Clear Windows Security Center (Defender) Protection History

Steve C said:

The Microsoft solution you like appears to be the same as the one I proposed by changing the setting in Group Policy

The Group Policy setting defines the number of days before items are removed from history, in which the minimum is one day.
This does not allow one to delete the history immediately but rather enables the history be cleared every 24hrs automatically.
Again, the objective is to find a way to delete now in the same manner as the "Clear history" button functioned in previous Windows OS versions.

Virtik said:

https://answers.microsoft.com/en-us/...2-f64ff897ebdd

It definitely works.

It appears I might have discovered a little "chink in the armour" as this method doesn't seem to work IF you have any detections listed in the protection history from the controlled folder access feature... if enabled.

Start CMD from Troubleshoot.



-Type your Windows Password
-Wait CMD
-Type;

Code:

del "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\*"
del "C:\ProgramData\Microsoft\Windows Defender\Scans\mpenginedb.db"

DetectionHistory: Clear detected malware history.
mpenginedb.db : Clear others (risk action blocked, controlled folder access)

Thanks for the info matrix.
From your post I was able to create a powershell bat file and place a shortcut in my start menu to clear protection history in Windows Security.

powershell -Command "Remove-Item 'C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\*' -Recurse -Force"

Now FYI, I have admin rights, show hidden folders activated, and ownership for access purposes, so the command may not work for some.
Perhaps Shawn or someone can make a final (cmd/bat/powershell) type file to post in a tutorial or sticky thread for all to use.

Delete folder Service.
Type C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service in the address bar and delete all files and folders. After deleting the folder Service, off and turn on (OFF>ON) Real-Time protection and Cloud protection.

Works a treat

mccnavy said:

I recall on older versions of Windows Defender (now Windows Security Center) that you could clear the threat history. I have found no such way in current versions of Windows Security Center. Is there a way to do this? I am on Windows 10 1903.

Hey, what you need to do is so simple, just follow the steps below exactly in order:

1. Turn OFF Real-time Protection
2. Turn OFF Cloud-delivered Protection
3. Go to this folder C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service
4. Delete the contents in the folder
5. Turn ON Real-time Protection
6. Turn ON Cloud-delivered Protection

That's it... Now check protection History, it's empty.
Done!

I am using Windows 10 Home build 1909

I have tried every method in this thread, but the protection history is still shown, nothing works

ZaneCEO said:

I found this topic Googling for the same issue. The "Clear history" button is now gone, so there isn't an easy-to-spot solution right there. I tried with CCleaner (Windows Defender checked) but got no luck.

Found this topic and the answer a yr later googling the same thing.

Delete "Service" folder, C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service .

I find that going to C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory and removing the sub-folders removes the history.