User Guide for PCs SecureAnywhere AntiVirus SecureAnywhere Internet Security Plus SecureAnywhere Complete Endpoint Protection
Copyright Webroot SecureAnywhere User Guide for PCs July, 2013 2013 Webroot Software, Inc. All rights reserved. Webroot is a registered trademark and SecureAnywhere is a trademark of Webroot Software, Inc. All other product and company names mentioned may be trademarks or registered trademarks of their respective owners.
Table of Contents Getting Started 1 Installing SecureAnywhere on a PC 2 Creating a Webroot account 8 Using the SecureAnywhere interface 12 Using the system tray 14 Viewing protection status 15 Scanning for Malware 17 Running scans 18 Viewing the latest scan results 18 Running a scan immediately 19 Managing detected threats 21 Changing the scan schedule 22 Changing the scan settings 25 Shielding Your PC 29 Managing shields 30 Changing Realtime shield settings 32 Changing Behavior shield settings 35 Changing Core System shield settings 38 Changing Web Threat shield settings 41 Using Web Threat protection 44 Surfing websites 44 Using search engines 45 Using Firewall Protection 47 Managing the firewall 48 Changing firewall alert settings 49 Managing network applications 50 Managing Quarantine 53 Managing quarantined items 54 Managing file detection 56 Using antimalware tools 58
Managing Identity Protection 61 Managing Identity Protection 62 Changing Identity Protection settings 63 Managing protected applications 66 Managing protected websites 69 Managing Passwords 73 Using password management 74 Downloading the passwords component 75 Managing Backup & Sync 77 Using Backup & Sync 78 Downloading the Backup & Sync component 79 Synchronizing files 81 Changing sync settings 85 Adding sync folders 88 Synchronizing folders with other computers 92 Removing a folder from synchronization 95 Backing up files 97 Changing backup settings 101 Changing backup filters 104 Changing the backup schedule 107 Checking file status 109 Using the System Cleaner 113 Running a system cleanup 114 Running a scheduled cleanup 117 Changing Windows Desktop settings 120 Changing Windows system settings 123 Changing Application settings 126 Changing Internet Explorer settings 128 Using Secure File Removal 132 Viewing the cleanup log 135 Using Advanced Tools 137 Controlling active processes 138 Using the SafeStart sandbox 140
Saving a scan log 142 Using the System Analyzer 143 Viewing the execution history 145 Viewing the protection statistics 146 Managing Your Account 149 Viewing your account details 150 Activating a new keycode 151 Renewing your subscription 152 Checking for updates 153 Setting Preferences 155 Setting general preferences 156 Setting basic configuration 162 Setting access control 166 Defining proxy server settings 169 Adjusting heuristics 172 Exporting and importing settings 177 Setting self protection 180 Accessing Support and Resources 183 Accessing Technical Support options 184 Accessing additional publications 185 Saving a threat log for analysis 186 Submitting a file to Webroot for analysis 187 Glossary 189 Index 193
Getting Started Webroot SecureAnywhere delivers complete protection against viruses, spyware, and other online threats without slowing down PC performance or disrupting your normal activities. With its fast scans and threat removal, you can rest assured that malware is eliminated quickly and easily. SecureAnywhere gives you the freedom to surf, share, shop, and bank online all with the confidence that your PC and your identity will be kept safe. Note: This guide describes the features of all SecureAnywhere editions: AntiVirus, Internet Security Plus, Complete, or Endpoint. Your edition may not include some of the features described in this guide. To get started with SecureAnywhere, see the following topics: Installing SecureAnywhere on a PC 2 Creating a Webroot account 8 Using the SecureAnywhere interface 12 Using the system tray 14 Viewing protection status 15-1 -
User Guide for PCs Installing SecureAnywhere on a PC SecureAnywhere is available in several editions, described in the table below. If you aren't certain which edition you purchased, look at the email from Webroot (if you purchased SecureAnywhere online) or the product packaging (if you purchased SecureAnywhere from a store). SecureAnywhere editions AntiVirus Internet Security Plus Complete Endpoint Provides protection from viruses, spyware, and phishing. Also includes a firewall and features for safe web searching. This edition is available with: Licenses for 1 or 3 devices (PC or Mac) Subscriptions for 1 or 2 years Provides all the features of the AntiVirus edition, plus a password management feature and protection for mobile devices. This edition is available with: Licenses for 3 or 5 devices (PC, Mac, or mobile) Subscriptions for 1 or 2 years Provides all the features of the Internet Security Plus edition, along with a system cleaner that removes traces of Internet activity and a feature for backing up and synchronizing your data. This edition is available with: Licenses for 5 devices (PC, Mac, or mobile) Subscriptions for 1, 2, or 3 years Provides all the features of the AntiVirus edition, plus the system cleaner. (This product is available only with the Endpoint Protection business version of SecureAnywhere.) - 2 -
Getting Started You can install SecureAnywhere on a device with one of the following operating systems: SecureAnywhere system requirements PCs Macs Compatible with the following operating systems: Windows 8 32-bit and 64-bit Windows 7 32-bit and 64-bit (all Editions), Windows 7 SP1 32-bit and 64-bit (all Editions) Windows XP 32-bit and 64-bit SP2, SP3 Windows Vista 32-bit (all Editions), Windows Vista SP1, SP2 32-bit and 64-bit (all Editions) Minimum system requirements: Intel Pentium /Celeron family, or AMD K6/Athlon /Duron family, or other compatible processor 128 MB RAM (minimum) 10 MB Hard Disk Space Internet access with one of the following browsers: Microsoft Internet Explorer 7.0 and higher Mozilla Firefox 3.6 and higher Google Chrome 10.0 or higher Compatible with the following operating systems: Mac OS X v.10.7 "Lion" Mac OS X v. 10.8 " Mountain Lion" For more information on Mac requirements and how to install SecureAnywhere on a Mac, see the Webroot SecureAnywhere User Guide for Mac OS X. You will also need a separate installer file for Mac. Go to your Mac and download the file from: http://anywhere.webrootcloudav.com/zerol/wsamac.dmg - 3 -
User Guide for PCs SecureAnywhere system requirements Mobile Compatible with the following operating systems: Android devices with operating system version 2.2 or higher Apple devices with ios version 4.2 or later (compatible with iphone, ipod touch, and ipad mobile digital devices) Mobile apps are available with the purchase of Internet Security Plus or Complete editions. You can also purchase them separately. To download and install mobile apps, see the download instructions. To install SecureAnywhere on a PC: 1. Before you begin: a. Read the license agreement at: http://detail.webrootanywhere.com/eula.asp. b. Close all programs that may be open on your computer. c. Make sure you have the keycode, which is a 20-character license that identifies your Webroot account. Your keycode comes in an email message or is listed inside the retail box. If you purchased a multi-user license, you can use the same keycode to install the software on up to three or five devices. Note: The keycode is associated only with SecureAnywhere and does not include any information related to your computer or its configuration. Webroot does not use the keycode in any way to track individual use of its products. 2. Start the installation routine either from a CD or from a downloaded file: If you are installing from a CD, insert the CD into the CD drive. An installation dialog opens where you can click a link to begin. If the installation dialog does not open, use Windows Explorer to navigate to your CD drive and double-click the software s installation file. If you are installing from a downloaded file, navigate to where you downloaded the file in Windows Explorer and double-click the file to start the installation. Click Run to begin. 3. When the Webroot installer dialog opens, enter your keycode in the field. (If your keycode came in an email, you can cut and paste the code into this field.) - 4 -
Getting Started 4. If desired, you can click the Installation Options link at the bottom right to modify these settings: o o o o o Change the installation location. In this field, you can enter a different folder for the SecureAnywhere installation files. Create a shortcut to SecureAnywhere on the desktop. Click this checkbox to place a shortcut icon on your Windows Desktop for Webroot SecureAnywhere. Randomize the installed filename to bypass certain infections. Click this checkbox to change the Webroot installation filename to a random name (for example, QrXC251G.exe ), which prevents malware from detecting and blocking Webroot s installation file. Protect the SecureAnywhere files, processes, and memory from modification. Click this checkbox to enable self protection and the CAPTCHA prompts. (CAPTCHA requires that you read distorted text on the screen and enter the text in a field before performing any critical actions.) For more information, see "Setting self protection" on page 180 and "Setting access control" on page 166. Change Language. To change the language displayed in SecureAnywhere, click the Change Language button and select from the supported languages. (You can only change the displayed language during installation, not after.) The Installation Options dialog is similar to the following example. - 5 -
User Guide for PCs Click Close when you're done. 5. At the main Installation dialog, click Agree and Install to begin installation. 6. If you are prompted to enter an email address, enter your address and click Continue. SecureAnywhere begins scanning and configuring the application. If your system is clean, SecureAnywhere displays a status screen similar to the following example. Note: If SecureAnywhere detects threats during the scan, it moves the items to quarantine where they - 6 -
Getting Started are rendered inoperable and can no longer harm your system or steal data. For more information, see "Managing quarantined items" on page 54. 7. If you want to exit from SecureAnywhere, click Continue. If you want to view the main interface, select Click here to view your Dashboard now (see also "Using the SecureAnywhere interface" on page 12). You do not need to do anything further, unless you want to adjust settings. After the initial scan, SecureAnywhere automatically scans your computer daily and constantly monitors activity as you surf the Internet. You do not need to launch a scan yourself or schedule scans. SecureAnywhere does all the work for you in the background. To verify that SecureAnywhere is running, look for the Webroot icon in your system tray. If an important message requires your attention, the icon turns yellow or red. A dialog opens with further details. 8. If you purchased a multi-user license, you can install SecureAnywhere on other devices. Note: If you want to uninstall the program later, go to the Windows Start menu (click Start in the system tray), point to All Programs, then Webroot SecureAnywhere, then Tools, then Uninstall Webroot. At the prompt, click Yes to continue. - 7 -
User Guide for PCs Creating a Webroot account By creating a Webroot account, you can view and manage the security status of your PC from any device with an Internet connection. This status information is available at the SecureAnywhere website (my.webrootanywhere.com). From here, you can manage security across multiple devices from a single location, making it easier to determine if all your devices are protected or if any need attention. For more information, see the SecureAnywhere Management Website User Guide. Before you begin, do the following: Have available the license keycode you used to install SecureAnywhere. Make sure you are using one of the following browsers: Internet Explorer, versions 8 and 9 Firefox, versions 3.6 and higher Chrome or Safari, all versions To create an account: 1. Open your browser and go to my.webrootanywhere.com. 2. Click Sign up now. 3. Enter your information in the Create an account panel, as described in the following table. - 8 -
Getting Started Create an account Webroot Product Keycode Enter the license keycode you received when you purchased the product. Email address Enter your email address, which will also be used for your login name. Your account activation confirmation will be sent to this address. Password Enter a minimum of 9 characters. Your password must contain at least 6 alphabetic characters and 3 numeric characters. Your password can be longer than the required 9 characters. It can include special characters, except for angle brackets: < and >. Your password is case sensitive. As you type, the Strength meter shows how secure your password is. For optimum security, you should make your password as strong as possible. Your Personal Security Code Security Question Security Answer Enter a word or number, which will be used for an extra security step after you enter the password during login. Choose a code that is easy to remember, using a minimum of 6 characters. Every time you log in, you must also enter two random characters of this code. For example, if your code is 123456 and it prompts you for the fourth and sixth character, you would enter 4 and 6. Your Personal Security Code is case sensitive. Choose a question from the drop-down list. If you later forget the details of your login, you need to provide the answer to this question to retrieve the information. Type an answer to your security question. The Security Answer is casesensitive. - 9 -
User Guide for PCs 4. After you enter account details, click Register Now. SecureAnywhere displays a confirmation message and sends an email to the address you specified. This may take a few minutes. Note: If your SecureAnywhere edition includes the Backup & Sync feature, another field appears that prompts you to select a storage region. Select the region closest to you (U.S., Europe, or Japan), then click Register Now again. 5. From your email system, open the confirmation email from Webroot and click the link. Your account will not be created until you click this link. 6. When SecureAnywhere prompts you to enter two characters from the Personal Security Code, type the requested characters and click Confirm Registration Now. For example, if your code is 123456 and it prompts you for the fourth and sixth characters, you would enter 4 and 6. The SecureAnywhere website opens, similar to the following example. The options that appear depend on which SecureAnywhere editions you purchased (AntiVirus, Internet Security Plus, or Complete). - 10 -
Getting Started Note: When you install SecureAnywhere on multiple computers using the same multi-license keycode, their status information automatically displays in this website. For example, if you installed SecureAnywhere on five PCs, the PC Security panel displays "5 PCs Protected." 7. Click Go to PC Security to access status information for your computer. 8. For more information about using the website to manage your devices, see the SecureAnywhere Management Website User Guide. - 11 -
User Guide for PCs Using the SecureAnywhere interface The SecureAnywhere interface provides access to all functions and settings. To open the main interface, you can: Double-click the Webroot shortcut icon on your desktop: Right-click on the Webroot icon from the system tray menu, then click View Status. (For Endpoint editions, click Open.) If you cannot locate the system tray icon, open the Windows Start menu, click All Programs (or Programs), Webroot SecureAnywhere, then Webroot SecureAnywhere again. When you open the main interface, it displays the Overview panel. Along the top of the panel, the main interface includes navigation tabs. The tabs that appear depend on the SecureAnywhere edition you purchased. - 12 -
