The Symantec issue is posted a number of times in some of the other
groups--basically, view it as a "known issue"--Microsoft knows about it, but
the situation hasn't changed.
These log entries involve an optional setting in some Norton versions--so
either other machines on which you don't see this are either running
different versions, or don't have the tamper-protection option turned on.
As far as I am aware, there's no harm going on here--just these ominous
sounding log messages. The workaround is to turn off the feature, or ignore
the log messages. Some folks have tried the exclude from scanning route,
but without success. Oh--you can also "fix" this by turning off one of the
real-time protection elements: "Application Execution."
Here's what the help has to say about what that protects against:
---
Monitors when programs start and any operations they perform while running.
Spyware and other potentially unwanted software can use vulnerabilities in
programs that you have installed to run harmful or unwanted software without
your knowledge. For example, spyware can run itself in the background when
you start a program that you frequently use. Windows Defender monitors your
programs and alerts you if suspicious activity is detected.
---
Given that we have I think several incidents in the past few months of
vulnerabilities in several prominent anti-virus vendors application code, I
would not want to turn this off. Any app that deals with binaries from the
outside world can constitute a vulnerability, and the binaries that
anti-virus vendors deal with are particularly likely to constitute a risk.
--
Thinking about this, I suspect that Symantec would say "turn off the
Microsoft feature, just as they do about the Windows firewall, and Security
center. Perhaps Symantec's tamper-protection feature provides the same
level of protection for Symantec's executables as Windows Defender does.
However, the Windows features protect all the applications on the system,
not just Symantec's.