Webroot SecureAnywhere User Guide AntiVirus Edition

Webroot SecureAnywhere User Guide AntiVirus Edition
User Guide
for the
AntiVirus Edition
Webroot Software, Inc.
385 Interlocken Crescent
Suite 800
Broomfield, CO 80021
www.webroot.com
Version 8.0.1
Webroot SecureAnywhere User Guide for the AntiVirus Edition
Version 8.0.1; May, 2012
© 2011- 2012 Webroot Software, Inc. All rights reserved. Webroot is a registered trademark and SecureAnywhere is
a trademark of Webroot Software, Inc.
All other product and company names mentioned may be trademarks or registered trademarks of their respective
owners.
Contents
1: Getting Started . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1
Installing the software. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2
Using the main interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5
Using the system tray menu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6
Viewing the protection status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7
Creating a Webroot account. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8
Adding PCs to your account . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9
Adding mobile devices to your account . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10
Viewing the PC security status online . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11
2: Scans . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15
About scans . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16
Running an immediate scan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17
Running a custom scan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19
Changing the scan schedule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21
Changing scan settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23
3: Shields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25
About shields . . . . . . . . . . . . . . . . . . . . . . . . .
Changing Realtime shield settings . . . . . . . . .
Changing Behavior shield settings . . . . . . . . .
Changing Core System shield settings . . . . .
Changing Web Threat shield settings . . . . . .
......
......
......
......
......
......
......
......
......
......
.......
.......
.......
.......
.......
......
......
......
......
......
.......
.......
.......
.......
.......
......
......
......
......
......
. . . . .26
. . . . .27
. . . . .29
. . . . .31
. . . . .33
4: Quarantine . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .35
About quarantine . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .36
Managing quarantined items . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .37
Managing file detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .39
Using antimalware tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41
Saving a threat log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .43
5: System Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45
Controlling active processes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .46
Using SafeStart Sandbox . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .47
6: Reports. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .49
Saving a scan log . . . . . . . . . . . . . . .
Viewing the protection statistics . . . .
Viewing the execution history. . . . . .
Submitting a file . . . . . . . . . . . . . . . .
.......
.......
.......
.......
......
......
......
......
......
......
......
......
.......
.......
.......
.......
......
......
......
......
.......
.......
.......
.......
......
......
......
......
. . . . .50
. . . . .51
. . . . .52
. . . . .53
7: My Account . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .55
About My Account . . . . . . . . . . . . . .
Activating a new keycode. . . . . . . . .
Upgrading or renewing the software
Checking for software updates. . . . .
.......
.......
.......
.......
......
......
......
......
......
......
......
......
.......
.......
.......
.......
......
......
......
......
.......
.......
.......
.......
......
......
......
......
. . . . .56
. . . . .57
. . . . .58
. . . . .59
iii
8: Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .61
Setting basic configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .62
Setting self protection. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .64
Setting access control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .65
Defining proxy settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .67
Setting heuristics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .68
Importing or exporting settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .71
A: Webroot Support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .73
B: Uninstalling the program . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
C: License agreement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
iv
1: Getting Started
Webroot® SecureAnywhere™ delivers complete protection against
viruses, spyware, and other online threats without slowing down computer
performance or disrupting your normal activities. With its fast scans and
one-click threat removal, you can rest assured that malware is eliminated
quickly and easily. Webroot SecureAnywhere gives you the freedom to
surf, share, shop, and bank online—all with the confidence that your
computer and your identity will be kept safe.
This guide describes how to use all features and functions of the Webroot
SecureAnywhere AntiVirus edition. The AntiVirus edition uses a radically
new cloud-based approach to online security that protects you against the latest threats, scanning
your entire PC in about two minutes. It also updates itself so your protection is always current.
Plus, with Webroot’s first-of-its-kind security portal, you can manage the protection settings for all
your PCs.
To get started with Webroot SecureAnywhere, see the following topics:
 Installing the software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . page 2
 Using the main interface . . . . . . . . . . . . . . . . . . . . . . . . . . . page 5
 Using the system tray menu . . . . . . . . . . . . . . . . . . . . . . . . page 6
 Viewing the protection status . . . . . . . . . . . . . . . . . . . . . . . page 7
 Creating a Webroot account . . . . . . . . . . . . . . . . . . . . . . . . page 8
 Viewing the PC security status online . . . . . . . . . . . . . . . . page 11
1: Getting Started
1
Installing the software
SecureAnywhere can be installed on a Windows® 8, Windows 7, Vista®, or XP computer with an
Internet connection. If you purchased a multi-user license, you can use the same keycode to install
the software on up to three computers or five computers.
To install the program:
1
Before you begin:
•
Read the license agreement.
•
Make sure your system meets these minimum requirements:
Minimum system requirements
Windows operating Webroot SecureAnywhere can be installed on a computer with one of
system:
the following operating systems:
• Windows XP 32-bit and 64-bit SP2, SP3
• Windows Vista 32-bit (all Editions), Windows Vista SP1, SP2 32bit and 64-bit (all Editions)
• Windows 7 32-bit and 64-bit (all Editions), Windows 7 SP1 32-bit
and 64-bit (all Editions)
• Windows 8 32-bit and 64-bit (all Editions)
2
2
RAM:
128 MB (minimum);
2 GB recommended
Hard disk space:
10 MB
Internet/Browser:
Internet access is required.
Browser:
• Internet Explorer 7.0 and higher (32-bit only)
• Mozilla Firefox 3.6 and higher (32-bit only)
Note: The Identity shield also supports Google Chrome 11 and higher,
and Opera 9 and higher (32-bit only).
•
Make sure your computer is connected to the Internet.
•
Close all programs that may be open on your computer.
•
Make sure you have the keycode. Your keycode comes in an email message or is
listed on the instructions inside the retail box. The keycode is associated only with the
Webroot SecureAnywhere software and does not include any information related to
your computer or its configuration. Webroot does not use the keycode in any way to
track individual use of its products.
Start the installation routine either from a CD or from a downloaded file:
•
If you are installing from a CD, insert the CD into the CD drive. An installation dialog
opens where you can click a link to begin. If the installation dialog does not open, use
Windows Explorer to navigate to your CD drive and double-click the software’s
installation file.
•
If you are installing from a downloaded file, navigate to where you downloaded the
file in Windows Explorer and double-click the file to start the installation. Click Run
to begin.
1: Getting Started
The Webroot Installer dialog opens.
3
Enter your keycode in the field. (If your keycode came in an email, you can cut and paste
the code into this field.)
4
If desired, you can click Change installation options at the bottom of the dialog to
modify these settings:
•
Create a shortcut to Webroot on the desktop. This option places a shortcut icon on
your Windows Desktop for Webroot SecureAnywhere.
•
Randomize the installed filename to bypass certain infections. This option changes
the Webroot installation filename to a random name (for example, “QrXC251G.exe”),
which prevents malware from detecting and blocking Webroot’s installation file.
•
Protect the Webroot files, processes, and memory from modification. This option
enables self protection and the CAPTCHA prompts. (CAPTCHA requires you to read
distorted text on the screen and enter the text in a field before performing any critical
actions.) For more information, see “Setting self protection” on page 64 and “Setting
access control” on page 65.
Click Close when you’re done.
5
In the main installation dialog, click Agree and Install.
1: Getting Started
3
6
If you are prompted to enter an email address, enter your address and click Continue.
Webroot SecureAnywhere launches a scan.
When the scan completes, the main interface of Webroot SecureAnywhere opens (see
“Using the main interface” on page 5).
If Webroot SecureAnywhere detects threats during the scan, it moves the items to
quarantine where they are rendered inoperable and can no longer harm your system or
steal data. For more information, see “About scans” on page 16 and “About quarantine”
on page 36.
