Please Sign In with Norton Account to Ask a Question or comment in the Community
Envoyé le: 2022-07-17 | 12:10 · 3 Replies · Permalien · Traduction:
Since last month thes po up in Norton. They are located in system32 folder.
Norton blocks them. Often.
Unauthorized access blocked (Access Process Data)
what should i do.
Delete, whitelist, ignore?
Envoyé le: 2022-07-17 | 19:57 · Permalien
Those are entries from Norton Product Tamper Protection. They indicate that some process tried to access Norton's files or processes. Sometimes even Windows processes will try to access a Norton process.
Those items your mention are from Microsoft so there is nothing you need to do. MRT is for the Windows Malicious Software Removal Tool.
Envoyé le: 2022-07-17 | 20:02 · Permalien
The Unauthorized Access Blocked messages in your security history are logged by Norton Product Tamper Protection when an executable file attempts to read/write/edit/delete a Norton file. Common Windows processes like svchost.exe, taskmgr.exe, dfrgntfs.exe, etc. as well as executable from third-party software will cause an Unauthorized Access Blocked message to be logged if they touch a file from your Norton installation. Please see post <here> in the Product Suggestions board regarding logging of these blocks. (credit Imacri)
Norton Product Tamper Protection events are not reports of malware. Unauthorized Access Blocked (Access Process Data) messages in your security history are not reports of malware. The most common Norton Product Tamper Protection log entries are legitimate Windows processes that Norton is preventing from accessing Norton files or processes.
Norton Product Tamper Protection events are normal, as legitimate programs and Windows processes frequently try to access Norton files or processes. Norton blocks attempts by outside agents - even legitimate Windows processes. There is no need to do anything. No need to scan with a third-party anti-malware program, no need to change services settings. These events are not attacks. They can be ignored. Unless the actor in the logs is an actual malicious process that does not belong on your PC, these events are totally harmless and routine. (credit SendOfJive)
Re: MRT.exe, MSIECEC.EXE what to do with it?
Envoyé le: 2022-07-17 | 20:02 · Permalien
The Unauthorized Access Blocked messages in your security history are logged by Norton Product Tamper Protection when an executable file attempts to read/write/edit/delete a Norton file. Common Windows processes like svchost.exe, taskmgr.exe, dfrgntfs.exe, etc. as well as executable from third-party software will cause an Unauthorized Access Blocked message to be logged if they touch a file from your Norton installation. Please see post <here> in the Product Suggestions board regarding logging of these blocks. (credit Imacri)
Norton Product Tamper Protection events are not reports of malware. Unauthorized Access Blocked (Access Process Data) messages in your security history are not reports of malware. The most common Norton Product Tamper Protection log entries are legitimate Windows processes that Norton is preventing from accessing Norton files or processes.
Norton Product Tamper Protection events are normal, as legitimate programs and Windows processes frequently try to access Norton files or processes. Norton blocks attempts by outside agents - even legitimate Windows processes. There is no need to do anything. No need to scan with a third-party anti-malware program, no need to change services settings. These events are not attacks. They can be ignored. Unless the actor in the logs is an actual malicious process that does not belong on your PC, these events are totally harmless and routine. (credit SendOfJive)