First thank you all vey much for helping me to try and understand this.
I’m not trying to discount what y’all are telling me.
Just trying to see how it makes sense.
The part about NIS running optimizer after new software is installed - that concerns me since I do not see any new software. Yet at the same time I installed flash player just about a month ago yet no log such as the one I originally described.
Could it be that 2012 did not log this before?
Those who say that they see this all the time, was that true when you were using NIS 2012? Or just started with 2013?
Wondering if norton just recently added this logging to 2012? But why would they do that for 2012 when it’s so old now?
I do have Windows Update set to automatic. Is it common for them to to try an defrag?
Additional information: Since this morning, I've been monitoring Norton's activity on my computers. I'm in the middle of a full system scan on one of the Windows 7 machines. On the other, I have just seen this:
13 entries, back-to-back over about 2 seconds, listed as "Severity: Info" saying "Norton Community Watch Feedback", Status "Pending". After those 13 entries are two more (also listed as "Severity: Info") saying "Norton Error Reporting Submission" within 2 seconds of each other. When I open these two error messages though, I see a lot of info, and if I open "More Details" and look under "Advanced Details" one says "Severity: Low" and one says "Severity: High".
Would there be a relation between all of these and the high activity today?
Calls, I having this problem too. This is very suspicious.
Thanks all for the feedback
I started noticing these 9/10/13 @ around 7:30am central U S time. I did not run Microsoft updates until today around 7:45am
So I don’t think it has to do with Microsoft updates.
I did renew my NIS2012 subscription in the evening if Monday 9/9/13. Then noticed this the next morning.
Did anyone else renew a subscription before this started to show in the logs?
Or as brought up earlier, did norton just change the way they log things? But would they add that change to an older product like 2012?
And thus norton is blocking them ?
I scan this DFRGNTFS .EXE and its safe plus it’s in the right folder system32.
So two main questions first one now being is there something malicious going on?
Or is norton just logging things different?
Ok I accidentally clicked resolved because my stupid smart phone.
How do I remove the resolved status because this surely is not resolved
Well yesterday 9/10/13 it started around 7:40 or so. I had to reboot my pc for other reasons . When I came home from work it showed the same logging at like 9:30 am. But that might have been a continuation of the previous defrag since I interrupted it by rebooting the PC
lmacri wrote
Good news. I still haven't seen any seen any of these dfrgntfs.exe blocks since I powered off and re-started my machine this morning.
------------
Unfortunately a full power-down of my XP and restart doesn't resolve it. I got a huge blast of them a few minutes ago on there.
Still quiet on the two Win 7 machines (as far as no major 20+ medium "unauthorized access" warnings) for the last 3.5 hours (desktop) and 6.5 hours (laptop). The laptop hasn't been rebooted since the 6:53 am set. I did reboot the desktop, but not a hard shut down like the XP.
Will breathe easier if I go a full 24 hours quiet on them though...
Just wish this wasn't happening on 9/11...that isn't helping my nerves at all.
I counted up about 45 of the DFRGNTFS
No I’m at work so I don’t know what my pic is doing
lmacri wrote:
The Norton files reported as the target varied but almost every one was located in a subfolder of C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\.
I googled {0C55C096-0F1D-4F28-AAA2-85EF591126E7} and in my case it looks like the Norton extensions for my Firefox browser (coFFPlgn.dll, IPSFFPl.dll) might have been the intended target of dfrgntfs.exe for many of these blocks.
------------
MS Windows Vista Home Premium 32-bit SP2 * Firefox 23.0.1 * IE 9.0 * NIS 2013 v. 20.4.0.40
HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400M GS
SendOfJive has posted a comment in Melen's thread here that everyone might want to read.
I'm sure that the large number of "unauthorized" blocks that some of us are seeing is unusual, but not dangerous. The purpose of Norton Product Tamper Protection is to prevent outside programs from making changes to your Norton product. The primary objective is to prevent malware from turning off Norton's antivirus protection and attacking your computer, but it also prevents any outside program like Windows Disk Deframenter from performing any read/write/delete of Norton files. As SendOfJive mentioned, Symantec might have recently added some additional Norton files that fall under the umbrella of Norton Product Tamper Protection that has triggered these large number of blocks.
@LMarie2013:
Welcome to the Norton forum.
Is your Windows OS XP or Vista? To date, everyone in this thread who has seen dfrgntfs.exe as the primary program being blocked is an XP or Vista user. That's likely because as of Win 7, the Windows svchost.exe process runs a service called defragsvc for defragging (see here).
------------
MS Windows Vista Home Premium 32-bit SP2 * Firefox 23.0.1 * IE 9.0 * NIS 2013 v. 20.4.0.40
HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400M GS
Apostolos wrote:
Imacri,
Can you please disable this service in XP via services.msc and/or scheduled tasks and see if the issue persists?
See also if you can disable it in regedit. You can always run disc defragmenter on-demand whenever you wish.