After the initial scan, Webroot SecureAnywhere automatically scans your computer daily
and constantly monitors activity as you surf the Internet. You do not need to launch a scan
yourself or schedule scans. Webroot SecureAnywhere does all the work for you in the
background.
To verify that SecureAnywhere is running, look for the Webroot icon in the system tray.
If an important message requires your attention, the icon turns yellow or red, and a dialog
opens with further details.
7
4
If you purchased a multi-user license, follow the previous steps to install SecureAnywhere
on other PCs.
1: Getting Started
Using the main interface
The main interface provides access to all Webroot SecureAnywhere functions and settings. To
open the main interface, right-click on the Webroot icon
from the system tray menu, then click
View Status. If you cannot locate the system tray icon, open the Windows Start menu, click All
Programs (or Programs), Webroot SecureAnywhere, then Webroot SecureAnywhere again.
When you open the main interface, it displays the Overview panel.
On the left side of the panel, the main interface includes the following navigation buttons and
links:
Navigation buttons and links
Overview
View your system status and manually scan your computer.
PC Security
Run custom scans, change shield settings, and manage the quarantine.
System Tools
Use tools to manage processes and files, view reports, and submit a file
to Webroot Support.
My Account
View your SecureAnywhere account information, check for updates,
and renew or upgrade your subscription.
Settings
Set advanced configuration options, proxy server settings, scan and
shield settings, heuristics, and access control.
Help and Support
Connect to Webroot SecureAnywhere support options, Help files,
FAQs, and user guides.
1: Getting Started
5
Using the system tray menu
The system tray menu provides access to system status and some common Webroot
SecureAnywhere functions. To open the system tray menu, right-click on the Webroot icon
which is usually located in the bottom right of your computer desktop.
,
Note: If the icon does not appear in the system tray, open the main interface, go to
Settings, Basic Configuration, and click in the box for Show a system tray icon.
The system tray menu provides the following selections:
System Tray Menu
6
View Status
Opens the main interface and displays your computer’s security status.
(This selection is only available when the main interface is closed.)
Scan Now
Scans your computer for spyware, viruses, and other types of malware.
Check for updates
Checks for the latest software version and downloads it. Typically, you do
not need to check for updates. Your device checks into the cloud at regular
intervals and automatically updates the software. Only use this option if
you want to force changes immediately.
Save a Scan Log
Saves a log of scanning activity that you can send to Webroot Support for
diagnostics.
Shut down Webroot
Closes the main interface and stops all protection operations. Be aware
that if you shut down Webroot SecureAnywhere, your computer is not
protected.
1: Getting Started
Viewing the protection status
To show your computer’s overall protection status, the system tray icon and the main interface
change colors, as follows:
•
Green. Your computer is secure.
•
Yellow. One or more messages require your attention.
•
Red. One or more critical items require your intervention.
To view details about the current status and settings, open the main interface by right-clicking on
the Webroot icon
from the system tray menu, then View Status.
If your system is secure, the main interface is green and displays a message that you are protected.
If an issue requires your attention, the main interface describes the problem.
SecureAnywhere also opens an alert in the system tray.
SecureAnywhere takes the appropriate action to quarantine the items. It may also prompt you to
take action yourself (see “Running an immediate scan” on page 17 and “Managing quarantined
items” on page 37).
1: Getting Started
7
Creating a Webroot account
By creating a Webroot account, you can view the security status of your device remotely. The
SecureAnywhere website shows if your device is secure, or if it’s infected with a virus, spyware,
or other online threat.
Note: If you have a multi-licensed version, you can view the status of all devices in your
account and set access levels for additional users associated with the account. For more
information about administrator functions, see the SecureAnywhere Website User Guide.
To create an account:
1
Open your browser and go to my.webrootanywhere.com.
2
Click Sign up now in the Create an account panel of the SecureAnywhere website.
3
Complete the registration information and click Register Now. (For more information, see
the SecureAnywhere Website User Guide.)
Webroot SecureAnywhere sends a confirmation message to the email address you
specified.
4
Open your email application. Click the link in the confirmation email message to open the
Confirm Registration page.
Note: Until you click the link in the confirmation email and validate your account, you
won’t be able to log in to the Webroot SecureAnywhere website.
5
SecureAnywhere requests two randomly selected characters of the security code you
specified when you created the account. Type the requested characters and click Confirm
Registration Now.
The SecureAnywhere website opens.
8
1: Getting Started
6
Click on Go to PC Security to access status information for your computer. For more
information, see “Viewing the PC security status online” on page 11.
Note: When you install SecureAnywhere on additional PCs using the same multi-license
keycode, their status information automatically displays in this website. For example, if
you installed SecureAnywhere on five computers, the PC Security panel displays “5 PCs
Protected.” If you installed SecureAnywhere on an additional PC using a different
keycode, you need to manually add its keycode to the website, as described in “Adding
PCs to your account” on page 9.
Adding PCs to your account
If you have a multi-licensed SecureAnywhere edition, you can install the software on additional
PCs using the same keycode. After installation is complete, the PCs automatically report their
status to the SecureAnywhere website and appear in the PC Security panel.
If you purchased another SecureAnywhere product with a new keycode, you must add that
keycode to your account before you can view it on the SecureAnywhere website. Follow the
instructions below to add a PC with a different keycode.
To add a managed PC to your account:
1
Look for the arrow next to your login ID in the upper right of the panel. Click on the arrow
to open the drop-down menu.
1: Getting Started
9
2
Click Manage Keycodes from the drop-down menu.
3
Click Add Product Keycode.
4
In the displayed field, enter your keycode and click Add.
The new device will appear in the website the next time SecureAnywhere reports its
status. You can force a status update by running a scan on the PC (see “Running an
immediate scan” on page 17).
Adding mobile devices to your account
Webroot security apps are available for Android and Apple devices at Webroot Mobile & Tablet
Security. For Android smartphones and tablets, you can view status information in the
SecureAnywhere website. Simply install Webroot’s Android app using your Webroot account
login credentials and the product keycode. The information for the mobile device then appears in
the Mobile Security panel.
If for some reason the device information does not appear, you can manually add the app’s
keycode in the Manage Keycodes panel. To do this, follow the previous instructions for “Adding
PCs to your account.”
Note: The SecureAnywhere website will soon support the Webroot apps for Apple (iOS)
devices.
10
1: Getting Started
Viewing the PC security status online
The SecureAnywhere website contains your license and status information. If you have not yet
created an account, see “Creating a Webroot account” on page 8.
To view PC status online:
1
Log in at my.webrootanywhere.com.
2
Click Go to PC Security.
The PC Security page opens and shows each computer managed in your account.
3
Click on the desired PC.
1: Getting Started
11
A dialog opens that provides license information and status of previous scans on this
device. If SecureAnywhere has not detected any threats, the About panel displays
“Protected” in green, as shown in the following example.
Note: For easier viewing, you can change the display name for your PC. To do this, click
the Edit link at the top of the dialog. Enter a new name and click the checkmark
.
If SecureAnywhere detected a threat during a recent scan, this panel displays “Infected” in
red, as shown in the following example. Click on the Scan Information tab to view the
scan results. In the Result column on the far right, you can click the View Bads link for
more information about the threat. To remove the threat, open SecureAnywhere from your
PC and run a scan (see “Running an immediate scan” on page 17). Check quarantine to
make sure the threat has been removed (see “Managing quarantined items” on page 37).
Note: If you want to remove an old computer from the PC Security panel (one that no
longer includes the SecureAnywhere software), click the Advanced Options tab, then the
Deactivate Computer button.
4
12
If you are an advanced user, you may want to adjust the security settings for each PC
managed in your account. To do this, click the drop-down arrow in the Security Setting
field, select a new setting from the drop-down menu, and click the checkmark .
1: Getting Started
Note: “Medium” is the recommended setting for normal use. You should only change the
setting to “High” or “Maximum” if you suspect that your computer is infected.
By default, Webroot SecureAnywhere uses the settings that you configured in the desktop
application (“User Configuration”). To learn more about the settings, click the blue
question mark
button next to the field. A panel opens that describes the type of
protection available. To learn more about heuristics, see “Setting heuristics” on page 68.
1: Getting Started
13
14
1: Getting Started
2: Scans
When Webroot SecureAnywhere scans your computer, it searches for spyware, viruses, and any
other threats that may infect your computer or compromise your privacy. If it detects a known
threat, it moves the item to quarantine, where it is rendered inoperable and can no longer run on
your computer.
Scans run daily without disrupting your work. If you want to change the automatic scanning
behavior, see the following topics:
 About scans . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . page 16
 Running an immediate scan . . . . . . . . . . . . . . . . . . . . . . . page 17
 Running a custom scan . . . . . . . . . . . . . . . . . . . . . . . . . . . page 19
 Changing the scan schedule . . . . . . . . . . . . . . . . . . . . . . . page 21
 Changing scan settings . . . . . . . . . . . . . . . . . . . . . . . . . . . page 23
2: Scans
15
About scans
During a scan, Webroot SecureAnywhere searches all areas of your computer where potential
threats can hide, including drives, files, the Windows registry, and system memory. To detect
threats, it looks for any items that match our threat definitions, items listed in our online
community database, or items that exhibit suspicious behavior.
You can check the scan statistics by clicking PC Security. The Scan tab shows the most recent
scan results, total scans, threats removed, and active threats detected.
Scans run automatically every day, at about the same time you installed the software. For example,
if you installed the software at 8 p.m., Webroot SecureAnywhere always launches a scan around
8 p.m. It will not disrupt your work, nor will it launch while you are gaming or watching a movie.
If any threats are removed during scans, Webroot SecureAnywhere will launch a follow-up scan.
You can also view scan results online, as shown in the website example below (see “Viewing the
PC security status online” on page 11).
16
2: Scans
Running an immediate scan
Although scans run automatically, you can launch a scan at any time. An immediate scan might be
necessary if you surfed a high-risk website (networking, music, or adult entertainment),
downloaded high-risk items (screen savers, music, or games), or accidentally clicked on a
suspicious pop-up advertisement.
You can scan for threats by doing either of the following:
2: Scans
•
If the main interface is closed, right-click the System Tray icon
and select Scan Now.
This runs a Deep scan, which looks for all types of malware in every area.
•
If the main interface is open, click Scan My Computer from the Overview panel. This
runs a Deep scan, which looks for all types of malware in every area.
•
To target an area for scanning, open Windows Explorer and right-click on the file, folder,
or drive. From the pop-up menu, select Scan with Webroot.
17
You can also run a quick memory scan or a customized scan. For instructions, see “Running a
custom scan” on page 19.
If Webroot SecureAnywhere locates a threat, it displays information about what it found. To
remove a threat, make sure its checkbox is selected and click Next to continue.
Threats are moved to quarantine, where they are rendered inoperable. You do not need to delete
them or do anything else. If you want to view quarantined items, click PC Security, the
Quarantine tab, then the View Quarantine button. For more information, see “Managing
quarantined items” on page 37.
When a threat is removed, Webroot SecureAnywhere launches a follow-up scan to make sure your
system is clean.
18
2: Scans
Running a custom scan
Webroot SecureAnywhere allows you to select several types of scans:
•
Quick. A surface scan of files loaded in memory. This scan runs quickly, but may miss
some types of inactive malware that launch after a system reboot. Note: If the Quick scan
misses an infection, the main interface remains red until you run a Full or Deep scan.
•
Full. A scan of all hard drives. This type of scan is helpful if you frequently switch
between system partitions or you have several programs that have never been scanned
before.
•
Deep. An analytical scan that searches for all types of threats, including rootkits and
inactive malware. This is the default scan that runs from the main panel or system tray.
•
Custom. A customized scan of files and folders (see the instructions below).
To run a custom scan:
2: Scans
1
Open the main interface (see “Using the main interface” on page 5).
2
Click PC Security.
3
From the Scan tab, click Custom scan.
19
20
4
In the Customized Scan dialog, select the radio button for the type of scan you want to
perform. If you want to select specific files or drives, choose Custom. Then you can either
drag/drop files into this dialog or click the Add File/Folder button to select the directories
and files you want.
5
Click the Scan button to launch the scan.
2: Scans
Changing the scan schedule
Webroot SecureAnywhere launches scans automatically every day, at about the same time you
installed the software. If desired, you can change the scan schedule to run at different times.
To change the scan schedule:
1
Open the main interface (see “Using the main interface” on page 5).
2
At the bottom left, click Settings.
3
In the Settings dialog, click Scan Schedule.
4
Make sure the Enable Scheduled Scans checkbox is selected.
5
In the Scan Frequency field, select one of the following options: every day, a day of the
week, or when you boot up (turn on your computer).
6
In the Time field, select an approximate time for the scan to launch.
Note: The scan will launch when computer resources are available, generally within an
hour of the time you select.
7
2: Scans
If you want to change one of the schedule settings, select its checkbox to disable it
(uncheck the box) or activate it (check the box). When you’re done, click Save All.
21
The settings are described in the table below.
Scan schedule options
Scan on bootup if the computer Launches a scheduled scan within an hour after you turn on your
is off at the scheduled time
computer. If this option is disabled, Webroot SecureAnywhere
ignores missed scans.
Hide the scan progress window Runs scans silently in the background. If this option is disabled,
during scheduled scans
a window opens and shows the scan progress.
Only notify me if an infection
is found during a scheduled
scan
Opens an alert only if it finds a threat. If this option is disabled, a
small status window opens when the scan completes, whether a
threat was found or not.
Do not perform scheduled
scans when on battery power
Helps conserve battery power. If you want Webroot
SecureAnywhere to launch scheduled scans when you are on
battery power, deselect this option.
Do not perform scheduled
scans when a full screen
application or game is open
Ignores scheduled scans when you are viewing a full-screen
application (such as a movie) or a game. Deselect this option if
you want scheduled scans to run anyway.
Randomize the time of
Determines the best time for scanning (based on available
scheduled scans up to one hour system resources) and runs the scan within an hour of the
for distributed scanning
scheduled time. If you want to force the scan to run at the exact
time scheduled, deselect this option.
Perform a scheduled Quick
Scan instead of a Deep Scan
22
Runs a quick scan of memory. We recommend that you keep this
option deselected, so that deep scans run for all types of
malware in all locations.
2: Scans
Changing scan settings
Scan settings provide advanced users with a little more control over scanning performance.
To change the scan settings:
1
Open the main interface (see “Using the main interface” on page 5).
2
At the bottom left, click Settings.
3
In the Settings dialog, click Scan Settings.
4
If you want to change a setting, select its checkbox to disable it (uncheck the box) or
activate it (check the box). When you’re done, click Save All.
The settings are described in the table below.
Scan settings
2: Scans
Enable Realtime Master Boot
Record (MBR) Scanning
Protects your computer against master boot record (MBR)
infections. An MBR infection can modify core areas of the
system so that they load before the operating system and can
infect the computer. We recommend that you keep this option
selected. It adds only a small amount of time to the scan.
Enable Enhanced Rootkit
Detection
Checks for rootkits and other malicious software hidden on your
disk or in protected areas. Spyware developers often use rootkits
to avoid detection and removal. We recommend that you keep
this option selected. It adds only a small amount of time to the
scan.
23
Scan settings (continued)
Enable “right-click” scanning
in Windows Explorer
Enables an option for scanning the currently selected file or
folder in the Windows Explorer right-click menu.
This option is helpful if you
downloaded a file and want to
quickly scan it.
Update the currently scanned
folder immediately as scanned
Displays a full list of files as Webroot SecureAnywhere scans
each one. If you want to increase scan performance slightly,
deselect this option so that file names only update once per
second on the panel. Webroot SecureAnywhere will still scan all
files, just not take the time to show each one on the screen.
Favor low memory usage over
fast scanning
Reduces RAM usage in the background by using less memory
during scans, but scans will also run a bit slower. Deselect this
option to run faster scans and use more memory.
Favor low CPU usage over fast Reduces CPU usage during scans, but scans will also run a bit
scanning
slower. Deselect this option to run faster scans.
Save non-executable file details Saves all file data to the scan log, resulting in a much larger log
to scan logs
file. Keep this option deselected to save only executable file
details to the log.
24
Show the “Authenticating
Files” pop-up when a new file
is scanned on-execution
Opens a small dialog whenever you run a program for the first
time. Keep this option deselected if you do not want to see this
dialog.
Scan archived files
Scans compressed files in zip, rar, cab, and 7-zip archives.
2: Scans
3: Shields
Shields monitor functions related to web browsing and system activity. If a suspicious item tries
downloading or running on your computer, the shields automatically block and quarantine the
item. For some types of shields, an alert asks if you want to continue the download or block it.
Note: If an alert opens and you aren’t certain whether to allow or block the detected item,
your safest action is to block it. The file name is displayed in the alert box. Write down the
file name and do an Internet search on that file or contact Webroot support at
https://www.webrootanywhere.com/support.
If you want to change the shielding actions, see the following topics:
 About shields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . page 26
 Changing Realtime shield settings . . . . . . . . . . . . . . . . . . page 27
 Changing Behavior shield settings . . . . . . . . . . . . . . . . . . page 29
 Changing Core System shield settings . . . . . . . . . . . . . . . page 31
 Changing Web Threat shield settings . . . . . . . . . . . . . . . . page 33
3: Shields
25
About shields
Shields constantly monitor activity while you surf the Internet and while you work on your
computer. The shields protect your computer from malware and viruses, as well as settings for
your browser and the Windows system. Webroot has preconfigured the shields for you, based on
our recommended settings. You do not need to configure any settings yourself.
To view the shield status, click PC Security and the Shields tab. Each shield setting is displayed in
this panel. A green button next to the shield name indicates the shield is on. We recommend that
you keep all shields enabled; however, you can disable a shield by clicking the green button.
Click to turn on and off
Shields run in the background without disrupting your work. If a shield detects an item that it
classifies as a potential threat or does not recognize, it opens an alert. The alert asks if you want to
allow the item to run or you want to block it.
If you recognize the file name and you are purposely downloading it (for example, you were in the
process of downloading a new toolbar for your browser), click Allow to continue. If you were not
trying to download anything, you should click Block. As you surf Internet sites, you could be
targeted for a drive-by download, where an unwanted program launches and silently installs on
your computer as you view pages.
26
3: Shields
Changing Realtime shield settings
The Realtime shield blocks known threats that are listed in Webroot’s threat definitions and
community database. If the shield detects a suspicious file, it opens an alert and prompts you to
block or allow the item. If it detects a known threat, it immediately blocks and quarantines the item
before it causes damage to your computer or steals your information.
To change shield settings:
1
Open the main interface (see “Using the main interface” on page 5).
2
At the bottom left, click Settings.
3
From the Settings dialog, click Realtime Shield.
4
If you want to change a setting, select its checkbox to disable it (uncheck the box) or
activate it (check the box). When you’re done, click the Save All button.
Note: We recommend that you keep Webroot’s default settings. If you make changes and
decide you want to return to the recommended settings, click the Reset to Defaults button.
3: Shields
27
The settings are described in the table below.
Realtime shield settings
Enable Predictive Offline
Protection from the central
Webroot database
Downloads a small threat definition file to your computer,
which protects your computer even when it’s offline. We
recommend that you keep this option selected.
Remember actions on blocked
files
Remembers how you responded in an alert (allowed a file or
blocked it) and won’t prompt you again when it encounters the
same file. If this option is deselected, Webroot SecureAnywhere
opens an alert every time it encounters the file in the future. (If
you blocked a file and want it restored, you can retrieve it from
quarantine.)
Automatically quarantine
previously blocked files
Opens an alert when it encounters a threat and gives you the
option of blocking it and sending it to quarantine. If this option
is deselected, you must run a scan manually to remove a threat.
Automatically block files when Automatically blocks threats and sends them to quarantine. If
detected on execution
this option is deselected, you must respond to alerts about
detected threats.
28
Scan files when written or
modified
Scans any new or modified files that you save to disk. If this
option is deselected, it ignores new file installations (however, it
will still alert you if a threat tries to launch).
Block threats automatically if
no user is logged in
Stops threats from executing even when you are logged off.
Threats are sent to quarantine without notification.
3: Shields
Changing Behavior shield settings
The Behavior shield analyzes the applications and processes running on your computer. If it
detects a suspicious file, it opens an alert and prompts you to block or allow the item. If it detects a
known threat, it immediately blocks and quarantines the item before it causes damage to your
computer or steals your information.
To change shield settings:
1
Open the main interface (see “Using the main interface” on page 5).
2
At the bottom left, click Settings.
3
From the Settings dialog, click Behavior Shield.
4
If you want to change a setting, select its checkbox to disable it (uncheck the box) or
activate it (check the box). When you’re done, click the Save All button.
Note: We recommend that you keep Webroot’s default settings. If you make changes and
decide you want to return to the recommended settings, click the Reset to Defaults button.
3: Shields
29
The settings are described in the table below.
Behavior shield settings
Assess the intent of new
Watches the program’s activity before allowing it to execute. If
programs before allowing them it appears okay, Webroot SecureAnywhere allows it to launch
to execute
and continues to monitor its activity.
Enable advanced behavior
interpretation to identify
complex threats
Employs a thorough analysis of a program to examine its intent.
(For example, a malware program might perform suspicious
activities like modifying a registry entry, then sending an email.)
Track the behavior of untrusted Watches programs that have not yet been classified as legitimate
programs for advanced threat
or as malware.
removal
Automatically perform the
Does not prompt you to allow or block a potential threat.
recommended action instead of Webroot SecureAnywhere will determine how to manage the
showing warning messages
item.
Warn if untrusted programs
attempt low-level system
modifications when offline
30
Opens an alert if an unclassified program attempts to make
changes to your system when you are offline. (Webroot
SecureAnywhere cannot check its online threat database if you
are disconnected from the Internet.)
3: Shields
Changing Core System shield settings
The Core System shield monitors the computer system structures and makes sure malware has not
tampered with them. If it detects a suspicious file trying to make changes, it opens an alert and
prompts you to block or allow the item. If it detects a known threat, it immediately blocks and
quarantines the item before it causes damage to your computer or steals your information.
To change shield settings:
1
Open the main interface (see “Using the main interface” on page 5).
2
At the bottom left, click Settings.
3
From the Settings dialog, click Core System Shield.
4
If you want to change a setting, select its checkbox to disable it (uncheck the box) or
activate it (check the box). When you’re done, click the Save All button.
Note: We recommend that you keep Webroot’s default settings. If you make changes and
decide you want to return to the recommended settings, click the Reset to Defaults button.
3: Shields
31
The settings are described in the table below.
Core System shield settings
Assess system modifications
before they are allowed to take
place
Intercepts any activity that attempts to make system changes,
such as a new service installation.
Detect and repair broken
system components
Locates corrupted components, such as a broken Layered
Service Provider (LSP) chain or a virus-infected file, then
restores the component or file to its original state.
Prevent untrusted programs
Stops unclassified programs from changing the kernel memory.
from modifying kernel memory The kernel is the central component of most computer operating
systems. It acts as a bridge between applications and data
processing done at the hardware level.
32
Prevent untrusted programs
from modifying system
processes
Stops unclassified programs from changing the system
processes.
Verify the integrity of the LSP
chain and other system
structures
Monitors the Layered Service Provider (LSP) chain and other
system structures to make sure malware does not corrupt them.
Prevent any program from
modifying the HOSTS file
Stops spyware from attempting to add or change the IP address
for a website in the hosts file. It opens an alert where you can
block or allow the changes. The hosts file is a Windows file that
helps direct your computer to a website using Internet Protocol
(IP) addresses.
3: Shields
Changing Web Threat shield settings
The Web Threat shield protects your system as you surf the Internet. If it detects a website that
may be a threat, it opens an alert that allows you to decide whether you want to block the site or
continue despite the warning. When you use a search engine, this shield analyzes all the links on
the search results page and then displays an image next to each link that signifies whether it’s a
trusted site (green checkmark) or a potential risk (red X).
To change shield settings:
1
Open the main interface (see “Using the main interface” on page 5).
2
At the bottom left, click Settings.
3
In the Settings dialog, click Web Threat Shield.
4
If you want to change a setting, select its checkbox to disable it (uncheck the box) or
activate it (check the box).
Note: We recommend that you keep Webroot’s default settings. If you make changes and
decide you want to return to the recommended settings, click the Reset to Defaults button.
3: Shields
33
The settings are described in the following table.
Web Threat shield settings
Analyze search engine results When you use a search engine, Webroot SecureAnywhere
and identify malicious websites analyzes all links displayed on the search results page by
before visitation
running the URLs through its malware-identification engine. It
then displays an image next to each link that signifies its risk
level.
For example, if a site is known for spreading malware
infections, it displays a “Known Threat” image next to the link.
34
Enable deep content analysis
Analyzes all data traffic on your computer as you visit websites.
If threats try to install, it blocks their activity.
Look for malware on websites
before visitation
When you enter the URL for a website in your browser’s
address bar or click on a link to a site, Webroot SecureAnywhere
runs the URL through its malware-identification engine. If the
site is associated with malware, it blocks it from loading in your
browser.
Look for exploits in website
content before visitation
Looks for cross-site scripting attacks that may try to redirect you
to a different website.
5
If you want to create a list of websites to always block or always allow, click View
Websites. In the dialog, enter a website name in the field (in the form of
www.sitename.com) and click Add Website. In the table, select whether you want to
allow this website (click the Allow radio button) or you want to block it (click the Block
radio button). When you’re done, click Close.
6
When you’re done with Web Threat settings, click the Save All button.
3: Shields
4: Quarantine
The Webroot quarantine is a holding area for potential threats found during scan and shielding
activities. Items in quarantine are rendered inoperable and cannot harm your computer. You do not
need to delete them, unless you want to conserve disk space. You can also restore items from
quarantine, if necessary.
To manage file detection and perform some advanced quarantining functions, see the following
topics:
 About quarantine . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . page 36
 Managing quarantined items . . . . . . . . . . . . . . . . . . . . . . . page 37
 Managing file detection . . . . . . . . . . . . . . . . . . . . . . . . . . . page 39
 Using antimalware tools . . . . . . . . . . . . . . . . . . . . . . . . . . page 41
 Saving a threat log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . page 43
4: Quarantine
35
About quarantine
As Webroot SecureAnywhere scans and shields your computer, it removes all items associated
with threats from their current locations. It then disables their operation and moves them to a
holding area, called quarantine. While in quarantine, threats can no longer harm your computer or
steal your information.
Your safest action is to keep items in quarantine until you have a chance to test your computer and
determine if all programs still work properly after the scan. If you discover that some legitimate
programs cannot function after an item was moved to quarantine, you can restore the item to its
original location.
To view and manage quarantined items, click PC Security and the Quarantine tab.
36
4: Quarantine
Managing quarantined items
Once items are moved to quarantine, they are disabled and cannot harm your computer. However,
you may want to delete or restore quarantined items in the following circumstances:
•
If you want to conserve disk space, you can delete the items permanently.
•
If you discover that a program is not working correctly without the quarantined item, you
can restore it. In rare cases, a piece of spyware is an integral part of a legitimate program
and is required to run that program.
To view and manage items in quarantine:
1
Open the main interface (see “Using the main interface” on page 5).
2
Click PC Security, then click the Quarantine tab.
3
Click the View Quarantine button.
The Quarantine panel shows the name of the item, its original location, and the date and
time it was quarantined.
4: Quarantine
37
4
38
If you want to delete or restore the item, click in its checkbox to select it. Then do either of
the following:
•
If you want to remove the item permanently, click Erase. Be aware that after erasing
it, you can never restore the item.
•
If you want to move the item back to its original location, click Restore. When an
item is restored, Webroot SecureAnywhere will no longer detect it during scans. If
you want the item to be detected again in the future, you can change its detection rules
(see “Managing file detection” on page 39).
4: Quarantine
Managing file detection
If you want more control over scans and shielding when Webroot SecureAnywhere encounters a
specific executable file, you can use Detection Configuration to specify one of the following
actions:
•
Allow. Ignore the file during scans and shielding.
•
Block. Stop a file from executing or being written to your computer.
•
Monitor. Watch the program to determine if it is legitimate or related to malware.
Detection configuration acts as an override to Webroot SecureAnywhere’s default scanning and
shielding behavior.
To use Detection Configuration:
1
Open the main interface (see “Using the main interface” on page 5).
2
Click PC Security, then click the Quarantine tab.
3
Under Detection Configuration, click the Configure button.
4: Quarantine
39
The Detection Configuration panel opens.
4
You can add executable files to this list. (Executable files typically have an extension of
exe, dll, sys, drv, or com.) To add files, click the Add File button. You can also drag and
drop a file from Explorer.
The file name appears in the Threat column. (If Webroot SecureAnywhere detected other
copies of this file with different file names, it only shows the file name that it last
detected.)
5
In the right column, select the radio button for either Allow, Block, or Monitor.
If you want to clear the list, click the Remove all button.
40
4: Quarantine
Using antimalware tools
Webroot SecureAnywhere provides tools for manually removing threats and for performing
actions associated with threat removal. You should only use these tools if you are an advanced user
or if Webroot Support is assisting you. These tools allow you to:
•
Target a file for scanning and removal, while also removing its associate registry links (if
any).
•
Launch a removal script with the assistance of Webroot Support.
•
Reboot after removing a threat yourself or using a removal script.
•
Reset your wallpaper, screensavers, and system policies.
To access and use these tools:
1
Open the main interface (see “Using the main interface” on page 5).
2
Click PC Security, then click the Quarantine tab.
3
Under Antimalware Tools, click the View Tools button.
4: Quarantine
41
The Antimalware Tools panel opens.
See the table below for descriptions and instructions.
Antimalware tools
42
Reset desktop wallpaper
If your computer was recently infected with malware that
changed your wallpaper, click the checkbox and click Run
Tools.
Reset screensaver
If your computer was recently infected with malware that
changed your screensaver, click the checkbox and click Run
Tools.
Reset system policies
If your computer was recently infected with malware that
changed your system policies, click the checkbox and click Run
Tools.
Reboot in Safe Mode
If Webroot Support instructs you to reboot your computer in
Safe Mode, click the checkbox and click Run Tools.
Perform an immediate system
reboot
To reboot your system after threat removal, click the checkbox
and click Run Tools.
Manual Threat Removal
To scan a specific file for threats, click Select a file. In the
Windows Explorer dialog, select a file and click Save. Webroot
SecureAnywhere launches a scan. When it’s complete, reboot
your system.
Removal Script
After Webroot Support sends you a removal script, save it to
your computer. Click Select Script... to launch the tool.
4: Quarantine
Saving a threat log
If you want to investigate an infection with Webroot Support, you can save a threat log and send it
to Webroot. The threat log shows details about threats removed from your computer.
To save a threat log:
1
Open the main interface (see “Using the main interface” on page 5).
2
Click PC Security, then click the Quarantine tab.
3
Under View Quarantine, click the Save Threat Log button.