Getting Started Main Interface tabs Overview PC Security Identity & Privacy Backup & Sync System Tools My Account View your system status and manually scan your computer. Run custom scans, change shield settings, and manage the quarantine. Protect sensitive data that may be exposed during your online transactions and automatically fill in user names and passwords. Note: Passwords may not be available in your edition. Protect your files by uploading them to Webroot's online repository. Note: Backup & Sync may not be available in your edition. Use tools to manage processes and files, view reports, and submit a file to Webroot Support. Note: The System Cleaner may not be available in your edition. View your SecureAnywhere account information, check for updates, and renew or upgrade your subscription. - 13 -
User Guide for PCs Using the system tray The Webroot icon in the system tray provides quick access to some common SecureAnywhere tasks. By rightclicking on the Webroot icon, you can view the system tray menu. (This menu displays different selections, depending on the SecureAnywhere edition you purchased.) Note: If the icon does not appear in the system tray, open the main interface, go to Settings, Basic Configuration, and click in the box for Show a system tray icon. See "Setting general preferences" on page 156. If a threat is detected, SecureAnywhere may also open an alert in the system tray. SecureAnywhere takes the appropriate action to quarantine the items. It may also prompt you to take action yourself (see "Running scans " on page 18 and "Managing quarantined items" on page 54). - 14 -
Getting Started Viewing protection status To show your computer's overall protection status, the system tray icon and the main interface change colors, as follows: Green. Your computer is secure. Yellow. One or more messages require your attention. Red. One or more critical items require your intervention. To view details about the current status and settings, open the main interface by right-clicking on the Webroot icon from the system tray menu, then click View Status. (For Endpoint editions, click Open.) - 15 -
- 16 -
Scanning for Malware When SecureAnywhere scans your computer, it searches for spyware, viruses, and any other threats that may infect your computer or compromise your privacy. If it detects a known threat, it moves the item to quarantine, where it is rendered inoperable and can no longer run on your computer. Scans run daily without disrupting your work. To learn more about scanning your PC for malware, see the following topics: Running scans 18 Viewing the latest scan results 18 Running a scan immediately 19 Managing detected threats 21 Changing the scan schedule 22 Changing the scan settings 25-17 -
User Guide for PCs Running scans Scans run automatically every day, at about the same time you installed SecureAnywhere. For example, if you installed SecureAnywhere at 8 p.m., it always launches a scan around 8 p.m. It will not disrupt your work, nor will it launch while you play games or watch a movie. During scans, SecureAnywhere searches all areas where potential threats can hide, including drives, files, and system memory. It looks for items that match our threat definitions, match descriptions in our community database, or exhibit suspicious behavior. If SecureAnywhere detects a threat, it moves the item to quarantine where it is rendered inoperable. In quarantine, it can no longer harm your system or steal personal data. If SecureAnywhere detects a potential threat, it opens an alert that prompts you to make a decision on whether you want to allow or block the item. If you aren't sure, we recommend that you block the item. For more information, see "Managing detected threats" on page 21. See the instructions below for viewing the latest scan results and for running a scan immediately. Note: You can also run a scan from a remote location. For more information, see the SecureAnywhere Management Website User Guide. Viewing the latest scan results 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the PC Security tab. Make sure Scan is selected on the left. The Scan panel shows the statistics of the last scan results. - 18 -
Scanning for Malware Running a scan immediately Although scans run automatically, you can launch a scan at any time. An immediate scan might be necessary if you surfed a high-risk website (networking, music, or adult entertainment), downloaded high-risk items (screen savers, music, or games), or accidentally clicked on a suspicious pop-up advertisement. You can run a scan in one of two ways: from the system tray or from the main window. To use the system tray: 1. From the system tray, right-click on the Webroot icon. - 19 -
User Guide for PCs 2. In the pop-up menu, click Scan Now. To use the main window: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. In either the Overview tab or the Scan tab, click Scan My Computer. If SecureAnywhere locates threats, it opens a window that guides you through the quarantine process. Items moved to quarantine are rendered inoperable. You do not need to delete them or do anything else. See "Managing quarantined items" on page 54. - 20 -
Scanning for Malware Managing detected threats In most cases, SecureAnywhere automatically detects threats and quarantines the items for you. However, if it detects a potential threat or an item it does not recognize, it prompts you to manage the item. A screen similar to the following example may appear: To manage threats: If you recognize the filename, deselect the Remove checkbox next to the item name (click in the box so the checkmark is removed). Do not restore the file unless you are absolutely sure that it is legitimate. If you DO NOT recognize the filename, keep the item selected (do not click inside the box to remove the checkbox). SecureAnywhere moves the threat to quarantine, where it is rendered inoperable. You do not need to delete it or do anything else. After SecureAnywhere moves the threat to quarantine, it launches another scan to make sure your system is clean. See "Managing quarantined items" on page 54. - 21 -
User Guide for PCs Changing the scan schedule SecureAnywhere launches scans automatically every day, at about the same time you installed the software. You can change the scan schedule to run at different times, change the scanning behavior, or turn off automatic scanning. To modify scheduled scanning: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. In the upper right corner, click Settings. - 22 -
Scanning for Malware 3. In the Settings panel, click Advanced Settings. 4. Select Scan Schedule from the left. - 23 -
User Guide for PCs 5. In the Scan Schedule panel, you can: Disable automatic scanning by clicking the checkbox next to Enable Scheduled Scans so that the checkmark is removed. Then click Save All. Change the scanning intervals by entering new values in the Scan Frequency and Time fields. If you modify the time, the scan will launch when computer resources are available, generally within an hour of the time you select. Then click Save All. Change the scanning behavior by selecting or deselecting the checkboxes. When you're done, click Save All. See the following table for a description of options. Scan Schedule options Scan on bootup if the computer is off at the scheduled time Hide the scan progress window during scheduled scans Only notify me if an infection is found during a scheduled scan Do not perform scheduled scans when on battery power Do not perform scheduled scans when a full screen application or game is open Randomize the time of scheduled scans up to one hour for distributed scanning Perform a scheduled Quick Scan instead of a Deep Scan Launches a scheduled scan within an hour after you turn on your computer. If this option is disabled, SecureAnywhere ignores missed scans. Runs scans silently in the background. If this option is disabled, a window opens and shows the scan progress. Opens an alert only if it finds a threat. If this option is disabled, a small status window opens when the scan completes, whether a threat was found or not. Helps conserve battery power. If you want SecureAnywhere to launch scheduled scans when you are on battery power, deselect this option. Ignores scheduled scans when you are viewing a full-screen application (such as a movie) or a game. Deselect this option if you want scheduled scans to run anyway. Determines the best time for scanning (based on available system resources) and runs the scan within an hour of the scheduled time. If you want to force the scan to run at the exact time scheduled, deselect this option. Runs a quick scan of memory. We recommend that you keep this option deselected, so that deep scans run for all types of malware in all locations. - 24 -
Scanning for Malware Changing the scan settings Scan settings provide advanced users with a little more control over scanning performance. To change the scan settings: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. In the upper right corner, click Settings. - 25 -
User Guide for PCs 3. In the Settings panel, click Advanced Settings. 4. Select Scan Settings from the left. 5. If you want to change a setting, select its checkbox to disable it (uncheck the box) or activate it (check the box). When you re done, click Save All. - 26 -
Scanning for Malware The following table describes the scan settings. Scan Setting options Enable Realtime Master Boot Record (MBR) Scanning Enable Enhanced Rootkit Detection Enable right-click scanning in Windows Explorer Protects your computer against master boot record (MBR) infections. An MBR infection can modify core areas of the system so that they load before the operating system and can infect the computer. We recommend that you keep this option selected. It adds only a small amount of time to the scan. Checks for rootkits and other malicious software hidden on your disk or in protected areas. Spyware developers often use rootkits to avoid detection and removal. We recommend that you keep this option selected. It adds only a small amount of time to the scan. Enables an option for running a full, file-by-file scan of the currently selected file or folder in the Windows Explorer right-click menu. This option is helpful if you downloaded a file and want to quickly scan it. Update the currently scanned folder immediately as scanned Favor low memory usage over fast scanning Save non-executable file details to scan logs Show the Authenticating Files pop-up when a new file is scanned onexecution Scan archived files Displays a full list of files as SecureAnywhere scans each one. If you want to increase scan performance slightly, deselect this option so that file names only update once per second on the panel. SecureAnywhere will still scan all files, just not take the time to show each one on the screen. Reduces CPU usage during scans, but scans will also run a bit slower. Deselect this option to run faster scans. Saves all file data to the scan log, resulting in a much larger log file. Keep this option deselected to save only executable file details to the log. Opens a small dialog whenever you run a program for the first time. Keep this option deselected if you do not want to see this dialog. Scans compressed files in zip, rar, cab, and 7-zip archives. - 27 -
- 28 -
Shielding Your PC Shields monitor functions related to web browsing and system activity. If a suspicious item tries downloading or running on your computer, the shields automatically block and quarantine the item. For some types of shields, an alert asks if you want to continue the download or block it. To manage shielding activities, see the following topics: Managing shields 30 Changing Realtime shield settings 32 Changing Behavior shield settings 35 Changing Core System shield settings 38 Changing Web Threat shield settings 41 Using Web Threat protection 44 Surfing websites 44 Using search engines 45-29 -
User Guide for PCs Managing shields Shields constantly monitor activity while you surf the Internet and work on your computer. The shields protect your computer from malware and viruses, as well as settings for your browser and the Windows system. SecureAnywhere includes these types of shields: Realtime shield. Controls how threats are blocked and quarantined on your computer. Behavior shield. Blocks applications and processes that exhibit suspicious behavior. Core System shield. Monitors the computer system structures and makes sure malware has not tampered with them. Web Threat shield. Protects your system as you surf the Internet and blocks suspicious files that try to download. USB shield. Monitors an installed USB flash drive for threats and blocks any threats that it finds. Offline shield. Protects your system from threats while your computer is not connected to the Internet. Zero Day shield. Monitors your system for previously unknown vulnerabilities (in which the attack has been known for "zero days"). Shields run in the background without disrupting your work. If a shield detects an item that it classifies as a potential threat or does not recognize, it opens an alert. The alert asks if you want to allow the item to run or if you want to block it. If you recognize the file name and you are purposely downloading it (for example, you were in the process of downloading a new toolbar for your browser), click Allow to continue. If you were not trying to download anything, you should click Block. As you surf Internet sites, you could be targeted for a drive-by download, where an unwanted program launches and silently installs on your computer as you view pages. The shields are preconfigured, based on our recommended settings. You do not need to configure any settings yourself unless you are an advanced user and would like to modify shield behavior. To view shield status or to disable shields: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the PC Security tab. 3. Click Shields on the left. The Shields panel opens. A green button next to the shield name indicates the shield is on. We recommend that you keep all shields enabled; however, you can disable a shield by clicking the green button, as indicated in the following example. - 30 -
- 31 - Shielding Your PC
User Guide for PCs Changing Realtime shield settings The Realtime shield blocks known threats that are listed in Webroot s threat definitions and in our community database. If the shield detects a suspicious file, it opens an alert and prompts you to block or allow the item. If it detects a known threat, it immediately blocks and quarantines the item before it causes damage to your computer or steals your information. Webroot already configured this shield with our recommended settings, but you can adjust the settings if you want. To change Realtime shield settings: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. In the upper right corner, click Settings. - 32 -
Shielding Your PC 3. In the Settings panel, click Advanced Settings. 4. Click Realtime Shield on the left. 5. If you want to change a setting (see the following table), select its checkbox to disable it (uncheck the box) or activate it (check the box). When you re done, click Save All. - 33 -
User Guide for PCs Note: We recommend that you keep Webroot s default settings. If you make changes and decide you want to return to the recommended settings, click the Reset to Defaults button. The following table describes the shield options. Realtime shield settings Enable Predictive Offline Protection from the central SecureAnywhere database Remember actions on blocked files Automatically quarantine previously blocked files Automatically block files when detected on execution Scan files when written or modified Block threats automatically if no user is logged in Downloads a small threat definition file to your computer, which protects your computer even when it s offline. We recommend that you keep this option selected. Remembers how you responded in an alert (allowed a file or blocked it). It won t prompt you again when it encounters the same file. If this option is deselected, SecureAnywhere opens an alert every time it encounters the file in the future. (If you blocked a file and want it restored, you can retrieve it from quarantine.) Opens an alert when it encounters a threat. It gives you the option of blocking it and sending it to quarantine. If this option is deselected, you must run a scan manually to remove a threat. Automatically blocks threats and sends them to quarantine. If this option is deselected, you must respond to alerts about detected threats. Scans any new or modified files that you save to disk. If this option is deselected, it ignores new file installations (however, it will still alert you if a threat tries to launch). Stops threats from executing even when you are logged off. Threats are sent to quarantine without notification. - 34 -
Shielding Your PC Changing Behavior shield settings The Behavior shield analyzes the applications and processes running on your computer. If it detects a suspicious file, it opens an alert and prompts you to block or allow the item. If it detects a known threat, it immediately blocks and quarantines the item before it causes damage to your computer or steals your information. Webroot already configured this shield with our recommended settings, but you can adjust the settings if you want. To change Behavior shield settings: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. In the upper right corner, click Settings. - 35 -
User Guide for PCs 3. In the Settings panel, click Advanced Settings. 4. Click Behavior Shield on the left. 5. If you want to change a setting, select its checkbox to disable it (uncheck the box) or activate it (check the box). When you re done, click Save All. - 36 -
Shielding Your PC Note: We recommend that you keep Webroot s default settings. If you make changes and decide you want to return to the recommended settings, click the Reset to Defaults button. The following table describes the shield options. Behavior shield settings Assess the intent of new programs before allowing them to execute Enable advanced behavior interpretation to identify complex threats Track the behavior of untrusted programs for advanced threat removal Automatically perform the recommended action instead of showing warning messages Warn if untrusted programs attempt lowlevel system modifications when offline Watches the program s activity before allowing it to execute. If it appears okay, SecureAnywhere allows it to launch and continues to monitor its activity. Employs a thorough analysis of a program to examine its intent. (For example, a malware program might perform suspicious activities like modifying a registry entry, then sending an email.) Watches programs that have not yet been classified as legitimate or as malware. Does not prompt you to allow or block a potential threat. SecureAnywhere will determine how to manage the item. Opens an alert if an unclassified program attempts to make changes to your system when you are offline. (SecureAnywhere cannot check its online threat database if you are disconnected from the Internet.) - 37 -
User Guide for PCs Changing Core System shield settings The Core System shield monitors the computer system structures and makes sure malware has not tampered with them. If it detects a suspicious file trying to make changes, it opens an alert and prompts you to block or allow the item. If it detects a known threat, it immediately blocks and quarantines the item before it causes damage to your computer or steals your information. Webroot already configured this shield with our recommended settings, but you can adjust the settings if you want. To change Core System shield settings: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. In the upper right corner, click Settings. - 38 -
Shielding Your PC 3. In the Settings panel, click Advanced Settings. 4. Click Core System Shield on the left. 5. If you want to change a setting, select its checkbox to disable it (uncheck the box) or activate it (check the box). When you re done, click Save All. - 39 -
User Guide for PCs Note: We recommend that you keep Webroot s default settings. If you make changes and decide you want to return to the recommended settings, click the Reset to Defaults button. The following table describes the shield options. Core System shield settings Assess system modifications before they are allowed to take place Detect and repair broken system components Prevent untrusted programs from modifying kernel memory Prevent untrusted programs from modifying system processes Verify the integrity of the LSP chain and other system structures Prevent any program from modifying the HOSTS file Intercepts any activity that attempts to make system changes, such as a new service installation. Locates corrupted components, such as a broken Layered Service Provider (LSP) chain or a virus-infected file, then restores the component or file to its original state. Stops unclassified programs from changing the kernel memory. The kernel is the central component of most computer operating systems. It acts as a bridge between applications and data processing done at the hardware level. Stops unclassified programs from changing the system processes. Monitors the Layered Service Provider (LSP) chain and other system structures to make sure malware does not corrupt them. Stops spyware from attempting to add or change the IP address for a website in the hosts file. It opens an alert where you can block or allow the changes. The hosts file is a Windows file that helps direct your computer to a website using Internet Protocol (IP) addresses. - 40 -
Shielding Your PC Changing Web Threat shield settings The Web Threat shield protects your system as you surf the Internet. If it detects a website that may be a threat, it opens an alert that allows you to decide whether you want to block the site or continue despite the warning. When you use a search engine, this shield analyzes all the links on the search results page and then displays an image next to each link that signifies whether it s a trusted site or a potential risk (see "Using Web Threat protection" on page 44). Webroot already configured this shield with our recommended settings, but you can adjust the settings if you want. To change Web Threat shield settings: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. In the upper right corner, click Settings. - 41 -
User Guide for PCs 3. In the Settings panel, click Advanced Settings. 4. Click Web Threat Shield on the left. 5. If you want to create a list of websites to always block or always allow, click View Websites. In the dialog, enter a website name in the field (in the form of www.sitename.com) and click Add Website. In - 42 -
Shielding Your PC the table, select whether you want to allow this website (click the Allow radio button) or you want to block it (click the Block radio button). When you re done, click Close. 6. If you want to change a setting, select its checkbox to disable it (uncheck the box) or activate it (check the box). When you re done, click Save All. Note: We recommend that you keep Webroot s default settings. If you make changes and decide you want to return to the recommended settings, click the Reset to Defaults button. The following table describes the shield options. Web Threat shield settings Analyze search engine results and identify malicious websites before visitation Enable deep content analysis Look for malware on websites before visitation Look for exploits in website content before visitation When you use a search engine, SecureAnywhere analyzes all links displayed on the search results page by running the URLs through its malware-identification engine. It then displays an image next to each link that signifies if the site is safe (green checkmark) or a potential risk (red X). Analyzes all data traffic on your computer as you visit websites. If threats try to install, it blocks their activity. When you enter the URL for a website in your browser s address bar or click on a link to a site, SecureAnywhere runs the URL through its malware-identification engine. If the site is associated with malware, it blocks it from loading in your browser. Looks for cross-site scripting attacks that may try to redirect you to a different website. - 43 -
User Guide for PCs Using Web Threat protection To detect websites associated with potential threats, the Web Threat shield analyzes URLs (web addresses) as follows: When you enter the URL for a website or click a link to a site, SecureAnywhere runs the URL through its malware-identification engine. If the site is associated with malware, the Web Threat shield blocks the site from loading in your browser. When you use a search engine, SecureAnywhere analyzes all links displayed on the search results page by running the URLs through its malware-identification engine. It then displays an image next to each link that signifies its risk level. Surfing websites If you attempt to access a website that is associated with a known threat, phishing attempts, or exhibited some questionable behavior, the Web Threat shield displays an alert before the website loads. We recommend that you click Close to navigate away from this page. However, if you still want to access the site despite the warning, click Allow. The website is then added to the "allowed" filter and will load the page directly the next time. If you want to change the website filter, see "Changing Web Threat shield settings" on page 41. - 44 -
Shielding Your PC Using search engines When you use a search engine, the Web Threat shield displays a rating next to the link for each search result. A green checkmark next to the link indicates the site is safe to access: A red X displays next to the link if the site is known for spreading malware: - 45 -
- 46 -
Using Firewall Protection You can use the Webroot firewall to monitor data traffic and block potential threats. The Webroot firewall, when used with the your computer s built-in Windows firewall, provides thorough protection for your computer system and your security. To adjust firewall protection, see the following topics: Managing the firewall 48 Changing firewall alert settings 49 Managing network applications 50-47 -
User Guide for PCs Managing the firewall The SecureAnywhere firewall monitors data traffic traveling out of your computer ports. It looks for untrusted processes that try to connect to the Internet and steal your personal information. It works with the Windows firewall, which monitors data traffic coming into your computer. With both the SecureAnywhere and Windows firewall turned on, your data has complete inbound and outbound protection. You should not turn off either the Windows firewall or the SecureAnywhere firewall. If they are disabled, your system is open to many types of threats whenever you connect to the Internet or to a network. These firewalls can block malware, hacking attempts, and other online threats before they can cause damage to your system or compromise your security. The SecureAnywhere firewall is preconfigured to filter traffic on your computer. It works in the background without disrupting your normal activities. If the firewall detects any unrecognized traffic, it opens an alert where you can block the traffic or allow it to proceed. To view firewall status or to disable the firewall: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the PC Security tab, then click Firewall on the left. The Firewall panel opens. The green button indicates the shield is on. We recommend that you keep the firewall enabled; however, you can disable it by clicking the green button. - 48 -
Using Firewall Protection Changing firewall alert settings You can adjust how the firewall manages processes and whether it should open an alert when it does not recognize a process. To change firewall alert settings: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the PC Security tab. 3. Click Firewall on the left. 4. Click a radio button to select an alerting method. - 49 -
User Guide for PCs Managing network applications To protect your computer from hackers and other threats, the firewall monitors processes that attempt to access the Internet. It also monitors the ports used for communicating with the Internet. You have control over whether SecureAnywhere will allow or block certain processes and port communications. To change settings for active connections: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the PC Security tab. 3. Click Firewall on the left. 4. At the bottom of the panel, click View Network Applications. The Network Applications panel opens. - 50 -
Using Firewall Protection 5. Click on a radio button to allow or block a process, or to allow or close a port. - 51 -
- 52 -
Managing Quarantine The Webroot quarantine is a holding area for potential threats found during scan and shielding activities. Items in quarantine are rendered inoperable and cannot harm your computer. You do not need to delete them, unless you want to conserve disk space. You can also restore items from quarantine, if necessary. To manage file detection and perform some advanced quarantining functions, see the following topics: Managing quarantined items 54 Managing file detection 56 Using antimalware tools 58-53 -
User Guide for PCs Managing quarantined items Once items are moved to quarantine, they are disabled and cannot harm your computer. However, you may want to delete or restore quarantined items in the following circumstances: If you want to conserve disk space, you can delete the items permanently. If you discover that a program is not working correctly without the quarantined item, you can restore it. In rare cases, a piece of spyware is an integral part of a legitimate program and is required to run that program. To view and manage items in quarantine: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the PC Security tab. 3. Click Quarantine on the left, then click View Quarantine. The Quarantine panel opens. - 54 -
Managing Quarantine 4. If you want to delete or restore the item, click in its checkbox to select it. You can then do either of the following: If you want to remove the item permanently, click Erase. Be aware that after erasing it, you can never restore the item. If you want to move the item back to its original location, click Restore. When an item is restored, SecureAnywhere will no longer detect it during scans. If you want the item to be detected again in the future, you can change its detection rules. - 55 -
User Guide for PCs Managing file detection If you want more control over scans and shielding behavior, you can use Detection Configuration to specify one of the following actions: Allow. Ignore a file during scans and shielding. Block. Stop a file from executing or being written to your computer. Monitor. Watch the program to determine if it is legitimate or related to malware. Detection configuration acts as an override to SecureAnywhere s default scanning and shielding behavior. To manage file detection: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the PC Security tab. 3. Click Quarantine on the left, then click Configure under Detection Configuration. The Detection Configuration panel opens. - 56 -
Managing Quarantine 4. You can add executable files to this list. (Executable files typically have an extension of exe, dll, sys, drv, or com.) To add files, click the Add File button. You can also drag and drop a file from Explorer. The file name appears in the Threat column. (If SecureAnywhere detected other copies of this file with different file names, it only shows the file name that it last detected.) 5. In the right column, select the radio button for either Allow, Block, or Monitor. If you want to clear the list, click the Remove all button. - 57 -
User Guide for PCs Using antimalware tools SecureAnywhere provides tools for manually removing threats and for performing actions associated with threat removal. You should only use these tools if you are an advanced user. These tools allow you to: Target a file for scanning and removal, while also removing its associate registry links (if any). Launch a removal script with the assistance of Webroot Support. Reboot after removing a threat yourself or using a removal script. Reset your wallpaper, screensavers, and system policies. To access and use these tools: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the PC Security tab. 3. Click Quarantine on the left, then click View Tools. The Antimalware Tools panel opens. - 58 -
