Jul 28 08:08:52 SymantecServer corpepp01: 8440p-X0491JYR,Category: 0,Smc,Disconnected from Symantec Endpoint Protection Manager (10.0.11.17) Jul 28 08:08:52 SymantecServer corpepp01: 8440p-X0491JYR,Category: 0,Smc,Connected to Symantec Endpoint Protection Manager (10.0.11.17)
#SYMANTEC ANTIVIRUS WINDOWS#
Jul 28 08:10:13 SymantecServer corpepp01: TEMPEXP02,Category: 0,Smc,Failed to disable Windows firewall Jul 28 08:09:32 SymantecServer corpepp01: CORPMIO-H4VYWB1,Category: 2,Symantec AntiVirus,Symantec Endpoint Protection services shutdown was successful. Jul 28 08:08:52 SymantecServer corpepp01: 6910p-X751008R,Category: 2,Symantec AntiVirus,New virus definition file loaded.
Traffic has been allowed from this application: C:\WINDOWS\system32 toskrnl.exe,Local: 0.0.0.0,Local: 000000000000,Remote: ,Remote: 192.168.1.4,Remote: 000000000000,Inbound,TCP,Intrusion ID: 0,Begin: 11:50:01,End: 11:50:01,Occurrences: 1,Application: C:/WINDOWS/system32/ntoskrnl.exe,Location: Default,User: Administrator,Domain: PROSPECTHILLS Jun 11 12:24:51 SymantecServer sjdevswinapp05: Site: Site sjdevswinapp05,Server: sjdevswinapp05,Domain: Default,Admin: admin,Administrator log on succeededįeb 23 13:08:29 SymantecServer sjdevswinapp05: Virus found,Computer name: Filer,Source: Real Time Scan,Risk name: EICAR Test String,Occurrences: 1,C:/Documents and Settings/Administrator.PROSPECTHILLS/Local Settings/Temp/,"",Actual action: Cleaned by deletion,Requested action: Cleaned,Secondary action: Quarantined,Event time: 21:06:51,Inserted: 21:08:29,End: 21:06:51,Domain: Default,Group: Global\Prospecthills,Server: sjdevswinapp05,User: Administrator,Source computer: ,Source IP: 0.0.0.0 Jun 11 12:24:38 SymantecServer sjdevswinapp05: Site: Site sjdevswinapp05,Server: sjdevswinapp05,Domain: Default,Admin: admin,Administrator log on failed
0 kommentar(er)
