Thanks for the explanation about the SCANLESS errors. I'll pass that information to the team.

Based upon the way tamper protection works, it looks like Norton Save and Restore 2 has specifically requested to have its area protected but I don't know anything specific about this.

I'm reassured by the fact that sfc did find something and repair it. Hopefully your Norton product, along with your whole system, will be more reliable now and you won't see any additional ntdll errors. The 'unauthorized access blocked' notice is actually an after-effect of the ntdll error. Windows Error Reporting is reporting the ntdll error to Microsoft and the access is being logged and limited by the tamper protection feature.

P.S. While documenting the SCANLESS issue I just noticed that your system has made six more submissions and they're all for this issue. Looks like you were busy isolating this. Thanks!

Reese Anschultz
Senior Software Quality Assurance Manager, Symantec Corporation