4
In the dialog, select a folder location for the log and click Save.
4: Quarantine
43
44
4: Quarantine
5: System Control
System Control functions include tools for adjusting the threat-detection settings on computer
processes and for isolating the actions of a malware program in a “sandbox” to observe its
behavior.
See the following topics:
 Controlling active processes . . . . . . . . . . . . . . . . . . . . . . . page 46
 Using SafeStart Sandbox . . . . . . . . . . . . . . . . . . . . . . . . . . page 47
5: System Control
45
Controlling active processes
The Active Processes feature allows you to adjust the threat-detection settings for all programs and
processes running on your computer. It also includes a function for terminating any untrusted
processes, which might be necessary if a regular scan did not remove all traces of a malware
program.
To adjust settings for active processes:
1
Open the main interface (see “Using the main interface” on page 5).
2
Click System Tools.
3
In the System Control tab, click the Start button under Control Active Processes.
The Active Processes (Advanced) dialog opens.
4
For each process, you can select the radio button for:
•
Trust: The process is allowed to run on your system.
•
Monitor: Webroot SecureAnywhere will watch the process and open an alert on
suspicious activity.
•
Block: The process is blocked from running on your system. Do NOT block a process
unless you are absolutely certain it is non-essential.
If you want to terminate all untrusted processes, click Kill Untrusted Processes.
46
5: System Control
Using SafeStart Sandbox
If you are an advanced user and want to test a program you believe is malware, you can first
execute the program in a protected area called the SafeStart Sandbox. This sandbox allows you to
isolate the actions of the malware program and observe its behavior.
Note: The SafeStart Sandbox is intended for testing malware, not legitimate programs.
To execute a file in the SafeStart Sandbox:
1
Open the main interface (see “Using the main interface” on page 5).
2
Click System Tools.
3
In the System Control tab, click the Start button under SafeStart Sandbox.
The SafeStart (Advanced) dialog opens.
4
You can select the file either by clicking the Browse button or by entering the filename
and location in the Command-line field.
5
If you want to use some advanced features for controlling how the program is allowed to
execute, select a checkbox to disable a function (uncheck the box) or activate it (check the
box). When you’re done, click the Start button.
5: System Control
47
48
5: System Control
6: Reports
Webroot SecureAnywhere includes reports for scan activity, real-time protection statistics, and
process executions. If you discover a particular file that is causing problems on your system, you
can submit a file to Webroot for analysis.
See the following topics:
 Saving a scan log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . page 50
 Viewing the protection statistics . . . . . . . . . . . . . . . . . . . . page 51
 Viewing the execution history . . . . . . . . . . . . . . . . . . . . . . page 52
 Submitting a file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . page 53
6: Reports
49
Saving a scan log
If you want to investigate what Webroot SecureAnywhere scanned and what it found, you can save
a scan log. This log might be helpful if you are working with Webroot Support to determine the
cause of a problem.
To save a scan log:
50
1
Open the main interface (see “Using the main interface” on page 5).
2
Click System Tools, then click the Reports tab.
3
Under Scan Log, click the Save as button.
4
Enter a filename and click Save.
6: Reports
Viewing the protection statistics
Protection Statistics are mainly used by Webroot Support to view the background processes that
Webroot SecureAnywhere is monitoring.
To view the protection statistics:
1
Open the main interface (see “Using the main interface” on page 5).
2
Click System Tools, then click the Reports tab.
3
Under Protection Statistics, click the View button.
The Protection Statistics dialog opens.
4
6: Reports
Click on an event in the left column to view more detailed information.
51
Viewing the execution history
The Execution History is mainly used by Technical Support to see when and where a virus entered
the system.
To view the execution history:
1
Open the main interface (see “Using the main interface” on page 5).
2
Click System Tools, then click the Reports tab.
3
Under Execution History (Advanced), click the View button.
The Execution History (Advanced) dialog opens.
4
52
Click on a process to view more detailed information, then click the More Info button.
6: Reports
Submitting a file
If a file on your system is causing problems or if you know a file is safe and want it reclassified,
you can send the file to Webroot for analysis.
To submit a file:
6: Reports
1
From the main interface, click System Tools.
2
Click the Submit a File tab.
3
Select the file by clicking the Browse button.
4
Select any of the checkboxes that apply to this file.
5
Enter any additional information in the bottom field.
6
Click Send.
53
54
6: Reports
7: My Account
Your Webroot account includes information about your software licenses and other details. Your
account information is available from the My Account panel of the SecureAnywhere program or
from my.webrootanywhere.com, which is the online interface.
To view or manage account settings from the SecureAnywhere program, see the following topics:
 About My Account . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . page 56
 Activating a new keycode . . . . . . . . . . . . . . . . . . . . . . . . . page 57
 Upgrading or renewing the software . . . . . . . . . . . . . . . . . page 58
 Checking for software updates . . . . . . . . . . . . . . . . . . . . . page 59
7: My Account
55
About My Account
The My Account panel shows your keycode, program version number, and the time remaining on
your subscription. To view account details, open the main interface and click the My Account link
at the bottom left.
Your account information appears in the My Account panel.
56
7: My Account
Activating a new keycode
If you have a new keycode, you can activate it as follows:
1
Open the main interface (see “Using the main interface” on page 5).
2
Click My Account.
3
In the Account panel, click Activate a new keycode.
4
In the dialog, enter the keycode and click the Activate button.
7: My Account
57
Upgrading or renewing the software
From the My Account panel, you can renew your subscription or upgrade to another Webroot
SecureAnywhere version.
To upgrade or renew the software:
1
Open the main interface (see “Using the main interface” on page 5).
2
Click My Account.
3
In the Account panel, click Upgrade or renew.
The Webroot website opens. From here, you can purchase an upgrade to your software.
58
7: My Account
Checking for software updates
If you disabled automatic software updates from the Basic Configuration panel, you can manually
check for software updates yourself in the My Account panel.
To check for updates:
1
Open the main interface (see “Using the main interface” on page 5).
2
Click My Account.
3
In the Account panel, click Check for software updates.
If a newer version exists, Webroot downloads the updates to your system.
7: My Account
59
60
7: My Account
8: Settings
To manage program settings, see the following topics:
 Setting basic configuration . . . . . . . . . . . . . . . . . . . . . . . . page 62
 Setting self protection . . . . . . . . . . . . . . . . . . . . . . . . . . . . page 64
 Setting access control . . . . . . . . . . . . . . . . . . . . . . . . . . . . page 65
 Defining proxy settings . . . . . . . . . . . . . . . . . . . . . . . . . . . page 67
 Setting heuristics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . page 68
 Importing or exporting settings . . . . . . . . . . . . . . . . . . . . . page 71
8: Settings
61
Setting basic configuration
You can change the behavior of the program in the Basic Configuration settings.
To change Basic Configuration settings:
1
Open the main interface (see “Using the main interface” on page 5).
2
At the bottom left, click Settings.
The Settings dialog opens to Basic Configuration.
3
To change a setting, select its checkbox to disable it (uncheck the box) or activate it (check
the box). When you’re done, click Save All.
The settings are described in the table below.
Basic Configuration settings
Show a Webroot shortcut on
the desktop
Provides quick, double-click access to the main interface by
placing the shortcut icon on your desktop.
Show a system tray icon
Provides quick access to Webroot SecureAnywhere functions by
placing the Webroot icon on your desktop:
You can double-click the icon to open the main interface or
right-click to open a menu of common functions, like scanning.
Show a splash screen on bootup Opens the Webroot splash screen on system startup, which lets
you know that the program is running and protecting your
computer.
62
8: Settings
Basic Configuration settings (continued)
Show Webroot in the Start
Menu
Lists Webroot SecureAnywhere in the Windows Startup menu
items.
Show Webroot in Add/Remove Lists Webroot SecureAnywhere in the Windows Add/Remove
Programs
Programs panel.
