C
chopper5421
Log Name: Microsoft-Windows-Windows Defender/Operational
Source: Microsoft-Windows-Windows Defender
Date: 9/7/2020 10:43:26 PM
Event ID: 5007
Task Category: None
Level: Information
Keywords:
User: SYSTEM
Computer: DESKTOP-QHAFREC
Description:
Windows Defender Antivirus Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: HKLM\SOFTWARE\Microsoft\Windows Defender\Scan\OfflineScanRun = 0x1
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\Scan\OfflineScanRun = 0x0
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Windows Defender" Guid="{11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78}" />
<EventID>5007</EventID>
<Version>0</Version>
<Level>4</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated SystemTime="2020-09-08T03:43:26.997168500Z" />
<EventRecordID>412</EventRecordID>
<Correlation />
<Execution ProcessID="2944" ThreadID="5256" />
<Channel>Microsoft-Windows-Windows Defender/Operational</Channel>
<Computer>DESKTOP-QHAFREC</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="Product Name">%%827</Data>
<Data Name="Product Version">4.18.2008.9</Data>
<Data Name="Old Value">HKLM\SOFTWARE\Microsoft\Windows Defender\Scan\OfflineScanRun = 0x1</Data>
<Data Name="New Value">HKLM\SOFTWARE\Microsoft\Windows Defender\Scan\OfflineScanRun = 0x0</Data>
</EventData>
</Event>
Does this look normal????
Continue reading...
Source: Microsoft-Windows-Windows Defender
Date: 9/7/2020 10:43:26 PM
Event ID: 5007
Task Category: None
Level: Information
Keywords:
User: SYSTEM
Computer: DESKTOP-QHAFREC
Description:
Windows Defender Antivirus Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: HKLM\SOFTWARE\Microsoft\Windows Defender\Scan\OfflineScanRun = 0x1
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\Scan\OfflineScanRun = 0x0
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Windows Defender" Guid="{11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78}" />
<EventID>5007</EventID>
<Version>0</Version>
<Level>4</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated SystemTime="2020-09-08T03:43:26.997168500Z" />
<EventRecordID>412</EventRecordID>
<Correlation />
<Execution ProcessID="2944" ThreadID="5256" />
<Channel>Microsoft-Windows-Windows Defender/Operational</Channel>
<Computer>DESKTOP-QHAFREC</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="Product Name">%%827</Data>
<Data Name="Product Version">4.18.2008.9</Data>
<Data Name="Old Value">HKLM\SOFTWARE\Microsoft\Windows Defender\Scan\OfflineScanRun = 0x1</Data>
<Data Name="New Value">HKLM\SOFTWARE\Microsoft\Windows Defender\Scan\OfflineScanRun = 0x0</Data>
</EventData>
</Event>
Does this look normal????
Continue reading...