Hi Apostolos:
As mentioned in message # 10, I have always had Insight Optimer and scheduled defrags with Windows Disk Defragmenter disabled. I also have automatic Windows Updates disabled. I'm aware of the Windows XP and Vista idletime defrag of important system boot files that can only be disabled in the Windows registry (see message # 8) and this is likely what triggered these blocks on my Vista machine in the first place.
Since this unusual behavior seems to have resolved itself on my machine when I re-booted this morning (message # 17) I'm not the best person to be disabling services and registry keys to see if it fixes the problem, but someone else might want to give it a try.
I might try a manual Windows Disk Defragmenter tomorrow when I have a few hours just to see if the blocks re-occur (they did when LMarie2013 ran a defrag, so this wouldn't surprise me) but I'm not overly concerned at this point - I'm just posting my observations for other users just in case there's some common factor that might explain why these blocks happened in the first place.
------------
MS Windows Vista Home Premium 32-bit SP2 * Firefox 23.0.1 * IE 9.0 * NIS 2013 v. 20.4.0.40
HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400M GS
Also I appreciate the work arounds but I really don’t want to be messing with settings and the registry
"Can a norton staffer let us know if there was a update that would trigger the running of DFRGNTFS.EXE?"
Exactly, time for someone at Norton to comment in this thread. I saw the same entries today in my log.
Hello to all,
Please read this: (http://forums.mydigitallife.info/threads/1910-DfrgNtfs.exe-in-Vista-SP1)
and you will find out that dfrg.exe is running even when you boot your pc in Vista and all the defragmenter settings are set to OFF.
There is a way to disable this and it will do NO harm to your system. (see my previous post).
Either way, if you feel unconfortable, you can re-enable it via the registry in 5 seconds.
Give it a try, because I believe that the messages in NIS history will most likely disappear.
It's a good way in my opinion to troubleshoot the issue.
Hope this helps.
Let me know if you need any further assistance.
Kind regards,
Hi again,
You might want to check this too: http://technet.microsoft.com/en-us/library/cc784391(v=ws.10).aspx
Look for the registry entries as mentionned in my previous posts.
Regards,
Apostolos wrote:
The boot optimization tool runs also in W7 but apparently for some reason it doesn't affect any entry in NIS history.
Maybe the process is improved in W7.
Hi Apostolos:
I'm not an expert, but my understanding is that the Windows boot optimization defrag occasionally runs during system idles and only defrags important Windows system files used in the boot-up process to speed up system boots. That way if someone turns off their scheduled Windows defrags, the most important Windows system files will still be defragged and placed at the front of the boot drive. That's also why it's so difficult to disable and requires a registry tweak to turn it off. Technically, it shouldn't be touching third party files like NIS.
That's not what I've observed on my Vista machine - these idletime boot optimizations defrag all sorts of third party software like Java, iTunes, etc. I've seen similar reports of this by other Vista users but I'm not sure if this is "normal" behavior for Vista or a glitch that's isolated to a few machines.
------------
MS Windows Vista Home Premium 32-bit SP2 * Firefox 23.0.1 * IE 9.0 * NIS 2013 v. 20.4.0.40
HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400M GS
Calls wrote:
I see that windows defrag is set for me monthly which shows it ran 9/7/13. So are people saying that even though its set to run monthly that it is running daily??I have the NIS optimizer at what ever the norton default settings are
Hi Calls:
If your scheduled Windows Disk Defragmenter is set to run monthly, that means it's triggered to start once a month. Since it runs during system idles, the amount of time it takes to complete will depend how often (and how long) your system is idle (sleep mode/hibernation don't count). So yes, a single idletime disk defrag could pause and re-start multiple times over a span of days, depending on the power settings on your computer and how often it stays in idle mode.
Norton's Insight Optimizer runs much the same way and NIS "automatically schedules the optimization when it detects the installation of an application on your computer and your computer is idle". To check the last run date on your system and its completion status, go to Performance | Norton Tasks (my screen shot says Never / Not Run because Insight Optimizer is disabled on my machine). If it's run recently on your machine it might have been triggered by the Microsoft Vista update (KB280382) you ran the evening of Mon Sep 9th (post # 1) or the Patch Tuesday updates of Tues Sep 10th.
You can also see how often insight Optimizer has been triggered in the past three months in the NIS Performance graph - look for a small blue square.
------------
MS Windows Vista Home Premium 32-bit SP2 * Firefox 23.0.1 * IE 9.0 * NIS 2013 v. 20.4.0.40
HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400M GS
Calls wrote:
Now it concerns me is there some new software maliciously placed on my PC that is triggering optimizer to run?
No. Just no.
Concerning the post I just made, when I go to disk defrag it says Analyzing Disk 1 of 2(C:)... and underneath says This may take a few minutes. There is a litlle circle going around to show it is running. So I don't think this disk defrag has even started, and it was scheduled for yesterday morning (Sept.11). How do I stop this from running? Is it a Norton or a Microsoft problem. If I don't get help here. I am going to call Norton tomorrow.
Holly