Show Webroot in Windows
Security Center
Lists Webroot SecureAnywhere in the Windows Security
Center, under Virus Protection information.
Hide the Webroot license
keycode on-screen
Blocks your license keycode from displaying on the My
Account panel.
Automatically download and
apply updates
Downloads product updates automatically without alerting you.
Operate background functions
using fewer CPU resources
Saves CPU resources by running non-scan related functions in
the background.
Favor low disk usage over
verbose logging (fewer details
stored in logs)
Saves disk resources by saving only the last four log items.
Lower resource usage when
Suppresses Webroot SecureAnywhere functions while you are
intensive applications or games gaming, watching videos, or using other intensive applications.
are detected
Allow Webroot to be shut down Displays a Shutdown command in the system tray menu. If you
manually
deselect this option, the Shutdown command is removed from
the menu.
Force non-critical notifications Suppresses information-only messages from appearing in the
into the background
system tray.
Fade out warning messages
automatically
Closes warning dialogs in the system tray after a few seconds. If
you disable this option, you must manually click on a message
to close it.
Store Execution History details Stores data for the Execution History logs, available under
Reports.
8: Settings
63
Setting self protection
Self Protection prevents malicious software from modifying the Webroot SecureAnywhere
program settings and processes. If Webroot SecureAnywhere detects that another product is
attempting to interfere with its functions, it launches a protective scan to look for threats. It will
also update the internal self protection status to prevent incompatibilities with other software.
We recommend that you keep Self Protection at the Maximum setting. However, if you use other
security software along with Webroot SecureAnywhere, you should adjust Self Protection to the
Medium or Minimum setting. The Maximum setting may interfere with other security software.
To change Self Protection settings:
1
Open the main interface (see “Using the main interface” on page 5).
2
At the bottom left, click Settings.
3
In the Settings panel, click Self Protection.
4
Click a radio button for Minimum, Medium, or Maximum security.
Note: If you want to turn off self protection, uncheck the Enable self protection response
cloaking box.
5
64
Click Save All.
8: Settings
Setting access control
If multiple people use your computer, you can set some permissions that provide or deny access to
certain functions. These access controls also protect your computer from malware that tries to
change settings in the Webroot SecureAnywhere software.
To change Access Control settings:
1
Open the main interface (see “Using the main interface” on page 5).
2
At the bottom left, click Settings.
3
In the Settings panel, click Access Control.
4
If you want to change a setting, select its checkbox to disable it (uncheck the box) or
activate it (check the box). When you’re done, click Save All.
Settings are described in the table below.
Access Control settings
8: Settings
Enable Password Protection
Requires that users enter a password for any configuration
changes or critical actions.
Allow users to scan without a
password
Allows any user to scan the system, even if password protection
is enabled.
Allow users to remove threats
without a password
Allows any user to remove threats, even if password protection
is enabled.
65
Access Control settings (continued)
Require the completion of a
CAPTCHA when changing
critical features
Opens a CAPTCHA dialog that requires you to read distorted
text on the screen and enter the text in a field before performing
any critical actions. These actions include changing shields,
importing configuration settings, uninstalling the program, and
shutting down the agent.
Require the completion of a
CAPTCHA when changing
configuration
Opens a CAPTCHA dialog that requires you to read distorted
text on the screen and enter the text in a field before performing
any configuration changes.
Remember CAPTCHA
Allows you to complete configuration changes and critical
completion until the window is functions without re-entering a CAPTCHA test again. Webroot
closed
SecureAnywhere will remember your last CAPTCHA until you
close the main interface.
Allow non-administrative users Enables you to modify configuration options, whether you are
to modify configuration options logged in as an administrative user or not.
66
Allow uninstallation by nonadministrative users
Enables you to uninstall the program, whether you are logged in
as an administrative user or not.
Allow access to antimalware
tools by non-administrative
users
Enables you to access the Antimalware Tools (under
Quarantine), whether you are logged in as an administrative user
or not.
Allow access to advanced
features by non-administrative
users
Enables you to access the advanced features, whether you are
logged in as an administrative user or not. Advanced features
include all options in the Settings panels and the Antimalware
tools under Quarantine.
Enable enhanced customer
support
Provides configuration and debug data to Webroot Support
when you initiate a support request. This feature allows Support
to quickly diagnose and repair the issue.
8: Settings
Defining proxy settings
If you use a proxy server to connect to the Internet, you must define the proxy connection data;
otherwise, Webroot cannot send updates to your computer. (A proxy server is a computer system
or router that acts as a relay between your computer and another server.) For further information
about your proxy environment, contact your proxy server’s administrator.
To define proxy settings:
1
Open the main interface (see “Using the main interface” on page 5).
2
At the bottom left, click Settings.
3
From the Settings panel, click Proxy.
4
Enter the proxy settings as described below, then click the Save All button.
Proxy settings
8: Settings
Proxy Type
Select HTTP Proxy from the drop-down box.
Authentication Method
Select an authentication method from the drop-down box, either
Basic, Digest, Negotiate, or NTLM.
Host
Enter the fully qualified domain name of the server (for
example, proxy.company.com).
Port
Enter the port number the server uses.
Username
Enter the username for the server, if used.
Password
Enter the password for the server, if used.
67
Setting heuristics
With Heuristics settings, you can adjust the level of threat analysis that Webroot SecureAnywhere
performs when scanning your computer. Heuristics can be adjusted for separate areas of your
computer, including the local drive, USB drives, the Internet, the network, CD/DVDs, and when
your computer is offline. We recommend that you keep Heuristics at their default settings, unless
you are an advanced user and understand how changing settings will impact threat detection.
Note: If you want to adjust Heuristics settings for all the computers managed in your
SecureAnywhere account, go to the PC Security web page (see “Viewing the PC security
status online” on page 11).
Webroot SecureAnywhere includes three types of heuristics:
•
Advanced Heuristics. Analyzes new programs for suspicious actions that are typical of
malware.
•
Age Heuristics. Analyzes new programs based on the amount of time the program has
been in the community. Legitimate programs are generally used in a community for a long
time, but malware often has a short lifespan.
•
Popularity Heuristics. Analyzes new programs based on statistics for how often the
program is used in the community and how often it changes. Legitimate programs do not
change quickly, but malware often mutates at a rapid pace. Malware may install as a
unique copy on every computer, making it statistically “unpopular.”
To change Heuristics settings:
1
Open the main interface (see “Using the main interface” on page 5).
2
At the bottom left, click Settings.
In the Settings panel, click Heuristics.
68
8: Settings
3
Select the tab for the area you want to change heuristics settings: Local, USB, Internet,
Network, CD/DVD, or Offline.
4
Select the radio buttons and slide bars to adjust the settings, which are described in the
following tables. When you’re done, click the Save All button.
Radio buttons - additional heuristic options
Disable Heuristics
Turns off heuristic analysis. Not recommended.
Apply advanced heuristics
before Age/Popularity
heuristics
Warns against new programs as well as old programs that
exhibit suspicious behavior.
Apply advanced heuristics after Warns against suspicious programs detected with Advanced
Age/Popularity heuristics
Heuristics, based on Age/Popularity settings.
Warn when new programs
execute that are not trusted
Warns when malicious, suspicious, or unknown programs try to
execute. (This setting may result in false detections.)
Slider - Advanced Heuristics
Disabled
Turns off Advanced Heuristics for the area selected in the tab, leaving it
vulnerable to new threats. (However, it will still be protected against known
threats.)
Low
Detects programs with a high level of malicious activity. This setting ignores
some suspicious behavior and allows most programs to run.
Medium
Balances detection versus false alarms by using our tuned heuristics in the
centralized community database.
High
Protects against a wide range of new threats. Use this setting if you think your
system is infected or at very high risk. (This setting may result in false
detections.)
Maximum
Provides the highest level of protection against new threats. Use this setting if
you think that your system is infected or at very high risk. (This setting may
result in false detections.)
