How To Clear Windows Defender Protection History
Delete Local Folder
\> msconfig
## select the boot tab
## under boot options, clear the safe boot checkbox.
## or
\> bcdedit /set {current} safeboot minimal
\> shutdown /r进入安全模式删除文件夹:
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory
即可。
## reference command ...
\> pushd "%ProgramData%\Microsoft\Windows Defender\Scans\History\Service"
\> takeown /f DetectionHistory /r /d y
\> icacls DetectionHistory /grant administrators:F /t
\> rmdir /s /q DetectionHistory*notes:
- boot to saft mode from settings
- Press the <Win><I> on the keyboard to open Settings.
If that does not work, click Start and then select Settings. - Click Update & Security and on the left pane select Recovery.
- Under Advanced startup, click Restart now.
- After the computer restarts, on the Choose an option screen, select Troubleshoot > Advanced Options > Startup Settings > Restart.
- After the computer restarts, a list of options appears. Select 4 or F4 to start the computer in Safe Mode. If you must use the Internet, select 5 or F5 for Safe Mode with Networking.
- boot to safe mode from the windows sign-in screen
- On the Windows sign-in screen, press and hold the Shift key while you select Power Circle with line Power icon > Restart.
- After your PC restarts to the Choose an option screen, select Troubleshoot > Advanced options > Startup Settings > Restart.
-
After your PC restarts again, select the startup setting you want to use.
- return to normal mode
once you are done working in safe mode, you must run the below command before your restart you PC for it work normally again:
\> bcdedit /deletevalue {current} safeboot
\> shutdown /r- disable windows defender
\> reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" /v "DisableAntiSpyware" /d 1 /t REG_DWORD /f- open windows security
\> start WindowsDefender:click Virus & threat protection. under it click on Manage settings. toggle the button to Off and then to On again, for Real-Time protection and Cloud-delivered protection.
Event Viewer
\> eventvwr.msc /s
Expand the following entries in sequence. Event Viewer (Local) > Applications and Services > Microsoft > Windows > Windows Defender > Operational
Now you can right-click on Operational in the left pane and choose Clear Log. Or click on Clear Log on the right pane under Actions.
Group Policy
Then scroll down to find Local Computer Policy > Computer Configuration > Administrative Templates > Windows Components > Microsoft Defender Antivirus > Scan
in the right pane, double click on Turn on removal of items from scan history folder. Finally, click Apply and then OK.
默认30天,如果将天数设置为零,则项目将永远保留,不会自动删除。
Power Shell
以管理员身份运行PowerShell,设置清除保护历史记录的时间为7天
Set-MpPreference -ScanPurgeItemsAfterDelay 7
Windows PowerShell
Copyright (C) Microsoft Corporation. All rights reserved.
Try the new cross-platform PowerShell https://aka.ms/pscore6
PS C:\Users\Administrator> Set-MpPreference -ScanPurgeItemsAfterDelay 7
PS C:\Users\Administrator>Reference Link
https://www.thewindowsclub.com/clear-windows-defender-protection-history
https://www.makeuseof.com/windows-microsoft-defender-clear-history
https://thegeekpage.com/boot-in-to-safe-mode-using-the-command-prompt
https://www.dell.com/support/kbdoc/en-us/000124344/how-to-boot-to-safe-mode-in-windows-10
2673
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
