Question about the "Protect Norton files and settings from unauthorized changes" option

Norton Security | Norton Internet Security
1

Duis mollis, est non commodo luctus, nisi erat porttitor ligula, eget lacinia odio sem nec elit. Sed posuere consectetur est at lobortis. Vestibulum id ligula porta felis euismod semper. Donec ullamcorper nulla non metus auctor fringilla. Aenean lacinia bibendum nulla sed consectetur. Cras justo odio, dapibus ac facilisis in, egestas eget quam. Cras mattis consectetur purus sit amet fermentum. Morbi leo risus, porta ac consectetur ac, vestibulum at eros. Sed posuere consectetur est at lobortis. Etiam porta sem malesuada magna mollis euismod. Cum sociis natoque penatibus et magnis dis parturient montes, nascetur ridiculus mus. Duis mollis, est non commodo luctus, nisi erat porttitor ligula, eget lacinia odio sem nec elit. Cras justo odio, dapibus ac facilisis in, egestas eget quam. Aenean eu leo quam. Pellentesque ornare sem lacinia quam venenatis vestibulum. Curabitur blandit tempus porttitor. Sed posuere consectetur est at lobortis.

2

In General Options, I have the 'Protect Norton files and settings from unauthorized changes" option turned ON. That is the default.

 

I get the following alerts in my Activity Log under the System Resource Protector tab.

 

Event Details:
Actor: C:\WINDOWS\SYSTEM32\SVCHOST.EXE (PID=1148)
Target: C:\Program Files\Common Files\Symantec Shared\NPC\2.0\HSLoader.exe
Action: Unauthorized access
Reaction: Unauthorized access stopped

I also get the following alert when trying to run Microsoft's Process Explorer (replacement for Task Manager available in the Sysinternals Suite)

 

 

Event Details:
Actor: C:\USERS\BOB\DESKTOP\SYSINTERNALS\PROCEXP.EXE (PID=5212)
Target: C:\Program Files\Common Files\Symantec Shared\ccLgView.exe
Action: Unauthorized access
Reaction: Unauthorized access stopped


I can turn off the second alert by turning off protection for Norton products in General Options. But I'd prefer to be able to tell Norton that Process Explorer is OK and to bypass protection settings for it. Can I?

 

I have no idea why I get the first alert given that svchost.exe is a built-in fundamental Microsoft process.

Message Edited by ablatt on 05-20-2008 02:33 AM
Message Edited by ablatt on 05-20-2008 05:00 AM
Message Edited by ablatt on 05-20-2008 03:39 PM
3

Sorry, but no, there is no way modify how the product determines what is authorized or not.