Managing Quarantine The following table describes the shield options. Antimalware tools Reset desktop wallpaper Reset screensaver Reset system policies Reboot in Safe Mode Perform an immediate system reboot Manual Threat Removal Removal Script If your computer was recently infected with malware that changed your wallpaper, click the checkbox and click Run Tools. If your computer was recently infected with malware that changed your screensaver, click the checkbox and click Run Tools. If your computer was recently infected with malware that changed your system policies, click the checkbox and click Run Tools. If Webroot Support instructs you to reboot your computer in Safe Mode, click the checkbox and click Run Tools. To reboot your system after threat removal, click the checkbox and click Run Tools. To scan a specific file for threats, click Select a file. In the Windows Explorer dialog, select a file and click Save. SecureAnywhere launches a scan. When it s complete, reboot your system. After Webroot Support sends you a removal script, save it to your computer. Click Select Script... to launch the tool. - 59 -
- 60 -
Managing Identity Protection You can use the Identity shield to safely surf the Internet and enter sensitive data in applications. The Identity shield watches for any suspicious activity that may indicate an outside program is attempting to steal information from your computer. To configure advanced Identity shield protection, see the following topics: Managing Identity Protection 62 Changing Identity Protection settings 63 Managing protected applications 66 Managing protected websites 69-61 -
User Guide for PCs Managing Identity Protection The Identity shield protects you from identity theft and financial loss. It ensures that your sensitive data is protected, while safe-guarding you from keyloggers, screen-grabbers, and other information-stealing techniques. The Identity shield supports the following browsers: Internet Explorer 7.0 and higher (32-bit only) Mozilla Firefox 3.6 and higher (32-bit only) Google Chrome 10 and higher Opera 9 and higher (32-bit only) To view the Identity shield status or to disable the Identity shield: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the Identity & Privacy tab. 3. Click Identity Shield on the left. The Identity Shield panel opens. The green button indicates the shield is on. We recommend that you keep the Identity Shield enabled; however, you can disable it by clicking the green button. - 62 -
Managing Identity Protection Changing Identity Protection settings The Identity shield protects sensitive data that may be exposed during your online transactions. Webroot has already configured the Identity shield for you. However, you can change the behavior of the Identity shield and control what it blocks. To change Identity shield settings: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. In the upper right corner, click Settings. - 63 -
User Guide for PCs 3. In the Settings panel, click Advanced Settings. 4. Click Identity Shield on the left. 5. If you want to change a setting, select its checkbox to disable it (uncheck the box) or activate it (check the box). When you re done, click the Save All button. - 64 -
Managing Identity Protection Note: We recommend that you keep Webroot s default settings. If you make changes and decide you want to return to the recommended settings, click the Reset to Defaults button. The following table describes the shield options. Identity shield settings Look for identity threats online Analyze websites for phishing threats Verify websites when visited to determine legitimacy Verify the DNS/IP resolution of websites to detect Man-in-the- Middle attacks Block websites from creating high risk tracking information Prevent programs from accessing protected credentials Warn before blocking untrusted programs from accessing protected data Allow trusted screen capture programs access to protected screen contents Analyzes websites as you browse the Internet or open links. If the shield detects any malicious content, it blocks the site and opens an alert. Analyzes websites for phishing threats as you browse the Internet or open links. If the shield detects a phishing threat, it blocks the site and opens an alert. Phishing is a fraudulent method used by criminals to steal personal information. Typical scams might include websites designed to resemble legitimate sites, such as PayPal or a banking organization, which trick you into entering your credit card number. Analyzes the IP address of each website to determine if it has been redirected or is on our blacklist. If the shield detects an illegitimate website, it blocks the site and opens an alert. Looks for servers that could be redirecting you to a malicious website (man-in-the-middle attack). If the shield detects a man-in-the-middle attack, it blocks the threat and opens an alert. Blocks third-party cookies from installing on your computer if the cookies originate from malicious tracking websites. Cookies are small bits of text generated by a web server and then stored on your computer for future use. Cookies can contain everything from tracking information to your personal preferences. Blocks programs from accessing your login credentials (for example, when you type your name and password or when you request a website to remember them). Opens an alert any time malware attempts to access data, instead of blocking known malware automatically. (This option is for technical users only; we recommend that you keep this option disabled so the program does not open numerous alerts.) Allows you to use legitimate screen capture programs, no matter what content is displayed on your screen. - 65 -
User Guide for PCs Managing protected applications You can provide additional security for software applications that may contain confidential information, such as Instant Messaging clients or tax preparation software. By protecting these applications, you secure them against information-stealing Trojans like keyloggers, man-in-the-middle attacks, and clipboard stealers. You can add any applications to the Protected Applications list and assign them to one of the protection levels: Protect. Protected applications are secured against information-stealing malware, but also have full access to data on the system. You might want to add financial management software to the category. When you run a protected application, the Webroot icon in the system tray displays a padlock: Allow. Allowed applications are not secured against information-stealing malware, and also have full access to protected data on the system. Many applications unintentionally access protected screen contents or keyboard data without malicious intent when running in the background. If you trust an application that is currently marked as Deny, you can change it to Allow. Deny. Denied applications cannot view or capture protected data on the system, but can otherwise run normally. As you work on your computer, SecureAnywhere automatically adds web browsers to the Protected Applications list and assigns them to the protected status. To manage the application list and specify levels of protection: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the Identity & Privacy tab. 3. Click Identity Shield on the left, then click View/Edit Protected Applications. - 66 -
Managing Identity Protection The Protected Applications panel opens. This panel shows the web browsers on your system and any other applications you added to the list. - 67 -
User Guide for PCs 4. In the row for the application you want to modify, click the radio button for Protect, Allow, or Deny. (To include another application in this list, click Add Application, then select an executable file.) 5. When you re done, click Close. - 68 -
Managing Identity Protection Managing protected websites The Identity shield already includes the recommended security settings for specific types of websites. If desired, you can adjust security for a website to one of the following levels: None. Provides unfiltered access to all potentially malicious content. (Not recommended.) Low. Protects stored data and identifies malware in real time. You may want to use this setting if you have an application that does not work properly when the security level is set to Medium or higher. Medium. Protects your stored data while also providing software compatibility. You may want to use this setting if you have an application that does not work properly when the security level is set to High or Maximum. High. Provides strong protection against threats, while still enabling screen accessibility for impaired users (for example, allows text-to-speech programs to run normally). Maximum. Provides maximum protection against threats, but blocks screen accessibility for impaired users. When you load a secured website, the Webroot icon in the system tray displays a padlock: Note: The Identity shield only protects a secured website when the browser window is active in the foreground window (the padlock is shown in the tray icon). For full protection from screen grabbers, information-stealing Trojans, and other threats, make sure the browser window is in the foreground and the padlock is displayed in the tray icon. If the Identity shield encounters a website that may be a threat, it opens an alert. You can decide whether you want to stay secure (click Block) or continue despite the warning (click Allow). To manage settings for protected websites: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the Identity & Privacy tab. 3. Click Identity Shield on the left. 4. Click View/Edit Protected Websites. - 69 -
User Guide for PCs The Protected Websites panel opens. - 70 -
Managing Identity Protection 5. In the Protected Websites table, click in the row for the type of website you want to adjust. To include an individual site, enter the address in the field at the top of the dialog, then click Add Website. 6. Adjust the slider for minimum to maximum protection configuration. As an alternative, you can also select the individual protection options by clicking on the green checkmark or red X. (A green checkmark indicates the option is on; a red X indicates the option is off.) When you re done, click Save. The following table describes the protection options. Website protection options Block phishing and known malicious websites Protect cookies and saved website data Detect and prevent man-in-the middle attacks Protect against keyloggers Protect sensitive clipboard data Protect against URL grabbing attacks Protect browser components from external access Alerts you to phishing sites and other malicious sites listed in our Webroot database. Phishing is a fraudulent method used by criminals to steal personal information. Typical scams might include websites designed to resemble legitimate sites, such as PayPal or a banking organization, which trick you into entering your credit card number. Alerts you if a malicious program attempts to gather personal data from cookies installed on your computer. Cookies are small bits of text generated by a web server and then stored on your computer for future use. Cookies can contain everything from tracking information to your personal preferences. Alerts you if a server is redirecting you to a malicious website (man-inthe-middle attack). This is a method of intercepting communications between two systems and stealing data. Stops keyloggers from recording keystrokes on your computer. Keyloggers may monitor emails, chat room dialogue, instant message dialogue, websites visited, usernames, passwords, programs run, and any other typed entries. They have the ability to run in the background, hiding their presence. Stops malware programs from capturing clipboard data. The clipboard is a utility that allows you to cut and paste stored data between documents or applications. Hides your web browsing activity from malware that attempts to log the websites you visit. Hides your web browsing activity from malware that attempts to modify your browser with memory injection and other behind-the-scenes attacks. - 71 -
User Guide for PCs Website protection options Protect against Manin-the-Browser attacks Isolate untrusted browser add-ons from data Block browser process modification attempts Protect against screen grabbing attacks Block suspicious access to browser windows Blocks a malicious toolbar from stealing data. A man-in-the-browser attack is a Trojan that infects a web browser. It can modify pages and the content of your transactions without being detected. Blocks a browser add-on (browser helper object) from stealing data. While most browser add-ons are legitimate, some can display ads, track your Internet activity, or hijack your home page. Analyzes browser memory to see if code injection is taking place. Blocks a malicious program from viewing and capturing your screen content. Blocks a malicious program from viewing and capturing data in Windows components. - 72 -
Managing Passwords If you purchased a SecureAnywhere edition that includes password management, you can use an additional component for managing passwords and profiles online. Once you define your personal information and passwords in SecureAnywhere, you can automatically log in to websites or populate fields in web forms, saving you the hassle of manually entering your personal data and credit card numbers. Note: This section provides a quick overview of password management. For further instructions, see the SecureAnywhere Management Website User Guide. To learn about password management, see the following topics: Using password management 74 Downloading the passwords component 75-73 -
User Guide for PCs Using password management If you purchased a SecureAnywhere edition that includes password management, you can create a secure password for all your website transactions, automatically remember your user names and passwords, and automatically fill in web forms. You never need to remember multiple login names and passwords again. Note: For complete instructions on using password management in your browser, see the SecureAnywhere Management Website User Guide. To get started with password management: 1. Open Internet Explorer, Chrome, or Firefox and look for the Webroot icon in the toolbar. If it does not appear, you must download the passwords component (see "Downloading the passwords component" on page 75). 2. From your browser's toolbar, click on the Webroot icon to log in to password management (use your Webroot account credentials; see "Creating a Webroot account" on page 8). When you are logged in, SecureAnywhere detects information you enter in web forms and prompts you to save the data for future use. 3. Access a website that requires a login or personal data in web forms. After defining login credentials and personal information, you can log in to your Webroot account from the toolbar each time you open a browser. See the SecureAnywhere Management Website User Guide for complete instructions. - 74 -
Managing Passwords Downloading the passwords component The passwords component should install along with your SecureAnywhere installation; however, it might not install in some situations. To check if the passwords component downloaded: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the Identity & Privacy tab. 3. Click Password Management on the left. If a Download and Install button appears, click the button to install the component. If the passwords component has successfully installed, the Password Management panel looks similar to the following example. - 75 -
User Guide for PCs. 4. You can click the Manage My Identity button to access your online account. See the SecureAnywhere Management Website User Guide for complete instructions. - 76 -
Managing Backup & Sync If you purchased a SecureAnywhere edition that includes Backup & Sync, you can synchronize important files with your online SecureAnywhere account, as well as with other computers and mobile devices. You can also schedule regular backups to your account, which is accessible from the Backup & Sync page of the SecureAnywhere website. Note: For further instructions about using Backup & Sync in your online account or on your mobile device, see the Webroot SecureAnywhere Help and Product Guides page. To learn about Backup & Sync, see the following topics: Using Backup & Sync 78 Downloading the Backup & Sync component 79 Synchronizing files 81 Changing sync settings 85 Adding sync folders 88 Synchronizing folders with other computers 92 Removing a folder from synchronization 95 Backing up files 97 Changing backup settings 101 Changing backup filters 104 Changing the backup schedule 107 Checking file status 109-77 -
User Guide for PCs Using Backup & Sync If your SecureAnywhere edition includes Backup & Sync, you can protect your important files and photos as follows: Storing files in the Anywhere folder or in your own sync folders. You can use Webroot's preconfigured folder called the Anywhere folder or you can create your own sync folders. Any files you place in these folders are automatically synchronized in your account, to any other computers with shared folders, and to mobile devices with the Backup & Sync app installed. SecureAnywhere constantly monitors the Anywhere folder and other sync folders. If it detects a change (an edited file, a new file, or a deleted file), it immediately makes the same change to your online account, to shared folders on other computers, and to mobile devices with the Backup & Sync app installed. If you are working offline, SecureAnywhere automatically picks up changes the next time you connect to the Internet. If SecureAnywhere detects an edited file, it does not overwrite the original version stored in your account. Instead, it uploads the latest version and makes a copy of the original file. If necessary, you can revert back to previous versions (up to five). If you save changes a sixth time, your most recent version is saved and the oldest version is removed. For more information, see the SecureAnywhere Management Website User Guide. To learn more about the preconfigured Anywhere folder, see "Synchronizing files" on page 81. To create sync folders of your own, see "Adding sync folders" on page 88. Backing up files. Instead of synchronizing files with multiple devices, you can simply back them up. For example, you may want to back up tax returns, old photos, and a scanned copy of your passport. These types of documents won t change and don t need to be kept in synchronization with other computers. To learn more about backups, see "Backing up files" on page 97. - 78 -
Managing Backup & Sync Downloading the Backup & Sync component To begin using Backup & Sync, you must download its component to your computer. To download the component: 1. If you have not yet created a Webroot account, see "Creating a Webroot account" on page 8. This is where you will access your files stored in the cloud. 2. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 3. Click the Backup & Sync tab, then click the Log in button. 4. If prompted, enter your Webroot account credentials (user name and password). When the download completes, the Backup & Sync panel looks like the following example. - 79 -
User Guide for PCs By default, synchronization of the Anywhere folder is turned on. For more information, see "Synchronizing files" on page 81. Backups are not turned on by default. To configure backups, see "Backing up files" on page 97. - 80 -
Managing Backup & Sync Synchronizing files Webroot includes one preconfigured folder for synchronization, called the Anywhere folder. It resides under your personal Documents folder in Windows. Any files you put in the Anywhere folder are automatically synchronized with your online account (my.webrootanywhere.com) and with shared folders on other computers or mobile devices in your account. To synchronize files using the Anywhere folder: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the Backup & Sync tab, and make sure Backup & Sync is selected at the left. 3. Click Open Anywhere Folder. Windows Explorer opens to the Webroot Anywhere folder. 4. Copy files or folders into the Webroot Anywhere folder. The files are instantly synchronized to your online SecureAnywhere account and to other shared folders - 81 -
User Guide for PCs on other computers (if you configured them). In Windows Explorer, icons next to the files and folders indicate the status of the synchronization: Synchronized: Sync pending: Not synchronized: Note: Some files may fail to synchronize because their storage size is larger than the upload limit. You can adjust the limit in the Do not upload files larger than field in the Sync Settings panel. See "Changing sync settings" on page 85. 5. To see the amount of used storage in your account, look at the status bar at the bottom of the Backup & Sync panel. If you want to check that your files were successfully copied, access your online account by clicking Web Console. - 82 -
Managing Backup & Sync 6. When your browser opens to my.webrootanywhere.com, log in to your account, click Go to Backup & Sync, then click Anywhere from the left panel. - 83 -
User Guide for PCs For more information about using Backup and Sync in your online account, see the SecureAnywhere Management Website User's Guide. - 84 -
Managing Backup & Sync Changing sync settings Webroot already configured synchronization with our recommended settings, but you can adjust the settings if you want. For example, you can adjust the size limit of files to upload or allow a synchronization to run while your computer is on battery power. To change sync settings: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the Backup & Sync tab, and make sure Backup & Sync is selected at the left. 3. Under Synchronization, click the Change Settings link. - 85 -
User Guide for PCs 4. In the Backup & Sync Settings panel, make sure Sync Settings is selected on the left. 5. If you want to change a setting, select its checkbox to disable it (uncheck the box) or activate it (check the box). When you're done, click Save All. Note: We recommend that you keep Webroot's default settings. If you make changes and decide you want to return to the recommended settings, click the Reset to Defaults button. The following table describes the settings. Sync settings Ignore hidden files and directories Ignore system files and directories When selected, files and directories that Windows has hidden in Explorer are not included in the sync. "Hidden" files are typically system files that do not need to be synchronized. They can also consume a lot of storage space. When selected, Windows system files and directories are not included in the sync. Typically, system files do not need to be synchronized. They can also consume a lot of storage space. - 86 -
Managing Backup & Sync Sync settings Show Windows Explorer overlay icons Do not synchronize files while running on battery power Do not synchronize files when a fullscreen application or game is running Warn when quota usage exceeds: Do not upload files larger than: When selected, the icons next to files and folders appear in Windows Explorer to show if they are synchronized, are in the process of synchronizing, or did not get synchronized. For more information about these icons, see "Synchronizing files" on page 81. When selected, SecureAnywhere does not run a synchronization when your computer is unplugged and running on the battery. When selected, SecureAnywhere does not run a synchronization when you are watching a movie in full-screen mode or running a gaming application. The number in the field determines when SecureAnywhere displays a warning when your storage limit is exceeded. You can adjust the percentage by entering a new number. The number in the field determines the size of files to include in synchronization. If the file size exceeds the displayed limit, it will not be uploaded. You can adjust the size limit by entering a new number (in megabytes). - 87 -
User Guide for PCs Adding sync folders Webroot already configured one synchronization folder called the Anywhere folder (see "Synchronizing files" on page 81). However, you can designate more folders for synchronization if you like. To add sync folders: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the Backup & Sync tab, and make sure Backup & Sync is selected at the left. 3. Under Synchronization, click the Change Settings link. 4. Click Synchronized Folders on the left. - 88 -
Managing Backup & Sync 5. Click Add Custom Folder. 6. In the next panel, click the Browse button to open the folder you want synchronized. If desired, you can specify a different name for this folder that will display in SecureAnywhere. When you're done, click Add. - 89 -
User Guide for PCs Note: If you want to share a folder across multiple computers, see "Synchronizing folders with other computers" on page 92. 7. When the new directory appears in the Synchronized Folders panel, you can click Open Folder to see the files and folders. (In Explorer, icons appear next to files and folders toshow if they have been synchronized, are in the process of synchronizing, or did not get synchronized. For more information about these icons, see "Synchronizing files" on page 81.) - 90 -
Managing Backup & Sync 8. If you want to check that your files successfully uploaded to your account, click Web Console. When your browser opens to my.webrootanywhere.com, log in to your account, click Go to Backup & Sync, then click on the folder name from the left panel. For more information, see the SecureAnywhere Management Website User Guide. - 91 -
User Guide for PCs Synchronizing folders with other computers If you installed SecureAnywhere on multiple computers, you can create shared, synchronized folders between them. Whenever you update data in one of these shared folders (adding, editing, moving, or deleting files), SecureAnywhere automatically makes the same changes in your online account and to all shared folders. This automatic synchronization can be beneficial when you frequently use multiple computers and need access to the most recent files. Note: Be aware that when you make changes to a folder on one computer, the changes are propagated across the shared folders on all computers. For example, if you delete a shared folder, it is removed from all the computers. However, you can still access a deleted folder or file from the Recycle Bin in your SecureAnywhere account. (See the SecureAnywhere Management Website User Guide.) To create shared folders with other computers: 1. Configure a sync folder on the first computer. See "Adding sync folders" on page 88. 2. On the second computer, open the Backup & Sync Settings panel. To do this, click the Backup & Sync tab, make sure Backup & Sync is selected at the left, then click the Change Settings link. 3. Click Synchronized Folders on the left. - 92 -
Managing Backup & Sync 4. Click Add Custom Folder. 5. In the next panel, click Browse to open the folder you want to synchronize. Then select the radio button for Link directory to an existing folder in the cloud. In the table, select the folder from the other computer, and click Add. SecureAnywhere synchronizes all files in that folder with your other computer. In the Backup & Sync - 93 -
User Guide for PCs Settings panel, the Shared Across column shows the computers sharing that folder. - 94 -
Managing Backup & Sync Removing a folder from synchronization You can stop synchronizing the contents in a folder by detaching it from the automatic synchronization process. Note: Detaching the folder does not delete it from your computer. To remove a folder from synchronization: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the Backup & Sync tab, and make sure Backup & Sync is selected at the left. 3. Under Synchronization, click the Change Settings link. 4. Click Synchronized Folders on the left. 5. Select the folder in the table and click Detach. - 95 -
User Guide for PCs The folder will no longer appear in the panel and will no longer synchronize to your SecureAnywhere account. 6. Click Close when you're done. - 96 -
Managing Backup & Sync Backing up files Instead of synchronizing files, you can archive them instead. For example, you may want to back up tax returns, old photos, and a scanned copy of your passport. These types of documents won't change and don't need to be kept in synchronization with other computers. Your backed-up files are uploaded to the Webroot servers, which are accessible from your SecureAnywhere account. To configure backup: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the Backup & Sync tab, and make sure Backup & Sync is selected at the left. (If you have not yet configured backup settings, the panel looks like the example below. If you did already configure backups, skip to Step 5.) 3. Click Setup Backup. 4. In the next panel, select the types of documents you want included in the backup and click Continue. A checkmark next to an item means every file with that extension will be copied to your online account. If you want to designate different file types, click the Custom filter checkbox at the bottom. - 97 -
User Guide for PCs Note: If you decide later that you want to change file types, see "Changing backup filters" on page 104. - 98 -
Managing Backup & Sync 5. When the Backup & Sync panel opens again, click Run Backup Now. Note: Backups can also run automatically on a schedule. See "Changing the backup schedule" on page 107. - 99 -
User Guide for PCs 6. If you want to check your uploaded files, access your online account by clicking Web Console. 7. When your browser opens to my.webrootanywhere.com, log in to your account, click Go to Backup & Sync, then click Backup from the left panel. - 100 -
Managing Backup & Sync Changing backup settings Webroot already configured backups with our recommended settings, but you can adjust the settings if you want. For example, you can adjust the size limit of files to upload or allow a synchronization to run while your computer is on battery power. Note: To change the types of files backed up, see "Changing backup filters" on page 104. To change the backup schedule, see "Changing the backup schedule" on page 107. To change backup settings: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the Backup & Sync tab, and make sure Backup & Sync is selected at the left. 3. Under Backup, click the Change Settings link. - 101 -
User Guide for PCs 4. Click Backup Settings on the left. 5. If you want to change a setting, select its checkbox to disable it (uncheck the box) or activate it (check the box). When you're done, click Save All. Note: We recommend that you keep Webroot's default settings. If you make changes and decide you want to return to the recommended settings, click the Reset to Defaults button. The following table describes the settings. Backup settings Ignore hidden files and directories Ignore system files and directories When selected, files and directories that Windows has hidden in Explorer are not included in the backup. "Hidden" files are typically system files that do not need to be backed up. They can also consume a lot of storage space. When selected, Windows system files and directories are not included in the backup. Typically, system files do not need to be backed up. They can also consume a lot of storage space. - 102 -
Managing Backup & Sync Backup settings Show Windows Explorer overlay icons Do not archive while running on battery power Do not archive when a full-screen application or game is running Do not upload files larger than: When selected, the icons next to files and folders appear in Windows Explorer to show if they are backed up, are in the process of backing up, or did not get backed up. For more information about these icons, see "Synchronizing files" on page 81. When selected, SecureAnywhere does not run a backup when your computer is unplugged and running on the battery. When selected, SecureAnywhere does not run a backup when you are watching a movie in full-screen mode or running a gaming application. The number in the field determines the size of files to include in the backup. If the file size exceeds the displayed limit, it will not be uploaded. You can adjust the size limit by entering a new number (in megabytes). - 103 -
User Guide for PCs Changing backup filters Using backup filters, you can include or exclude certain file types or subfolders for the backup. To add or change the backup filters: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the Backup & Sync tab, then make sure Backup & Sync is selected at the left. 3. Under Backup, click the Change Settings link. 4. Click Backup Filters at the left. 5. To add a new filter, click Add Filter. To edit an existing filter, select the filter in the table and click Edit Filter. - 104 -
Managing Backup & Sync 6. In the next dialog, select the criteria for the filter. Filter settings are described in the following table. - 105 -
User Guide for PCs Filter settings Directory Filter Name File type expressions Back up files from subdirectories Exclude files from backup that match this filter Use the Browse button to select the local folder of the files. Enter a name that will describe this filter. Enter the extensions of the file types you want to include in this filter. Keep this checkbox selected if you want the subfolders included in the backup. Select this checkbox if you want to create a filter that excludes files with the specified extensions. - 106 -
Managing Backup & Sync Changing the backup schedule You can change the automatic backup schedule or turn off automatic backups. To configure the backup schedule: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the Backup & Sync tab, then make sure Backup & Sync is selected at the left. 3. Under Backup, click Change Settings. - 107 -
User Guide for PCs 4. Select Backup Schedule from the left. 5. If you want to turn off automatic backups, de-select the checkbox next to Enable scheduled archiving. Otherwise, keep it selected. 6. If desired, click the Back up only on the following days checkbox and select a day of the week to run the backups. 7. Select the time of day to run the backup or an hourly interval. 8. At the bottom of the panel, you have two additional options: Run immediately if Backup was inactive at the scheduled time. Keep this checkbox selected if you want to run a backup immediately after a missed schedule. A backup might be skipped if you disabled backups, if you shut down SecureAnywhere, or if your logged off your computer. Randomize the time of a scheduled archive up to one hour. Keep this checkbox selected if you want a scheduled backup to run within an hour of the scheduled time. This selection makes better use of network resources. - 108 -
Managing Backup & Sync Checking file status You can check the status of synchronization and backup from the main interface or from your account on the SecureAnywhere website. To check file transfer status from the main interface: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the Backup & Sync tab, then click File Transfers at the left. To check your file status from the SecureAnywhere website: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the Backup & Sync tab, then make sure Backup & Sync is selected on the left. The amount of disk space used is displayed under the Status bar. - 109 -
User Guide for PCs 3. To view your online account, click Web Console. 4. When your browser opens to my.webrootanywhere.com, log in to your account, click Go to Backup & Sync, then click the folders from the left panel. - 110 -
Managing Backup & Sync For more information about Backup & Sync in your account, see the SecureAnywhere Management Website User Guide. - 111 -
- 112 -
Using the System Cleaner If you purchased a SecureAnywhere edition that includes the System Cleaner, you can remove all traces of your web browsing history, files that show your computer use, and other files that reveal your activity. By removing these items, you can protect your privacy. No one else who has access to your computer can see what websites you have visited or what search terms you have used.the System Cleaner also removes unnecessary files that consume valuable disk space, such as files in the Recycle Bin or Windows temporary files. To use the System Cleaner, see the following topics: Running a system cleanup 114 Running a scheduled cleanup 117 Changing Windows Desktop settings 120 Changing Windows system settings 123 Changing Application settings 126 Changing Internet Explorer settings 128 Using Secure File Removal 132 Viewing the cleanup log 135-113 -
User Guide for PCs Running a system cleanup If you purchased a SecureAnywhere edition that includes the System Cleaner, you can remove all traces of your web browsing history, files that show your computer use, and other files that reveal your activity. As you work on your computer and browse the Internet, you leave behind traces. These traces may be in the form of temporary files placed on your hard drive, lists of recently used files in programs, lists of recently visited websites, or cookies that websites placed on your hard drive. Anyone who has access to your computer can view what you have done and where you have been. Using the System Cleaner, you can protect your privacy by removing all traces of your activity, including the Internet history, address bar history, Internet temporary files (cache), and cookie files. You can also use the System Cleaner to delete unnecessary files that Windows stores on your computer. Certain files can consume valuable space on your computer. Even with today s large hard drives, these unnecessary files can impair your computer s performance. Note: Cleanups remove unnecessary files and traces, not malware threats. Malware (spyware and viruses) are removed during scans (see "Running scans " on page 18). You can think of the System Cleaner as the housekeeper for your computer, while the Scanner serves as the security guard. The System Cleaner does not run automatically; you need to run it yourself. Before the first cleanup, select all the items you want removed. To check cleanup settings and run a cleanup: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the System Tools tab. Make sure System Cleaner is selected on the left. - 114 -
Using the System Cleaner 3. Click Cleanup Settings. 4. In the System Cleaner panel, click each of the categories on the left side of the panel. On the right side, click in the checkboxes to select or deselect items to clean up. Items with a checkmark will be cleaned. For more information about the settings, see: "Changing Windows Desktop settings" on page 120 "Changing Windows system settings" on page 123 "Changing Application settings" on page 126 "Changing Internet Explorer settings" on page 128-115 -
User Guide for PCs 5. In the System Cleaner Settings panel, select Secure File Removal. By default, file removal is set to Normal, which means items are deleted permanently (bypassing the Recycle Bin). However, data recovery utilities may be able to restore the files. If you want to make sure files can never be recovered, move the slider to Medium or Maximum. For more information, see "Using Secure File Removal" on page 132. 6. When you re done, click Save All, then click Close. 7. From the System Cleaner panel, click the Clean Up Now button. The progress panel shows items as they are removed, along with the space recovered. - 116 -
Using the System Cleaner Running a scheduled cleanup You can configure the System Cleaner to run automatically on a schedule. To run a scheduled cleanup: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the System Tools tab. Make sure System Cleaner is selected on the left. 3. Click Cleanup Settings. - 117 -
User Guide for PCs 4. Make sure General Settings is selected on the left. 5. Click the Enable scheduled cleanup checkbox at the top of the panel. 6. If desired, click the Cleanup only on the following days checkbox and select a day of the week to run the cleanups. 7. Select the time of day to run the cleanup or an hourly interval. 8. At the bottom of the panel, you have two additional options: Run on bootup if the system was off at the scheduled time. Keep this checkbox selected if you want a missed scheduled cleanup to run when you turn on the computer again. Deselect the checkbox if you want to skip missed cleanups. Enable Windows Explorer right click secure file erasing. Keep this checkbox selected if you want to include an option for permanently erasing a file or folder in Windows Explorer. This menu item appears when you right-click on a file or folder. De-select the checkbox if you don't want the menu item to appear. The right-click menu looks similar to the following example. - 118 -
Using the System Cleaner 9. When you re done, click Save All, then click Close. - 119 -
User Guide for PCs Changing Windows Desktop settings The System Cleaner can remove files in the Recycle Bin and the traces of what files you recently opened or tried to locate in a search. While these history traces can be helpful, they also reveal your activity to other people using your computer. To maintain your privacy, you can remove all these traces. To change Windows Desktop settings: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the System Tools tab. Make sure System Cleaner is selected on the left. 3. Click Cleanup Settings. - 120 -
Using the System Cleaner 4. From the left panel, click Windows Desktop. 5. If you want to change a setting, select its checkbox to disable it (uncheck the box) or activate it (check the box). When you re done, click Save All. The following table describes the options: Windows Desktop settings Recycle Bin Recent document history Start Menu click history Removes all files from your Recycle Bin, which contains files you have deleted using Windows Explorer. When you delete a file, it is stored in the Recycle Bin until you empty it. You should periodically empty the Recycle Bin to preserve valuable disk space on your computer. Clears the history of recently opened files, which is accessible from the Windows Start menu. (The cleanup does not delete the actual files.) Clears the history of shortcuts to programs that you recently opened using the Start menu. - 121 -
User Guide for PCs Windows Desktop settings Run history Search history Start Menu order history Clears the history of commands that you recently entered into the Run dialog, which is accessible from the Start menu. Note: After the cleanup, you may need to restart your computer to completely remove items from the Run dialog. Clears the history of files or other information that you searched for on your computer. Your computer stores recent searches and displays them when you start entering a new search that starts with the same characters. You access the search (also called "find") from Windows Explorer or from your Start button. (The cleanup does not delete the actual files.) Reverts the list of programs and documents in the Start menu back to alphabetical order, which is the default setting. After you run the cleanup, you must reboot your system for the list to revert back to alphabetical order. - 122 -
Using the System Cleaner Changing Windows system settings The System Cleaner can remove temporary files and traces left by the Windows operating system. These files and traces can sometimes be a threat to your privacy. They can also consume a lot of disk space if you don t delete them once in awhile. To change Windows system settings: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the System Tools tab. Make sure System Cleaner is selected on the left. 3. Click Cleanup Settings. - 123 -
User Guide for PCs 4. From the left panel, click Windows System. 5. If you want to change a setting, select its checkbox to disable it (uncheck the box) or activate it (check the box). When you re done, click Save All. The following table describes the options: Windows System settings Clipboard contents Windows Temporary folder Clears the contents from the Clipboard, where Windows stores data when you use either the Copy or Cut function from any Windows program. Deletes all files and folders in the Windows temporary folder, but not files that are in use by an open program. This folder is usually: C:\Windows\Temp. You should not put any files here that you need to keep. The files in this folder can consume a lot of space on your hard drive. - 124 -
Using the System Cleaner Windows System settings System Temporary folder Windows Update Temporary folder Windows Registry Streams Default logon user history Memory dump files CD burning storage folder Flash Cookies Deletes all files and folders in the system temporary folder, but not files that are in use by an open program. This folder is usually in: C:\Documents and Settings\[username]\Local Settings\Temp You should not put any files here that you need to keep. The files in this folder can consume a lot of space on your hard drive. Deletes all files and subfolders in this folder, but not files that are in use by an open program. Windows uses these files when you run Windows Update. After you install the updates, you no longer need these files. These files are normally in C:\Windows\Software\Distribution\Download. You should not put any files here that you need to keep. The files in this folder can consume a lot of space on your hard drive. Clears the history of recent changes you made to the Windows registry. (This option does not delete the registry changes themselves.) Deletes the Windows registry entry that stores the last name used to log on to your computer. When the registry entry is deleted, you must enter your user name each time you turn on or restart your computer. This cleanup option does not affect computers that use the default Welcome screen. Deletes the memory dump file (memory.dmp) that Windows creates when you receive certain Windows errors. The file contains information about what happened when the error occurred. Deletes the Windows project files, created when you use the Windows built-in function to copy files to a CD. These project files are typically stored in one of the following directories: C:\Documents and Settings\[username]\Local Settings\Application Data\Microsoft\CDBurning C:\Users\[username]\AppData\Local\Microsoft\Windows\Burn\Burn Deletes bits of data created by Adobe Flash, which can be a privacy concern because they track user preferences. (Flash cookies are not actually cookies, and are not controlled through the cookie privacy controls in a browser.) - 125 -
User Guide for PCs Changing Application settings The System Cleaner can remove the traces left behind by applications, such as a list of recently opened files. While these history traces can be helpful, they also reveal your activity to other people using your computer. To maintain your privacy, you can remove all these traces. (The cleanup does not delete the files, just the places where Windows tracks your activity.) To change Application settings: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the System Tools tab. Make sure System Cleaner is selected on the left. 3. Click Applications. Applications currently installed on your computer appear in this panel. - 126 -
Using the System Cleaner 4. On the right side, click in the checkboxes to select or deselect applications you want cleaned. The System Cleaner will remove file history traces for the selected applications. 5. When you're done, click Save All, then click Close. - 127 -
User Guide for PCs Changing Internet Explorer settings The System Cleaner can remove temporary files and traces left by the Windows operating system. While these history traces can be helpful, they also reveal your activity to other people and can consume lots of disk space. To maintain your privacy and system performance, you can remove all these files and traces. To change Application settings: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the System Tools tab. Make sure System Cleaner is selected on the left. 3. Click Cleanup Settings. - 128 -
Using the System Cleaner 4. From the left panel, click Internet Explorer. 5. If you want to change a setting, select its checkbox to disable it (uncheck the box) or activate it (check the box). When you re done, click Save All. - 129 -
User Guide for PCs The following table describes the options: Internet Explorer settings Address bar history Cookies Temporary Internet Files URL history Setup Log Microsoft Download Folder MediaPlayer Bar History Removes the list of recently visited websites, which is stored as part of Internet Explorer s AutoComplete feature. You see this list when you click the arrow on the right side of the Address drop-down list at the top of the Internet Explorer browser. Deletes all cookies from your computer. Cookies are small files that store information about your interaction with a website and may reveal what sites you visited. Be aware that if you remove all cookie files, some websites will not remember you. This means that you may need to reenter passwords, shopping cart items, and other entries that these cookies stored. Deletes copies of stored web pages that you visited recently. This cache improves performance by helping web pages open faster the next time you visit them, but also reveals your visited sites to other people using your computer and can consume a lot of space on your hard drive. Deletes the list of recently visited websites. You see this list when you click History on the Internet Explorer toolbar. While this history can be helpful, it also reveals your visited sites to other people using your computer. Deletes log files created when you update Internet Explorer. After you install the updates, you no longer need these files. Deletes the contents in the folder that stores files you last downloaded using Internet Explorer. After downloading, you no longer need these files. Removes the list of audio and video files recently opened with the media player in Internet Explorer, which plays audio and video files that you access on websites. (The cleanup does not delete the files, just the Windows "memory" that you opened them or searched for them.) - 130 -
