D
David E. Ross
I have several reports in my NAV log about attempted unauthorized access
by drwtsn32.exe (DrWatson Postmortem Debugger) against ccEvtMgr.exe
(Symantec Event Manager Service).
Why is this? Should I be concerned? What should I do about it? (No,
removing NAV is not an option.)
A recent log entry is as follows:
Event Details:
Time: 9/25/2006 7:20:34 PM
Actor: C:\WINDOWS\system32\drwtsn32.exe (PID=3656)
Target: C:\Program Files\Common Files\Symantec Shared\ccApp.exe (PID=2096)
Action: Unauthorized access
Reaction: Unauthorized access stopped
--
David E. Ross
<http://www.rossde.com/>
Concerned about someone (e.g., Pres. Bush) snooping
into your E-mail? Use PGP.
See my <http://www.rossde.com/PGP/>
by drwtsn32.exe (DrWatson Postmortem Debugger) against ccEvtMgr.exe
(Symantec Event Manager Service).
Why is this? Should I be concerned? What should I do about it? (No,
removing NAV is not an option.)
A recent log entry is as follows:
Event Details:
Time: 9/25/2006 7:20:34 PM
Actor: C:\WINDOWS\system32\drwtsn32.exe (PID=3656)
Target: C:\Program Files\Common Files\Symantec Shared\ccApp.exe (PID=2096)
Action: Unauthorized access
Reaction: Unauthorized access stopped
--
David E. Ross
<http://www.rossde.com/>
Concerned about someone (e.g., Pres. Bush) snooping
into your E-mail? Use PGP.
See my <http://www.rossde.com/PGP/>