You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am running sysmon with sysmonconfig-research.xml configuration on 2 machines. Currently a machine is still running normally, but one machine blocks most exe files, blocks windows updates, downloads exe files, even deletes files when opening properties. I looked at the log and saw a lot of event id 27. I turned off sysmon and the problem was solved. Could this be the cause of the problem? I wonder because sysmon only blocks but why is the file even deleted when viewing properties
The text was updated successfully, but these errors were encountered:
I am running sysmon with sysmonconfig-research.xml configuration on 2 machines. Currently a machine is still running normally, but one machine blocks most exe files, blocks windows updates, downloads exe files, even deletes files when opening properties. I looked at the log and saw a lot of event id 27. I turned off sysmon and the problem was solved. Could this be the cause of the problem? I wonder because sysmon only blocks but why is the file even deleted when viewing properties
The text was updated successfully, but these errors were encountered: