Results 1 to 2 of 2

Thread: Norton Symantec Resource Protector triggered by Teatimer

  1. 2007-09-16, 10:42 #1
    jiffle
    jiffle is offline
    Junior Member
    Join Date
    Sep 2007
    Posts
    1

    Default Norton Symantec Resource Protector triggered by Teatimer

    I'm running Spybot S&D 1.4 alongside Norton Internet Security 2006 (both fully up to date).
    I've just noticed that my Norton 'Symantec Resource Protector' log view has lots of entries like this:

    Event Details:
    Time: 16/09/2007 08:52:42
    Actor: C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE (PID=1712)
    Target: \REGISTRY\MACHINE\SOFTWARE\Classes\exefile\shell\open\command\
    Action: Unauthorized access
    Reaction: Unauthorized access stopped

    Event Details:
    Time: 16/09/2007 08:52:42
    Actor: C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE (PID=1712)
    Target: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A8F38D8D-E480-4D52-B7A2-731BB6995FDD}\
    Action: Unauthorized access
    Reaction: Unauthorized access stopped

    I get only a couple of google hits when I search for \REGISTRY\MACHINE\SOFTWARE\Classes\exefile\shell\open\command\ and teatimer,
    but they are not of much use. Surely lots of other people must be seeing this?

    I'm puzzled/concerned because:

    a) the above registry settings aren't in my black or white list
    b) spybot hasn't asked me to choose between allowing or blocking changes to them (it seems to be doing something itself, which is fine if just monitoring)
    c) i don't know whether spybot is trying to change them (looks like it), nor in what way, nor why
    d) in this case it looks like Norton is protecting itself, but it does leave me wondering whether i should run teatimer alongside norton in case one stops the other doing its job.

    Based on other postings i have refreshed spybot's snapshot (by stopping and restarting it) which has helped because i nolonger get popups.

    Please could somebody tell me what's going on, what i should do and whether my current setup seems okay?

    Many thanks,

    J.
    Reply With Quote Reply With Quote
  2. 2007-09-16, 11:35 #2
    PepiMK
    PepiMK is offline
    Member of Team Spybot PepiMK's Avatar
    Join Date
    Oct 2005
    Location
    Planet Earth
    Posts
    3,601

    Default

    "Unauthorized access" can mean a lot - I think it means just checking these values though, otherwise a useful error message would be "Unauthorized write access". And if Spybot-S&D tries to change something, it would inform you.

    TeaTimer monitors other keys for changes as well, so if Symantec just protects this one, there's still a lot of additional use in teaTimer.

    That's the typical arrogant Symantec bullshit: after a lot of discussions, we agreed that we would solve problems peacefully; among other things we whitelisted any actions by Symantec software. On their side though, it seems they're still following their same old crappy attitude.
    Just remember, love is life, and hate is living death.
    Treat your life for what it's worth, and live for every breath
    (Black Sabbath: A National Acrobat)
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules