User Guide for PCs

SecureAnywhere AntiVirus SecureAnywhere Internet Security Plus SecureAnywhere Complete Endpoint Protection Copyright

Webroot SecureAnywhere User Guide for PCs

July, 2013

© 2013 Webroot Software, Inc. All rights reserved. Webroot is a registered trademark and SecureAnywhere is a trademark of Webroot Software, Inc. All other product and company names mentioned may be trademarks or registered trademarks of their respective owners. Table of Contents

Getting Started 1 Installing SecureAnywhere on a PC 2 Creating a Webroot account 8 Using the SecureAnywhere interface 12 Using the system tray 14 Viewing protection status 15 Scanning for Malware 17 Running scans 18 Viewing the latest scan results 18 Running a scan immediately 19 Managing detected threats 21 Changing the scan schedule 22 Changing the scan settings 25 Shielding Your PC 29 Managing shields 30 Changing Realtime shield settings 32 Changing Behavior shield settings 35 Changing Core System shield settings 38 Changing Web Threat shield settings 41 Using Web Threat protection 44 Surfing websites 44 Using search engines 45 Using Firewall Protection 47 Managing the firewall 48 Changing firewall alert settings 49 Managing network applications 50 Managing Quarantine 53 Managing quarantined items 54 Managing file detection 56 Using antimalware tools 58 Managing Identity Protection 61 Managing Identity Protection 62 Changing Identity Protection settings 63 Managing protected applications 66 Managing protected websites 69 Managing Passwords 73 Using password management 74 Downloading the passwords component 75 Managing Backup & Sync 77 Using Backup & Sync 78 Downloading the Backup & Sync component 79 Synchronizing files 81 Changing sync settings 85 Adding sync folders 88 Synchronizing folders with other computers 92 Removing a folder from synchronization 95 Backing up files 97 Changing backup settings 101 Changing backup filters 104 Changing the backup schedule 107 Checking file status 109 Using the System Cleaner 113 Running a system cleanup 114 Running a scheduled cleanup 117 Changing Windows Desktop settings 120 Changing Windows system settings 123 Changing Application settings 126 Changing Internet Explorer settings 128 Using Secure File Removal 132 Viewing the cleanup log 135 Using Advanced Tools 137 Controlling active processes 138 Using the SafeStart sandbox 140 Saving a scan log 142 Using the System Analyzer 143 Viewing the execution history 145 Viewing the protection statistics 146 Managing Your Account 149 Viewing your account details 150 Activating a new keycode 151 Renewing your subscription 152 Checking for updates 153 Setting Preferences 155 Setting general preferences 156 Setting basic configuration 162 Setting access control 166 Defining proxy server settings 169 Adjusting heuristics 172 Exporting and importing settings 177 Setting self protection 180 Accessing Support and Resources 183 Accessing Technical Support options 184 Accessing additional publications 185 Saving a threat log for analysis 186 Submitting a file to Webroot for analysis 187 Glossary 189 Index 193

Getting Started

Webroot® SecureAnywhere™ delivers complete protection against viruses, spyware, and other online threats without slowing down PC performance or disrupting your normal activities. With its fast scans and threat removal, you can rest assured that malware is eliminated quickly and easily. SecureAnywhere gives you the freedom to surf, share, shop, and bank online — all with the confidence that your PC and your identity will be kept safe.

Note: This guide describes the features of all SecureAnywhere editions: AntiVirus, Internet Security Plus, Complete, or Endpoint. Your edition may not include some of the features described in this guide.

To get started with SecureAnywhere, see the following topics:

Installing SecureAnywhere on a PC 2 Creating a Webroot account 8 Using the SecureAnywhere interface 12 Using the system tray 14 Viewing protection status 15

- 1 - User Guide for PCs

Installing SecureAnywhere on a PC

SecureAnywhere is available in several editions, described in the table below. If you aren't certain which edition you purchased, look at the email from Webroot (if you purchased SecureAnywhere online) or the product packaging (if you purchased SecureAnywhere from a store).

SecureAnywhere editions

AntiVirus Provides protection from viruses, spyware, and phishing. Also includes a firewall and features for safe web searching. This edition is available with:

l Licenses for 1 or 3 devices (PC or Mac)

l Subscriptions for 1 or 2 years

Internet Security Provides all the features of the AntiVirus edition, plus a Plus password management feature and protection for mobile devices. This edition is available with:

l Licenses for 3 or 5 devices (PC, Mac, or mobile)

l Subscriptions for 1 or 2 years

Complete Provides all the features of the Internet Security Plus edition, along with a system cleaner that removes traces of Internet activity and a feature for backing up and synchronizing your data. This edition is available with:

l Licenses for 5 devices (PC, Mac, or mobile)

l Subscriptions for 1, 2, or 3 years

Endpoint Provides all the features of the AntiVirus edition, plus the system cleaner. (This product is available only with the Endpoint Protection business version of SecureAnywhere.)

- 2 - Getting Started

You can install SecureAnywhere on a device with one of the following operating systems:

SecureAnywhere system requirements

PCs Compatible with the following operating systems: ® l Windows 8 32-bit and 64-bit

l Windows 7 32-bit and 64-bit (all Editions), Windows 7 SP1 32-bit and 64-bit (all Editions)

l Windows XP 32-bit and 64-bit SP2, SP3 ® l Windows Vista 32-bit (all Editions), Windows Vista SP1, SP2 32-bit and 64-bit (all Editions) Minimum system requirements:

l Intel®Pentium®/Celeron® family, or AMD® K6/Athlon™/Duron™ family, or other compatible processor

l 128 MB RAM (minimum)

l 10 MB Hard Disk Space Internet access with one of the following browsers:

l Microsoft® Internet Explorer® 7.0 and higher

l Mozilla® Firefox® 3.6 and higher

l Google Chrome™ 10.0 or higher

Macs Compatible with the following operating systems:

l Mac OS® X v.10.7 "Lion"

l Mac OS X v. 10.8 " Mountain Lion" For more information on Mac requirements and how to install SecureAnywhere on a Mac, see the Webroot SecureAnywhere User Guide for Mac OS X. You will also need a separate installer file for Mac. Go to your Mac and download the file from: http://anywhere.webrootcloudav.com/zerol/wsamac.dmg

- 3 - User Guide for PCs

SecureAnywhere system requirements

Mobile Compatible with the following operating systems:

l Android™ devices with operating system version 2.2 or higher

l Apple® devices with iOS version 4.2 or later (compatible with iPhone®, iPod touch®, and iPad® mobile digital devices) Mobile apps are available with the purchase of Internet Security Plus or Complete editions. You can also purchase them separately. To download and install mobile apps, see the download instructions.

To install SecureAnywhere on a PC:

1. Before you begin: a. Read the license agreement at: http://detail.webrootanywhere.com/eula.asp. b. Close all programs that may be open on your computer. c. Make sure you have the keycode, which is a 20-character license that identifies your Webroot account. Your keycode comes in an email message or is listed inside the retail box. If you purchased a multi-user license, you can use the same keycode to install the software on up to three or five devices. Note: The keycode is associated only with SecureAnywhere and does not include any information related to your computer or its configuration. Webroot does not use the keycode in any way to track individual use of its products.

2. Start the installation routine either from a CD or from a downloaded file:

l If you are installing from a CD, insert the CD into the CD drive. An installation dialog opens where you can click a link to begin. If the installation dialog does not open, use Windows Explorer to navigate to your CD drive and double-click the software’s installation file.

l If you are installing from a downloaded file, navigate to where you downloaded the file in Windows Explorer and double-click the file to start the installation. Click Run to begin.

3. When the Webroot installer dialog opens, enter your keycode in the field. (If your keycode came in an email, you can cut and paste the code into this field.)

- 4 - Getting Started

4. If desired, you can click the Installation Options link at the bottom right to modify these settings:

o Change the installation location. In this field, you can enter a different folder for the SecureAnywhere installation files. o Create a shortcut to SecureAnywhere on the desktop. Click this checkbox to place a shortcut icon on your Windows Desktop for Webroot SecureAnywhere. o Randomize the installed filename to bypass certain infections. Click this checkbox to change the Webroot installation filename to a random name (for example, “QrXC251G.exe”), which prevents malware from detecting and blocking Webroot’s installation file. o Protect the SecureAnywhere files, processes, and memory from modification. Click this checkbox to enable self protection and the CAPTCHA prompts. (CAPTCHA requires that you read distorted text on the screen and enter the text in a field before performing any critical actions.) For more information, see "Setting self protection" on page 180 and "Setting access control" on page 166. o Change Language. To change the language displayed in SecureAnywhere, click the Change Language button and select from the supported languages. (You can only change the displayed language during installation, not after.)

The Installation Options dialog is similar to the following example.

- 5 - User Guide for PCs

Click Close when you're done.

5. At the main Installation dialog, click Agree and Install to begin installation. 6. If you are prompted to enter an email address, enter your address and click Continue. SecureAnywhere begins scanning and configuring the application. If your system is clean, SecureAnywhere displays a status screen similar to the following example.

Note: If SecureAnywhere detects threats during the scan, it moves the items to quarantine where they

- 6 - Getting Started

are rendered inoperable and can no longer harm your system or steal data. For more information, see "Managing quarantined items" on page 54. 7. If you want to exit from SecureAnywhere, click Continue. If you want to view the main interface, select Click here to view your Dashboard now (see also "Using the SecureAnywhere interface" on page 12).

You do not need to do anything further, unless you want to adjust settings. After the initial scan, SecureAnywhere automatically scans your computer daily and constantly monitors activity as you surf the Internet. You do not need to launch a scan yourself or schedule scans. SecureAnywhere does all the work for you in the background.

To verify that SecureAnywhere is running, look for the Webroot icon in your system tray.

If an important message requires your attention, the icon turns yellow or red. A dialog opens with further details. 8. If you purchased a multi-user license, you can install SecureAnywhere on other devices.

Note: If you want to uninstall the program later, go to the Windows Start menu (click Start in the system tray), point to All Programs, then Webroot SecureAnywhere, then Tools, then Uninstall Webroot. At the prompt, click Yes to continue.

- 7 - User Guide for PCs

Creating a Webroot account

By creating a Webroot account, you can view and manage the security status of your PC from any device with an Internet connection. This status information is available at the SecureAnywhere website (my.webrootanywhere.com). From here, you can manage security across multiple devices from a single location, making it easier to determine if all your devices are protected or if any need attention. For more information, see the SecureAnywhere Management Website User Guide.

Before you begin, do the following:

l Have available the license keycode you used to install SecureAnywhere.

l Make sure you are using one of the following browsers:

l Internet Explorer, versions 8 and 9

l Firefox, versions 3.6 and higher

l Chrome or Safari, all versions

To create an account:

1. Open your browser and go to my.webrootanywhere.com. 2. Click Sign up now.

3. Enter your information in the Create an account panel, as described in the following table.

- 8 - Getting Started

Create an account

Webroot Product Enter the license keycode you received when you purchased the product. Keycode Email address Enter your email address, which will also be used for your login name. Your account activation confirmation will be sent to this address. Password Enter a minimum of 9 characters. Your password must contain at least 6 alphabetic characters and 3 numeric characters. Your password can be longer than the required 9 characters. It can include special characters, except for angle brackets: < and >. Your password is case sensitive. As you type, the Strength meter shows how secure your password is. For optimum security, you should make your password as strong as possible. Your Personal Enter a word or number, which will be used for an extra security step Security Code after you enter the password during login. Choose a code that is easy to remember, using a minimum of 6 characters. Every time you log in, you must also enter two random characters of this code. For example, if your code is 123456 and it prompts you for the fourth and sixth character, you would enter 4 and 6. Your Personal Security Code is case sensitive. Security Question Choose a question from the drop-down list. If you later forget the details of your login, you need to provide the answer to this question to retrieve the information. Security Answer Type an answer to your security question. The Security Answer is case- sensitive.

- 9 - User Guide for PCs

4. After you enter account details, click Register Now. SecureAnywhere displays a confirmation message and sends an email to the address you specified. This may take a few minutes. Note: If your SecureAnywhere edition includes the Backup & Sync feature, another field appears that prompts you to select a storage region. Select the region closest to you (U.S., Europe, or Japan), then click Register Now again. 5. From your email system, open the confirmation email from Webroot and click the link. Your account will not be created until you click this link. 6. When SecureAnywhere prompts you to enter two characters from the Personal Security Code, type the requested characters and click Confirm Registration Now. For example, if your code is 123456 and it prompts you for the fourth and sixth characters, you would enter 4 and 6.

The SecureAnywhere website opens, similar to the following example. The options that appear depend on which SecureAnywhere editions you purchased (AntiVirus, Internet Security Plus, or Complete).

- 10 - Getting Started

Note: When you install SecureAnywhere on multiple computers using the same multi-license keycode, their status information automatically displays in this website. For example, if you installed SecureAnywhere on five PCs, the PC Security panel displays "5 PCs Protected."

7. Click Go to PC Security to access status information for your computer. 8. For more information about using the website to manage your devices, see the SecureAnywhere Management Website User Guide.

- 11 - User Guide for PCs

Using the SecureAnywhere interface

The SecureAnywhere interface provides access to all functions and settings. To open the main interface, you can:

l Double-click the Webroot shortcut icon on your desktop:

l Right-click on the Webroot icon from the system tray menu, then click View Status. (For Endpoint editions, click Open.)

l If you cannot locate the system tray icon, open the Windows Start menu, click All Programs (or Programs), Webroot SecureAnywhere, then Webroot SecureAnywhere again.

When you open the main interface, it displays the Overview panel.

