02-06-2012 03:47 PM
i was looking for tracking cookies on my norton history... then i saw a medium risk... adobe arm attacking norton. that was really weird. the imput was from the adobe arm thing and the output was to norton program file. maybe adobe arm is trying to do something or norton just detects it tampering with the program files... also conhost.exe (inside my system32 folder) is also going into my norton program files. Am i being a total newbie or there is something wrong.
-norton internet security trial 2012
02-06-2012 04:34 PM
What you are seeing are Norton Product Tamper Protection entries. Tamper Protection blocks any outside agent, even legitimate ones such as Windows processes, from accessing any Norton file or process. These are not attacks, just access attempts which are, in the case of legitimate programs, benign. The "actor" is only prevented from messing with Norton, and is not otherwise prevented from running normally or carrying out its own tasks. In rare cases, an "actor" might complain, which the user would see as the program inexplicably not working correctly. The logs would be helpful in such cases to determine if the Norton access block was related to the program's misbehavior or not. And, of course, if malware attempted to subvert Norton, the logs would be useful there, too. As long as the "actor" is a known good program that is intended to be running on your system, you can ignore these log entries.