Add more TaskName

rules/windows/builtin/taskscheduler/win_taskscheduler_susp_schtasks_delete.yml

@@ -22,8 +22,13 @@ detection:
     selection:
         EventID: 141 
         TaskName|contains: 
-            - '\Microsoft\Windows\Windows Defender\'
-            - '\Microsoft\Windows\WindowsUpdate\'
+            - '\Windows\SystemRestore\SR'
+            - '\Windows\Windows Defender\'
+            - '\Windows\BitLocker'
+            - '\Windows\WindowsBackup\'
+            - '\Windows\WindowsUpdate\'
+            - '\Windows\UpdateOrchestrator\'
+            - '\Windows\ExploitGuard'            
     filter:
         UserName|contains:
             - 'AUTHORI'