This detection rule identifies attempts to disable Windows security event logging through modifications to the `MiniNt` registry key. Security event logging is crucial for monitoring system activities and detecting malicious behavior. The `MiniNt` key specifically disables the Windows Event Log service, which is fundamental for collecting and storing event logs. By disabling event logging, adversaries may evade detection of their actions in an attempt to cover their tracks. The rule leverages both process creation logs and PowerShell command execution patterns to identify potential malicious behavior associated with this registry modification. If any process interacts with the registry to add the `MiniNt` key using `reg.exe` or via PowerShell commands, the rule triggers an alert, indicating a high severity threat to security monitoring capabilities.