-step guide:

  1. Open File Explorer if it’s not already open.
  2. Navigate to the following directory by either copying and pasting it into the address bar of File Explorer or manually browsing through the folders:
    C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service
  3. Inside the “Service” folder, you’ll find a set of files related to the protection history of Windows Defender. Select all the files inside this folder. To do this quickly, you can press Ctrl + A on your keyboard.
  4. Once all the files are selected, right-click on them and choose “Delete” from the context menu.Can't Clear Protection History in Windows 11 10
  5. A prompt might appear asking for confirmation. Click on “Yes” to proceed with the deletion.
  6. After the files are deleted, you can close the File Explorer.

By completing these steps, you’ve manually cleared the Windows Defender protection history. If, however, you’re looking for an alternative method or the above steps didn’t work as intended, the Event Viewer offers another way to achieve this.

Related resource: How to Reinstall Windows Defender in Windows 11

Clearing Windows Defender Protection History through Event Viewer

If you find it challenging to clear the Windows Defender protection history using the previous method or if you prefer a different approach, you can use Event Viewer to accomplish the task. Here’s how to do it:

  1. Open Run dialog: Press Windows key + R to open the Run dialog.
  2. Type “eventvwr.msc” and click “OK”: In the Run dialog, type “eventvwr.msc” (without quotes) and press Enter or click “OK.” This will launch the Event Viewer application.Open Event Viewer via Run
  3. Navigate to Windows Defender Logs: In the Event Viewer window, expand the “Applications and Services Logs” folder by clicking on the arrow next to it.
  4. Select “Microsoft” folder: Within the expanded list, find and click on the “Microsoft” folder to expand it further.
  5. Choose “Windows”: Now, locate and click on the “Windows” folder under the “Microsoft” folder.
  6. Click on “Windows Defender”: You will see a list of folders related to different Windows components. Find and double-click on the “Windows Defender” folder.Windows Defender history in Event Viewer Windows 11
  7. Select Protection History: In the right pane, you’ll see a list of Operational and WHC logs related to Windows Defender. Double-click on “Operational”Windows Defender Operational Logs
  8. Clear the history: To clear the protection history, right-click on “Operational” on the left pane and select “Clear Log…” from the context menu.Clearing Windows Defender protection history
  9. Confirm clearing: A dialog box will appear asking if you want to clear the log. Click “Clear” to confirm.

This action will remove all the Windows Defender protection history logs, ensuring a clean slate. The next time you access Windows Defender, you will find that the protection history has been successfully cleared.

Linked issue: Windows Defender Security Center Service Missing Windows 11/10

Final thoughts

Whether users have attended to a protection prompt or have taken necessary actions against a suspicious file, there are various reasons one might want to clear the Windows Defender protection history. For some, it’s a matter of maintaining privacy, for others, it could be about decluttering or even ensuring that old records don’t cause undue alarm.

If the standard method of clearing history in Windows Defender doesn’t serve the purpose, the two methods detailed in this article – File Explorer and Event Viewer – can be invaluable alternatives. Always remember to navigate these processes with caution and to prioritize the security of your system.


Nyau Wai Hoe
Nyau Wai Hoe is the Founder and Chief Editor of WindowsDigitals.com. With a degree in software engineering and over 12 years of experience in the tech support industry, Nyau has established himself as an expert in the field, with a primary focus on the Microsoft Windows operating system. As a tech enthusiast, he loves exploring new technologies and leveraging them to solve real-life problems.

Share via
Copy link