I'm getting these messages in the recent history every few minutes:
9/9/2011 3:44 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Friday, September 09, 2011 3:44 PM",C:\PROGRAM FILES (X86)\SIBER SYSTEMS\AI ROBOFORM\ROBOTASKBARICON.EXE,1776,C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccsvchst.exe,3188,Access Process Data,Unauthorized access blocked,1
Roboform is a legitimate program. What would be causing this?
Hi! Welcome to Norton Community!
This means only that fcsruntime.exe wants to access process data of NIS process and this action was blocked. No other actions from fcsruntime.exe in the Windows was not blocked if in Security History was only this item, that you post here.
What is wrong with Fcsruntime.exe in the runtime?
Blocking from accessing NIS process data should not affect working of programs if it is not another secure program, wanted to scan NIS process, that can't be allowed cause of security reason or this file is a virus.
Additional (I think it will be not helpful in this case):
To Exclude <filename> from scanning [in the NIS 2009-2011] go to main window -> Settings (near Computer section) -> on the first tab "Computer Settings" find "Antivirus and SONAR Exclusions" [NIS 2011] (or "Scan Exclusions" or something like this in other NIS versions) and configure it by adding your <filepath> or <filename> to this lists.
One list (Scan) is to exclude from scan while accessing it, another list (Auto-Protect or SONAR) is to exclude from scan while executing it.
Dear niko23,
Thanks for your reply.
The FCSruntime should not accessing any data of NIS.
But I cant seem to run the software in normal mode.
I have no problem to run it at another safe mode (without NIS), but i have limited peripheral access.
Thats why i conclude that the NIS blocking me from running the software.
The i followed the mentioned method to exclude it from SONAR but it doesn't help.
Looking for more advice or experience sharing.
Thanks.
spbcu-
disable "norton product tamper protect" in the misc settings section (settings from the NIS screen). after you do that is it able to run? this isn't a solution - just a test to see if that entry you are seeing in the history is actually causing your program to not work.
let me know what happens ;]
Hi whiplash,
disabling the "tamper protection" doesnt help either.
so, is the software trying to access data from NIS?
may b i need to ask the software developer to modify the software behavior?
It may not be Norton that is causing the problem. It could be that Windows itself is having an issue with it. If it is not being deleted by Auto-protect, or Insight, or Sonar, you may need to look elsewhere. Have a look in event viewer for any explanation.
Thanks for clarifying that. ;)
SendOfJive wrote:Hi Boofo,
This is Norton Product Tamper Protection blocking Roboform from accessing Norton's process data. Norton blocks all outside agents from meddling. Roboform should not be adversely affected by this and you can ignore these entries in your history log. It's all normal.
I'm getting these messages in the recent history every few minutes:
9/9/2011 3:44 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Friday, September 09, 2011 3:44 PM",C:\PROGRAM FILES (X86)\SIBER SYSTEMS\AI ROBOFORM\ROBOTASKBARICON.EXE,1776,C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccsvchst.exe,3188,Access Process Data,Unauthorized access blocked,1
Roboform is a legitimate program. What would be causing this?
You're welcome.
It is nothing to worry about. Some process is trying to access a Norton process and the Norton Tamper Protection is blocking the access.
Hi peterweb,
Thanks for your reply. So is it normal for this particular process to be attempting to access Norton? I know that there can be many instances of svchost (some which are related to malware?) but svchost in system32 is a legitimate process correct?
Thanks again.
Hi emirpk:
peterweb is correct. Norton products can log one of these unauthorized access blocks in the security history (History | Show | Norton Product Tamper Protection) when any process attempts to perform a read/write/edit/delete of a Norton file, including legitimate Windows processes such as svchost.exe, services.exe, dfrgntfs.exe, etc. Please see ManFromOz's post here for more details.
Many users in the forum have seen an upswing in these unauthorized access blocks since LiveUpdate delivered an update for Norton's Behavior and Security Heuristics around 09-Sep-2013, but it's nothing to worry about. These unauthorized access blocks by Norton Product Tamper Protection are completely benign and only logged for diagnostic purposes.
------------
MS Windows Vista Home Premium 32-bit SP2 * Firefox 24.0 * IE 9.0 * NIS 2013 v. 20.4.0.40 * MBAM PRO 1.75.0.1300
HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400M GS
Thank you both very much for your help!
Hi nologin
If Casper XP backup is just a back up programme it should be compatible with Norton unless am update from Norton and/or Casper XP backup has caused an issue.
Conflict in security software can be the cause of various issues even if the security software has been uninstalled the debris left on the system needs to be removed with the removal tool for the specific security software.
Use the process below to remove your previous security programme. You’ll need to download and save the removal tool from the security software’s main website or use the singularlabs website on the link below and choose from the list.
EDITED
If you use ACT! or WinFax, back up those databases before you proceed.
Download Norton removal tool link below. Running the Norton removal tool will remove other Norton products that are on the computer.
http://singularlabs.com/uninstallers/security-software
Uninstall using windows add/remove programme. Check that the security software is not there.
Restart the computer.
Run the removal tool.
Restart the computer.
This process should be performed for each security software to be uninstalled, meaning one at a time.
If you have previously uninstalled then the removal tool needs to be run and the computer restarted.
Has Avast been on the computer?
If you have any questions please ask before starting.
ATB
intesec
Unauthorized access blocked is notice by Norton Tamper Protection that software has been prevented from accessing Norton files. It doesn't mean that the software has been prevented from running. It just isn't allowed to touch Norton. Backup software as well as Spyhunter will trigger this notice, and even Windows is not allowed to fool with Norton files.