Protection file

4 Ways to Clear Microsoft Defender Protection History on Windows 10 and 11

Windows Defender is Microsoft’s antivirus built into your Windows PC to protect against viruses, malware threats, and attacks. It keeps a record of its scans and actions in its Protection History folder.

Although the protection history is deleted after some time, you may wish to have more control to clear it by yourself. So, let’s see how you can clear protection history in four ways.

USE VIDEO OF THE DAY

What is Microsoft Defender Protection History? Why should you delete it?

One of the best antiviruses for your PC, Windows Defender continues to improve with powerful upgrades. These would be scans performed to identify and block malware and other threats. And also recommendations (highlighted in red or yellow) for actions you should take.

You also have access to all this information in a clear and easily understandable form, including potentially unwanted applications that have been removed or key services that have been disabled. The protection history will also show detections that appear when running a Windows Defender offline scan.


Although Windows Defender retains its detection history for 30 days, you can clear it before then if you need to, for example, when many scan logs have accumulated. Clearing protection history would help you free up space on your PC and keep Defender running smoothly.

So let’s see four easy ways to clear protection history in Windows 10 and 11.

1. How to clear Microsoft Defender protection history from local drive

You can manually clear the protection history by deleting the contents of the Service folder in the Windows Defender folder on your local drive, drive C where the Windows operating system is installed. Here’s how:

  1. Hurry Windows+R keys to bring up the Run box.
  2. Copy and paste the path below and click OKAY or hit Walk in: C:ProgramDataMicrosoftWindows DefenderScansHistory
  3. Alternatively, you can navigate to the Defender Protection History folder using the above path in File Explorer. If you don’t see the Program data folder when you open the local drive, select See then check the box next to Hidden objects.
  4. Open the Service folder and select all the files in it. Right click and select Wipe off to delete all files. Then quit File Explorer.
  5. Then search Windows Security and open it.
  6. Below Protection against viruses and threats click on Manage settings.
  7. Finally, toggle the button to Stopped then to On again, for Real-time protection and Cloud-delivered protection.


2. How to Clear Microsoft Defender Protection History Using Event Viewer

You can also manually clear Defender protection history through Event Viewer, a useful app for analyzing event logs on your device.

First, do a Windows search for Event Viewer and click on the result of the application under Best Match open Event Viewer.

  • Under the Event Viewer (local) in the left pane, expand the Application and service logs.
  • Below Application and service logsclick the down arrow next to the Microsoft case.
  • Click on the Windows in the left pane to open the Windows file list in the middle pane.
  • Scroll down the list of files in the middle pane to find Windows Defender.
  • Double-click Windows Defender.
  • Then right click on Operational and select Open to view all past logs.
  • You can now right click on Operational in the left pane and choose Clear Log. Or click on Clear Log in the right pane under Shares.
  • Select Clear to clear the protection history. If you want to save protection history logs for future reference before clearing them, select save and delete.


3. How to Clear Microsoft Defender Protection History via PowerShell

What if you want the protection history to clear automatically after a certain number of days? You can also use a PowerShell command to do this.

Let’s see how to do it: Type PowerShell in the search bar. Right click on WindowsPowerShell below Best Match and select Execute as administrator. Or choose Execute as administrator in the right search pane.

Click on Yes on the UAC prompt that appears. The Administrator: PowerShell window will open.

Type or copy and paste the following command, then press Walk in:

Set-MpPreference -ScanPurgeItemsAfterDelay 7

The number seven at the end of the command is the number of days after which the protection history logs will be cleared. Simply change this number to specify when you want the protection history to be cleared. And it will be erased automatically.

4. How to Clear Microsoft Defender Protection History Using Group Policy Editor

If you have a PC with Windows 10 Pro, Windows 11 Pro or above, you can also use the Group Policy Editor to automatically clear Defender Protection history. Although there are also solutions to access Group Policy Editor on Windows Home. But let’s see how to clear protection history via Group Policy Editor in Windows Pro and above:

  1. Hurry Win + R keys to open the Run box. Type gpedit.msc to open the Local Group Policy Editor. Or just type gpedit in the search bar and click on Edit Group Policy below Best Match to open it.
  2. In the Local Group Policy Editorin the left pane under Setting up a computerdevelop Administrative Templates by clicking the down arrow next to it.
  3. Inside of Administrative Templates folder, click Windows components and the list of its components would come on the center pane of the Group Policy Editor.
  4. Then scroll down to find Windows Defender Antivirus and double click on it.
  5. In the list of Windows Defender elements, double click on the To analyse case.
  6. In the right pane, double click on Enable deletion of items from the scan history folder. Or click Change policy setting in the middle pane. This policy setting defines the number of days that items should remain in the scan history folder before they are permanently deleted.
  7. Then select Change policy setting to open the policy window. It would show Not configured by default. To set the number of days, activate the button next to Enabled. The default number of days, which is 30, would then be defined. If you set the number of days to zero, the items will be retained forever and will not be automatically deleted. So just change the days whenever you want the items to be deleted. Finally, click Apply so what OKAY.


Now you won’t need to manually clear the protection history every time – items in the scan history folder will be automatically deleted after the days you specified.

Clear Microsoft Defender protection history whenever you want

If you ever want to clear Defender Protection history, you know how easy it is to do so in one of the four ways described above. If you want to view the protection history logs later, you can use the Save and Clear option while clearing the protection history using Event Viewer.