Skip to main content
Hi everyone,

 

I am running Norton along with Webroot and thought I would post on how I have the configurations set up so that the realtime protections don't both try to quarantine the same file. Usually, Webroot steps aside if Norton detects a threat using it's resident signatures during download, and Norton quarantines it, but sometimes, Norton doesn't detect a threat using resident signatures and instead uses it's cloud signature "WS.Reputation.1". When Norton uses a cloud signature as opposed to a resident signature, it doesn't scan the file and attempt to remove it until after the download is complete, so Webroot thinks "Okay, it's my turn" and also runs the file through it's own cloud. The only problem here is that Norton is also performing it's cloud lookup at the same time, and when they both detect a threat via the cloud, they both try to remove it. I see in the Webroot and Norton quarantines that both say that they removed the file, when in reality only one of them could have. What I have done to stop this from happening is set Webroot's shield settings to only check files upon execution, not upon the file being written or modified, that way, Webroot and Norton don't both try to perform a quarantine at the same time. I would post a screenshot, but, I do not know how to :p .  I hope this helps anyone who may be using Webroot in conjunction with Norton or any other AV 😃 .

 

Shran
Nice info!  Thank you for the good explanation of how you see them interacting, as well as your configuration to make sure they are both working correctly!

 

 
Thanks David!

You all have given me such great help, and I wanted to post some in the hopes that it helps someone too :D



Shran
@CommanderShran wrote:

Thanks David!

You all have given me such great help, and I wanted to post some in the hopes that it helps someone too :D



Shran
And that sums up the spirit of the Community in one tidy sentence 🙂  

Reply