Michael Greenberg
12/11/2022, 11:20 AMosquery --json
via stdin) were
select sha1 from certificates where store_location = "LocalMachine" and upper(sha1) = '0C40F468D84B158856FFD52406378E397C016EF2' ;
select key from registry where key = 'HKEY_LOCAL_MACHINE\SOFTWARE\xxxxx' and name = 'yyyyy' and data like '0' ;
select name from windows_security_products where type = 'Antivirus' and state = 'On';
Is there any known issue that might cause this to happen ? Is there a way I can debug this?
This is with osquery 5.4.0
Thanks