Weboot Blocking Tor from running
WHy does Weboot block Tor from running? I even put it "Allow" but it still blocks it. I have to shut it down in order to get it to run.I shouldn't have to do that.
Userlevel 7
Hi james_72
Welcome to the Community Forums.
Are there any error messages associated withthe 'blockage'? If you can let us know that might helps situate the issue more clearly.
But in the long term I suspect that it would be best for you to Open a Support Ticket, as this could be down to a new version of Tor and maybe some files need to be Whitelisted in the Webroot Cloud Database.
Regards, Baldrick
Welcome to the Community Forums.
Are there any error messages associated withthe 'blockage'? If you can let us know that might helps situate the issue more clearly.
But in the long term I suspect that it would be best for you to Open a Support Ticket, as this could be down to a new version of Tor and maybe some files need to be Whitelisted in the Webroot Cloud Database.
Regards, Baldrick
No error. I open Firefox.exe for TOR...it appears briefly in Task Manager under processes then disappears. I shut down Webroot and it opens fine.
Userlevel 7
Hi james_72
OK, sounds like a case of WSA being a tad 'over protective' here, and so we can try checking for this. There are essentially 3 key areas where this can happen/a user can override WSA. These are essentially reached, from the main WSA panel, as follows:
1. PC Security > Block/Allow Files
2. Identity Protection > Application Protection
3. Utilities > System Control > Control Active Processes
and once there the user usually has the options to:
A. "Allow"
B. "Protect/Monitor"
C. "Block/Deny"
In the case of 1. Detection Configuration
If an item is set to:
- "Allow", WSA ignores it during scans and shield actions, meaning if it's a virus that has been allowed, it can continue acting as a virus acts. Be careful of what you allow in this area and ensure it's something you trust implicitly if you are going to change the status from Block to Allow.
- "Monitor", WSA will watch the item to determine if it is legitimate or related to malware. It is not necessary to add files into this list or set files to monitor manually unless you are changing them from a Block or Allow status. This might be useful if for example you think Webroot might have had a false positive on something and you want to check again at a later time to see if the determination has changed. You could set it to Monitor and have Webroot check it again.
- "Block", then WSA will treat the items as it would detected malware. It will not be executed, and it will not be written to your hard drive. Detected infections are automatically set to a Block status.
In the case of 2. Protected Applications (Internet Security & Complete version ONLY)
In this case:
- "Allowed applications" are not secured against information-stealing malware, and also have full access to protected data on the system. Many applications unintentionally access protected screen contents or keyboard data without malicious intent when running in the background. If you trust an application that is currently marked as "Deny," you can change it to "Allow."
- "Protected applications" are secured against information-stealing malware, but also have full access to data on the system. By default, web browsers are assigned to the "protected" status. If desired, you might also want to add other software applications to "protected," such as financial management software. When you run a protected application, the Webroot icon in the system tray displays a padlock.
- "Denied applications" cannot view or capture protected data on the system, but can otherwise run normally.
And finally, in the case of 3. Control Active Processes
If a process is set to:
- "Allow" it means WSA allows it to run on the system. It's important to note that if an item is already allowed here, that's because Webroot knows already from seeing the file before that it's ok to allow.
- "Monitor" status means WSA will journal what that program is doing and keep a very close eye on it for any suspicious activity. Basically it would treat it as if it wasn't already sure about it one way or the other, and it wants to monitor it closely until it's sure about it.
- "Block" means just that...WSA does not allow it to run on the system. Be very careful about what you block in this area and ensure that anything you decide to block is a non-essential process. Otherwise, you could be setting yourself up for a lot of grief if you block something critical.
Now, hopefully that has given you a consolidated low down on where to look and what you can do to affect how WSA 'interferes' with files, objects & processes on your system...and so will help you get to the bottom of what is causing you grief… (I am indebted to the KB article by JimM of which this is my re-interpretation).
Do post back with any specific questions that you may have re. the above or if this does not help to resolve the issue for you.
Regards, Baldrick
OK, sounds like a case of WSA being a tad 'over protective' here, and so we can try checking for this. There are essentially 3 key areas where this can happen/a user can override WSA. These are essentially reached, from the main WSA panel, as follows:
1. PC Security > Block/Allow Files
2. Identity Protection > Application Protection
3. Utilities > System Control > Control Active Processes
and once there the user usually has the options to:
A. "Allow"
B. "Protect/Monitor"
C. "Block/Deny"
In the case of 1. Detection Configuration
If an item is set to:
- "Allow", WSA ignores it during scans and shield actions, meaning if it's a virus that has been allowed, it can continue acting as a virus acts. Be careful of what you allow in this area and ensure it's something you trust implicitly if you are going to change the status from Block to Allow.
- "Monitor", WSA will watch the item to determine if it is legitimate or related to malware. It is not necessary to add files into this list or set files to monitor manually unless you are changing them from a Block or Allow status. This might be useful if for example you think Webroot might have had a false positive on something and you want to check again at a later time to see if the determination has changed. You could set it to Monitor and have Webroot check it again.
- "Block", then WSA will treat the items as it would detected malware. It will not be executed, and it will not be written to your hard drive. Detected infections are automatically set to a Block status.
In the case of 2. Protected Applications (Internet Security & Complete version ONLY)
In this case:
- "Allowed applications" are not secured against information-stealing malware, and also have full access to protected data on the system. Many applications unintentionally access protected screen contents or keyboard data without malicious intent when running in the background. If you trust an application that is currently marked as "Deny," you can change it to "Allow."
- "Protected applications" are secured against information-stealing malware, but also have full access to data on the system. By default, web browsers are assigned to the "protected" status. If desired, you might also want to add other software applications to "protected," such as financial management software. When you run a protected application, the Webroot icon in the system tray displays a padlock.
- "Denied applications" cannot view or capture protected data on the system, but can otherwise run normally.
And finally, in the case of 3. Control Active Processes
If a process is set to:
- "Allow" it means WSA allows it to run on the system. It's important to note that if an item is already allowed here, that's because Webroot knows already from seeing the file before that it's ok to allow.
- "Monitor" status means WSA will journal what that program is doing and keep a very close eye on it for any suspicious activity. Basically it would treat it as if it wasn't already sure about it one way or the other, and it wants to monitor it closely until it's sure about it.
- "Block" means just that...WSA does not allow it to run on the system. Be very careful about what you block in this area and ensure that anything you decide to block is a non-essential process. Otherwise, you could be setting yourself up for a lot of grief if you block something critical.
Now, hopefully that has given you a consolidated low down on where to look and what you can do to affect how WSA 'interferes' with files, objects & processes on your system...and so will help you get to the bottom of what is causing you grief… (I am indebted to the KB article by JimM of which this is my re-interpretation).
Do post back with any specific questions that you may have re. the above or if this does not help to resolve the issue for you.
Regards, Baldrick
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.