logs referencing SEP applications
Can anyone explain exactly what SEP is telling me here? Is the application referenced in the 9th field mucking with the SEP application in some way? These aren't always malicious, but they are often enough to be a pretty good indicator of compromise.
Many thanks in advance!
[system name redacted],Allowed,"C:\Program Files\Symantec AntiVirus\SmcGui.exe",,Begin: 2012-11-07 00:33:54,End: 2012-11-07 00:33:54,Rule: ,3532,C:/Documents and Settings/[redacted]/Application Data/Qbbkba.exe,0,,C:/Program Files/Symantec AntiVirus/SmcGui.exe,User: [redacted],Domain: [redacted]
[system name redacted],Allowed,"C:\Program Files\Common Files\Symantec Shared\ccApp.exe",,Begin: 2012-11-07 06:31:20,End: 2012-11-07 06:31:20,Rule: ,3336,C:/WINDOWS/system32/JavaMachine.exe,0,,C:/Program Files/Common Files/Symantec Shared/ccApp.exe,User: [redacted],Domain: [redacted]