Using the System Cleaner Internet Explorer settings Autocomplete form information Clean index.dat (cleaned on reboot) Deletes data that Internet Explorer stores when you enter information into fields on websites. This is part of Internet Explorer s AutoComplete feature, which predicts a word or phrase based on the characters you begin to type (for example, your email address or password). Marks files in the index.dat file for deletion, then clears those files after you reboot the system. The index.dat file is a growing Windows repository of web addresses, search queries, and recently opened files. This option works when you also select one or more of the following options: Cookies, Temporary Internet Files, or URL History. Note: Index.dat functions like an active database. It is only cleaned after you reboot Windows. - 131 -
User Guide for PCs Using Secure File Removal The System Cleaner can permanently remove files in a shredding process, which overwrites them with random characters. This shredding feature is a convenient way to make sure no one can ever access your files with a recovery tool. (Although you may think that you are permanently deleting files when you empty the Recycle Bin or when you use Shift-Delete, in actuality, you are only removing the operating system s record of the file, not the physical file itself.) You can run a Secure File Removal from the main interface or from the Windows Explorer right-click menu. To use Secure File Removal from the main interface: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the System Tools tab. Make sure System Cleaner is selected on the left. 3. Click Secure File Removal. The Secure File Removal panel opens. By default, file removal is set to Normal, which means items - 132 -
Using the System Cleaner are deleted permanently (bypassing the Recycle Bin). However, data recovery utilities may be able to restore the files. If you want to make sure files can never be recovered, move the slider to Medium or Maximum. Medium overwrites files with three passes, whereas Maximum overwrites files with seven passes and cleans the space around the files. Also be aware that cleanup operations take longer when you move the slider to Medium or Maximum. 4. When you're done, click Save All. 5. You can now run a cleanup with the new setting. See "Running a system cleanup" on page 114. - 133 -
User Guide for PCs To use Secure File Removal from the Windows Explorer menu: 1. Open Windows Explorer. 2. Right-click on the file or folder you want to permanently erase. 3. Select Permanently erase with Webroot. SecureAnywhere will use the selected configuration option (Normal, Medium, or Maximum). Note: If this menu option does not appear in the right-click menu, go to the General Settings panel and click Enable Windows Explorer right click secure file erasing. See "Running a system cleanup" on page 114. - 134 -
Using the System Cleaner Viewing the cleanup log You can view a log of what the System Cleaner removed. To view the cleanup log: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the System Tools tab. Make sure System Cleaner is selected on the left. The log opens in Notepad and shows a list of files and traces removed. - 135 -
- 136 -
Using Advanced Tools To learn more about advanced tools, see the following topics: Controlling active processes 138 Using the SafeStart sandbox 140 Saving a scan log 142 Using the System Analyzer 143 Viewing the execution history 145 Viewing the protection statistics 146-137 -
User Guide for PCs Controlling active processes Using Active Processes, you can adjust the threat-detection settings for all programs and processes running on your computer. It also includes a function for terminating any untrusted processes, which might be necessary if a regular scan did not remove all traces of a malware program. To adjust settings for active processes: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the System Tools tab. 3. Click System Control on the left. - 138 -
Using Advanced Tools 4. Click the Start button under Control Active Processes. 5. For each process, you can select the radio button for: Allow: The process is allowed to run on your system. Monitor: Webroot SecureAnywhere will watch the process and open an alert on suspicious activity. Block: The process is blocked from running on your system. Do NOT block a process unless you are absolutely certain it is non-essential. If you want to terminate all untrusted processes, click Kill Untrusted Processes. - 139 -
User Guide for PCs Using the SafeStart sandbox If you are an advanced user and want to test a program you believe is malware, you can first execute the program in a protected area called the SafeStart Sandbox. This sandbox allows you to isolate the actions of the malware program and observe its behavior. Note: The SafeStart Sandbox is intended for testing malware, not legitimate programs. To execute a file in the SafeStart sandbox: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the System Tools tab. 3. Click System Control on the left. - 140 -
Using Advanced Tools 4. Click the Start button under SafeStart Sandbox. 5. You can select the file either by clicking the Browse button or by entering the filename and location in the Command-line field. 6. If you want to use some advanced features for controlling how the program is allowed to execute, select a checkbox to disable a function (uncheck the box) or activate it (check the box). 7. When you re done, click the Start button. - 141 -
User Guide for PCs Saving a scan log If you want to investigate what SecureAnywhere scanned and what it found, you can save a scan log. This log might be helpful if you are working with Webroot Support to determine the cause of a problem. To save a scan log: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the System Tools tab. 3. Click Reports on the left. 4. Under Scan Log, click the Save as button. 5. Enter a filename and click Save. - 142 -
Using Advanced Tools Using the System Analyzer If you purchased a SecureAnywhere edition that includes System Analyzer, you can use this simple utility to quickly scan for threats, security vulnerabilities, and other computer problems. After the scan, it displays a report that describes any vulnerabilities it found. It also provides recommendations about enhancements that can increase system performance, privacy, and protection. To run System Analyzer: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the System Tools tab. 3. Click System Analyzer on the left. 4. Click Start. System Analyzer scans your system, then displays a report summary similar to the following example. - 143 -
User Guide for PCs 5. You can view more detailed information by clicking the View advanced detail link at the bottom right. 6. To save the report to your Desktop, click Save. Otherwise, click Close to exit from the report. - 144 -
Using Advanced Tools Viewing the execution history The Execution History is mainly used by Technical Support to see when and where a virus entered the system. To view the execution history: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the System Tools tab. 3. Click Reports on the left. 4. Under Execution History (Advanced), click the View button. 5. Enter a filename and click Save. - 145 -
User Guide for PCs Viewing the protection statistics Protection Statistics are mainly used by Webroot Support to view the background processes that Webroot SecureAnywhere is monitoring. To view protection statistics: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the System Tools tab. 3. Click Reports on the left. - 146 -
Using Advanced Tools 4. Under Protection Statistics, click the View button. 5. Click on an event in the left column to view more detailed information. 6. When you're done, click Close. - 147 -
- 148 -
Managing Your Account Your Webroot account includes information about your software licenses and other details. Your account information is available from the My Account panel of the SecureAnywhere program or from my.webrootanywhere.com, which is the online interface. To learn more about your SecureAnywhere account, see the following topics: Viewing your account details 150 Activating a new keycode 151 Renewing your subscription 152 Checking for updates 153-149 -
User Guide for PCs Viewing your account details You can view your keycode and the time remaining on your subscription from the My Account window. To view account details: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the My Account tab. Your account information appears in the panel. - 150 -
Managing Your Account Activating a new keycode If you receive a new keycode from Webroot, you can activate it in the My Account panel. To activate a new keycode: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the My Account tab. 3. Click Activate a new keycode. 4. In the dialog, enter the keycode and click the Activate button. - 151 -
User Guide for PCs Renewing your subscription You can renew your subscription from the My Account window. To renew your subscription: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the My Account tab. 3. Click Learn more about available upgrades. The Webroot website opens. From here, you can purchase an upgrade to your software. - 152 -
Managing Your Account Checking for updates If you deactivated automatic updates from General Preferences, you can manually check for updates yourself. Note: For more information about setting automatic updates, see "Setting general preferences" on page 156. To check for SecureAnywhere updates: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the My Account tab. 3. Click Check for software updates. If a newer version exists, Webroot downloads the updates to your system. - 153 -
- 154 -
Setting Preferences To learn more about setting preferences, see the following topics: Setting general preferences 156 Setting basic configuration 162 Setting access control 166 Defining proxy server settings 169 Adjusting heuristics 172 Exporting and importing settings 177 Setting self protection 180-155 -
User Guide for PCs Setting general preferences You can change the behavior of the program in General Preferences. To change general preferences: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. In the upper right corner, click Settings. The Settings panel opens. - 156 -
Setting Preferences 3. Select the slide bars to adjust the settings, which are described in the following tables. When you re done, click the Save All button. Note: We recommend that you keep Webroot s default settings. If you make changes and decide you want to return to the recommended settings, click the Reset to Defaults button. - 157 -
User Guide for PCs The following tables describe the slider options. Set and forget protection Hands-on security (more prompts) This slider affects the following advanced settings: Show the Authenticating Files pop-up when a new file is scanned on-execution. See "Changing the scan settings" on page 25. Fade out warning messages automatically. See "Setting basic configuration" on page 162. Warn before blocking untrusted programs from accessing protected data. See "Changing Identity Protection settings" on page 63. Slider in left-most position: Slider in middle position: Slider in right-most position: Disabled: Show the Authenticating Files pop-up when a new file is scanned on-execution. Enabled: Fade out warning messages automatically. Disabled: Warn before blocking untrusted programs from accessing protected data. Enabled: Show the Authenticating Files pop-up when a new file is scanned on-execution. Enabled: Fade out warning messages automatically, Disabled: Warn before blocking untrusted programs from accessing protected data. Enabled: Show the Authenticating Files pop-up when a new file is scanned on-execution. Disabled: Fade out warning messages automatically. Enabled: Warn before blocking untrusted programs from accessing protected data. - 158 -
Setting Preferences Minimal system resource usage Fastest scanning This slider affects the following advanced settings: Favor low disk usage over verbose logging (fewer details stored in logs). See "Setting basic configuration" on page 162. Favor low CPU usage over fast scanning. See "Changing the scan settings" on page 25. Operate background functions using fewer CPU resources. See "Setting basic configuration" on page 162. Lower resource usage when intensive applications or games are detected. See "Setting basic configuration" on page 162. Favor low memory usage over fast scanning. See "Changing the scan settings" on page 25 Slider in left-most position: Slider in middle position: Slider in right-most position: Enabled: Favor low disk usage over verbose logging (fewer details stored in logs). Enabled: Favor low CPU usage over fast scanning. Enabled: Operate background functions using fewer CPU resources. Enabled: Lower resource usage when intensive applications or games are detected. Enabled: Favor low memory usage over fast scanning. Disabled: Favor low disk usage over verbose logging (fewer details stored in logs). Disabled: Favor low CPU usage over fast scanning. Enabled: Operate background functions using fewer CPU resources. Enabled: Lower resource usage when intensive applications or games are detected. Enabled: Favor low memory usage over fast scanning. Disabled: Favor low disk usage over verbose logging (fewer details stored in logs). Disabled: Favor low CPU usage over fast scanning. Disabled: Operate background functions using fewer CPU resources. Enabled: Lower resource usage when intensive applications or games are detected. Disabled: Favor low memory usage over fast scanning. - 159 -
User Guide for PCs Less automatic scanning Daily thorough system scanning This slider affects the scan schedule settings. See "Changing the scan schedule" on page 22. Note: A "quick" scan searches the system's memory. A "deep" scan searches for all types of malware in all locations. Slider in left-most position: Slider in middle position: Slider in right-most position: Runs a quick scan when the computer starts (boot-up). Runs a quick scan every day. Runs a deep scan every day. Basic internal security Maximum internal security This slider affects the following advanced settings: Self protection: minimum, medium, or maximum. See "Setting self protection" on page 180. Require the completion of a CAPTCHA when changing critical features. See "Setting access control" on page 166. Self protection response cloaking. See "Setting self protection" on page 180. Slider in left-most position: Slider in middle position: Slider in right-most position: Minimum: Self protection. Disabled: Require the completion of a CAPTCHA when changing critical features. Disabled: Self protection response cloaking. Medium: Self protection. Enabled: Require the completion of a CAPTCHA when changing critical features. Disabled: Self protection response cloaking. Maximum: Self protection. Enabled: Require the completion of a CAPTCHA when changing critical features. Enabled: Self protection response cloaking. - 160 -
Setting Preferences Strong behavior and cloud heuristics Maximum heuristics (more warnings) This slider affects the advanced heuristics settings. See "Adjusting heuristics" on page 172. Slider in left-most position: Slider in left-middle position: Slider in right-middle position: Slider in right-most position: Sets all heuristics to the Low setting (second position in the Heuristics panel slider). Sets all heuristic settings to the SecureAnywhere defaults in the Heuristics panel. Raises heuristic settings for important areas, while leaving less vulnerable areas at the defaults. Raises all heuristic settings to the maximum. - 161 -
User Guide for PCs Setting basic configuration You can change the behavior of the program in General Preferences. To change general preferences: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. In the upper right corner, click Settings. - 162 -
Setting Preferences 3. In the Settings panel, click Advanced Settings. 4. Make sure Basic Configuration is selected at the left. 5. If you want to change a setting, select its checkbox to disable it (uncheck the box) or activate it (check the box). When you re done, click Save All. - 163 -
User Guide for PCs Note: We recommend that you keep Webroot s default settings. If you make changes and decide you want to return to the recommended settings, click the Reset to Defaults button. The following table describes the options. Basic Configuration settings Show a SecureAnywhere shortcut on the desktop Provides quick, double-click access to the main interface by placing the shortcut icon on your desktop. Show a system tray icon Show a splash screen on bootup Show SecureAnywhere in the Start Menu Show SecureAnywhere in Add/Remove Programs Show SecureAnywhere in Windows Security Center Hide the SecureAnywhere license keycode onscreen Automatically download and apply updates Operate background functions using fewer CPU resources Provides quick access to SecureAnywhere functions by placing the Webroot icon on your desktop. You can double-click the icon to open the main interface or right-click to open a menu of common functions, like scanning. Opens the Webroot splash screen on system startup, which lets you know that the program is running and protecting your computer. Lists Webroot SecureAnywhere in the Windows Startup menu items. Lists Webroot SecureAnywhere in the Windows Add/Remove Programs panel. Lists Webroot SecureAnywhere in the Windows Security Center, under Virus Protection information. Blocks your license keycode from displaying on the My Account panel. Downloads product updates automatically without alerting you. Saves CPU resources by running non-scan related functions in the background. - 164 -
Setting Preferences Basic Configuration settings Favor low disk usage over verbose logging (fewer details stored in logs) Lower resource usage when intensive applications or games are detected Allow SecureAnywhere to be shut down manually Force non-critical notifications into the background Fade out warning messages automatically Store Execution History details Saves disk resources by saving only the last four log items. Suppresses SecureAnywhere functions while you are gaming, watching videos, or using other intensive applications. Displays a Shutdown command in the system tray menu. If you deselect this option, the Shutdown command is removed from the menu. Suppresses information-only messages from appearing in the system tray. Closes warning dialogs in the system tray after a few seconds. If you disable this option, you must manually click on a message to close it. Stores data for the Execution History logs, available under Reports. - 165 -
User Guide for PCs Setting access control If multiple people use your computer, you can set some permissions that provide or deny access to certain functions. These access controls also protect your computer from malware that tries to change settings in SecureAnywhere. To change Access Control settings: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. In the upper right corner, click Settings. - 166 -
Setting Preferences 3. In the Settings panel, click Advanced Settings. 4. Click Access Control at the left. 5. If you want to change a setting, select its checkbox to disable it (uncheck the box) or activate it (check the box). When you re done, click Save All. The following table describes the options. - 167 -
User Guide for PCs Access Control settings Enable Password Protection Allow users to scan without a password Allow users to remove threats without a password Require the completion of a CAPTCHA when changing critical features Require the completion of a CAPTCHA when changing configuration Remember CAPTCHA completion until the window is closed Allow nonadministrative users to modify configuration options Allow uninstallation by non-administrative users Allow access to antimalware tools by non-administrative users Allow access to advanced features by non-administrative users Enable enhanced customer support Requires that users enter a password for any configuration changes or critical actions. Allows any user to scan the system, even if password protection is enabled. Allows any user to remove threats, even if password protection is enabled. Opens a CAPTCHA dialog that requires you to read distorted text on the screen and enter the text in a field before performing any critical actions. These actions include changing shields, importing configuration settings, uninstalling the program, and shutting down the agent. Opens a CAPTCHA dialog that requires you to read distorted text on the screen and enter the text in a field before performing any configuration changes. Allows you to complete configuration changes and critical functions without re-entering a CAPTCHA test again. SecureAnywhere will remember your last CAPTCHA until you close the main interface. Enables you to modify configuration options, whether you are logged in as an administrative user or not. Enables you to access the Antimalware Tools (under Quarantine), whether you are logged in as an administrative user or not. Enables you to access the advanced features, whether you are logged in as an administrative user or not. Advanced features include all options in the Settings panels and the Antimalware tools under Quarantine. Enables you to access the advanced features, whether you are logged in as an administrative user or not. Advanced features include all options in the Settings panels and the Antimalware tools under Quarantine. Provides configuration and debug data to Webroot Support when you initiate a support request. This feature allows Support to quickly diagnose and repair the issue. - 168 -
Setting Preferences Defining proxy server settings If you use a proxy server to connect to the Internet, you must define the proxy connection data; otherwise, Webroot cannot send updates to your computer. (A proxy server is a computer system or router that acts as a relay between your computer and another server.) For further information about your proxy environment, contact your proxy server s administrator. To define proxy server settings: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. In the upper right corner, click Settings. - 169 -
User Guide for PCs 3. In the Settings panel, click Advanced Settings. 4. Click Proxy at the left. 5. Enter the proxy settings, which are described in the following table. When you re done, click Save All. - 170 -
Setting Preferences Proxy settings Proxy Type Authentication Method Host Port Username Password Select HTTP Proxy from the drop-down box. Select an authentication method from the drop-down box. Enter the fully qualified domain name of the server (for example, proxy.company.com). Enter the port number the server uses. Enter the user name of the server, if used. Enter the password of the server, if used. - 171 -
User Guide for PCs Adjusting heuristics With heuristics settings, you can adjust the level of threat analysis that Webroot SecureAnywhere performs when scanning your computer. Heuristics can be adjusted for separate areas of your computer, including the local drive, USB drives, the Internet, the network, CD/DVDs, and when your computer is offline. We recommend that you keep heuristics at their default settings, unless you are an advanced user and understand how changing settings will impact threat detection. Webroot SecureAnywhere includes three types of heuristics: Advanced Heuristics. Analyzes new programs for suspicious actions that are typical of malware. Age Heuristics. Analyzes new programs based on the amount of time the program has been in the community. Legitimate programs are generally used in a community for a long time, but malware often has a short life span. Popularity Heuristics. Analyzes new programs based on statistics for how often the program is used in the community and how often it changes. Legitimate programs do not change quickly, but malware often mutates at a rapid pace. Malware may install as a unique copy on every computer, making it statistically unpopular. To change heuristics settings: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). - 172 -
Setting Preferences 2. In the upper right corner, click Settings. - 173 -
User Guide for PCs 3. In the Settings panel, click Advanced Settings. 4. Click Heuristics at the left. 5. Select the tab for the area you want to change heuristics settings: Local, USB, Internet, Network, CD/DVD, or Offline. - 174 -
Setting Preferences 6. Select the radio buttons and slide bars to adjust the settings, which are described in the following tables. When you re done, click the Save All button. The following table describes the options. Radio buttons -- additional heuristics options Disable Heuristics Apply advanced heuristics before Age/Popularity heuristics Apply advanced heuristics after Age/Popularity heuristics Warn when new programs execute that are not trusted Turns off heuristic analysis. Not recommended. Warns against new programs as well as old programs that exhibit suspicious behavior. Warns against suspicious programs detected with Advanced Heuristics, based on Age/Popularity settings. Warns when malicious, suspicious, or unknown programs try to execute. (This setting may result in false detections.) Slider - advanced heuristics Disabled Low Medium High Maximum Turns off Advanced Heuristics for the area selected in the tab, leaving it vulnerable to new threats. (However, it will still be protected against known threats.) Detects programs with a high level of malicious activity. This setting ignores some suspicious behavior and allows most programs to run. Balances detection versus false alarms by using our tuned heuristics in the centralized community database. Protects against a wide range of new threats. Use this setting if you think your system is infected or at very high risk. (This setting may result in false detections.) Provides the highest level of protection against new threats. Use this setting if you think that your system is infected or at very high risk. (This setting may result in false detections.) - 175 -
User Guide for PCs Slider - age heuristics Disabled Low Medium High Maximum Turns off Age Heuristics for the area selected in the tab, leaving it vulnerable to new threats. (However, it will still be protected against known threats.) Detects programs that have been created or modified very recently. Detects programs that are fairly new and not trusted, preventing zero-day or zero-hour attacks. We recommend using this setting if you do not install unpopular programs and want an extra degree of security to prevent mutating threats. Detects programs that have been created or modified in a relatively short time and are not trusted. This setting is recommended only if you rarely install new programs and if you feel that your system is relatively constant. This setting may generate a higher level of false alarms on more obscure or unpopular programs. Detects all untrusted programs that have been created or modified fairly recently. You should only use this setting if your computer is in a highrisk situation or if you think that it is currently infected. Slider - popularity heuristics Disabled Low Medium High Maximum Turns off Popularity Heuristics for the area selected in the tab, leaving it vulnerable to new threats. (However, it will still be protected against known threats.) Detects programs that have been seen for the first time. This setting is recommended if you frequently install new programs, beta programs, or you are a software developer who frequently creates new programs. Detects unpopular and mutating programs, preventing zero-day and zerohour attacks. This setting is recommended if you do not frequently install new programs and want an extra level of protection over standard settings. Detects programs that a significant percentage of the community has seen. This setting is recommended if you do not install new programs and suspect that your system is infected. Detects programs that a large percentage of the community has seen. This setting is recommended if you think your system is at a very high risk and are willing to accept that you may receive false alarms because of the strict heuristic rules. - 176 -
Setting Preferences Exporting and importing settings If you changed the SecureAnywhere configuration, you can back up those new settings using the Export funciton. A backup of your configuration is helpful if you ever need to reinstall the software or transfer your configuration to another computer. To export and import settings: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. In the upper right corner, click Settings. - 177 -
User Guide for PCs 3. In the Settings panel, click Advanced Settings. 4. Click Import/Export at the bottom left. - 178 -
Setting Preferences 5. To transfer your settings to another computer, click Export Settings. Enter a name for the file and click Save. These settings can be from an external hard drive or USB drive. Depending on the file size, this may take a few seconds. 6. Access the other computer and click Import Settings. Select the file and click Save. - 179 -
User Guide for PCs Setting self protection Self Protection prevents malicious software from modifying the SecureAnywhere program settings and processes. If SecureAnywhere detects that another product is attempting to interfere with its functions, it launches a protective scan to look for threats. It will also update the internal self protection status to prevent incompatibilities with other software. We recommend that you keep Self Protection at the Maximum setting. However, if you use other security software along with SecureAnywhere, you should adjust Self Protection to the Medium or Minimum setting. The Maximum setting may interfere with other security software. To change the Self Protection setting: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. In the upper right corner, click Settings. - 180 -
Setting Preferences 3. In the Settings panel, click Advanced Settings. 4. In the Settings panel, click Self Protection at the left. 5. Click a radio button for Minimum, Medium, or Maximum security. - 181 -
User Guide for PCs Note: If you want to turn off self protection, uncheck the Enable self protection response cloaking box. 6. Click Save All. - 182 -
Accessing Support and Resources To learn more about Webroot's Support options and other resources, see the following topics: Accessing Technical Support options 184 Accessing additional publications 185 Saving a threat log for analysis 186 Submitting a file to Webroot for analysis 187-183 -
User Guide for PCs Accessing Technical Support options Webroot offers a variety of Technical Support options, including: Ticket and phone support. Interactive knowledgebase. To access these support options, go to our online Support site: SecureAnywhere Product Support. - 184 -
Accessing Support and Resources Accessing additional publications Webroot provides the following additional resources: SecureAnywhere Website User Guide SecureAnywhere User Guide for Macs Help for Webroot Mobile Security To access these resources, go to our Help and Product Guides page. - 185 -
User Guide for PCs Saving a threat log for analysis If you want to investigate an infection with Webroot Support, you can save a threat log and send it to Webroot. The threat log shows details about threats removed from your computer. To save a threat log: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the PC Security tab. 3. Click Quarantine on the left. 4. Click Save Threat Log. 5. In the dialog, select a folder location for the log and click Save. - 186 -
Accessing Support and Resources Submitting a file to Webroot for analysis If a file on your system is causing problems or if you know a file is safe and want it reclassified, you can send the file to Webroot for analysis. To submit a file: 1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the System Tools tab. 3. Click Submit a File on the left. A dialog asks if you would rather go to the Support website, where you might receive a quicker response. 4. Click No at the prompt if you still want to submit a file for analysis. 5. Select the file by clicking the Browse button. 6. Select any of the checkboxes that apply to this file. 7. Enter any additional information in the bottom field. - 187 -