Privacy and Security Change Time to Clear Windows Security Protection History in Windows 11


  • Staff
Windows_Security_banner.png

This tutorial will show you how to change how many days to automatically clear Windows Security protection history in Windows 10 and Windows 11.

The Protection History page in the Windows Security app is where you can go to view recommendations and actions that Microsoft Defender Antivirus has taken on your behalf, Potentially Unwanted Apps that have been removed, or key services (ex: SmartScreen) that are turned off.

Protection History only retains events for 15 days by default, after which they will automatically be cleared from history.

Protection history events that require action will not get cleared until you take action for them.

You can change the number of days to keep items in the scan history folder. After this time, Microsoft Defender removes the items. If you specify a value of zero, Microsoft Defender does not remove items.


Contents

  • Option One: See Current Time to Clear Windows Security Protection History using Command
  • Option Two: Change Time to Clear Windows Security Protection History using Command
  • Option Three: Specify Time to Clear Windows Security Protection History in Local Group Policy Editor
  • Option Four: Specify Time to Clear Windows Security Protection History in Registry Editor


EXAMPLE: Windows Security Protection History

Windows_Security_protection_history.png





Option One

See Current Time to Clear Windows Security Protection History using Command


1 Open Windows Terminal, and select Windows PowerShell.

2 Copy and paste the command below into PowerShell, and press Enter. (see screenshot below)

Get-MpPreference | Select-Object -Property ScanPurgeItemsAfterDelay

3 You will now see how many days (ex: "15") is currently set for the ScanPurgeItemsAfterDelay.

Get_ScanPurgeItemsAfterDelay.png





Option Two

Change Time to Clear Windows Security Protection History using Command


You must be signed in as an administrator to use this option.


1 Open Windows Terminal (Admin), and select Windows PowerShell.

2 Type the command below into PowerShell, and press Enter. (see screenshot below)

Set-MpPreference -ScanPurgeItemsAfterDelay <days>

Substitute <days> in the command above with how many days (up to 4294967295 days) you want to clear protection history after.

0 days = Protection history does not get automatically cleared.

15 days = Default.

For example: Set-MpPreference -ScanPurgeItemsAfterDelay 15


3 You can now close Windows Terminal (Admin) if you like.

Set_ScanPurgeItemsAfterDelay.png





Option Three

Specify Time to Clear Windows Security Protection History in Local Group Policy Editor


You must be signed in as an administrator to use this option.

The Local Group Policy Editor is only available in the Windows 10/11 Pro, Enterprise, and Education editions.

All editions can use Option Four to configure the same policy.


1 Open the Local Group Policy Editor (gpedit.msc).

2 Navigate to the policy location below in the left pane of the Local Group Policy Editor. (see screenshot below)

Computer Configuration>Administrative Templates>Windows Components>Microsoft Defender Antivirus>Scan

Clear_Windows_Security_Protection_History_gpedit-1.png

3 In the right pane of Scan in the Local Group Policy Editor, double click/tap on the Turn on removal of items from scan history folder policy to edit it. (see screenshot above)

4 Do step 5 (specify) or step 6 (default) below for what you would like to do.

5 Specify Time to Clear Windows Security Protection History

This will override Option Two.


A) Select (dot) Enabled. (see screenshot below)​

B) Type a number between 0 and 4294967295 for how many days you want in the Turn on removal of items from scan history folder field.​

0 days = Protection history does not get automatically cleared.


C) Click/tap on OK, and go to step 7 below.​

Clear_Windows_Security_Protection_History_gpedit-3.png

6 Do Not Specify Time to Clear Windows Security Protection History

This is the default setting to allow using Option Two.


A) Select (dot) Not Configured. (see screenshot below)​

B) Click/tap on OK, and go to step 7 below.​

Clear_Windows_Security_Protection_History_gpedit-2.png

7 You can now close the Local Group Policy Editor if you like.




Option Four

Specify Time to Clear Windows Security Protection History in Registry Editor


You must be signed in as an administrator to use this option.


1 Open Registry Editor (regedit.exe).

2 Navigate to the key below in the left pane of Registry Editor. (see screenshot below)

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Scan

If you are wanting to specify a time to clear protection history and do not have the Scan key, right click on the Windows Defender key, click/tap on New, click/tap on Key, type Scan for the name, and press Enter.


Clear_Windows_Security_Protection_History_regedit-1.png

3 Do step 4 (specify) or step 5 (default) below for what you would like to do.


 4. Specify Time to Clear Windows Security Protection History

This will override Option Two.


A) In the right pane of the Scan key, double click/tap on the PurgeItemsAfterDelay DWORD to modify it. (see screenshot below step 2)​

If you do not have a PurgeItemsAfterDelay DWORD, right click on an empty area in the right pane of the Scan key, click/tap on New, click/tap on DWORD (32-bit) Value, type PurgeItemsAfterDelay for the name, and press Enter.


B) Perform the following actions: (see screenshot below)​
  1. Select (dot) Decimal.
  2. Type a number between 0 and 4294967295 for how many days you want.

    0 days = Protection history does not get automatically cleared.


