Help about Un-Authroized Access - Possible False Positive?

Norton Security | Norton Internet Security
1

Hey,

 

So basically, I am a bit paranoid that I May have some form of RAT or someone is trying to access my computer.  I have a hacker friend online, who was testing to see if Norton would detect his RAT, and it immediacy destroyed the file both time he tried putting it on my computer. But since than which was Sunday, I've been getting 3-5 Medium Un-Authoirzed Access Blocked a day.  Though I've had some of these in the past, this seems a bit more frequent.

 

Mostly I"M getting

 

Unauthorzed access block ( Access Process Data )

 

C:\Windows\SYSTEM32\CONHOST.EXE - Acotr

 

and the Target is the Norton Security Suite \Engine64\4.20.12\buvss.exe

 

I had two yesterday that the actor was my Malabytes Anti-Malware

 

One actor was services.exe, but MOST OF THEM are the conhost.exe

 

I've run numerous scans, including online ESET, and the Norton Scanner, and Anti-Malware, and nothing is popping up

 

I actually bought a brand new laptop yesterday, tossed norton on, and it was giving me the same UN-Wanted Access Blocked, from ConHost.exe, so I assume there is no way its an infection, and more than likely just a false postive? The only thing that makes me nervous it that its been more frequent IE

 

There was 5 detections on Sunday

3 Detection on Tuesday

8 on Wednesday

 

and another one right now as I am typing this from services.exe as the Actor

 

 

 

 

2

The log entries you cite belong to Norton Product Tamper Protection, which safeguards the integrity of your Norton product by blocking or limiting the access that outside agents have to Norton files and processes. In almost all cases you will find that these entries involve legitimate programs that run on your computer, including WIndows processes, some of which will show up repeatedly in these logs. These programs are not a threat to your computer and are only being prohibited from interfering with Norton's operations. They are not prevented from running or carrying out their own tasks. As long as the actor shown in these notices is a process that belongs on your computer you do not need to be concerned about these logs. Outside processes frequently interact with Norton and these logs simply record each event.  All of the actors you mentioned are frequently seen in the NPTP logs and should not be a cause for concern.

3

ok that is what I figured, thank you very much