@Josey Wales
This worked for me, don't know why it would not work for everyone?
Have tested the script, also verified the jobs is made, and has run, but after running, the history is still visable.
In task scheduler, the task is scheduled by the script as
Administrator (is that correct????, i expected it to run As Trusted Installer)
Also the scripts outputs a log file after running it, can be found here:
\AppData\Local\Microsoft\Windows\PowerShell\ScheduledJobs\Clear Defender Protection History\Output\
Log file:
$MAPS_Status = (Get-MpPreference).MAPSReporting
Set-MpPreference -DisableRealtimeMonitoring 1
Set-MpPreference -MAPSReporting Disabled
Get-ChildItem -File 'C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service' -Recurse | Remove-Item -Force
Set-MpPreference -DisableRealtimeMonitoring 0
Set-MpPreference -MAPSReporting $MAPS_Status
</InvocationInfo_Command><InvocationInfo_Name z:Ref="4" i:nil="true"/><InvocationInfo_AdapterType i:nil="true"/><InvocationInfo_ModuleName z:Id="36" z:Type="System.String" z:Assembly="0">PSScheduledJob</InvocationInfo_ModuleName><InvocationInfo_AdapterTypeName z:Id="37" z:Type="System.String" z:Assembly="0">ScheduledJobSourceAdapter</InvocationInfo_AdapterTypeName><InvocationParam_ScriptBlock z:Ref="6" i:nil="true"/><InvocationParam_FilePath z:Id="38" z:Type="System.String" z:Assembly="0"/><InvocationParam_InitScript z:Ref="38" i:nil="true"/><InvocationParam_RunAs32 z:Id="39" z:Type="System.Boolean" z:Assembly="0">false</InvocationParam_RunAs32><InvocationParam_Authentication z:Id="40" z:Type="System.Management.Automation.Runspaces.AuthenticationMechanism" z:Assembly="System.Management.Automation, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35">Default</InvocationParam_Authentication><InvocationParam_ArgList i:nil="true"/></InvocationInfo_Member></Status_Definition><Status_StartTime z:Id="41" z:Type="System.DateTime" z:Assembly="0">2024-05-06T22:34:47.8542716+02:00</Status_StartTime><Status_StopTime z:Id="42" z:Type="System.DateTime" z:Assembly="0">2024-05-06T22:34:50.4818144+02:00</Status_StopTime></StatusInfo><ResultsInfo z:Id="43" z:Type="Microsoft.PowerShell.ScheduledJob.ScheduledJob+ResultsInfo" z:Assembly="Microsoft.PowerShell.ScheduledJob, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" xmlns=""><Results_Output z:Id="44" z:Type="System.Collections.ObjectModel.Collection`1[[System.Management.Automation.PSObject, System.Management.Automation, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]]" z:Assembly="0"><items z:Id="45" z:Type="System.Collections.Generic.List`1[[System.Management.Automation.PSObject, System.Management.Automation, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]]" z:Assembly="0" xmlns="
http://schemas.datacontract.org/2004/07/System.Management.Automation"><_items z:Id="46" z:Size="0"/><_size>0</_size><_version>0</_version></items></Results_Output><Results_Error z:Id="47" z:Type="System.Collections.ObjectModel.Collection`1[[System.Management.Automation.ErrorRecord, System.Management.Automation, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]]" z:Assembly="0"><items z:Id="48" z:Type="System.Collections.Generic.List`1[[System.Management.Automation.ErrorRecord, System.Management.Automation, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]]" z:Assembly="0" xmlns="
http://schemas.datacontract.org/2004/07/System.Management.Automation"><_items z:Id="49" z:Size="4"><ErrorRecord z:Id="50" z:Type="System.Management.Automation.Runspaces.RemotingErrorRecord" z:Assembly="System.Management.Automation, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"><CliXml z:Id="51" z:Type="System.String" z:Assembly="0" xmlns=""><Objs Version="1.1.0.1" xmlns="
http://schemas.microsoft.com/powershell/2004/04">
<Obj RefId="0">
<ToString>@{Exception=System.Management.Automation.RemoteException:
Access to the path is denied.; TargetObject=C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\Detections.log; FullyQualifiedErrorId=RemoveFileSystemItemArgumentError,Microsoft.PowerShell.Commands.RemoveItemCommand; InvocationInfo=; ErrorCategory_Category=5; ErrorCategory_Activity=Remove-Item; ErrorCategory_Reason=ArgumentException; ErrorCategory_TargetName=C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\Detections.log; ErrorCategory_TargetType=FileInfo; ErrorCategory_Message=InvalidArgument: (C:\ProgramData\...\Detections.log:FileInfo) [Remove-Item], ArgumentException; ErrorDetails_Message=Cannot remove item C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\Detections.log: Access to the path is denied.; ErrorDetails_RecommendedAction=; SerializeExtendedInfo=False; ErrorDetails_ScriptStackTrace=at &lt;ScriptBlock&gt;, &lt;No file&gt;: line 6}</ToString>
<Obj RefId="1">