SendOfJive has posted a comment in Melen's thread here that everyone might want to read.
I'm sure that the large number of "unauthorized" blocks that some of us are seeing is unusual, but not dangerous. The purpose of Norton Product Tamper Protection is to prevent outside programs from making changes to your Norton product. The primary objective is to prevent malware from turning off Norton's antivirus protection and attacking your computer, but it also prevents any outside program like Windows Disk Deframenter from performing any read/write/delete of Norton files. As SendOfJive mentioned, Symantec might have recently added some additional Norton files that fall under the umbrella of Norton Product Tamper Protection that has triggered these large number of blocks.
@LMarie2013:
Welcome to the Norton forum.
Is your Windows OS XP or Vista? To date, everyone in this thread who has seen dfrgntfs.exe as the primary program being blocked is an XP or Vista user. That's likely because as of Win 7, the Windows svchost.exe process runs a service called defragsvc for defragging (see here).
------------ MS Windows Vista Home Premium 32-bit SP2 * Firefox 23.0.1 * IE 9.0 * NIS 2013 v. 20.4.0.40 HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400M GS
Maybe the boot optimization tool running in Vista is the culprit.
It runs if the system is idle for 10 mins and also when booting.
Try to disable it by following this:
1. Open the Windows Registry (Run > regedit) (AS ADMIN). 2. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction 3. Change the "Enable" key from Y to N
Can you please disable this service in XP via services.msc and/or scheduled tasks and see if the issue persists?
See also if you can disable it in regedit. You can always run disc defragmenter on-demand whenever you wish.
Hi Apostolos:
As mentioned in message # 10, I have always had Insight Optimer and scheduled defrags with Windows Disk Defragmenter disabled. I also have automatic Windows Updates disabled. I'm aware of the Windows XP and Vista idletime defrag of important system boot files that can only be disabled in the Windows registry (see message # 8) and this is likely what triggered these blocks on my Vista machine in the first place.
Since this unusual behavior seems to have resolved itself on my machine when I re-booted this morning (message # 17) I'm not the best person to be disabling services and registry keys to see if it fixes the problem, but someone else might want to give it a try.
I might try a manual Windows Disk Defragmenter tomorrow when I have a few hours just to see if the blocks re-occur (they did when LMarie2013 ran a defrag, so this wouldn't surprise me) but I'm not overly concerned at this point - I'm just posting my observations for other users just in case there's some common factor that might explain why these blocks happened in the first place.
------------ MS Windows Vista Home Premium 32-bit SP2 * Firefox 23.0.1 * IE 9.0 * NIS 2013 v. 20.4.0.40 HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400M GS
It's Windows Vista SP2 that I have. It really DOES sound like something has been added. When I see this large number of "unauthorized" blocks, it is alarming only because I don't understand too much of it. Maybe I'm just being a worrywart. I do agree with what SendofJive is saying though.
Ok just to add. When I came home from work today I looked in recent NIS history and saw the DFRGNTFS.EXE Entries again. Seemed to happen around 9:30am So is the thought on this that NIS is triggering the running of DFRGNTFS.EXE? And in turn DFRGNTFS.EXE is attempting to reach norton items? It would seem off that disk defragmentation would be going on daily. Can a norton staffer let us know if there was a update that would trigger the running of DFRGNTFS.EXE?
So is the thought on this that NIS is triggering the running of DFRGNTFS.EXE? And in turn DFRGNTFS.EXE is attempting to reach norton items? It would seem off that disk defragmentation would be going on daily.
Hi Calls:
I don't think you definitively answered my questions in message # 10 about whether you have Norton's Insight Optimizer enabled and whether you have Windows Disk Defragmenter set to run on a regular schedule. If the answer to either question is Yes then there will be certain days where your Vista dfrgntfs.exe is active over an extended period of time, and at some point your defragger will likely be blocked by Norton's Product Tamper Protection when it attempts to defrag a protected Norton file. The frequency of Insight Optimizer defrags will vary from machine to machine and will depend on how often a user updates or installs new software on their system.
See here for more information on Norton's Insight Optimizer.
------------ MS Windows Vista Home Premium 32-bit SP2 * Firefox 23.0.1 * IE 9.0 * NIS 2013 v. 20.4.0.40 HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400M GS
The boot optimization tool runs also in W7 but apparently for some reason it doesn't affect any entry in NIS history.
Maybe the process is improved in W7.
Hi Apostolos:
I'm not an expert, but my understanding is that the Windows boot optimization defrag occasionally runs during system idles and only defrags important Windows system files used in the boot-up process to speed up system boots. That way if someone turns off their scheduled Windows defrags, the most important Windows system files will still be defragged and placed at the front of the boot drive. That's also why it's so difficult to disable and requires a registry tweak to turn it off. Technically, it shouldn't be touching third party files like NIS.
That's not what I've observed on my Vista machine - these idletime boot optimizations defrag all sorts of third party software like Java, iTunes, etc. I've seen similar reports of this by other Vista users but I'm not sure if this is "normal" behavior for Vista or a glitch that's isolated to a few machines.
------------ MS Windows Vista Home Premium 32-bit SP2 * Firefox 23.0.1 * IE 9.0 * NIS 2013 v. 20.4.0.40 HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400M GS
I see that windows defrag is set for me monthly which shows it ran 9/7/13. So are people saying that even though its set to run monthly that it is running daily??I have the NIS optimizer at what ever the norton default settings are
Hi Calls:
If your scheduled Windows Disk Defragmenter is set to run monthly, that means it's triggered to start once a month. Since it runs during system idles, the amount of time it takes to complete will depend how often (and how long) your system is idle (sleep mode/hibernation don't count). So yes, a single idletime disk defrag could pause and re-start multiple times over a span of days, depending on the power settings on your computer and how often it stays in idle mode.
Norton's Insight Optimizer runs much the same way and NIS "automatically schedules the optimization when it detects the installation of an application on your computer and your computer is idle". To check the last run date on your system and its completion status, go to Performance | Norton Tasks (my screen shot says Never / Not Run because Insight Optimizer is disabled on my machine). If it's run recently on your machine it might have been triggered by the Microsoft Vista update (KB280382) you ran the evening of Mon Sep 9th (post # 1) or the Patch Tuesday updates of Tues Sep 10th.
You can also see how often insight Optimizer has been triggered in the past three months in the NIS Performance graph - look for a small blue square.
------------ MS Windows Vista Home Premium 32-bit SP2 * Firefox 23.0.1 * IE 9.0 * NIS 2013 v. 20.4.0.40 HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400M GS
Concerning the post I just made, when I go to disk defrag it says Analyzing Disk 1 of 2(C:)... and underneath says This may take a few minutes. There is a litlle circle going around to show it is running. So I don't think this disk defrag has even started, and it was scheduled for yesterday morning (Sept.11). How do I stop this from running? Is it a Norton or a Microsoft problem. If I don't get help here. I am going to call Norton tomorrow.
To Calls: i agree with you about the registry. The logging of Unauthorized access blocked question has stopped since I turned off
Insight Optimizer as suggested by someone,.but should I keep it off forever. That's not what the default setting was and this just started. I've had my computer since May of 2009 and never had this before. Is this just happening on computers with Windows Vista that had scheduled Disk Defrag? I still can't get the Analyzing Disk 1 of 2(C:)... in the Windows Disk Defrag to stop running so a disk defrag hasn't really started.
