Windows Defender — where are the Scan Results?

philippo

Member
Member
Messages
24
I've been using a clean install of W8 Pro for a couple of weeks now and while I have installed some of my usual programs I have not yet installed any standalone AV, firewall, or other "Security" programs. Late last night I decided to try a full scan for the first time, left it running and went to bed. The scanned "file count" was increasing rapidly as one might expect and while the green "progress bar" was filling it was happening quite slowly (I didn't watch long enough to see if there ever was any indicator showing "% completed" or "% remaining "...)

This morning there was absolutely NOTHING on the screen, no messages, no alerts, no "results" or "problems found" or even any indication that the scan itself ever completed...? (I still pretty much use the "desktop" with the bottom taskbar for now and haven't done much playing with Metro Tiles yet ). When I open Defender I cannot find any "scan history" records either...I understand that Windows strives to maintain itself "automatically" for the majority of users that never care to even know what really goes on behind the scenes, but I relish getting into the cybernetic "nuts and bolts" of it and — if not having way more control of things, at least knowing what's going on (or "what happened")

Surely there must be a way to make it all more transparent..?
Philip
 

My Computer

System One

  • OS
    Win7 & Win8 Dual Boot
Hello Philip,

The Windows Defender scan results log files in the folders below are encrypted and cannot be viewed.

"C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Quick"

"C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource"​


However, you can view Windows Defender "Operational" events in Event Viewer (eventvwr.msc) under Applications and Services Logs -> Microsoft -> Windows -> Windows Defender.

Hope this helps, :)
Shawn
 

My Computer

System One

  • OS
    64-bit Windows 10
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Custom self built
    CPU
    Intel i7-8700K OC'd to 5 GHz
    Motherboard
    ASUS ROG Maximus XI Formula Z390
    Memory
    64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz (F4-3600C18D-32GTZR)
    Graphics Card(s)
    ASUS ROG-STRIX-GTX1080TI-O11G-GAMING
    Sound Card
    Integrated Digital Audio (S/PDIF)
    Monitor(s) Displays
    2 x Samsung Odyssey G7 27"
    Screen Resolution
    2560x1440
    Hard Drives
    1TB Samsung 990 PRO M.2,
    4TB Samsung 990 PRO PRO M.2,
    8TB WD MyCloudEX2Ultra NAS
    PSU
    OCZ Series Gold OCZZ1000M 1000W
    Case
    Thermaltake Core P3
    Cooling
    Corsair Hydro H115i
    Keyboard
    Logitech wireless K800
    Mouse
    Logitech MX Master 3
    Internet Speed
    1 Gb/s Download and 35 Mb/s Upload
    Browser
    Internet Explorer 11
    Antivirus
    Malwarebyte Anti-Malware Premium
    Other Info
    Logitech Z625 speaker system,
    Logitech BRIO 4K Pro webcam,
    HP Color LaserJet Pro MFP M477fdn,
    APC SMART-UPS RT 1000 XL - SURT1000XLI,
    Galaxy S23 Plus phone
— if not having way more control of things, at least knowing what's going on (or "what happened")

Obviously, you are able to see when it last ran by opening Windows Defender and looking at the last scan details on the bottom left. If it detected something, it would alert you and also log it in the 'History' section.

If you want to see more detailed logs, you can view them in Event Viewer > Applications and Services Logs > Microsoft > Windows > Windows Defender > Operational

It will show as 'information' for when it has ran, etc. If it has detected malware, etc. it will show as 'Warning' with a yellow warning sign and details of process, severity, etc. If it's stopped before completion it will also show under a yellow warning sign.


Edit: Brink beat me to it.
 

My Computer

System One

  • OS
    Win 8 64-bit
Improvement: Make a Shortcut to it

Right-click on "Operational" / Properties - General tab - Log path: . . . Copy the text of this path / Make a Shortcut

%SystemRoot%\System32\Winevt\Logs\Microsoft-Windows-Windows Defender%4Operational.evtx
 

My Computer

System One

  • OS
    Windows 8.1 Pro 32-bit
    Computer type
    PC/Desktop
    System Manufacturer/Model
    HP Compaq DC7600 Convertible Minitower
    CPU
    Intel Pentium 4 521, Prescott 90nm Technology
    Motherboard
    Hewlett-Packard 09F0h (XU1 PROCESSOR)
    Memory
    2.00GB Dual-Channel DDR2 @ 332MHz (5-5-5-15)
    Graphics Card(s)
    512MB NVIDIA GeForce 8600 GT
    Sound Card
    Realtek High Definition Audio
    Monitor(s) Displays
    HP 2311
    Screen Resolution
    1920x1080@60Hz
    Hard Drives
    149GB SAMSUNG HD160JJ ATA Device (SATA)
    233GB Maxtor 7L250S0 ATA Device (SATA)
    Keyboard
    Logitech K120
    Mouse
    Kensington Expert Mouse K64325
    Internet Speed
    1.5MB DSL
    Browser
    Firefox
    Antivirus
    Avast, Malwarebytes
Back
Top