Good day,
I am also now seeing this issue beginning on 9/10. This process is false reporting on a Windows system where I have a script running in response to system events. The .cmd batch file calls powershell.exe to perform some calculations and write to some files/generate disk activity. Should I try to whitelist the .cmd batch file that's being called? I don't necessarily want to whitelist all cmd.exe or powershell.exe activity. Is there a specific security setting I should disable? Like the previous user I currently have the "Penetration Testing" option turned off. Thanks for any tips!
--Tim Leech
