Windows Defender, the built-in antivirus program in Windows 11 and Windows 10, plays a crucial role in safeguarding your system against various threats. As part of its functionality, it maintains a history of scanned files and activities to help you keep track of potential security issues. However, there may be times when you encounter issues trying to clear this protection history, whether it’s because the option appears to be grayed out or simply unresponsive. In this guide, we’ll walk you through the steps to address this problem and ensure your Windows Defender protection history is properly cleared.
Clearing Windows Defender Protection History via File Explorer
The Windows Defender protection history is stored in a specific directory on your system. To clear it, you’ll need to navigate to this directory and delete its contents. Here’s how you can do it.
Step 1: Enabling show hidden files and folders in File Explorer
Hidden files and folders, as the name suggests, are typically not visible to users in order to prevent accidental modification or deletion. But to be able to view the Windows Defender history files, it’s essential to make them visible first. Here’s how:
- Open File Explorer: You can do this by pressing the Windows key + E or by clicking the File Explorer icon on your taskbar.
- Navigate to the “View” Tab: Click on the “View” tab at the top of the File Explorer window. This tab is located next to the “File” tab.
- Click “Show”: In the “Show” section of the ribbon, you’ll find a checkbox labeled “Hidden items.” Click on this checkbox to enable the display of hidden files and folders.
Learn more: How to Unhide a File or Folder in Windows 11
Step 2: Deleting Protection History files from the “Service” directory
Now that you’ve enabled the viewing of hidden files and folders, clearing the protection history manually is a relatively straightforward process. Here’s a step-by-step guide:
- Open File Explorer if it’s not already open.
- Navigate to the following directory by either copying and pasting it into the address bar of File Explorer or manually browsing through the folders:
- Inside the “Service” folder, you’ll find a set of files related to the protection history of Windows Defender. Select all the files inside this folder. To do this quickly, you can press Ctrl + A on your keyboard.
- Once all the files are selected, right-click on them and choose “Delete” from the context menu.
- A prompt might appear asking for confirmation. Click on “Yes” to proceed with the deletion.
- After the files are deleted, you can close the File Explorer.
By completing these steps, you’ve manually cleared the Windows Defender protection history. If, however, you’re looking for an alternative method or the above steps didn’t work as intended, the Event Viewer offers another way to achieve this.
Related resource: How to Reinstall Windows Defender in Windows 11
Clearing Windows Defender Protection History through Event Viewer
If you find it challenging to clear the Windows Defender protection history using the previous method or if you prefer a different approach, you can use Event Viewer to accomplish the task. Here’s how to do it:
- Open Run dialog: Press Windows key + R to open the Run dialog.
- Type “eventvwr.msc” and click “OK”: In the Run dialog, type “eventvwr.msc” (without quotes) and press Enter or click “OK.” This will launch the Event Viewer application.
- Navigate to Windows Defender Logs: In the Event Viewer window, expand the “Applications and Services Logs” folder by clicking on the arrow next to it.
- Select “Microsoft” folder: Within the expanded list, find and click on the “Microsoft” folder to expand it further.
- Choose “Windows”: Now, locate and click on the “Windows” folder under the “Microsoft” folder.
- Click on “Windows Defender”: You will see a list of folders related to different Windows components. Find and double-click on the “Windows Defender” folder.
- Select Protection History: In the right pane, you’ll see a list of Operational and WHC logs related to Windows Defender. Double-click on “Operational”
- Clear the history: To clear the protection history, right-click on “Operational” on the left pane and select “Clear Log…” from the context menu.
- Confirm clearing: A dialog box will appear asking if you want to clear the log. Click “Clear” to confirm.
This action will remove all the Windows Defender protection history logs, ensuring a clean slate. The next time you access Windows Defender, you will find that the protection history has been successfully cleared.
Whether users have attended to a protection prompt or have taken necessary actions against a suspicious file, there are various reasons one might want to clear the Windows Defender protection history. For some, it’s a matter of maintaining privacy, for others, it could be about decluttering or even ensuring that old records don’t cause undue alarm.
If the standard method of clearing history in Windows Defender doesn’t serve the purpose, the two methods detailed in this article – File Explorer and Event Viewer – can be invaluable alternatives. Always remember to navigate these processes with caution and to prioritize the security of your system.