Slider - Age Heuristics
8: Settings
Disabled
Turns off Age Heuristics for the area selected in the tab, leaving it vulnerable
to new threats. (However, it will still be protected against known threats.)
Low
Detects programs that have been created or modified very recently.
Medium
Detects programs that are fairly new and not trusted, preventing zero-day or
zero-hour attacks. We recommend using this setting if you do not install
unpopular programs and want an extra degree of security to prevent mutating
threats.
High
Detects programs that have been created or modified in a relatively short time
and are not trusted. This setting is recommended only if you rarely install new
programs and if you feel that your system is relatively constant. This setting
may generate a higher level of false alarms on more obscure or unpopular
programs.
69
Slider - Age Heuristics (continued)
Maximum
Detects all untrusted programs that have been created or modified fairly
recently.
You should only use this setting if your computer is in a high-risk situation or
if you think that it is currently infected.
Slider - Popularity Heuristics
70
Disabled
Turns off Popularity Heuristics for the area selected in the tab, leaving it
vulnerable to new threats. (However, it will still be protected against known
threats.)
Low
Detects programs that have been seen for the first time. This setting is
recommended if you frequently install new programs, beta programs, or you
are a software developer who frequently creates new programs.
Medium
Detects unpopular and mutating programs, preventing zero-day and zero-hour
attacks.
This setting is recommended if you do not frequently install new programs
and want an extra level of protection over standard settings.
High
Detects programs that a significant percentage of the community has seen.
This setting is recommended if you do not install new programs and suspect
that your system is infected.
Maximum
Detects programs that a large percentage of the community has seen. This
setting is recommended if you think your system is at a very high risk and are
willing to accept that you may receive false alarms because of the strict
heuristic rules.
8: Settings
Importing or exporting settings
If you changed the Webroot SecureAnywhere configuration, you can back up those new settings.
A backup of your configuration is helpful if you ever need to reinstall the software or transfer your
configuration to another computer.
To import or export settings:
1
Open the main interface (see “Using the main interface” on page 5).
2
At the bottom left, click Settings.
3
From the left panel, click Import/Export.
4
To transfer your settings to another computer, click Export Settings. Enter a name for the
file and click Save. These settings can be from an external hard drive or USB drive.
Depending on the file size, this may take a few seconds.
5
8: Settings
Access the other computer and click Import Settings. Select the file and click Save.
71
72
8: Settings
A: Webroot Support
If you want to open a support ticket with Webroot Support, go to:
https://www.webrootanywhere.com/support
A: Webroot Support
73
74
A: Webroot Support
B: Uninstalling the program
To uninstall the Webroot software:
1
From the Start menu (click Start in the system tray), point to All Programs, then
Webroot, then Tools, then Uninstall Webroot.
2
At the prompt, click Yes to continue.
Webroot removes the files from your computer.
B: Uninstalling the program
75
76
B: Uninstalling the program
C: License agreement
The Webroot SecureAnywhere license agreement is available at:
http://detail.webrootanywhere.com/eula.asp
C: License agreement
77
78
C: License agreement
Index
A
access control settings 65
account
activating new keycode 57
checking for software updates 59
creating a Webroot account 8
upgrading to new version 58
viewing details in program 56
Active processes 46
Add/Remove programs, showing or hiding
SecureAnywhere from 63
admin account 8
advanced heuristics 69
age heuristics 69
alerts 7
fading out automatically 63
remembering responses in 28
setting auto-blocking and quarantine 28
suppressing from system tray 63
antimalware tools 41
applications
adjusting threat-detection settings 46
archived files, including in scans 24
B
Basic Configuration 62
Behavior shield 29
browser requirements 2
C
CAPTCHA, enabling or disabling 66
compressed files, including in scans 24
Core System shield 31
CPU resources, using fewer 63
cross-site scripting attacks, shielding 34
custom scan 19
D
deep scan 19
Detection Configuration 39
disabling SecureAnywhere 6
disk space requirements 2
E
execution history 52
Execution History logs, storing data for 63
F
file detection management 39
Index
full scan 19
G
gaming
suppressing SecureAnywhere functions 63
turning off scans during games 22
H
heuristics 68
history, execution 52
Hosts file, shielding 32
I
installing the software 2
Internet requirements 2
K
kernal memory, shielding 32
keycode
activating new code 57
hiding from My Account screen 63
installation requirement 2
L
license agreement 77
logs
saving resources in logging 63
scan 6, 50
storing data for Execution History 63
LSP chain, shielding 32
M
main interface 5
manual threat removal 42
master account 8
Master Boot Record (MBR) scanning 23
My Account 55
activating new keycode 57
checking for software updates 59
upgrading or renewing software 58
viewing details 56
O
offline threat protection 28
opening SecureAnywhere 5
P
password protection, enabling for SecureAnywhere 65
PC Security web page 11
79
popularity heuristics 70
processes
adjusting threat-detection settings 46
shielding 32
program settings 61
protection statistics 51
proxy server settings 67
Q
quarantine 35
antimalware tools 41
auto-quarantine during shielding 28
enabling password for threat removal 65
file detection configuration 39
how it works 36
restoring or deleting items 38
saving threat log 43
viewing items in 37
quick scan 19
R
RAM requirements 2
Realtime shield 27
registering SecureAnywhere 8
removal script 42
removing SecureAnywhere 75
renewing subscription 58
reports 49
execution history 52
protection statistics 51
scan log 50
rootkit detection 23
S
safe mode, rebooting in 42
SafeStart 47
sandbox testing area 47
save threat log 43
scan log 6, 50
scanning 15
automatic scanning 16
changing scan settings 23
changing scheduled scan options and behavior 22
checking status from website 12
custom scans 19
enabling password for 65
how scans work 16
launching a scan 17
launching from system tray 6
launching from Windows Explorer 24
managing file detection 39
new or modified files 28
reducing memory and CPU usage 24
results in PC Security website 16
80
scanning (continued)
scanning single files or directories 20
threats found 18
screensaver, resetting 42
search results, analyzing links for threats 34
SecureAnywhere website 8
self protection settings 64
settings 61
access control 65
basic configuration 62
defining proxy settings 67
heuristics 68
importing or exporting 71
self protection 64
shields 25
alerts 26
auto-blocking 28
Behavior shield 29
Core System shield 31
enabling and disabling 26
how shields work 26
managing file detection 39
Realtime shield 27
remembering responses in alerts 28
scan new files 28
setting auto-quarantine 28
Web Threat shield 33
shortcut on desktop, adding 62
shutdown command, hiding from system tray 63
shutting down SecureAnywhere 6
splash screen, showing or hiding on bootup 62
Start menu
showing or hiding SecureAnywhere from 63
starting SecureAnywhere 5
statistics 51
status, viewing 7
submit a file 53
subscription renewal 58
support
See Technical Support
System Control 45
active processes 46
using SafeStart sandbox 47
system policies, resetting 42
system requirements 2
system tray
menu 6
showing or hiding the Webroot icon 62
T
Technical Support
opening a support ticket 73
submitting a file to 53
threat log 43
Index
threat removal
manual 42
scanning 15
threats found during scan 18
tools
antimalware 41
enabling access to other users 66
system control 45
tray menu 6
turning off SecureAnywhere 6
U
uninstallation
enabling access to other users 66
instructions for 75
updating SecureAnywhere
enabling or disabling automatic downloads 63
from main interface 59
from system tray 6
Index
upgrading to new version 58
users, controlling access to SecureAnywhere 65
W
wallpaper, resetting 42
warnings
See alerts
Web Threat shield 33
Webroot account 8
Webroot support
See Technical Support
Webroot website 8
websites
analyzing for threats 34
whitelisting 34
Windows
system requirements for SecureAnywhere 2
Windows Security Center, showing or hiding
SecureAnywhere from 63
81
82
Index
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertisement