Norton Product Tamper Protection is having a field day blocking MS components: 
CTFMON - http://support.microsoft.com/kb/282599
Is there a way to selectively permit certain OS components from accessing Norton components without completely turning off Norton Product Tamper Protection?
And
I found a neat utility (NetLimiter 2) that monitors and reports on internet bandwidth usage of the various apps running on my PC.
Reports on all apps, except NIS.
Got blocked by NPTP:
Actor: C:\Program Files\NETLIMITER 2 MONITOR\NLSVC.EXE
Target: C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccsvchst.exe
Action: Open Process Token
Reaction: Unauthorized access blocked
I don't see why this should bother you so much, because it is just informational logging, nothing wrong is happening, the necessary access is, I think, allowed, nothing is broken. Just whistle and pass it by...
Hello bq1
The picture you have posted is showing that your Norton product doesn't let other programs get too close to it, even legit Windows parts. It is protecting itself and your computer. Please remember any setting that you can adjust manually, malware could do the same thing. You can turn off Product Protection for things like a system restore, but then you should turn it right back on again.
TomiRed wrote:... it is just informational logging, nothing wrong is happening, ...
It is not informational logging here.
Something was actually blocked from doing its thing.
floplot wrote:Hello bq1
The picture you have posted is showing that your Norton product doesn't let other programs get too close to it, even legit Windows parts. It is protecting itself and your computer. Please remember any setting that you can adjust manually, malware could do the same thing. You can turn off Product Protection for things like a system restore, but then you should turn it right back on again.
A better strategy might be for Norton Internet Security to display a list of such programs, and allow a [advanced] user to select which programs can override the Tamper Protection blocking.
Those programs should also have an associated MD5 hash that can be checked against to ensure that some malware has not invaded it since the time the user selected it.
Some Firewall programs do something like this when a user wants to override some default setting for a particular program.
The current "all or nothing" NPTP mechanism makes NIS components non-conformant(?) to the OS, and different from other application components running on the PC.
bq1 wrote:It is not informational logging here.Something was actually blocked from doing its thing.
Hi bq1,
Are you saying that some feature that is dependent on Ctfmon.exe is not working? If so, could you elaborate, please? Being denied access to Norton files and processes does not usually cause any noticeable effect on an outside process' operation or an application's performance. The outside agent is only prohibited from interfering with Norton's functioning - it is not blocked from running or carrying out its own tasks.
SendOfJive wrote:
bq1 wrote:It is not informational logging here.Something was actually blocked from doing its thing.
Hi bq1,
Are you saying that some feature that is dependent on Ctfmon.exe is not working? If so, could you elaborate, please? Being denied access to Norton files and processes does not usually cause any noticeable effect on an outside process' operation or an application's performance. The outside agent is only prohibited from interfering with Norton's functioning - it is not blocked from running or carrying out its own tasks.
I have not been personally affected by ctfmon being blocked by NIS (except for monitoring of NIS bandwidth usage via a 3rd party application called NetLimiter 2), but
"Ctfmon.exe monitors the active windows and provides text input service support for speech recognition, handwriting recognition, keyboard, translation, and other alternative user input technologies."
So if someone was dependent on those OS services to interact with NIS...
Hello bq1
If a legitimate program would have to interact with that, the log would show it as logged and not as blocked. Programs such as the free version of Malwarebytes or SUPERAntiSpyware show up in the log as logged and not blocked because they do have to get closer to the Norton product.
bq1 wrote:
So if someone was dependent on those OS services to interact with NIS...
The fact that Ctfmon.exe might be blocked from accessing a Norton process would not prevent it or any of its services from running normally. The only thing that Ctfmon.exe would be prevented from doing is intruding into Norton's workings. NIS Auto-Protection, like any other security software that runs in real time, interacts with everything running on a computer anyway, and that is the area where an application might cause Norton to intervene. Norton Product Tamper Protection is solely concerned with maintaining Norton's integrity and should not hinder the functionality of other processes.