Update Display all threats that Windows Defender detected with WinDefLogView

Gandalf_The_Grey

Level 61
Thread author
Verified
Helper
Top poster
Content Creator
Well-known
Apr 24, 2016
5,048
WinDefLogView is a new portable application by Nirsoft. The program displays information about recent threats that the default Windows security solution detected.

windows defender log view


While it is possible to check detected threats elsewhere, doing so requires quite a few clicks in the Windows Security app. The way results are displayed is also not ideal for getting a quick overview of recent threats.

WinDefLogView is a typical Nirsoft application. It is small in size and portable. Just download the archive from the Nirsoft website, extract it on the system, and run the executable file to launch the app. The program is compatible with Microsoft's Windows 10 and 11 operating systems only, but it may be run on older versions of Windows, e.g., Windows 7, to display information from remote systems running Windows 10 or 11.

The interface displays all detected threats in a table. Each line lists the filename, detection name, threat name, severity, category, action, origin, process name and more. A click on a column header sorts the listing accordingly, e.g., by date or severity.

The shortcut Ctrl-F or the selection of Edit > Find displays a search option to filter based in input; this is useful if lots of threats are displayed. The selection of File > Choose data source enables you to retrieve the data from remote computer systems or external folders.

The right-click menu displays several options. The most interesting opens the threat URL on Microsoft's website, which offers additional information on the detected threat.