Norton tamper protection with Malwarebytes

Am I correct in analyzing that although I receive the notice in security history that Malwarebytes is a medium threat and has been blocked, that this only means (through my research on it) that since it's an exe. file (?) it will not be allowed to interfere with any of the Norton files or corrupt any Norton files; however, the program itself, Malwarebytes will still run when I ask it to on demand and will perform as it should in finding viruses and the like and then quarantining them to be removed from the computer. The program always runs apparently as it should and is not blocked from performing as far as I can tell. I also know from researching Malwarebytes website that the program is designed to be as compatible with other virus programs as possible, Norton included which would indicate to me that Malwarebytes is indeed performing as designed notwithstanding the aforementioned blocked security message.

If I did want to exclude a program from being blocked on Norton assuming that the program would actually be blocked from performing (and not just making sure that Norton files are not interfered with, how would this be done?  To a larger degree,  I suppose what I am confused about are the so-called blocked files in some cases actually blocked from performing or are all of them allowed to perform as designed but just not being allowed to interfere with the integrity of the Norton files from properly working?

I hope I stated this in a coherent manner?

Incidentally I am running Norton 360 on my windows 11 computer with Microsoft edge as the browser although I do not think this would matter?


Accepted Solution

Re: Norton tamper protection with Malwarebytes

The Unauthorized Access Blocked messages in your security history are logged by Norton Product Tamper Protection when an executable file attempts to read/write/edit/delete a Norton file.  Common Windows processes like svchost.exe, taskmgr.exe, dfrgntfs.exe, etc. as well as executable from third-party software will cause an Unauthorized Access Blocked message to be logged if they touch a file from your Norton installation. Please see post <here> in the Product Suggestions board regarding logging of these blocks. (credit Imacri)

Norton Product Tamper Protection events are not reports of malware.  Unauthorized Access Blocked (Access Process Data) messages in your security history are not reports of malware.  The most common Norton Product Tamper Protection log entries are legitimate Windows processes that Norton is preventing from accessing Norton files or processes.  

Norton Product Tamper Protection events are normal, as legitimate programs and Windows processes frequently try to access Norton files or processes.  Norton blocks attempts by outside agents - even legitimate Windows processes.  There is no need to do anything.  No need to scan with a third-party anti-malware program, no need to change services settings.  These events are not attacks.  They can be ignored.  Unless the actor in the logs is an actual malicious process that does not belong on your PC, these events are totally harmless and routine. (credit SendOfJive)

Malwarebytes Forums messages and documentation that I've read recommends mutual exclusions.  I've read Norton users say they do not run mutual exclusions.  I run mutual exclusions.  I do not run my Malwarebytes Premium subscription real-time with Norton...but, I do run mutual exclusions.  Some/many may disagree.  I do not want Norton touching Malwarebytes.  I do not want Malwarebytes touching Norton.  I do not register Malwarebytes Premium to Windows Security Center as recommended by Malwarebytes Forums. 

When I run Microsoft Defender + Malwarebytes Premium real-time.  I run mutual exclusions as recommended by Malwarebytes Forums. I do not register Malwarebytes Premium to Windows Security Center as recommended by Malwarebytes Forums.

Caveat: I'm W10 

malwarebytes and norton + malwarebytes forums
malwarebytes and microsoft defender + malwarebytes forums
malwarebytes and windows defender + malwarebytes forums

This thread is closed from further comment. Please visit the forum to start a new thread.