PowerShell Question


Doug4901

Active member
Member
Local time
4:36 AM
Posts
6
Visit site
OS
Windows 11 Pro
Hi, I need to change the time that virus notifications are retained. For a number of reasons I want the virus notifications to be saved (temporarily) for at most 1 day.

With PowerShell (as admin) I thought that this command would do it.

>Set-MpPreference -QuarantinePurgeItemsAfterDelay 1

but no, I get this error:

Set-MpPreference : Operation failed with the following error: 0x%1!x!
At line:1 char:2
+ Set-MpPreference -QuarantinePurgeItemsAfterDelay 1
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (MSFT_MpPreference:root\Microsoft\...FT_MpPreference) [Set-MpPreference],
CimException
+ FullyQualifiedErrorId : HRESULT 0xc0000142,Set-MpPreference

Can anyone help me with this change?

Version 23H2 (OS Build 22631.2792)
 

My Computer

System One

  • OS
    Windows 11 Pro
    Computer type
    PC/Desktop
    Manufacturer/Model
    Self assembled
    CPU
    i7-12700
    Memory
    16GB
    Graphics Card(s)
    nVidia 3060Ti
    Monitor(s) Displays
    2 X 34in
    Screen Resolution
    4K
    Hard Drives
    SSD plus HDD
    PSU
    850W
Hi, I need to change the time that virus notifications are retained. For a number of reasons I want the virus notifications to be saved (temporarily) for at most 1 day.

With PowerShell (as admin) I thought that this command would do it.

>Set-MpPreference -QuarantinePurgeItemsAfterDelay 1

but no, I get this error:

Set-MpPreference : Operation failed with the following error: 0x%1!x!
At line:1 char:2
+ Set-MpPreference -QuarantinePurgeItemsAfterDelay 1
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (MSFT_MpPreference:root\Microsoft\...FT_MpPreference) [Set-MpPreference],
CimException
+ FullyQualifiedErrorId : HRESULT 0xc0000142,Set-MpPreference

Can anyone help me with this change?

Version 23H2 (OS Build 22631.2792)
The syntax is correct. The command works for me using PowerShell 7.4.
Are you sure Defender isn't running? That is the only thing I can think of.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro for Workstations
    Computer type
    Laptop
    Manufacturer/Model
    ASUSTeK COMPUTER INC. TUF Gaming FX705GM
    CPU
    2.20 gigahertz Intel i7-8750H Hyper-threaded 12 cores
    Motherboard
    ASUSTeK COMPUTER INC. FX705GM 1.0
    Memory
    24428 Megabytes
    Graphics Card(s)
    Intel(R) UHD Graphics 630 / NVIDIA GeForce GTX 1060
    Sound Card
    Intel(R) Display Audio / Realtek(R) Audio
    Monitor(s) Displays
    Integrated Monitor (17.3"vis)
    Screen Resolution
    FHD 1920X1080 16:9
    Hard Drives
    2 SSD SATA/NVM Express 1.3
    WDS500G2B0A-00SM50 500.1 GB
    WDCSDAPNUW-1002 256 GB
    PSU
    19V DC 6.32 A 120 W
    Cooling
    Dual Fans
    Mouse
    MS Bluetooth
    Internet Speed
    Fiber 1GB Cox -us & 400MB Orange-fr
    Browser
    Edge Canary- Firefox Nightly-Chrome Dev
    Antivirus
    Windows Defender
    Other Info
    VMs of Windows 11 stable/Beta/Dev/Canary
    VM of XeroLinux- Arch based & Debian 12
  • Operating System
    Windows 11 Insider Canary
    Computer type
    Laptop
    Manufacturer/Model
    ASUS X751BP
    CPU
    AMD Dual Core A6-9220
    Motherboard
    ASUS
    Memory
    8 GB
    Graphics card(s)
    AMD Radeon R5 M420
    Sound Card
    Realtek
    Monitor(s) Displays
    17.3
    Screen Resolution
    1600X900 16:9
    Hard Drives
    1TB 5400RPM
The syntax is correct. The command works for me using PowerShell 7.4.
Are you sure Defender isn't running? That is the only thing I can think of.
Hi OAT, I am a beginner with Powershell. Regarding the last part of your reply, all I have tried with Defender is to disable real time detection. Is this what you meant?
 