  3. Click/tap on OK.
C) Go to step 6 below.​

Clear_Windows_Security_Protection_History_regedit-2.png


 5. Do Not Specify Time to Clear Windows Security Protection History

This is the default setting to allow using Option Two.


A) In the right pane of the Scan key, right click on the PurgeItemsAfterDelay DWORD, and click/tap on Delete. (see screenshot below step 2)​

B) Click/tap on Yes to confirm, and go to step 6 below. (see screenshot below)​

Clear_Windows_Security_Protection_History_regedit-3.png

6 You can now close Registry Editor if you like.


That's it,
Shawn Brink


Related Tutorials

 

Attachments

  • Windows_Security.png
    Windows_Security.png
    6 KB · Views: 102
Last edited:
Click to expand...
Tutorial updated to add options 3 and 4. :alien:
 

My Computers

System One System Two

  • OS
    Windows 11 Pro for Workstations
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom self build
    CPU
    Intel i7-8700K 5 GHz
    Motherboard
    ASUS ROG Maximus XI Formula Z390
    Memory
    64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz (F4-3600C18D-32GTZR)
    Graphics Card(s)
    ASUS ROG-STRIX-GTX1080TI-O11G-GAMING (11GB GDDR5X)
    Sound Card
    Integrated Digital Audio (S/PDIF)
    Monitor(s) Displays
    2 x Samsung Odyssey G75 27"
    Screen Resolution
    2560x1440
    Hard Drives
    1TB Samsung 990 PRO M.2,
    4TB Samsung 990 PRO M.2,
    8TB WD MyCloudEX2Ultra NAS
    PSU
    Seasonic Prime Titanium 850W
    Case
    Thermaltake Core P3 wall mounted
    Cooling
    Corsair Hydro H115i
    Keyboard
    Logitech wireless K800
    Mouse
    Logitech MX Master 3
    Internet Speed
    1 Gbps Download and 35 Mbps Upload
    Browser
    Google Chrome
    Antivirus
    Microsoft Defender and Malwarebytes Premium
    Other Info
    Logitech Z625 speaker system,
    Logitech BRIO 4K Pro webcam,
    HP Color LaserJet Pro MFP M477fdn,
    APC SMART-UPS RT 1000 XL - SURT1000XLI,
    Galaxy S23 Plus phone
  • Operating System
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    HP Spectre x360 2in1 14-eu0098nr (2024)
    CPU
    Intel Core Ultra 7 155H 4.8 GHz
    Memory
    16 GB LPDDR5x-7467 MHz
    Graphics card(s)
    Integrated Intel Arc
    Sound Card
    Poly Studio
    Monitor(s) Displays
    14" 2.8K OLED multitouch
    Screen Resolution
    2880 x 1800
    Hard Drives
    2 TB PCIe NVMe M.2 SSD
    Internet Speed
    Intel Wi-Fi 7 BE200 (2x2) and Bluetooth 5.4
    Browser
    Chrome and Edge
    Antivirus
    Windows Defender and Malwarebytes Premium
  • Like
Reactions: OAT
None of these work in 23H2. Time to edit or delete the tutorial?
 

My Computer

System One

  • OS
    Windows 11 Pro
    Computer type
    PC/Desktop
    Manufacturer/Model
    Self build
    CPU
    Core i7-13700K
    Motherboard
    Asus TUF Gaming Plus WiFi Z790
    Memory
    64 GB Kingston Fury Beast DDR5
    Graphics Card(s)
    Gigabyte GeForce RTX 2060 Super Gaming OC 8G
    Sound Card
    Realtek S1200A
    Monitor(s) Displays
    Viewsonic VP2770
    Screen Resolution
    2560 x 1440
    Hard Drives
    Kingston KC3000 2TB NVME SSD & SATA HDDs & SSD
    PSU
    EVGA SuperNova G2 850W
    Case
    Nanoxia Deep Silence 1
    Cooling
    Noctua NH-D14
    Keyboard
    Microsoft Digital Media Pro
    Mouse
    Logitech Wireless
    Internet Speed
    50 Mb / s
    Browser
    Chrome
    Antivirus
    Defender
You must log in or register to reply here.

Similar Windows 11 Tutorials

  • Article
Privacy and Security Verify Local Security Authority (LSA) Protection in Windows 11
Replies
0
Views
937
Brink
Brink
  • Article
System Enable or Disable Create Dev Drive in Windows 11
Replies
0
Views
2K
Brink
Brink
  • Article
Apps Enable or Disable "Pin to taskbar" for Microsoft Store app in Windows 11
Replies
0
Views
1K
Brink
Brink
  • Article
Browsers and Mail Clear Allowed Sites for Website Typo Protection Override in Microsoft Edge
Replies
0
Views
1K
Brink
Brink
  • Article
Accounts Enable or Disable Microsoft Accounts in Windows 11
Replies
0
Views
2K
Brink
Brink
  • Article
System Reset Local Security Policy Settings to Default in Windows 11
Replies
0
Views
3K
Brink
Brink
  • Article
Apps See What is New in Microsoft Store app in Windows 10 and 11
Replies
1
Views
925
cute two
C

Latest Support Threads

Latest Tutorials

Back
Top Bottom