NIS 2012 flagging Windows system file

Britton30 · ‎09-28-2011

NIS continually blocks this file which is a valid System32 file. C:\WINDOWS\SYSTEM32\CONHOST.EXE. It is a Windows 7 console host for the cmd prompt I think. There are no options to allow it. There are dozens of instances of the blocking in history.

Bombastus · ‎11-16-2009

Hello!

This is not a detection of malware, but just Norton's Self-Protection blocking files that come into contact with any Norton file, folder or process. It doesn't differentiate between "bad" or "harmless" tampering, it just blocks it all. This happens to be a Microsoft file that during some process attempts to read a Norton file, is blocked, and this entry is written in the log. This conhost.exe blocking happens on every Windows 7 system. You can safely ignore it.

SendOfJive · ‎02-07-2009

Hi Britton30,

This is a Norton Product Tamper Protection event: Norton is preventing an outside agent - in this case, a WIndows process - from accessing Norton's process data. This is by design; Norton blocks anything from interfering with its files or processes. No harm is done to Norton or Conhost, so you can simply disregard these log entries.

Britton30 · ‎09-28-2011

Thanks, I knew it wasn't malware. I just thought it odd a system function was blocked is all. True enough it happens on all 3 of my Windows 7 rigs.

Norton Internet Security / Norton AntiVirus

NIS 2012 flagging Windows system file

Re: NIS 2012 flagging Windows system file

Re: NIS 2012 flagging Windows system file

Re: NIS 2012 flagging Windows system file

Products

Services

Support