My Computer

System One

  • OS
    Windows 11 Pro
    Computer type
    PC/Desktop
    Manufacturer/Model
    Self assembled
    CPU
    i7-12700
    Memory
    16GB
    Graphics Card(s)
    nVidia 3060Ti
    Monitor(s) Displays
    2 X 34in
    Screen Resolution
    4K
    Hard Drives
    SSD plus HDD
    PSU
    850W

My Computer

System One

  • OS
    Windows 11 Pro
    Computer type
    PC/Desktop
    Manufacturer/Model
    Self assembled
    CPU
    i7-12700
    Memory
    16GB
    Graphics Card(s)
    nVidia 3060Ti
    Monitor(s) Displays
    2 X 34in
    Screen Resolution
    4K
    Hard Drives
    SSD plus HDD
    PSU
    850W
The syntax is correct. The command works for me using PowerShell 7.4.
Are you sure Defender isn't running? That is the only thing I can think of.
If you're not elevated, that's the exact error that's returned by PS.
 

My Computer

System One

  • OS
    Windows 7
Hi, I need to change the time that virus notifications are retained. For a number of reasons I want the virus notifications to be saved (temporarily) for at most 1 day.

With PowerShell (as admin) I thought that this command would do it.

>Set-MpPreference -QuarantinePurgeItemsAfterDelay 1

but no, I get this error:

Set-MpPreference : Operation failed with the following error: 0x%1!x!
At line:1 char:2
+ Set-MpPreference -QuarantinePurgeItemsAfterDelay 1
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (MSFT_MpPreference:root\Microsoft\...FT_MpPreference) [Set-MpPreference],
CimException
+ FullyQualifiedErrorId : HRESULT 0xc0000142,Set-MpPreference

Can anyone help me with this change?

Version 23H2 (OS Build 22631.2792)
Set-MpPreference
[-AllowDatagramProcessingOnWinServer <Boolean>]
[-AllowNetworkProtectionDownLevel <Boolean>]
[-AllowNetworkProtectionOnWinServer <Boolean>]
[-AllowSwitchToAsyncInspection <Boolean>]
[-AsJob]
[-AttackSurfaceReductionOnlyExclusions <String[]>]
[-AttackSurfaceReductionRules_Actions <ASRRuleActionType[]>]
[-AttackSurfaceReductionRules_Ids <String[]>]
[-CheckForSignaturesBeforeRunningScan <Boolean>]
[-CimSession <CimSession[]>]
[-CloudBlockLevel <CloudBlockLevelType>]
[-CloudExtendedTimeout <UInt32>]
[-ControlledFolderAccessAllowedApplications <String[]>]
[-ControlledFolderAccessProtectedFolders <String[]>]
[-DefinitionUpdatesChannel <UpdatesChannelType>]
[-DisableArchiveScanning <Boolean>]
[-DisableAutoExclusions <Boolean>]
[-DisableBehaviorMonitoring <Boolean>]
[-DisableBlockAtFirstSeen <Boolean>]
[-DisableCacheMaintenance <UInt32>]
[-DisableCatchupFullScan <Boolean>]
[-DisableCatchupQuickScan <Boolean>]
[-DisableCpuThrottleOnIdleScans <Boolean>]
[-DisableDatagramProcessing <Boolean>]
[-DisableDnsOverTcpParsing <Boolean>]
[-DisableDnsParsing <Boolean>]
[-DisableEmailScanning <Boolean>]
[-DisableFtpParsing <Boolean>]
[-DisableGradualRelease <Boolean>]
[-DisableHttpParsing <Boolean>]
[-DisableIOAVProtection <Boolean>]
[-DisableInboundConnectionFiltering <Boolean>]
[-DisableNetworkProtectionPerfTelemetry <Boolean>]
[-DisablePrivacyMode <Boolean>]
[-DisableRdpParsing <Boolean>]
[-DisableRealtimeMonitoring <Boolean>]
[-DisableRemovableDriveScanning <Boolean>]
[-DisableRestorePoint <Boolean>]
[-DisableScanningMappedNetworkDrivesForFullScan <Boolean>]
[-DisableScanningNetworkFiles <Boolean>]
[-DisableScriptScanning <Boolean>]
[-DisableSmtpParsing <Boolean>]
[-DisableSshParsing <Boolean>]
[-DisableTlsParsing <Boolean>]
[-EnableControlledFolderAccess <ControlledFolderAccessType>]
[-EnableDnsSinkhole <Boolean>]
[-EnableFileHashComputation <Boolean>]
[-EnableFullScanOnBatteryPower <Boolean>]
[-EnableLowCpuPriority <Boolean>]
[-EnableNetworkProtection <ASRRuleActionType>]
[-EngineUpdatesChannel <UpdatesChannelType>]
[-ExclusionExtension <String[]>]
[-ExclusionIpAddress <String[]>]
[-ExclusionPath <String[]>]
[-ExclusionProcess <String[]>]
[-ForceUseProxyOnly <Boolean>]
[-Force]
[-HighThreatDefaultAction <ThreatAction>]
[-IntelTDTEnabled <UInt32>]
[-LowThreatDefaultAction <ThreatAction>]
[-MAPSReporting <MAPSReportingType>]
[-MeteredConnectionUpdates <Boolean>]
[-ModerateThreatDefaultAction <ThreatAction>]
[-OobeEnableRtpAndSigUpdate <Boolean>]
[-PUAProtection <PUAProtectionType>]
[-PlatformUpdatesChannel <UpdatesChannelType>]
[-ProxyBypass <String[]>]
[-ProxyPacUrl <String>]
[-ProxyServer <String>]
[-QuarantinePurgeItemsAfterDelay <UInt32>]
[-RandomizeScheduleTaskTimes <Boolean>]
[-RealTimeScanDirection <ScanDirection>]
[-RemediationScheduleDay <Day>]
[-RemediationScheduleTime <DateTime>]
[-ReportingAdditionalActionTimeOut <UInt32>]
[-ReportingCriticalFailureTimeOut <UInt32>]
[-ReportingNonCriticalTimeOut <UInt32>]
[-ScanAvgCPULoadFactor <Byte>]
[-ScanOnlyIfIdleEnabled <Boolean>]
[-ScanParameters <ScanType>]
[-ScanPurgeItemsAfterDelay <UInt32>]
[-ScanScheduleDay <Day>]
[-ScanScheduleOffset <UInt32>]
[-ScanScheduleQuickScanTime <DateTime>]
[-ScanScheduleTime <HH:MM:SS>]
[-SchedulerRandomizationTime <UInt32>]
[-ServiceHealthReportInterval <UInt32>]
[-SevereThreatDefaultAction <ThreatAction>]
[-SharedSignaturesPath <String>]
[-SignatureAuGracePeriod <UInt32>]
[-SignatureBlobFileSharesSources <String>]
[-SignatureBlobUpdateInterval <UInt32>]
[-SignatureDefinitionUpdateFileSharesSources <String>]
[-SignatureDisableUpdateOnStartupWithoutEngine <Boolean>]
[-SignatureFallbackOrder <String>]
[-SignatureFirstAuGracePeriod <UInt32>]
[-SignatureScheduleDay <Day>]
[-SignatureScheduleTime <DateTime>]
[-SignatureUpdateCatchupInterval <UInt32>]
[-SignatureUpdateInterval <UInt32>]
[-SignaturesUpdatesChannel <UpdatesChannelType>]
[-SubmitSamplesConsent <SubmitSamplesConsentType>]
[-ThreatIDDefaultAction_Actions <ThreatAction[]>]
[-ThreatIDDefaultAction_Ids <Int64[]>]
[-ThrottleLimit <Int32>]
[-UILockdown <Boolean>]
[-UnknownThreatDefaultAction <ThreatAction>]
[<CommonParameters>]






Set-MpPreference -ExclusionPath C:\vpostest
echo "Exclusion Success"
Read-Host -Prompt "Press Enter to exit"

Get-MpComputerStatus
 
Last edited:

