A
AG-Astar
We have been seeing continuous event in Defender timeline that something is trying to Tampering Defender but enable to identify what actually causing this?Below are the events timeline:svchost.exe set registry value for key 'HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender' svchost.exe set registry value 'DisableAntiSpyware' for key 'SOFTWARE\Policies\Microsoft\Windows Defender' svchost.exe attempted to turn off the Microsoft Defender Antivirus security feature DisableAntiSpyware Looking for assistance on how this can be identified?Thank you
Continue reading...
Continue reading...