K
Keke
Hi!
I’m using Windows XP Pro (SR2) with Norton Internet security 2006 and
with Norton System Works 2006. When viewing in the log file the Symantec
Resource Protector’s Alerts the WINLOGON.EXE tries intrude the Symantec
software as follows.
Event Details:
Time: 21.2.2006 23:33:42
Actor: C:\WINDOWS\SYSTEM32\WINLOGON.EXE (PID=504)
Target: C:\Program Files\Common Files\Symantec Shared\CCEVTMGR.EXE
Action: Unauthorized access
Reaction: Unauthorized access stopped
Event Details:
Time: 21.2.2006 23:33:42
Actor: C:\WINDOWS\SYSTEM32\WINLOGON.EXE (PID=504)
Target: C:\Program Files\Common Files\Symantec Shared\Security
Console\NSCSRVCE.EXE
Action: Unauthorized access
Reaction: Unauthorized access stopped
And so on.
I have scanned my computer with many different virus scanners, even in
safe mode, without any results.
I’ve studied the Winlogon problem in my computer. It seems that it is
connected to Windows XP’s multi user feature. The attack happens when a
user is logged in and stays logged by “chance user” option. When
another user log himself/herself in, then the Winlogon make the attack
against Symantec soft ware.
Is this a bug in Widows XP or in Symantec soft ware?
Keke
I’m using Windows XP Pro (SR2) with Norton Internet security 2006 and
with Norton System Works 2006. When viewing in the log file the Symantec
Resource Protector’s Alerts the WINLOGON.EXE tries intrude the Symantec
software as follows.
Event Details:
Time: 21.2.2006 23:33:42
Actor: C:\WINDOWS\SYSTEM32\WINLOGON.EXE (PID=504)
Target: C:\Program Files\Common Files\Symantec Shared\CCEVTMGR.EXE
Action: Unauthorized access
Reaction: Unauthorized access stopped
Event Details:
Time: 21.2.2006 23:33:42
Actor: C:\WINDOWS\SYSTEM32\WINLOGON.EXE (PID=504)
Target: C:\Program Files\Common Files\Symantec Shared\Security
Console\NSCSRVCE.EXE
Action: Unauthorized access
Reaction: Unauthorized access stopped
And so on.
I have scanned my computer with many different virus scanners, even in
safe mode, without any results.
I’ve studied the Winlogon problem in my computer. It seems that it is
connected to Windows XP’s multi user feature. The attack happens when a
user is logged in and stays logged by “chance user” option. When
another user log himself/herself in, then the Winlogon make the attack
against Symantec soft ware.
Is this a bug in Widows XP or in Symantec soft ware?
Keke