My Computer

System One

  • OS
    Windows 11 x64
    Computer type
    PC/Desktop
    Manufacturer/Model
    BOSGAME
    CPU
    AMD Ryzen 7 5700U with Radeon Graphics
    Memory
    64 GB
    Monitor(s) Displays
    Hisence 100"
    Screen Resolution
    3840x2160
    Internet Speed
    Bell Fiber 8GB DL 8 GB UP Wifi-7
    Browser
    Google Chrome
    Antivirus
    AVG
    Other Info
    SODOLA 8-Port 2.5Gb Switch,8 x 2.5GBASE-T Ports,1X10G SFP+,100Gbps Switching Capacity, Fanless, Metal Plug & Play 2.5G Unmanaged Network Switch S24 Ultra Smartphone Android Tp-link Tri-band Be19000 Wi-fi 7 Gaming Router Archer Ge800 |
    bitEngine 10G Media Converter, 10 Gigabit Copper to 10G Fiber Ethernet, Unmanaged 1x 1G/2.5G/5G/10GBase-T RJ45 to 1x 10GBase-X SFP+ Slot, Support 10G SR/LR SFP+ Module, Single
    SODOLA 10GBase-SR SFP+ Transceiver, 850nm MMF, up to 300 Meters, Compatible with Cisco SFP-10G-SR, Meraki MA-SFP-10GB-SR, Ubiquiti UniFi UF-MM-10G, Fortinet, Mikrotik, Netgear, TP-Link and More

    Don't use the Goggle defualts these servers are FASTER :)
    MANUAL
    DNS SERVER ASSIGNMENT 4.2.2.6 (Unencrypted)
    IPv4 DNS Servers : 9.9.9.9 (Unencrypted)
You need to use code tags when you post code. If I am correct, I can see about 10 errors in your powershell commands

[] -> [ ]

[-AttackSurfaceReductionOnlyExclusions <String[]>]
[-AttackSurfaceReductionRules_Actions <ASRRuleActionType[]>]
[-AttackSurfaceReductionRules_Ids <String[]>]

[-ExclusionExtension <String[]>]

[-ExclusionIpAddress <String[]>]
[-ExclusionPath <String[]>]
[-ExclusionProcess <String[]>]

[-ProxyBypass <String[]>]

[-ThreatIDDefaultAction_Actions <ThreatAction[]>]
[-ThreatIDDefaultAction_Ids <Int64[]>]
 

My Computers

System One System Two

  • OS
    Windows Pro 23H2 Build 22631.4249
    Computer type
    PC/Desktop
    Manufacturer/Model
    Sin-built
    CPU
    Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz (4th Gen?)
    Motherboard
    ASUS ROG Maximus VI Formula
    Memory
    32.0 GB of I forget and the box is in storage.
    Graphics Card(s)
    Gigabyte nVidia GeForce GTX 1660 Super OC 6GB
    Sound Card
    Onboard
    Monitor(s) Displays
    4 x LG 23MP75 - 2 x 24MK430H-B - 1 x Wacom Pro 22" Tablet
    Screen Resolution
    All over the place
    Hard Drives
    Too many to list.
    OS on Samsung 1TB 870 QVO SATA
    PSU
    Silverstone 1500
    Case
    NZXT Phantom 820 Full-Tower Case
    Cooling
    Noctua NH-D15 Elite Class Dual Tower CPU Cooler / 6 x EziDIY 120mm / 2 x Corsair 140mm somethings / 1 x 140mm Thermaltake something / 2 x 200mm Corsair.
    Keyboard
    Corsair K95 / Logitech diNovo Edge Wireless
    Mouse
    Logitech G402 / G502 / Mx Masters / MX Air Cordless
    Internet Speed
    100/40Mbps
    Browser
    All sorts
    Antivirus
    Kaspersky Premium
    Other Info
    I’m on a horse.
  • Operating System
    Windows 11 Pro 23H2 Build: 22631.4249
    Computer type
    Laptop
    Manufacturer/Model
    LENOVO Yoga 7i EVO OLED 14" Touchscreen i5 12 Core 16GB/512GB
    CPU
    Intel Core 12th Gen i5-1240P Processor (1.7 - 4.4GHz)
    Memory
    16GB LPDDR5 RAM
    Graphics card(s)
    Intel Iris Xe Graphics Processor
    Sound Card
    Optimized with Dolby Atmos®
    Screen Resolution
    QHD 2880 x 1800 OLED
    Hard Drives
    M.2 512GB
    Other Info
    …still on a horse.

Latest Support Threads

Back
Top