Along the top of the panel, the main interface includes navigation tabs. The tabs that appear depend on the SecureAnywhere edition you purchased.

- 12 - Getting Started

Main Interface tabs

Overview View your system status and manually scan your computer. PC Security Run custom scans, change shield settings, and manage the quarantine. Identity & Privacy Protect sensitive data that may be exposed during your online transactions and automatically fill in user names and passwords. Note: Passwords may not be available in your edition. Backup & Sync Protect your files by uploading them to Webroot's online repository. Note: Backup & Sync may not be available in your edition. System Tools Use tools to manage processes and files, view reports, and submit a file to Webroot Support. Note: The System Cleaner may not be available in your edition. My Account View your SecureAnywhere account information, check for updates, and renew or upgrade your subscription.

- 13 - User Guide for PCs

Using the system tray

The Webroot icon in the system tray provides quick access to some common SecureAnywhere tasks. By right- clicking on the Webroot icon, you can view the system tray menu. (This menu displays different selections, depending on the SecureAnywhere edition you purchased.)

Note: If the icon does not appear in the system tray, open the main interface, go to Settings, Basic Configuration, and click in the box for Show a system tray icon. See "Setting general preferences" on page 156.

If a threat is detected, SecureAnywhere may also open an alert in the system tray. SecureAnywhere takes the appropriate action to quarantine the items. It may also prompt you to take action yourself (see "Running scans " on page 18 and "Managing quarantined items" on page 54).

- 14 - Getting Started

Viewing protection status

To show your computer's overall protection status, the system tray icon and the main interface change colors, as follows:

l Green. Your computer is secure.

l Yellow. One or more messages require your attention.

l Red. One or more critical items require your intervention.

To view details about the current status and settings, open the main interface by right-clicking on the Webroot icon from the system tray menu, then click View Status. (For Endpoint editions, click Open.)

- 15 - - 16 - Scanning for Malware

When SecureAnywhere scans your computer, it searches for spyware, viruses, and any other threats that may infect your computer or compromise your privacy. If it detects a known threat, it moves the item to quarantine, where it is rendered inoperable and can no longer run on your computer. Scans run daily without disrupting your work.

To learn more about scanning your PC for malware, see the following topics:

Running scans 18 Viewing the latest scan results 18 Running a scan immediately 19 Managing detected threats 21 Changing the scan schedule 22 Changing the scan settings 25

- 17 - User Guide for PCs

Running scans

Scans run automatically every day, at about the same time you installed SecureAnywhere. For example, if you installed SecureAnywhere at 8 p.m., it always launches a scan around 8 p.m. It will not disrupt your work, nor will it launch while you play games or watch a movie.

During scans, SecureAnywhere searches all areas where potential threats can hide, including drives, files, and system memory. It looks for items that match our threat definitions, match descriptions in our community database, or exhibit suspicious behavior. If SecureAnywhere detects a threat, it moves the item to quarantine where it is rendered inoperable. In quarantine, it can no longer harm your system or steal personal data.

If SecureAnywhere detects a potential threat, it opens an alert that prompts you to make a decision on whether you want to allow or block the item. If you aren't sure, we recommend that you block the item. For more information, see "Managing detected threats" on page 21.

See the instructions below for viewing the latest scan results and for running a scan immediately.

Note: You can also run a scan from a remote location. For more information, see the SecureAnywhere Management Website User Guide.

Viewing the latest scan results

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the PC Security tab. Make sure Scan is selected on the left. The Scan panel shows the statistics of the last scan results.

- 18 - Scanning for Malware

Running a scan immediately

Although scans run automatically, you can launch a scan at any time. An immediate scan might be necessary if you surfed a high-risk website (networking, music, or adult entertainment), downloaded high-risk items (screen savers, music, or games), or accidentally clicked on a suspicious pop-up advertisement. You can run a scan in one of two ways: from the system tray or from the main window.

To use the system tray:

1. From the system tray, right-click on the Webroot icon .

- 19 - User Guide for PCs

2. In the pop-up menu, click Scan Now.

To use the main window:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. In either the Overview tab or the Scan tab, click Scan My Computer.

If SecureAnywhere locates threats, it opens a window that guides you through the quarantine process. Items moved to quarantine are rendered inoperable. You do not need to delete them or do anything else. See "Managing quarantined items" on page 54.

- 20 - Scanning for Malware

Managing detected threats

In most cases, SecureAnywhere automatically detects threats and quarantines the items for you. However, if it detects a potential threat or an item it does not recognize, it prompts you to manage the item. A screen similar to the following example may appear:

To manage threats:

l If you recognize the filename, deselect the Remove checkbox next to the item name (click in the box so the checkmark is removed). Do not restore the file unless you are absolutely sure that it is legitimate.

l If you DO NOT recognize the filename, keep the item selected (do not click inside the box to remove the checkbox).

SecureAnywhere moves the threat to quarantine, where it is rendered inoperable. You do not need to delete it or do anything else.

After SecureAnywhere moves the threat to quarantine, it launches another scan to make sure your system is clean. See "Managing quarantined items" on page 54.

- 21 - User Guide for PCs

Changing the scan schedule

SecureAnywhere launches scans automatically every day, at about the same time you installed the software. You can change the scan schedule to run at different times, change the scanning behavior, or turn off automatic scanning.

To modify scheduled scanning:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. In the upper right corner, click Settings.

- 22 - Scanning for Malware

3. In the Settings panel, click Advanced Settings.

4. Select Scan Schedule from the left.

- 23 - User Guide for PCs

5. In the Scan Schedule panel, you can:

l Disable automatic scanning by clicking the checkbox next to Enable Scheduled Scans so that the checkmark is removed. Then click Save All.

l Change the scanning intervals by entering new values in the Scan Frequency and Time fields. If you modify the time, the scan will launch when computer resources are available, generally within an hour of the time you select. Then click Save All.

l Change the scanning behavior by selecting or deselecting the checkboxes. When you're done, click Save All.

See the following table for a description of options.

Scan Schedule options

Scan on bootup if the Launches a scheduled scan within an hour after you turn on your computer is off at the computer. If this option is disabled, SecureAnywhere ignores missed scheduled time scans. Hide the scan progress Runs scans silently in the background. If this option is disabled, a window during window opens and shows the scan progress. scheduled scans Only notify me if an Opens an alert only if it finds a threat. If this option is disabled, a small infection is found status window opens when the scan completes, whether a threat was during a scheduled found or not. scan Do not perform Helps conserve battery power. If you want SecureAnywhere to launch scheduled scans when scheduled scans when you are on battery power, deselect this option. on battery power Do not perform Ignores scheduled scans when you are viewing a full-screen application scheduled scans when (such as a movie) or a game. Deselect this option if you want scheduled a full screen scans to run anyway. application or game is open Randomize the time of Determines the best time for scanning (based on available system scheduled scans up to resources) and runs the scan within an hour of the scheduled time. If you one hour for distributed want to force the scan to run at the exact time scheduled, deselect this scanning option. Perform a scheduled Runs a quick scan of memory. We recommend that you keep this option Quick Scan instead of deselected, so that deep scans run for all types of malware in all a Deep Scan locations.

- 24 - Scanning for Malware

Changing the scan settings

Scan settings provide advanced users with a little more control over scanning performance.

To change the scan settings:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. In the upper right corner, click Settings.

- 25 - User Guide for PCs

3. In the Settings panel, click Advanced Settings.

4. Select Scan Settings from the left.

5. If you want to change a setting, select its checkbox to disable it (uncheck the box) or activate it (check the box). When you’re done, click Save All.

- 26 - Scanning for Malware

The following table describes the scan settings.

Scan Setting options

Enable Realtime Protects your computer against master boot record (MBR) infections. An Master Boot Record MBR infection can modify core areas of the system so that they load (MBR) Scanning before the operating system and can infect the computer. We recommend that you keep this option selected. It adds only a small amount of time to the scan. Enable Enhanced Checks for rootkits and other malicious software hidden on your disk or Rootkit Detection in protected areas. Spyware developers often use rootkits to avoid detection and removal. We recommend that you keep this option selected. It adds only a small amount of time to the scan. Enable “right-click” Enables an option for running a full, file-by-file scan of the currently scanning in Windows selected file or folder in the Windows Explorer right-click menu. This Explorer option is helpful if you downloaded a file and want to quickly scan it.

Update the currently Displays a full list of files as SecureAnywhere scans each one. If you scanned folder want to increase scan performance slightly, deselect this option so that immediately as file names only update once per second on the panel. SecureAnywhere scanned will still scan all files, just not take the time to show each one on the screen. Favor low memory Reduces CPU usage during scans, but scans will also run a bit slower. usage over fast Deselect this option to run faster scans. scanning Save non-executable Saves all file data to the scan log, resulting in a much larger log file. file details to scan logs Keep this option deselected to save only executable file details to the log. Show the Opens a small dialog whenever you run a program for the first time. “Authenticating Files” Keep this option deselected if you do not want to see this dialog. pop-up when a new file is scanned on- execution Scan archived files Scans compressed files in zip, rar, cab, and 7-zip archives.

- 27 - - 28 - Shielding Your PC

Shields monitor functions related to web browsing and system activity. If a suspicious item tries downloading or running on your computer, the shields automatically block and quarantine the item. For some types of shields, an alert asks if you want to continue the download or block it.

To manage shielding activities, see the following topics:

Managing shields 30 Changing Realtime shield settings 32 Changing Behavior shield settings 35 Changing Core System shield settings 38 Changing Web Threat shield settings 41 Using Web Threat protection 44 Surfing websites 44 Using search engines 45

- 29 - User Guide for PCs

Managing shields

Shields constantly monitor activity while you surf the Internet and work on your computer. The shields protect your computer from malware and viruses, as well as settings for your browser and the Windows system. SecureAnywhere includes these types of shields:

l Realtime shield. Controls how threats are blocked and quarantined on your computer.

l Behavior shield. Blocks applications and processes that exhibit suspicious behavior.

l Core System shield. Monitors the computer system structures and makes sure malware has not tampered with them.

l Web Threat shield. Protects your system as you surf the Internet and blocks suspicious files that try to download.

l USB shield. Monitors an installed USB flash drive for threats and blocks any threats that it finds.

l Offline shield. Protects your system from threats while your computer is not connected to the Internet.

l Zero Day shield. Monitors your system for previously unknown vulnerabilities (in which the attack has been known for "zero days").

Shields run in the background without disrupting your work. If a shield detects an item that it classifies as a potential threat or does not recognize, it opens an alert. The alert asks if you want to allow the item to run or if you want to block it. If you recognize the file name and you are purposely downloading it (for example, you were in the process of downloading a new toolbar for your browser), click Allow to continue. If you were not trying to download anything, you should click Block. As you surf Internet sites, you could be targeted for a drive-by download, where an unwanted program launches and silently installs on your computer as you view pages.

The shields are preconfigured, based on our recommended settings. You do not need to configure any settings yourself unless you are an advanced user and would like to modify shield behavior.

To view shield status or to disable shields:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the PC Security tab. 3. Click Shields on the left. The Shields panel opens. A green button next to the shield name indicates the shield is on. We recommend that you keep all shields enabled; however, you can disable a shield by clicking the green button, as indicated in the following example.

- 30 - Shielding Your PC

- 31 - User Guide for PCs

Changing Realtime shield settings

The Realtime shield blocks known threats that are listed in Webroot’s threat definitions and in our community database. If the shield detects a suspicious file, it opens an alert and prompts you to block or allow the item. If it detects a known threat, it immediately blocks and quarantines the item before it causes damage to your computer or steals your information.

Webroot already configured this shield with our recommended settings, but you can adjust the settings if you want.

To change Realtime shield settings:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. In the upper right corner, click Settings.

- 32 - Shielding Your PC

3. In the Settings panel, click Advanced Settings.

4. Click Realtime Shield on the left.

5. If you want to change a setting (see the following table), select its checkbox to disable it (uncheck the box) or activate it (check the box). When you’re done, click Save All.

- 33 - User Guide for PCs

Note: We recommend that you keep Webroot’s default settings. If you make changes and decide you want to return to the recommended settings, click the Reset to Defaults button.

The following table describes the shield options.

Realtime shield settings

Enable Predictive Downloads a small threat definition file to your computer, which protects Offline Protection your computer even when it’s offline. We recommend that you keep this from the central option selected. SecureAnywhere database Remember actions on Remembers how you responded in an alert (allowed a file or blocked it). blocked files It won’t prompt you again when it encounters the same file. If this option is deselected, SecureAnywhere opens an alert every time it encounters the file in the future. (If you blocked a file and want it restored, you can retrieve it from quarantine.) Automatically Opens an alert when it encounters a threat. It gives you the option of quarantine previously blocking it and sending it to quarantine. If this option is deselected, you blocked files must run a scan manually to remove a threat. Automatically block Automatically blocks threats and sends them to quarantine. If this option files when detected on is deselected, you must respond to alerts about detected threats. execution Scan files when Scans any new or modified files that you save to disk. If this option is written or modified deselected, it ignores new file installations (however, it will still alert you if a threat tries to launch). Block threats Stops threats from executing even when you are logged off. Threats are automatically if no sent to quarantine without notification. user is logged in

- 34 - Shielding Your PC

Changing Behavior shield settings

The Behavior shield analyzes the applications and processes running on your computer. If it detects a suspicious file, it opens an alert and prompts you to block or allow the item. If it detects a known threat, it immediately blocks and quarantines the item before it causes damage to your computer or steals your information.

Webroot already configured this shield with our recommended settings, but you can adjust the settings if you want.

To change Behavior shield settings:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. In the upper right corner, click Settings.

- 35 - User Guide for PCs

3. In the Settings panel, click Advanced Settings.

4. Click Behavior Shield on the left.

5. If you want to change a setting, select its checkbox to disable it (uncheck the box) or activate it (check the box). When you’re done, click Save All.

- 36 - Shielding Your PC

Note: We recommend that you keep Webroot’s default settings. If you make changes and decide you want to return to the recommended settings, click the Reset to Defaults button.

The following table describes the shield options.

Behavior shield settings

Assess the intent of Watches the program’s activity before allowing it to execute. If it new programs before appears okay, SecureAnywhere allows it to launch and continues to allowing them to monitor its activity. execute Enable advanced Employs a thorough analysis of a program to examine its intent. (For behavior interpretation example, a malware program might perform suspicious activities like to identify complex modifying a registry entry, then sending an email.) threats Track the behavior of Watches programs that have not yet been classified as legitimate or as untrusted programs for malware. advanced threat removal Automatically perform Does not prompt you to allow or block a potential threat. the recommended SecureAnywhere will determine how to manage the item. action instead of showing warning messages Warn if untrusted Opens an alert if an unclassified program attempts to make changes to programs attempt low- your system when you are offline. (SecureAnywhere cannot check its level system online threat database if you are disconnected from the Internet.) modifications when offline

- 37 - User Guide for PCs

Changing Core System shield settings

The Core System shield monitors the computer system structures and makes sure malware has not tampered with them. If it detects a suspicious file trying to make changes, it opens an alert and prompts you to block or allow the item. If it detects a known threat, it immediately blocks and quarantines the item before it causes damage to your computer or steals your information.

Webroot already configured this shield with our recommended settings, but you can adjust the settings if you want.

To change Core System shield settings:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. In the upper right corner, click Settings.

- 38 - Shielding Your PC

3. In the Settings panel, click Advanced Settings.

4. Click Core System Shield on the left.

5. If you want to change a setting, select its checkbox to disable it (uncheck the box) or activate it (check the box). When you’re done, click Save All.

- 39 - User Guide for PCs

Note: We recommend that you keep Webroot’s default settings. If you make changes and decide you want to return to the recommended settings, click the Reset to Defaults button.

The following table describes the shield options.

Core System shield settings

Assess system Intercepts any activity that attempts to make system changes, such as a modifications before new service installation. they are allowed to take place Detect and repair Locates corrupted components, such as a broken Layered Service broken system Provider (LSP) chain or a virus-infected file, then restores the component components or file to its original state. Prevent untrusted Stops unclassified programs from changing the kernel memory. The programs from kernel is the central component of most computer operating systems. It modifying kernel acts as a bridge between applications and data processing done at the memory hardware level. Prevent untrusted Stops unclassified programs from changing the system processes. programs from modifying system processes Verify the integrity of Monitors the Layered Service Provider (LSP) chain and other system the LSP chain and structures to make sure malware does not corrupt them. other system structures Prevent any program Stops spyware from attempting to add or change the IP address for a from modifying the website in the hosts file. It opens an alert where you can block or allow HOSTS file the changes. The hosts file is a Windows file that helps direct your computer to a website using Internet Protocol (IP) addresses.

- 40 - Shielding Your PC

Changing Web Threat shield settings

The Web Threat shield protects your system as you surf the Internet. If it detects a website that may be a threat, it opens an alert that allows you to decide whether you want to block the site or continue despite the warning. When you use a search engine, this shield analyzes all the links on the search results page and then displays an image next to each link that signifies whether it’s a trusted site or a potential risk (see "Using Web Threat protection" on page 44).

Webroot already configured this shield with our recommended settings, but you can adjust the settings if you want.

To change Web Threat shield settings:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. In the upper right corner, click Settings.

- 41 - User Guide for PCs

3. In the Settings panel, click Advanced Settings.

4. Click Web Threat Shield on the left.

5. If you want to create a list of websites to always block or always allow, click View Websites. In the dialog, enter a website name in the field (in the form of www.sitename.com) and click Add Website. In

- 42 - Shielding Your PC

the table, select whether you want to allow this website (click the Allow radio button) or you want to block it (click the Block radio button). When you’re done, click Close.

6. If you want to change a setting, select its checkbox to disable it (uncheck the box) or activate it (check the box). When you’re done, click Save All.

Note: We recommend that you keep Webroot’s default settings. If you make changes and decide you want to return to the recommended settings, click the Reset to Defaults button.

The following table describes the shield options.

Web Threat shield settings

Analyze search engine When you use a search engine, SecureAnywhere analyzes all links results and identify displayed on the search results page by running the URLs through its malicious websites malware-identification engine. It then displays an image next to each link before visitation that signifies if the site is safe (green checkmark) or a potential risk (red X). Enable deep content Analyzes all data traffic on your computer as you visit websites. If analysis threats try to install, it blocks their activity. Look for malware on When you enter the URL for a website in your browser’s address bar or websites before click on a link to a site, SecureAnywhere runs the URL through its visitation malware-identification engine. If the site is associated with malware, it blocks it from loading in your browser. Look for exploits in Looks for cross-site scripting attacks that may try to redirect you to a website content before different website. visitation

- 43 - User Guide for PCs

Using Web Threat protection

To detect websites associated with potential threats, the Web Threat shield analyzes URLs (web addresses) as follows:

l When you enter the URL for a website or click a link to a site, SecureAnywhere runs the URL through its malware-identification engine. If the site is associated with malware, the Web Threat shield blocks the site from loading in your browser.

l When you use a search engine, SecureAnywhere analyzes all links displayed on the search results page by running the URLs through its malware-identification engine. It then displays an image next to each link that signifies its risk level.

Surfing websites

If you attempt to access a website that is associated with a known threat, phishing attempts, or exhibited some questionable behavior, the Web Threat shield displays an alert before the website loads.

We recommend that you click Close to navigate away from this page. However, if you still want to access the site despite the warning, click Allow. The website is then added to the "allowed" filter and will load the page directly the next time. If you want to change the website filter, see "Changing Web Threat shield settings" on page 41.

- 44 - Shielding Your PC

Using search engines

When you use a search engine, the Web Threat shield displays a rating next to the link for each search result. A green checkmark next to the link indicates the site is safe to access:

A red X displays next to the link if the site is known for spreading malware:

- 45 - - 46 - Using Firewall Protection

You can use the Webroot firewall to monitor data traffic and block potential threats. The Webroot firewall, when used with the your computer’s built-in Windows firewall, provides thorough protection for your computer system and your security.

To adjust firewall protection, see the following topics:

Managing the firewall 48 Changing firewall alert settings 49 Managing network applications 50

- 47 - User Guide for PCs

Managing the firewall

The SecureAnywhere firewall monitors data traffic traveling out of your computer ports. It looks for untrusted processes that try to connect to the Internet and steal your personal information. It works with the Windows firewall, which monitors data traffic coming into your computer. With both the SecureAnywhere and Windows firewall turned on, your data has complete inbound and outbound protection.

You should not turn off either the Windows firewall or the SecureAnywhere firewall. If they are disabled, your system is open to many types of threats whenever you connect to the Internet or to a network. These firewalls can block malware, hacking attempts, and other online threats before they can cause damage to your system or compromise your security.

The SecureAnywhere firewall is preconfigured to filter traffic on your computer. It works in the background without disrupting your normal activities. If the firewall detects any unrecognized traffic, it opens an alert where you can block the traffic or allow it to proceed.

To view firewall status or to disable the firewall:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the PC Security tab, then click Firewall on the left. The Firewall panel opens. The green button indicates the shield is on. We recommend that you keep the firewall enabled; however, you can disable it by clicking the green button.

- 48 - Using Firewall Protection

Changing firewall alert settings

You can adjust how the firewall manages processes and whether it should open an alert when it does not recognize a process.

To change firewall alert settings:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the PC Security tab. 3. Click Firewall on the left. 4. Click a radio button to select an alerting method.

- 49 - User Guide for PCs

Managing network applications

To protect your computer from hackers and other threats, the firewall monitors processes that attempt to access the Internet. It also monitors the ports used for communicating with the Internet. You have control over whether SecureAnywhere will allow or block certain processes and port communications.

To change settings for active connections:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the PC Security tab. 3. Click Firewall on the left. 4. At the bottom of the panel, click View Network Applications.

The Network Applications panel opens.

- 50 - Using Firewall Protection

5. Click on a radio button to allow or block a process, or to allow or close a port.

- 51 - - 52 - Managing Quarantine

The Webroot quarantine is a holding area for potential threats found during scan and shielding activities. Items in quarantine are rendered inoperable and cannot harm your computer. You do not need to delete them, unless you want to conserve disk space. You can also restore items from quarantine, if necessary.

To manage file detection and perform some advanced quarantining functions, see the following topics:

Managing quarantined items 54 Managing file detection 56 Using antimalware tools 58

- 53 - User Guide for PCs

Managing quarantined items

Once items are moved to quarantine, they are disabled and cannot harm your computer. However, you may want to delete or restore quarantined items in the following circumstances:

l If you want to conserve disk space, you can delete the items permanently.

l If you discover that a program is not working correctly without the quarantined item, you can restore it. In rare cases, a piece of spyware is an integral part of a legitimate program and is required to run that program.

To view and manage items in quarantine:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the PC Security tab. 3. Click Quarantine on the left, then click View Quarantine.

The Quarantine panel opens.

- 54 - Managing Quarantine

4. If you want to delete or restore the item, click in its checkbox to select it. You can then do either of the following:

l If you want to remove the item permanently, click Erase. Be aware that after erasing it, you can never restore the item.

l If you want to move the item back to its original location, click Restore. When an item is restored, SecureAnywhere will no longer detect it during scans. If you want the item to be detected again in the future, you can change its detection rules.

- 55 - User Guide for PCs

Managing file detection

If you want more control over scans and shielding behavior, you can use Detection Configuration to specify one of the following actions:

l Allow. Ignore a file during scans and shielding.

l Block. Stop a file from executing or being written to your computer.

l Monitor. Watch the program to determine if it is legitimate or related to malware.

Detection configuration acts as an override to SecureAnywhere’s default scanning and shielding behavior.

To manage file detection:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the PC Security tab. 3. Click Quarantine on the left, then click Configure under Detection Configuration.

The Detection Configuration panel opens.

- 56 - Managing Quarantine

4. You can add executable files to this list. (Executable files typically have an extension of exe, dll, sys, drv, or com.) To add files, click the Add File button. You can also drag and drop a file from Explorer. The file name appears in the Threat column. (If SecureAnywhere detected other copies of this file with different file names, it only shows the file name that it last detected.) 5. In the right column, select the radio button for either Allow, Block, or Monitor. If you want to clear the list, click the Remove all button.

- 57 - User Guide for PCs

Using antimalware tools

SecureAnywhere provides tools for manually removing threats and for performing actions associated with threat removal. You should only use these tools if you are an advanced user. These tools allow you to:

l Target a file for scanning and removal, while also removing its associate registry links (if any).

l Launch a removal script with the assistance of Webroot Support.

l Reboot after removing a threat yourself or using a removal script.

l Reset your wallpaper, screensavers, and system policies.

To access and use these tools:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the PC Security tab. 3. Click Quarantine on the left, then click View Tools.

The Antimalware Tools panel opens.

- 58 - Managing Quarantine

The following table describes the shield options.

Antimalware tools

Reset desktop If your computer was recently infected with malware that changed your wallpaper wallpaper, click the checkbox and click Run Tools. Reset screensaver If your computer was recently infected with malware that changed your screensaver, click the checkbox and click Run Tools. Reset system policies If your computer was recently infected with malware that changed your system policies, click the checkbox and click Run Tools. Reboot in Safe Mode If Webroot Support instructs you to reboot your computer in Safe Mode, click the checkbox and click Run Tools. Perform an immediate To reboot your system after threat removal, click the checkbox and click system reboot Run Tools. Manual Threat To scan a specific file for threats, click Select a file. In the Windows Removal Explorer dialog, select a file and click Save. SecureAnywhere launches a scan. When it’s complete, reboot your system. Removal Script After Webroot Support sends you a removal script, save it to your computer. Click Select Script... to launch the tool.

- 59 - - 60 - Managing Identity Protection

You can use the Identity shield to safely surf the Internet and enter sensitive data in applications. The Identity shield watches for any suspicious activity that may indicate an outside program is attempting to steal information from your computer.

To configure advanced Identity shield protection, see the following topics:

Managing Identity Protection 62 Changing Identity Protection settings 63 Managing protected applications 66 Managing protected websites 69

- 61 - User Guide for PCs

Managing Identity Protection

The Identity shield protects you from identity theft and financial loss. It ensures that your sensitive data is protected, while safe-guarding you from keyloggers, screen-grabbers, and other information-stealing techniques.

The Identity shield supports the following browsers:

l Internet Explorer 7.0 and higher (32-bit only)

l Mozilla Firefox 3.6 and higher (32-bit only)

l Google Chrome 10 and higher

l Opera 9 and higher (32-bit only)

To view the Identity shield status or to disable the Identity shield:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the Identity & Privacy tab. 3. Click Identity Shield on the left. The Identity Shield panel opens. The green button indicates the shield is on. We recommend that you keep the Identity Shield enabled; however, you can disable it by clicking the green button.

- 62 - Managing Identity Protection

Changing Identity Protection settings

The Identity shield protects sensitive data that may be exposed during your online transactions. Webroot has already configured the Identity shield for you. However, you can change the behavior of the Identity shield and control what it blocks.

To change Identity shield settings:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. In the upper right corner, click Settings.

- 63 - User Guide for PCs

3. In the Settings panel, click Advanced Settings.

4. Click Identity Shield on the left.

5. If you want to change a setting, select its checkbox to disable it (uncheck the box) or activate it (check the box). When you’re done, click the Save All button.

- 64 - Managing Identity Protection

Note: We recommend that you keep Webroot’s default settings. If you make changes and decide you want to return to the recommended settings, click the Reset to Defaults button.

The following table describes the shield options.

Identity shield settings

Look for identity Analyzes websites as you browse the Internet or open links. If the shield threats online detects any malicious content, it blocks the site and opens an alert. Analyze websites for Analyzes websites for phishing threats as you browse the Internet or phishing threats open links. If the shield detects a phishing threat, it blocks the site and opens an alert. Phishing is a fraudulent method used by criminals to steal personal information. Typical scams might include websites designed to resemble legitimate sites, such as PayPal or a banking organization, which trick you into entering your credit card number. Verify websites when Analyzes the IP address of each website to determine if it has been visited to determine redirected or is on our blacklist. If the shield detects an illegitimate legitimacy website, it blocks the site and opens an alert. Verify the DNS/IP Looks for servers that could be redirecting you to a malicious website resolution of websites (man-in-the-middle attack). If the shield detects a man-in-the-middle to detect Man-in-the- attack, it blocks the threat and opens an alert. Middle attacks Block websites from Blocks third-party cookies from installing on your computer if the creating high risk cookies originate from malicious tracking websites. Cookies are small tracking information bits of text generated by a web server and then stored on your computer for future use. Cookies can contain everything from tracking information to your personal preferences. Prevent programs from Blocks programs from accessing your login credentials (for example, accessing protected when you type your name and password or when you request a website to credentials remember them). Warn before blocking Opens an alert any time malware attempts to access data, instead of untrusted programs blocking known malware automatically. (This option is for technical from accessing users only; we recommend that you keep this option disabled so the protected data program does not open numerous alerts.) Allow trusted screen Allows you to use legitimate screen capture programs, no matter what capture programs content is displayed on your screen. access to protected screen contents

- 65 - User Guide for PCs

Managing protected applications

You can provide additional security for software applications that may contain confidential information, such as Instant Messaging clients or tax preparation software. By protecting these applications, you secure them against information-stealing Trojans like keyloggers, man-in-the-middle attacks, and clipboard stealers. You can add any applications to the Protected Applications list and assign them to one of the protection levels:

l Protect. “Protected applications” are secured against information-stealing malware, but also have full access to data on the system. You might want to add financial management software to the category. When you run a protected application, the Webroot icon in the system tray displays a padlock:

l Allow. “Allowed applications” are not secured against information-stealing malware, and also have full access to protected data on the system. Many applications unintentionally access protected screen contents or keyboard data without malicious intent when running in the background. If you trust an application that is currently marked as “Deny,” you can change it to “Allow.”

l Deny. “Denied applications” cannot view or capture protected data on the system, but can otherwise run normally.

As you work on your computer, SecureAnywhere automatically adds web browsers to the Protected Applications list and assigns them to the “protected” status.

To manage the application list and specify levels of protection:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the Identity & Privacy tab. 3. Click Identity Shield on the left, then click View/Edit Protected Applications.

- 66 - Managing Identity Protection

The Protected Applications panel opens. This panel shows the web browsers on your system and any other applications you added to the list.

- 67 - User Guide for PCs

4. In the row for the application you want to modify, click the radio button for Protect, Allow, or Deny. (To include another application in this list, click Add Application, then select an executable file.) 5. When you’re done, click Close.

- 68 - Managing Identity Protection

Managing protected websites

The Identity shield already includes the recommended security settings for specific types of websites. If desired, you can adjust security for a website to one of the following levels:

l None. Provides unfiltered access to all potentially malicious content. (Not recommended.)

l Low. Protects stored data and identifies malware in real time. You may want to use this setting if you have an application that does not work properly when the security level is set to Medium or higher.

l Medium. Protects your stored data while also providing software compatibility. You may want to use this setting if you have an application that does not work properly when the security level is set to High or Maximum.

l High. Provides strong protection against threats, while still enabling screen accessibility for impaired users (for example, allows text-to-speech programs to run normally).

l Maximum. Provides maximum protection against threats, but blocks screen accessibility for impaired users. When you load a secured website, the Webroot icon in the system tray displays a padlock:

Note: The Identity shield only protects a secured website when the browser window is active in the foreground window (the padlock is shown in the tray icon). For full protection from screen grabbers, information-stealing Trojans, and other threats, make sure the browser window is in the foreground and the padlock is displayed in the tray icon. If the Identity shield encounters a website that may be a threat, it opens an alert. You can decide whether you want to stay secure (click Block) or continue despite the warning (click Allow).

To manage settings for protected websites:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the Identity & Privacy tab. 3. Click Identity Shield on the left. 4. Click View/Edit Protected Websites.

- 69 - User Guide for PCs

The Protected Websites panel opens.

- 70 - Managing Identity Protection

5. In the Protected Websites table, click in the row for the type of website you want to adjust. To include an individual site, enter the address in the field at the top of the dialog, then click Add Website. 6. Adjust the slider for minimum to maximum protection configuration. As an alternative, you can also select the individual protection options by clicking on the green checkmark or red X. (A green checkmark indicates the option is on; a red X indicates the option is off.) When you’re done, click Save.

The following table describes the protection options.

Website protection options

Block phishing and Alerts you to phishing sites and other malicious sites listed in our known malicious Webroot database. Phishing is a fraudulent method used by criminals to websites steal personal information. Typical scams might include websites designed to resemble legitimate sites, such as PayPal or a banking organization, which trick you into entering your credit card number. Protect cookies and Alerts you if a malicious program attempts to gather personal data from saved website data cookies installed on your computer. Cookies are small bits of text generated by a web server and then stored on your computer for future use. Cookies can contain everything from tracking information to your personal preferences. Detect and prevent Alerts you if a server is redirecting you to a malicious website (man-in- man-in-the middle the-middle attack). This is a method of intercepting communications attacks between two systems and stealing data. Protect against Stops keyloggers from recording keystrokes on your computer. keyloggers Keyloggers may monitor emails, chat room dialogue, instant message dialogue, websites visited, usernames, passwords, programs run, and any other typed entries. They have the ability to run in the background, hiding their presence. Protect sensitive Stops malware programs from capturing clipboard data. The clipboard is clipboard data a utility that allows you to cut and paste stored data between documents or applications. Protect against URL Hides your web browsing activity from malware that attempts to log the grabbing attacks websites you visit. Protect browser Hides your web browsing activity from malware that attempts to modify components from your browser with memory injection and other behind-the-scenes attacks. external access

- 71 - User Guide for PCs

Website protection options

Protect against Man- Blocks a malicious toolbar from stealing data. A man-in-the-browser in-the-Browser attacks attack is a Trojan that infects a web browser. It can modify pages and the content of your transactions without being detected. Isolate untrusted Blocks a browser add-on (browser helper object) from stealing data. browser add-ons from While most browser add-ons are legitimate, some can display ads, track data your Internet activity, or hijack your home page. Block browser process Analyzes browser memory to see if code injection is taking place. modification attempts Protect against screen Blocks a malicious program from viewing and capturing your screen grabbing attacks content. Block suspicious Blocks a malicious program from viewing and capturing data in access to browser Windows components. windows

- 72 - Managing Passwords

If you purchased a SecureAnywhere edition that includes password management, you can use an additional component for managing passwords and profiles online. Once you define your personal information and passwords in SecureAnywhere, you can automatically log in to websites or populate fields in web forms, saving you the hassle of manually entering your personal data and credit card numbers.

Note: This section provides a quick overview of password management. For further instructions, see the SecureAnywhere Management Website User Guide.

To learn about password management, see the following topics:

Using password management 74 Downloading the passwords component 75

- 73 - User Guide for PCs

Using password management

If you purchased a SecureAnywhere edition that includes password management, you can create a secure password for all your website transactions, automatically remember your user names and passwords, and automatically fill in web forms. You never need to remember multiple login names and passwords again.

Note: For complete instructions on using password management in your browser, see the SecureAnywhere Management Website User Guide.

To get started with password management:

1. Open Internet Explorer, Chrome, or Firefox and look for the Webroot icon in the toolbar. If it does not appear, you must download the passwords component (see "Downloading the passwords component" on page 75).

2. From your browser's toolbar, click on the Webroot icon to log in to password management (use your Webroot account credentials; see "Creating a Webroot account" on page 8). When you are logged in, SecureAnywhere detects information you enter in web forms and prompts you to save the data for future use. 3. Access a website that requires a login or personal data in web forms. After defining login credentials and personal information, you can log in to your Webroot account from the toolbar each time you open a browser. See the SecureAnywhere Management Website User Guide for complete instructions.

- 74 - Managing Passwords

Downloading the passwords component

The passwords component should install along with your SecureAnywhere installation; however, it might not install in some situations.

To check if the passwords component downloaded:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the Identity & Privacy tab. 3. Click Password Management on the left. If a Download and Install button appears, click the button to install the component.

If the passwords component has successfully installed, the Password Management panel looks similar to the following example.

- 75 - User Guide for PCs

4. You can click the Manage My Identity button to access your online account.

See the SecureAnywhere Management Website User Guide for complete instructions.

.

- 76 - Managing Backup & Sync

If you purchased a SecureAnywhere edition that includes Backup & Sync, you can synchronize important files with your online SecureAnywhere account, as well as with other computers and mobile devices. You can also schedule regular backups to your account, which is accessible from the Backup & Sync page of the SecureAnywhere website.

Note: For further instructions about using Backup & Sync in your online account or on your mobile device, see the Webroot SecureAnywhere Help and Product Guides page.

To learn about Backup & Sync, see the following topics:

Using Backup & Sync 78 Downloading the Backup & Sync component 79 Synchronizing files 81 Changing sync settings 85 Adding sync folders 88 Synchronizing folders with other computers 92 Removing a folder from synchronization 95 Backing up files 97 Changing backup settings 101 Changing backup filters 104 Changing the backup schedule 107 Checking file status 109

- 77 - User Guide for PCs

Using Backup & Sync

If your SecureAnywhere edition includes Backup & Sync, you can protect your important files and photos as follows:

l Storing files in the Anywhere folder or in your own sync folders. You can use Webroot's preconfigured folder called the Anywhere folder or you can create your own sync folders. Any files you place in these folders are automatically synchronized in your account, to any other computers with shared folders, and to mobile devices with the Backup & Sync app installed.

SecureAnywhere constantly monitors the Anywhere folder and other sync folders. If it detects a change (an edited file, a new file, or a deleted file), it immediately makes the same change to your online account, to shared folders on other computers, and to mobile devices with the Backup & Sync app installed. If you are working offline, SecureAnywhere automatically picks up changes the next time you connect to the Internet.

If SecureAnywhere detects an edited file, it does not overwrite the original version stored in your account. Instead, it uploads the latest version and makes a copy of the original file. If necessary, you can revert back to previous versions (up to five). If you save changes a sixth time, your most recent version is saved and the oldest version is removed. For more information, see the SecureAnywhere Management Website User Guide.

To learn more about the preconfigured Anywhere folder, see "Synchronizing files" on page 81. To create sync folders of your own, see "Adding sync folders" on page 88.

l Backing up files. Instead of synchronizing files with multiple devices, you can simply back them up. For example, you may want to back up tax returns, old photos, and a scanned copy of your passport. These types of documents won’t change and don’t need to be kept in synchronization with other computers.

To learn more about backups, see "Backing up files" on page 97.

- 78 - Managing Backup & Sync

Downloading the Backup & Sync component

To begin using Backup & Sync, you must download its component to your computer.

To download the component:

1. If you have not yet created a Webroot account, see "Creating a Webroot account" on page 8. This is where you will access your files stored in the cloud. 2. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 3. Click the Backup & Sync tab, then click the Log in button.

4. If prompted, enter your Webroot account credentials (user name and password). When the download completes, the Backup & Sync panel looks like the following example.

- 79 - User Guide for PCs

By default, synchronization of the Anywhere folder is turned on. For more information, see "Synchronizing files" on page 81.

Backups are not turned on by default. To configure backups, see "Backing up files" on page 97.

- 80 - Managing Backup & Sync

Synchronizing files

Webroot includes one preconfigured folder for synchronization, called the Anywhere folder. It resides under your personal Documents folder in Windows. Any files you put in the Anywhere folder are automatically synchronized with your online account (my.webrootanywhere.com) and with shared folders on other computers or mobile devices in your account.

To synchronize files using the Anywhere folder:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the Backup & Sync tab, and make sure Backup & Sync is selected at the left. 3. Click Open Anywhere Folder.

Windows Explorer opens to the Webroot Anywhere folder. 4. Copy files or folders into the Webroot Anywhere folder.

The files are instantly synchronized to your online SecureAnywhere account and to other shared folders

- 81 - User Guide for PCs

on other computers (if you configured them). In Windows Explorer, icons next to the files and folders indicate the status of the synchronization:

l Synchronized:

l Sync pending:

l Not synchronized:

Note: Some files may fail to synchronize because their storage size is larger than the upload limit. You can adjust the limit in the Do not upload files larger than field in the Sync Settings panel. See "Changing sync settings" on page 85.

5. To see the amount of used storage in your account, look at the status bar at the bottom of the Backup & Sync panel. If you want to check that your files were successfully copied, access your online account by clicking Web Console.

- 82 - Managing Backup & Sync

6. When your browser opens to my.webrootanywhere.com, log in to your account, click Go to Backup & Sync, then click Anywhere from the left panel.

- 83 - User Guide for PCs

For more information about using Backup and Sync in your online account, see the SecureAnywhere Management Website User's Guide.

- 84 - Managing Backup & Sync

Changing sync settings

Webroot already configured synchronization with our recommended settings, but you can adjust the settings if you want. For example, you can adjust the size limit of files to upload or allow a synchronization to run while your computer is on battery power.

To change sync settings:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the Backup & Sync tab, and make sure Backup & Sync is selected at the left. 3. Under Synchronization, click the Change Settings link.

- 85 - User Guide for PCs

4. In the Backup & Sync Settings panel, make sure Sync Settings is selected on the left.

5. If you want to change a setting, select its checkbox to disable it (uncheck the box) or activate it (check the box). When you're done, click Save All.

Note: We recommend that you keep Webroot's default settings. If you make changes and decide you want to return to the recommended settings, click the Reset to Defaults button.

The following table describes the settings.

Sync settings

Ignore hidden files and When selected, files and directories that Windows has hidden in directories Explorer are not included in the sync. "Hidden" files are typically system files that do not need to be synchronized. They can also consume a lot of storage space. Ignore system files When selected, Windows system files and directories are not included in and directories the sync. Typically, system files do not need to be synchronized. They can also consume a lot of storage space.

- 86 - Managing Backup & Sync

Sync settings

Show Windows When selected, the icons next to files and folders appear in Windows Explorer overlay icons Explorer to show if they are synchronized, are in the process of synchronizing, or did not get synchronized. For more information about these icons, see "Synchronizing files" on page 81. Do not synchronize When selected, SecureAnywhere does not run a synchronization when files while running on your computer is unplugged and running on the battery. battery power Do not synchronize When selected, SecureAnywhere does not run a synchronization when files when a full- you are watching a movie in full-screen mode or running a gaming screen application or application. game is running Warn when quota The number in the field determines when SecureAnywhere displays a usage exceeds: warning when your storage limit is exceeded. You can adjust the percentage by entering a new number. Do not upload files The number in the field determines the size of files to include in larger than: synchronization. If the file size exceeds the displayed limit, it will not be uploaded. You can adjust the size limit by entering a new number (in megabytes).

- 87 - User Guide for PCs

Adding sync folders

Webroot already configured one synchronization folder called the Anywhere folder (see "Synchronizing files" on page 81). However, you can designate more folders for synchronization if you like.

To add sync folders:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the Backup & Sync tab, and make sure Backup & Sync is selected at the left. 3. Under Synchronization, click the Change Settings link.

4. Click Synchronized Folders on the left.

- 88 - Managing Backup & Sync

5. Click Add Custom Folder.

6. In the next panel, click the Browse button to open the folder you want synchronized. If desired, you can specify a different name for this folder that will display in SecureAnywhere. When you're done, click Add.

- 89 - User Guide for PCs

Note: If you want to share a folder across multiple computers, see "Synchronizing folders with other computers" on page 92.

7. When the new directory appears in the Synchronized Folders panel, you can click Open Folder to see the files and folders. (In Explorer, icons appear next to files and folders toshow if they have been synchronized, are in the process of synchronizing, or did not get synchronized. For more information about these icons, see "Synchronizing files" on page 81.)

- 90 - Managing Backup & Sync

8. If you want to check that your files successfully uploaded to your account, click Web Console. When your browser opens to my.webrootanywhere.com, log in to your account, click Go to Backup & Sync, then click on the folder name from the left panel. For more information, see the SecureAnywhere Management Website User Guide.

- 91 - User Guide for PCs

Synchronizing folders with other computers

If you installed SecureAnywhere on multiple computers, you can create shared, synchronized folders between them. Whenever you update data in one of these shared folders (adding, editing, moving, or deleting files), SecureAnywhere automatically makes the same changes in your online account and to all shared folders. This automatic synchronization can be beneficial when you frequently use multiple computers and need access to the most recent files.

Note: Be aware that when you make changes to a folder on one computer, the changes are propagated across the shared folders on all computers. For example, if you delete a shared folder, it is removed from all the computers. However, you can still access a deleted folder or file from the Recycle Bin in your SecureAnywhere account. (See the SecureAnywhere Management Website User Guide.)

To create shared folders with other computers:

1. Configure a sync folder on the first computer. See "Adding sync folders" on page 88. 2. On the second computer, open the Backup & Sync Settings panel. To do this, click the Backup & Sync tab, make sure Backup & Sync is selected at the left, then click the Change Settings link.

3. Click Synchronized Folders on the left.

- 92 - Managing Backup & Sync

4. Click Add Custom Folder.

5. In the next panel, click Browse to open the folder you want to synchronize. Then select the radio button for Link directory to an existing folder in the cloud. In the table, select the folder from the other computer, and click Add.

SecureAnywhere synchronizes all files in that folder with your other computer. In the Backup & Sync

- 93 - User Guide for PCs

Settings panel, the Shared Across column shows the computers sharing that folder.

- 94 - Managing Backup & Sync

Removing a folder from synchronization

You can stop synchronizing the contents in a folder by detaching it from the automatic synchronization process.

Note: Detaching the folder does not delete it from your computer.

To remove a folder from synchronization:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the Backup & Sync tab, and make sure Backup & Sync is selected at the left. 3. Under Synchronization, click the Change Settings link.

4. Click Synchronized Folders on the left. 5. Select the folder in the table and click Detach.

- 95 - User Guide for PCs

The folder will no longer appear in the panel and will no longer synchronize to your SecureAnywhere account. 6. Click Close when you're done.

- 96 - Managing Backup & Sync

Backing up files

Instead of synchronizing files, you can archive them instead. For example, you may want to back up tax returns, old photos, and a scanned copy of your passport. These types of documents won't change and don't need to be kept in synchronization with other computers. Your backed-up files are uploaded to the Webroot servers, which are accessible from your SecureAnywhere account.

To configure backup:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the Backup & Sync tab, and make sure Backup & Sync is selected at the left. (If you have not yet configured backup settings, the panel looks like the example below. If you did already configure backups, skip to Step 5.) 3. Click Setup Backup.

4. In the next panel, select the types of documents you want included in the backup and click Continue. A checkmark next to an item means every file with that extension will be copied to your online account. If you want to designate different file types, click the Custom filter checkbox at the bottom.

- 97 - User Guide for PCs

Note: If you decide later that you want to change file types, see "Changing backup filters" on page 104.

- 98 - Managing Backup & Sync

5. When the Backup & Sync panel opens again, click Run Backup Now.

Note: Backups can also run automatically on a schedule. See "Changing the backup schedule" on page 107.

- 99 - User Guide for PCs

6. If you want to check your uploaded files, access your online account by clicking Web Console.

7. When your browser opens to my.webrootanywhere.com, log in to your account, click Go to Backup & Sync, then click Backup from the left panel.

- 100 - Managing Backup & Sync

Changing backup settings

Webroot already configured backups with our recommended settings, but you can adjust the settings if you want. For example, you can adjust the size limit of files to upload or allow a synchronization to run while your computer is on battery power.

Note: To change the types of files backed up, see "Changing backup filters" on page 104. To change the backup schedule, see "Changing the backup schedule" on page 107.

To change backup settings:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the Backup & Sync tab, and make sure Backup & Sync is selected at the left. 3. Under Backup, click the Change Settings link.

- 101 - User Guide for PCs

4. Click Backup Settings on the left.

5. If you want to change a setting, select its checkbox to disable it (uncheck the box) or activate it (check the box). When you're done, click Save All.

Note: We recommend that you keep Webroot's default settings. If you make changes and decide you want to return to the recommended settings, click the Reset to Defaults button.

The following table describes the settings.

Backup settings

Ignore hidden files and When selected, files and directories that Windows has hidden in directories Explorer are not included in the backup. "Hidden" files are typically system files that do not need to be backed up. They can also consume a lot of storage space. Ignore system files When selected, Windows system files and directories are not included in and directories the backup. Typically, system files do not need to be backed up. They can also consume a lot of storage space.

- 102 - Managing Backup & Sync

Backup settings

Show Windows When selected, the icons next to files and folders appear in Windows Explorer overlay icons Explorer to show if they are backed up, are in the process of backing up, or did not get backed up. For more information about these icons, see "Synchronizing files" on page 81. Do not archive while When selected, SecureAnywhere does not run a backup when your running on battery computer is unplugged and running on the battery. power Do not archive when a When selected, SecureAnywhere does not run a backup when you are full-screen application watching a movie in full-screen mode or running a gaming application. or game is running Do not upload files The number in the field determines the size of files to include in the larger than: backup. If the file size exceeds the displayed limit, it will not be uploaded. You can adjust the size limit by entering a new number (in megabytes).

- 103 - User Guide for PCs

Changing backup filters

Using backup filters, you can include or exclude certain file types or subfolders for the backup.

To add or change the backup filters:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the Backup & Sync tab, then make sure Backup & Sync is selected at the left. 3. Under Backup, click the Change Settings link.

4. Click Backup Filters at the left. 5. To add a new filter, click Add Filter. To edit an existing filter, select the filter in the table and click Edit Filter.

- 104 - Managing Backup & Sync

6. In the next dialog, select the criteria for the filter.

Filter settings are described in the following table.

- 105 - User Guide for PCs

Filter settings

Directory Use the Browse button to select the local folder of the files. Filter Name Enter a name that will describe this filter. File type expressions Enter the extensions of the file types you want to include in this filter. Back up files from Keep this checkbox selected if you want the subfolders included in the subdirectories backup. Exclude files from Select this checkbox if you want to create a filter that excludes files with backup that match this the specified extensions. filter

- 106 - Managing Backup & Sync

Changing the backup schedule

You can change the automatic backup schedule or turn off automatic backups.

To configure the backup schedule:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the Backup & Sync tab, then make sure Backup & Sync is selected at the left. 3. Under Backup, click Change Settings.

- 107 - User Guide for PCs

4. Select Backup Schedule from the left.

5. If you want to turn off automatic backups, de-select the checkbox next to Enable scheduled archiving. Otherwise, keep it selected. 6. If desired, click the Back up only on the following days checkbox and select a day of the week to run the backups. 7. Select the time of day to run the backup or an hourly interval. 8. At the bottom of the panel, you have two additional options:

l Run immediately if Backup was inactive at the scheduled time. Keep this checkbox selected if you want to run a backup immediately after a missed schedule. A backup might be skipped if you disabled backups, if you shut down SecureAnywhere, or if your logged off your computer.

l Randomize the time of a scheduled archive up to one hour. Keep this checkbox selected if you want a scheduled backup to run within an hour of the scheduled time. This selection makes better use of network resources.

- 108 - Managing Backup & Sync

Checking file status

You can check the status of synchronization and backup from the main interface or from your account on the SecureAnywhere website.

To check file transfer status from the main interface:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the Backup & Sync tab, then click File Transfers at the left.

To check your file status from the SecureAnywhere website:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the Backup & Sync tab, then make sure Backup & Sync is selected on the left. The amount of disk space used is displayed under the Status bar.

- 109 - User Guide for PCs

3. To view your online account, click Web Console.

4. When your browser opens to my.webrootanywhere.com, log in to your account, click Go to Backup & Sync, then click the folders from the left panel.

- 110 - Managing Backup & Sync

For more information about Backup & Sync in your account, see the SecureAnywhere Management Website User Guide.

- 111 - - 112 - Using the System Cleaner

If you purchased a SecureAnywhere edition that includes the System Cleaner, you can remove all traces of your web browsing history, files that show your computer use, and other files that reveal your activity. By removing these items, you can protect your privacy. No one else who has access to your computer can see what websites you have visited or what search terms you have used.The System Cleaner also removes unnecessary files that consume valuable disk space, such as files in the Recycle Bin or Windows temporary files.

To use the System Cleaner, see the following topics:

Running a system cleanup 114 Running a scheduled cleanup 117 Changing Windows Desktop settings 120 Changing Windows system settings 123 Changing Application settings 126 Changing Internet Explorer settings 128 Using Secure File Removal 132 Viewing the cleanup log 135

- 113 - User Guide for PCs

Running a system cleanup

If you purchased a SecureAnywhere edition that includes the System Cleaner, you can remove all traces of your web browsing history, files that show your computer use, and other files that reveal your activity. As you work on your computer and browse the Internet, you leave behind traces. These traces may be in the form of temporary files placed on your hard drive, lists of recently used files in programs, lists of recently visited websites, or cookies that websites placed on your hard drive. Anyone who has access to your computer can view what you have done and where you have been. Using the System Cleaner, you can protect your privacy by removing all traces of your activity, including the Internet history, address bar history, Internet temporary files (cache), and cookie files.

You can also use the System Cleaner to delete unnecessary files that Windows stores on your computer. Certain files can consume valuable space on your computer. Even with today’s large hard drives, these unnecessary files can impair your computer’s performance.

Note: Cleanups remove unnecessary files and traces, not malware threats. Malware (spyware and viruses) are removed during scans (see "Running scans " on page 18). You can think of the System Cleaner as the housekeeper for your computer, while the Scanner serves as the security guard.

The System Cleaner does not run automatically; you need to run it yourself. Before the first cleanup, select all the items you want removed.

To check cleanup settings and run a cleanup:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the System Tools tab. Make sure System Cleaner is selected on the left.

- 114 - Using the System Cleaner

3. Click Cleanup Settings.

4. In the System Cleaner panel, click each of the categories on the left side of the panel. On the right side, click in the checkboxes to select or deselect items to clean up. Items with a checkmark will be cleaned.

For more information about the settings, see:

• "Changing Windows Desktop settings" on page 120 • "Changing Windows system settings" on page 123 • "Changing Application settings" on page 126 • "Changing Internet Explorer settings" on page 128

- 115 - User Guide for PCs

5. In the System Cleaner Settings panel, select Secure File Removal. By default, file removal is set to “Normal,” which means items are deleted permanently (bypassing the Recycle Bin). However, data recovery utilities may be able to restore the files. If you want to make sure files can never be recovered, move the slider to Medium or Maximum. For more information, see "Using Secure File Removal" on page 132. 6. When you’re done, click Save All, then click Close. 7. From the System Cleaner panel, click the Clean Up Now button. The progress panel shows items as they are removed, along with the space recovered.

- 116 - Using the System Cleaner

Running a scheduled cleanup

You can configure the System Cleaner to run automatically on a schedule.

To run a scheduled cleanup:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the System Tools tab. Make sure System Cleaner is selected on the left. 3. Click Cleanup Settings.

- 117 - User Guide for PCs

4. Make sure General Settings is selected on the left.

5. Click the Enable scheduled cleanup checkbox at the top of the panel. 6. If desired, click the Cleanup only on the following days checkbox and select a day of the week to run the cleanups. 7. Select the time of day to run the cleanup or an hourly interval. 8. At the bottom of the panel, you have two additional options:

l Run on bootup if the system was off at the scheduled time. Keep this checkbox selected if you want a missed scheduled cleanup to run when you turn on the computer again. De- select the checkbox if you want to skip missed cleanups.

l Enable Windows Explorer right click secure file erasing. Keep this checkbox selected if you want to include an option for permanently erasing a file or folder in Windows Explorer. This menu item appears when you right-click on a file or folder. De-select the checkbox if you don't want the menu item to appear. The right-click menu looks similar to the following example.

- 118 - Using the System Cleaner

9. When you’re done, click Save All, then click Close.

- 119 - User Guide for PCs

Changing Windows Desktop settings

The System Cleaner can remove files in the Recycle Bin and the traces of what files you recently opened or tried to locate in a search. While these history traces can be helpful, they also reveal your activity to other people using your computer. To maintain your privacy, you can remove all these traces.

To change Windows Desktop settings:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the System Tools tab. Make sure System Cleaner is selected on the left. 3. Click Cleanup Settings.

- 120 - Using the System Cleaner

4. From the left panel, click Windows Desktop.

5. If you want to change a setting, select its checkbox to disable it (uncheck the box) or activate it (check the box). When you’re done, click Save All.

The following table describes the options:

Windows Desktop settings

Recycle Bin Removes all files from your Recycle Bin, which contains files you have deleted using Windows Explorer. When you delete a file, it is stored in the Recycle Bin until you empty it. You should periodically empty the Recycle Bin to preserve valuable disk space on your computer. Recent document Clears the history of recently opened files, which is accessible from the history Windows Start menu. (The cleanup does not delete the actual files.) Start Menu click Clears the history of shortcuts to programs that you recently opened using history the Start menu.

- 121 - User Guide for PCs

Windows Desktop settings

Run history Clears the history of commands that you recently entered into the Run dialog, which is accessible from the Start menu. Note: After the cleanup, you may need to restart your computer to completely remove items from the Run dialog. Search history Clears the history of files or other information that you searched for on your computer. Your computer stores recent searches and displays them when you start entering a new search that starts with the same characters. You access the search (also called "find") from Windows Explorer or from your Start button. (The cleanup does not delete the actual files.) Start Menu order Reverts the list of programs and documents in the Start menu back to history alphabetical order, which is the default setting. After you run the cleanup, you must reboot your system for the list to revert back to alphabetical order.

- 122 - Using the System Cleaner

Changing Windows system settings

The System Cleaner can remove temporary files and traces left by the Windows operating system. These files and traces can sometimes be a threat to your privacy. They can also consume a lot of disk space if you don’t delete them once in awhile.

To change Windows system settings:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the System Tools tab. Make sure System Cleaner is selected on the left. 3. Click Cleanup Settings.

- 123 - User Guide for PCs

4. From the left panel, click Windows System.

5. If you want to change a setting, select its checkbox to disable it (uncheck the box) or activate it (check the box). When you’re done, click Save All.

The following table describes the options:

Windows System settings

Clipboard contents Clears the contents from the Clipboard, where Windows stores data when you use either the Copy or Cut function from any Windows program. Windows Temporary Deletes all files and folders in the Windows temporary folder, but not folder files that are in use by an open program. This folder is usually: C:\Windows\Temp. You should not put any files here that you need to keep. The files in this folder can consume a lot of space on your hard drive.

- 124 - Using the System Cleaner

Windows System settings

System Temporary Deletes all files and folders in the system temporary folder, but not files folder that are in use by an open program. This folder is usually in: C:\Documents and Settings\[username]\Local Settings\Temp You should not put any files here that you need to keep. The files in this folder can consume a lot of space on your hard drive. Windows Update Deletes all files and subfolders in this folder, but not files that are in use Temporary folder by an open program. Windows uses these files when you run Windows Update. After you install the updates, you no longer need these files. These files are normally in C:\Windows\Software\Distribution\Download. You should not put any files here that you need to keep. The files in this folder can consume a lot of space on your hard drive. Windows Registry Clears the history of recent changes you made to the Windows registry. Streams (This option does not delete the registry changes themselves.) Default logon user Deletes the Windows registry entry that stores the last name used to log history on to your computer. When the registry entry is deleted, you must enter your user name each time you turn on or restart your computer. This cleanup option does not affect computers that use the default Welcome screen. Memory dump files Deletes the memory dump file (memory.dmp) that Windows creates when you receive certain Windows errors. The file contains information about what happened when the error occurred. CD burning storage Deletes the Windows project files, created when you use the Windows folder built-in function to copy files to a CD. These project files are typically stored in one of the following directories: C:\Documents and Settings\[username]\Local Settings\Application Data\Microsoft\CDBurning C:\Users\[username]\AppData\Local\Microsoft\Windows\Burn\Burn Flash Cookies Deletes bits of data created by Adobe Flash, which can be a privacy concern because they track user preferences. (Flash cookies are not actually “cookies,” and are not controlled through the cookie privacy controls in a browser.)

- 125 - User Guide for PCs

Changing Application settings

The System Cleaner can remove the traces left behind by applications, such as a list of recently opened files. While these history traces can be helpful, they also reveal your activity to other people using your computer. To maintain your privacy, you can remove all these traces. (The cleanup does not delete the files, just the places where Windows tracks your activity.)

To change Application settings:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the System Tools tab. Make sure System Cleaner is selected on the left. 3. Click Applications.

Applications currently installed on your computer appear in this panel.

- 126 - Using the System Cleaner

4. On the right side, click in the checkboxes to select or deselect applications you want cleaned. The System Cleaner will remove file history traces for the selected applications. 5. When you're done, click Save All, then click Close.

- 127 - User Guide for PCs

Changing Internet Explorer settings

The System Cleaner can remove temporary files and traces left by the Windows operating system. While these history traces can be helpful, they also reveal your activity to other people and can consume lots of disk space. To maintain your privacy and system performance, you can remove all these files and traces.

To change Application settings:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the System Tools tab. Make sure System Cleaner is selected on the left. 3. Click Cleanup Settings.

- 128 - Using the System Cleaner

4. From the left panel, click Internet Explorer.

5. If you want to change a setting, select its checkbox to disable it (uncheck the box) or activate it (check the box). When you’re done, click Save All.

- 129 - User Guide for PCs

The following table describes the options:

Internet Explorer settings

Address bar history Removes the list of recently visited websites, which is stored as part of Internet Explorer’s AutoComplete feature. You see this list when you click the arrow on the right side of the Address drop-down list at the top of the Internet Explorer browser. Cookies Deletes all cookies from your computer. Cookies are small files that store information about your interaction with a website and may reveal what sites you visited. Be aware that if you remove all cookie files, some websites will not “remember” you. This means that you may need to re- enter passwords, shopping cart items, and other entries that these cookies stored. Temporary Internet Deletes copies of stored web pages that you visited recently. This cache Files improves performance by helping web pages open faster the next time you visit them, but also reveals your visited sites to other people using your computer and can consume a lot of space on your hard drive. URL history Deletes the list of recently visited websites. You see this list when you click History on the Internet Explorer toolbar. While this history can be helpful, it also reveals your visited sites to other people using your computer. Setup Log Deletes log files created when you update Internet Explorer. After you install the updates, you no longer need these files. Microsoft Download Deletes the contents in the folder that stores files you last downloaded Folder using Internet Explorer. After downloading, you no longer need these files. MediaPlayer Bar Removes the list of audio and video files recently opened with the media History player in Internet Explorer, which plays audio and video files that you access on websites. (The cleanup does not delete the files, just the Windows "memory" that you opened them or searched for them.)

- 130 - Using the System Cleaner

Internet Explorer settings

Autocomplete form Deletes data that Internet Explorer stores when you enter information information into fields on websites. This is part of Internet Explorer’s AutoComplete feature, which predicts a word or phrase based on the characters you begin to type (for example, your email address or password). Clean index.dat Marks files in the index.dat file for deletion, then clears those files after (cleaned on reboot) you reboot the system. The index.dat file is a growing Windows repository of web addresses, search queries, and recently opened files. This option works when you also select one or more of the following options: Cookies, Temporary Internet Files, or URL History. Note: Index.dat functions like an active database. It is only cleaned after you reboot Windows.

- 131 - User Guide for PCs

Using Secure File Removal

The System Cleaner can permanently remove files in a “shredding” process, which overwrites them with random characters. This shredding feature is a convenient way to make sure no one can ever access your files with a recovery tool. (Although you may think that you are permanently deleting files when you empty the Recycle Bin or when you use Shift-Delete, in actuality, you are only removing the operating system’s record of the file, not the physical file itself.)

You can run a Secure File Removal from the main interface or from the Windows Explorer right-click menu.

To use Secure File Removal from the main interface:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the System Tools tab. Make sure System Cleaner is selected on the left.

3. Click Secure File Removal. The Secure File Removal panel opens. By default, file removal is set to “Normal,” which means items

- 132 - Using the System Cleaner

are deleted permanently (bypassing the Recycle Bin). However, data recovery utilities may be able to restore the files.

If you want to make sure files can never be recovered, move the slider to Medium or Maximum. “Medium” overwrites files with three passes, whereas “Maximum” overwrites files with seven passes and cleans the space around the files. Also be aware that cleanup operations take longer when you move the slider to Medium or Maximum. 4. When you're done, click Save All. 5. You can now run a cleanup with the new setting. See "Running a system cleanup" on page 114.

- 133 - User Guide for PCs

To use Secure File Removal from the Windows Explorer menu:

1. Open Windows Explorer. 2. Right-click on the file or folder you want to permanently erase. 3. Select Permanently erase with Webroot.

SecureAnywhere will use the selected configuration option (Normal, Medium, or Maximum).

Note: If this menu option does not appear in the right-click menu, go to the General Settings panel and click Enable Windows Explorer right click secure file erasing. See "Running a system cleanup" on page 114.

- 134 - Using the System Cleaner

Viewing the cleanup log

You can view a log of what the System Cleaner removed.

To view the cleanup log:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the System Tools tab. Make sure System Cleaner is selected on the left.

The log opens in Notepad and shows a list of files and traces removed.

- 135 - - 136 - Using Advanced Tools

To learn more about advanced tools, see the following topics:

Controlling active processes 138 Using the SafeStart sandbox 140 Saving a scan log 142 Using the System Analyzer 143 Viewing the execution history 145 Viewing the protection statistics 146

- 137 - User Guide for PCs

Controlling active processes

Using Active Processes, you can adjust the threat-detection settings for all programs and processes running on your computer. It also includes a function for terminating any untrusted processes, which might be necessary if a regular scan did not remove all traces of a malware program.

To adjust settings for active processes:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the System Tools tab. 3. Click System Control on the left.

- 138 - Using Advanced Tools

4. Click the Start button under Control Active Processes.

5. For each process, you can select the radio button for:

l Allow: The process is allowed to run on your system.

l Monitor: Webroot SecureAnywhere will watch the process and open an alert on suspicious activity.

l Block: The process is blocked from running on your system. Do NOT block a process unless you are absolutely certain it is non-essential.

If you want to terminate all untrusted processes, click Kill Untrusted Processes.

- 139 - User Guide for PCs

Using the SafeStart sandbox

If you are an advanced user and want to test a program you believe is malware, you can first execute the program in a protected area called the SafeStart Sandbox. This sandbox allows you to isolate the actions of the malware program and observe its behavior.

Note: The SafeStart Sandbox is intended for testing malware, not legitimate programs.

To execute a file in the SafeStart sandbox:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the System Tools tab. 3. Click System Control on the left.

- 140 - Using Advanced Tools

4. Click the Start button under SafeStart Sandbox.

5. You can select the file either by clicking the Browse button or by entering the filename and location in the Command-line field. 6. If you want to use some advanced features for controlling how the program is allowed to execute, select a checkbox to disable a function (uncheck the box) or activate it (check the box). 7. When you’re done, click the Start button.

- 141 - User Guide for PCs

Saving a scan log

If you want to investigate what SecureAnywhere scanned and what it found, you can save a scan log. This log might be helpful if you are working with Webroot Support to determine the cause of a problem.

To save a scan log:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the System Tools tab. 3. Click Reports on the left.

4. Under Scan Log, click the Save as button. 5. Enter a filename and click Save.

- 142 - Using Advanced Tools

Using the System Analyzer

If you purchased a SecureAnywhere edition that includes System Analyzer, you can use this simple utility to quickly scan for threats, security vulnerabilities, and other computer problems. After the scan, it displays a report that describes any vulnerabilities it found. It also provides recommendations about enhancements that can increase system performance, privacy, and protection.

To run System Analyzer:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the System Tools tab. 3. Click System Analyzer on the left. 4. Click Start.

System Analyzer scans your system, then displays a report summary similar to the following example.

- 143 - User Guide for PCs

5. You can view more detailed information by clicking the View advanced detail link at the bottom right. 6. To save the report to your Desktop, click Save. Otherwise, click Close to exit from the report.

- 144 - Using Advanced Tools

Viewing the execution history

The Execution History is mainly used by Technical Support to see when and where a virus entered the system.

To view the execution history:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the System Tools tab. 3. Click Reports on the left.

4. Under Execution History (Advanced), click the View button. 5. Enter a filename and click Save.

- 145 - User Guide for PCs

Viewing the protection statistics

Protection Statistics are mainly used by Webroot Support to view the background processes that Webroot SecureAnywhere is monitoring.

To view protection statistics:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the System Tools tab. 3. Click Reports on the left.

- 146 - Using Advanced Tools

4. Under Protection Statistics, click the View button.

5. Click on an event in the left column to view more detailed information. 6. When you're done, click Close.

- 147 - - 148 - Managing Your Account

Your Webroot account includes information about your software licenses and other details. Your account information is available from the My Account panel of the SecureAnywhere program or from my.webrootanywhere.com, which is the online interface.

To learn more about your SecureAnywhere account, see the following topics:

Viewing your account details 150 Activating a new keycode 151 Renewing your subscription 152 Checking for updates 153

- 149 - User Guide for PCs

Viewing your account details

You can view your keycode and the time remaining on your subscription from the My Account window.

To view account details:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the My Account tab. Your account information appears in the panel.

- 150 - Managing Your Account

Activating a new keycode

If you receive a new keycode from Webroot, you can activate it in the My Account panel.

To activate a new keycode:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the My Account tab. 3. Click Activate a new keycode.

4. In the dialog, enter the keycode and click the Activate button.

- 151 - User Guide for PCs

Renewing your subscription

You can renew your subscription from the My Account window.

To renew your subscription:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the My Account tab. 3. Click Learn more about available upgrades.

The Webroot website opens. From here, you can purchase an upgrade to your software.

- 152 - Managing Your Account

Checking for updates

If you deactivated automatic updates from General Preferences, you can manually check for updates yourself.

Note: For more information about setting automatic updates, see "Setting general preferences" on page 156.

To check for SecureAnywhere updates:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the My Account tab. 3. Click Check for software updates. If a newer version exists, Webroot downloads the updates to your system.

- 153 - - 154 - Setting Preferences

To learn more about setting preferences, see the following topics:

Setting general preferences 156 Setting basic configuration 162 Setting access control 166 Defining proxy server settings 169 Adjusting heuristics 172 Exporting and importing settings 177 Setting self protection 180

- 155 - User Guide for PCs

Setting general preferences

You can change the behavior of the program in General Preferences.

To change general preferences:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. In the upper right corner, click Settings.

The Settings panel opens.

- 156 - Setting Preferences

3. Select the slide bars to adjust the settings, which are described in the following tables. When you’re done, click the Save All button.

Note: We recommend that you keep Webroot’s default settings. If you make changes and decide you want to return to the recommended settings, click the Reset to Defaults button.

- 157 - User Guide for PCs

The following tables describe the slider options.

Set and forget protection — Hands-on security (more prompts)

This slider affects the following advanced settings:

l Show the “Authenticating Files” pop-up when a new file is scanned on-execution. See "Changing the scan settings" on page 25.

l Fade out warning messages automatically. See "Setting basic configuration" on page 162.

l Warn before blocking untrusted programs from accessing protected data. See "Changing Identity Protection settings" on page 63.

Slider in left-most position: Disabled: Show the “Authenticating Files” pop-up when a new file is scanned on-execution. Enabled: Fade out warning messages automatically. Disabled: Warn before blocking untrusted programs from accessing protected data. Slider in middle position: Enabled: Show the “Authenticating Files” pop-up when a new file is scanned on-execution. Enabled: Fade out warning messages automatically, Disabled: Warn before blocking untrusted programs from accessing protected data. Slider in right-most Enabled: Show the “Authenticating Files” pop-up when a new file position: is scanned on-execution. Disabled: Fade out warning messages automatically. Enabled: Warn before blocking untrusted programs from accessing protected data.

- 158 - Setting Preferences

Minimal system resource usage — Fastest scanning

This slider affects the following advanced settings:

l Favor low disk usage over verbose logging (fewer details stored in logs). See "Setting basic configuration" on page 162.

l Favor low CPU usage over fast scanning. See "Changing the scan settings" on page 25.

l Operate background functions using fewer CPU resources. See "Setting basic configuration" on page 162.

l Lower resource usage when intensive applications or games are detected. See "Setting basic configuration" on page 162.

l Favor low memory usage over fast scanning. See "Changing the scan settings" on page 25

Slider in left-most Enabled: Favor low disk usage over verbose logging (fewer details position: stored in logs). Enabled: Favor low CPU usage over fast scanning. Enabled: Operate background functions using fewer CPU resources. Enabled: Lower resource usage when intensive applications or games are detected. Enabled: Favor low memory usage over fast scanning. Slider in middle position: Disabled: Favor low disk usage over verbose logging (fewer details stored in logs). Disabled: Favor low CPU usage over fast scanning. Enabled: Operate background functions using fewer CPU resources. Enabled: Lower resource usage when intensive applications or games are detected. Enabled: Favor low memory usage over fast scanning. Slider in right-most Disabled: Favor low disk usage over verbose logging (fewer details position: stored in logs). Disabled: Favor low CPU usage over fast scanning. Disabled: Operate background functions using fewer CPU resources. Enabled: Lower resource usage when intensive applications or games are detected. Disabled: Favor low memory usage over fast scanning.

- 159 - User Guide for PCs

Less automatic scanning — Daily thorough system scanning

This slider affects the scan schedule settings. See "Changing the scan schedule" on page 22. Note: A "quick" scan searches the system's memory. A "deep" scan searches for all types of malware in all locations. Slider in left-most position: Runs a quick scan when the computer starts (boot-up). Slider in middle position: Runs a quick scan every day. Slider in right-most Runs a deep scan every day. position:

Basic internal security — Maximum internal security

This slider affects the following advanced settings:

l Self protection: minimum, medium, or maximum. See "Setting self protection" on page 180.

l Require the completion of a CAPTCHA when changing critical features. See "Setting access control" on page 166.

l Self protection response cloaking. See "Setting self protection" on page 180.

Slider in left-most position: Minimum: Self protection. Disabled: Require the completion of a CAPTCHA when changing critical features. Disabled: Self protection response cloaking. Slider in middle position: Medium: Self protection. Enabled: Require the completion of a CAPTCHA when changing critical features. Disabled: Self protection response cloaking. Slider in right-most Maximum: Self protection. position: Enabled: Require the completion of a CAPTCHA when changing critical features. Enabled: Self protection response cloaking.

- 160 - Setting Preferences

Strong behavior and cloud heuristics— Maximum heuristics (more warnings)

This slider affects the advanced heuristics settings. See "Adjusting heuristics" on page 172. Slider in left-most position: Sets all heuristics to the Low setting (second position in the Heuristics panel slider). Slider in left-middle Sets all heuristic settings to the SecureAnywhere defaults in the position: Heuristics panel. Slider in right-middle Raises heuristic settings for important areas, while leaving less position: vulnerable areas at the defaults. Slider in right-most Raises all heuristic settings to the maximum. position:

- 161 - User Guide for PCs

Setting basic configuration

You can change the behavior of the program in General Preferences.

To change general preferences:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. In the upper right corner, click Settings.

- 162 - Setting Preferences

3. In the Settings panel, click Advanced Settings.

4. Make sure Basic Configuration is selected at the left.

5. If you want to change a setting, select its checkbox to disable it (uncheck the box) or activate it (check the box). When you’re done, click Save All.

- 163 - User Guide for PCs

Note: We recommend that you keep Webroot’s default settings. If you make changes and decide you want to return to the recommended settings, click the Reset to Defaults button.

The following table describes the options.

Basic Configuration settings

Show a Provides quick, double-click access to the main interface by placing the SecureAnywhere shortcut icon on your desktop. shortcut on the desktop Show a system tray Provides quick access to SecureAnywhere functions by placing the icon Webroot icon on your desktop. You can double-click the icon to open the main interface or right-click to open a menu of common functions, like scanning. Show a splash screen Opens the Webroot splash screen on system startup, which lets you know on bootup that the program is running and protecting your computer. Show Lists Webroot SecureAnywhere in the Windows Startup menu items. SecureAnywhere in the Start Menu Show Lists Webroot SecureAnywhere in the Windows Add/Remove Programs SecureAnywhere in panel. Add/Remove Programs Show Lists Webroot SecureAnywhere in the Windows Security Center, under SecureAnywhere in Virus Protection information. Windows Security Center Hide the Blocks your license keycode from displaying on the My Account panel. SecureAnywhere license keycode on- screen Automatically Downloads product updates automatically without alerting you. download and apply updates Operate background Saves CPU resources by running non-scan related functions in the functions using fewer background. CPU resources

- 164 - Setting Preferences

Basic Configuration settings

Favor low disk usage Saves disk resources by saving only the last four log items. over verbose logging (fewer details stored in logs) Lower resource usage Suppresses SecureAnywhere functions while you are gaming, watching when intensive videos, or using other intensive applications. applications or games are detected Allow Displays a Shutdown command in the system tray menu. If you deselect SecureAnywhere to be this option, the Shutdown command is removed from the menu. shut down manually Force non-critical Suppresses information-only messages from appearing in the system tray. notifications into the background Fade out warning Closes warning dialogs in the system tray after a few seconds. If you messages disable this option, you must manually click on a message to close it. automatically Store Execution Stores data for the Execution History logs, available under Reports. History details

- 165 - User Guide for PCs

Setting access control

If multiple people use your computer, you can set some permissions that provide or deny access to certain functions. These access controls also protect your computer from malware that tries to change settings in SecureAnywhere.

To change Access Control settings:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. In the upper right corner, click Settings.

- 166 - Setting Preferences

3. In the Settings panel, click Advanced Settings.

4. Click Access Control at the left.

5. If you want to change a setting, select its checkbox to disable it (uncheck the box) or activate it (check the box). When you’re done, click Save All.

The following table describes the options.

- 167 - User Guide for PCs

Access Control settings

Enable Password Requires that users enter a password for any configuration changes or Protection critical actions. Allow users to scan Allows any user to scan the system, even if password protection is without a password enabled. Allow users to remove Allows any user to remove threats, even if password protection is threats without a enabled. password Require the Opens a CAPTCHA dialog that requires you to read distorted text on the completion of a screen and enter the text in a field before performing any critical actions. CAPTCHA when These actions include changing shields, importing configuration settings, changing critical uninstalling the program, and shutting down the agent. features Require the Opens a CAPTCHA dialog that requires you to read distorted text on the completion of a screen and enter the text in a field before performing any configuration CAPTCHA when changes. changing configuration Remember Allows you to complete configuration changes and critical functions CAPTCHA without re-entering a CAPTCHA test again. SecureAnywhere will completion until the remember your last CAPTCHA until you close the main interface. window is closed Allow non- Enables you to modify configuration options, whether you are logged in administrative users to as an administrative user or not. modify configuration options Allow uninstallation Enables you to access the Antimalware Tools (under Quarantine), by non-administrative whether you are logged in as an administrative user or not. users Allow access to Enables you to access the advanced features, whether you are logged in antimalware tools by as an administrative user or not. Advanced features include all options in non-administrative the Settings panels and the Antimalware tools under Quarantine. users Allow access to Enables you to access the advanced features, whether you are logged in advanced features by as an administrative user or not. Advanced features include all options in non-administrative the Settings panels and the Antimalware tools under Quarantine. users Enable enhanced Provides configuration and debug data to Webroot Support when you customer support initiate a support request. This feature allows Support to quickly diagnose and repair the issue.

- 168 - Setting Preferences

Defining proxy server settings

If you use a proxy server to connect to the Internet, you must define the proxy connection data; otherwise, Webroot cannot send updates to your computer. (A proxy server is a computer system or router that acts as a relay between your computer and another server.) For further information about your proxy environment, contact your proxy server’s administrator.

To define proxy server settings:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. In the upper right corner, click Settings.

- 169 - User Guide for PCs

3. In the Settings panel, click Advanced Settings.

4. Click Proxy at the left.

5. Enter the proxy settings, which are described in the following table. When you’re done, click Save All.

- 170 - Setting Preferences

Proxy settings

Proxy Type Select HTTP Proxy from the drop-down box. Authentication Method Select an authentication method from the drop-down box. Host Enter the fully qualified domain name of the server (for example, proxy.company.com). Port Enter the port number the server uses. Username Enter the user name of the server, if used. Password Enter the password of the server, if used.

- 171 - User Guide for PCs

Adjusting heuristics

With heuristics settings, you can adjust the level of threat analysis that Webroot SecureAnywhere performs when scanning your computer. Heuristics can be adjusted for separate areas of your computer, including the local drive, USB drives, the Internet, the network, CD/DVDs, and when your computer is offline. We recommend that you keep heuristics at their default settings, unless you are an advanced user and understand how changing settings will impact threat detection.

Webroot SecureAnywhere includes three types of heuristics:

l Advanced Heuristics. Analyzes new programs for suspicious actions that are typical of malware.

l Age Heuristics. Analyzes new programs based on the amount of time the program has been in the community. Legitimate programs are generally used in a community for a long time, but malware often has a short life span.

l Popularity Heuristics. Analyzes new programs based on statistics for how often the program is used in the community and how often it changes. Legitimate programs do not change quickly, but malware often mutates at a rapid pace. Malware may install as a unique copy on every computer, making it statistically “unpopular.”

To change heuristics settings:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12).

- 172 - Setting Preferences

2. In the upper right corner, click Settings.

- 173 - User Guide for PCs

3. In the Settings panel, click Advanced Settings.

4. Click Heuristics at the left.

5. Select the tab for the area you want to change heuristics settings: Local, USB, Internet, Network, CD/DVD, or Offline.

- 174 - Setting Preferences

6. Select the radio buttons and slide bars to adjust the settings, which are described in the following tables. When you’re done, click the Save All button.

The following table describes the options.

Radio buttons -- additional heuristics options

Disable Heuristics Turns off heuristic analysis. Not recommended. Apply advanced Warns against new programs as well as old programs that exhibit heuristics before suspicious behavior. Age/Popularity heuristics Apply advanced Warns against suspicious programs detected with Advanced Heuristics, heuristics after based on Age/Popularity settings. Age/Popularity heuristics Warn when new Warns when malicious, suspicious, or unknown programs try to execute. programs execute that (This setting may result in false detections.) are not trusted

Slider - advanced heuristics

Disabled Turns off Advanced Heuristics for the area selected in the tab, leaving it vulnerable to new threats. (However, it will still be protected against known threats.) Low Detects programs with a high level of malicious activity. This setting ignores some suspicious behavior and allows most programs to run. Medium Balances detection versus false alarms by using our tuned heuristics in the centralized community database. High Protects against a wide range of new threats. Use this setting if you think your system is infected or at very high risk. (This setting may result in false detections.) Maximum Provides the highest level of protection against new threats. Use this setting if you think that your system is infected or at very high risk. (This setting may result in false detections.)

- 175 - User Guide for PCs

Slider - age heuristics

Disabled Turns off Age Heuristics for the area selected in the tab, leaving it vulnerable to new threats. (However, it will still be protected against known threats.) Low Detects programs that have been created or modified very recently. Medium Detects programs that are fairly new and not trusted, preventing zero-day or zero-hour attacks. We recommend using this setting if you do not install unpopular programs and want an extra degree of security to prevent mutating threats. High Detects programs that have been created or modified in a relatively short time and are not trusted. This setting is recommended only if you rarely install new programs and if you feel that your system is relatively constant. This setting may generate a higher level of false alarms on more obscure or unpopular programs. Maximum Detects all untrusted programs that have been created or modified fairly recently. You should only use this setting if your computer is in a high- risk situation or if you think that it is currently infected.

Slider - popularity heuristics

Disabled Turns off Popularity Heuristics for the area selected in the tab, leaving it vulnerable to new threats. (However, it will still be protected against known threats.) Low Detects programs that have been seen for the first time. This setting is recommended if you frequently install new programs, beta programs, or you are a software developer who frequently creates new programs. Medium Detects unpopular and mutating programs, preventing zero-day and zero- hour attacks. This setting is recommended if you do not frequently install new programs and want an extra level of protection over standard settings. High Detects programs that a significant percentage of the community has seen. This setting is recommended if you do not install new programs and suspect that your system is infected. Maximum Detects programs that a large percentage of the community has seen. This setting is recommended if you think your system is at a very high risk and are willing to accept that you may receive false alarms because of the strict heuristic rules.

- 176 - Setting Preferences

Exporting and importing settings

If you changed the SecureAnywhere configuration, you can back up those new settings using the Export funciton. A backup of your configuration is helpful if you ever need to reinstall the software or transfer your configuration to another computer.

To export and import settings:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. In the upper right corner, click Settings.

- 177 - User Guide for PCs

3. In the Settings panel, click Advanced Settings.

4. Click Import/Export at the bottom left.

- 178 - Setting Preferences

5. To transfer your settings to another computer, click Export Settings. Enter a name for the file and click Save. These settings can be from an external hard drive or USB drive. Depending on the file size, this may take a few seconds. 6. Access the other computer and click Import Settings. Select the file and click Save.

- 179 - User Guide for PCs

Setting self protection

Self Protection prevents malicious software from modifying the SecureAnywhere program settings and processes. If SecureAnywhere detects that another product is attempting to interfere with its functions, it launches a protective scan to look for threats. It will also update the internal self protection status to prevent incompatibilities with other software.

We recommend that you keep Self Protection at the Maximum setting. However, if you use other security software along with SecureAnywhere, you should adjust Self Protection to the Medium or Minimum setting. The Maximum setting may interfere with other security software.

To change the Self Protection setting:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. In the upper right corner, click Settings.

- 180 - Setting Preferences

3. In the Settings panel, click Advanced Settings.

4. In the Settings panel, click Self Protection at the left.

5. Click a radio button for Minimum, Medium, or Maximum security.

- 181 - User Guide for PCs

Note: If you want to turn off self protection, uncheck the Enable self protection response cloaking box.

6. Click Save All.

- 182 - Accessing Support and Resources

To learn more about Webroot's Support options and other resources, see the following topics:

Accessing Technical Support options 184 Accessing additional publications 185 Saving a threat log for analysis 186 Submitting a file to Webroot for analysis 187

- 183 - User Guide for PCs

Accessing Technical Support options

Webroot offers a variety of Technical Support options, including:

l Ticket and phone support.

l Interactive knowledgebase.

To access these support options, go to our online Support site: SecureAnywhere Product Support.

- 184 - Accessing Support and Resources

Accessing additional publications

Webroot provides the following additional resources:

l SecureAnywhere Website User Guide

l SecureAnywhere User Guide for Macs

l Help for Webroot Mobile Security

To access these resources, go to our Help and Product Guides page.

- 185 - User Guide for PCs

Saving a threat log for analysis

If you want to investigate an infection with Webroot Support, you can save a threat log and send it to Webroot. The threat log shows details about threats removed from your computer.

To save a threat log:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the PC Security tab. 3. Click Quarantine on the left. 4. Click Save Threat Log.

5. In the dialog, select a folder location for the log and click Save.

- 186 - Accessing Support and Resources

Submitting a file to Webroot for analysis

If a file on your system is causing problems or if you know a file is safe and want it reclassified, you can send the file to Webroot for analysis.

To submit a file:

1. Open SecureAnywhere (see "Using the SecureAnywhere interface" on page 12). 2. Click the System Tools tab. 3. Click Submit a File on the left. A dialog asks if you would rather go to the Support website, where you might receive a quicker response. 4. Click No at the prompt if you still want to submit a file for analysis.

5. Select the file by clicking the Browse button. 6. Select any of the checkboxes that apply to this file. 7. Enter any additional information in the bottom field.

- 187 - User Guide for PCs

8. Click Send. Webroot Support will contact you.

- 188 - Glossary

A

adware Software designed to display advertisements on your system or hijack web searches (rerouting searches through its own web page). It may also change your default home page to a specific website. Adware generally propagates itself using dialog boxes and social engineering methods.

B

backup A backup transfers files in one direction, typically from your computer to another source. In contrast, synchronization transfers files in multiple directions: from your computer to another source or from the other source back to your computer.

C

cookies Small strings of text designed to help websites remember your browser and preferences. Cookies cannot steal information off your machine, but some do store personal information that you may not want outside parties to gather. You can manage cookie settings in your browser's security or privacy preferences.

H

hosts file A file that helps direct your computer to a website using Internet Protocol (IP) addresses. When you enter a web address in a browser, your computer first looks in the hosts file to see if the domain is already listed. If so, it goes directly to the IP address. Some types of malware can hijack the entries in the hosts file.

K

keycode Your keycode is the 20-character license that identifies your Webroot account. If you purchased the product online, the keycode is provided in an email from Webroot. If you purchased the product in a store, the keycode is provided in the retail box. After installation, the My Account panel lists your keycode.

- 189 - User Guide for PCs

keylogger A system monitor that records keyboard activity. Keyloggers can be used for legitimate purposes, but can also record sensitive information for malicious purposes.

M

malware Malicious software that is designed to destroy or harm your computer system. Malware includes viruses, spyware, adware, and all types of threats.

P

phishing A fraudulent method criminals use to steal personal information. These criminals design websites or email messages that appear to originate from trustworthy sources, such as eBay, PayPal, or even your own bank. Typical scams can trick you into entering your user names, passwords, and credit card information.

Q

quarantine Webroot's holding area for spyware, viruses, and other potentially unwanted applications. The quarantine process does not delete items from your computer. Rather, it renders them inoperable and stores them in a safe place where they cannot cause any harm. You do not need to delete items in quarantine, unless you want to preserve storage space. You can also restore an item from quarantine, if necessary.

R

registry A database of hardware and software settings about your computer’s configuration, such as the types of programs that are installed. Spyware can create entries in the Windows registry, which can ultimately slow down your computer and cause problems in your system.

rootkit A collection of tools that enable administrator-level access to a computer or network. By using file- obfuscation techniques, rootkits can hide logins, processes, files and logs, and may include software to capture information from desktops or a network. Spyware developers often use rootkits to avoid detection and removal.

- 190 - Glossary

S scan Webroot's process of searching for potential threats on your computer, such as spyware and viruses. It then moves items to quarantine, where they are rendered inoperable. shield Webroot's method of guarding your system while you browse the Internet. If the shields detect spyware or other potential threats attempting to download, they respond in one of two ways. If the item is a threat, the shield moves it to quarantine. If the item is unknown or a potential threat, the shield opens an alert message that asks you to allow it or block it. spyware A program that may either monitor your online activities or install programs without your knowledge. Spyware may get bundled with freeware, shareware, or email attachments. You can also accidentally install spyware by clicking on dialog boxes in websites. Once installed, spyware can send information about your online activities to a third party for malicious purposes. synchronization Synchronization transfers files in multiple directions: from your computer to another source or from the other source back to your computer. Changes on one computer will be copied to the online repository and to the other computers.

T

Trojan Horse A program that takes control of your computer files, allowing a hacker to install, execute, open, or close programs. A Trojan is usually disguised as a harmless software program. It may also be distributed as an email attachment. When you open the program or attachment, the Tropjan can launch an auto-installation process that downloads third-party programs onto your computer.

V virus A self-replicating program that can infest computer code, documents, or applications. While some viruses are purposefully malignant, others are more of a nuisance, replicating uncontrollably and inhibiting system performance.

- 191 - - 192 - B

Index Backup & Sync adding sync folders 88 backing up files 97 A changing backup filters 104 changing backup schedule 107 access control settings 166 changing backup settings 101 account changing quota warning 87 changing keycode 151 changing sync settings 85 creating 8 changing upload limits 87, 103 personal security code 10 checking file transfer status 109 viewing details 150 detaching folders from sync 95 active processes 138 disabling for battery power or gaming 87, Add/Remove programs, removing 103 SecureAnywhere from 164 disabling sync icons 87, 103 advanced heuristics 172 downloading component 79 age heuristics 172 excluding files from backup 106 alerts excluding subdirectories 106 disabling fade-out 165 icons in Explorer 81 firewall alerts 49 ignoring files 86, 102 forcing in the background 165 saving previous versions 78 Identity Protection alerts 65 sharing folders across computers 92 shield alerts 30 synchronizing files 81 suppressing for unknown or unclassified viewing files in Web Console 109 items 37 basic configuration settings 162 supressing when same file is detected 34 Behavior shield 35 threat detection alerts 21 BHOs, blocking 72 Android app 4 browser add-ons, blocking 72 antimalware tools 58 browsers, supported 3 AntiVirus edition 2 browsing activity, hiding 71 Anywhere folder 81 Apple app 4 C application file history, clearing 126 CAPTCHA, disabling 168 applications, protection 66 CD burning storage folder, clearing 125 apps for SecureAnywhere 4 CD/DVD hueristics 174 archived files, removing from scans 27 Checkmarks in web search results 45 archiving files 78 cleanup log 135 autocomplete form history, clearing 131 User Guide for PCs

cleanup, running 114 managing network applications 50 clipboard data clearing 124 G protection 71 gamer mode 24, 87 cloud heuristics 156 Complete edition 2 H configuration settings 162 control active processes 138 heuristics 172 cookies hosts file, preventing changes 40 blocking 71 blocking third-party 65 I removing flash cookies 125 removing IE cookies 130 Identity Protection copying files 81 changing settings 63 Core System shield 38 disabling 62 CPU resources, preserving 164 protecting applications 66 cross-scripting attacks, preventing 43 protecting websites 69 supported browsers 62 D import settings 177 index.dat file, clearing entries 131 desktop icon installation on a PC 2 displaying after installation 164 internal security 156 including in installation 5 Internet Explorer, clearing activity traces 128 detection configuration 56 Internet files, deleting 130 disk usage, lowering 165 Internet heuristics 174 Internet Security Plus edition 2 E iOS app 4 iPhone app 4 editions of SecureAnywhere 2 enhanced customer support setting 168 K Execution History storing details 165 kernal, prevent programs from modifying 40 viewing 145 keycode export settings 177 changing 151 entering on registration 9 F hiding on screen 164 locating 4 firewall keyloggers, protection from 71 alerts 49 knowledgebase 184 disabling 48

- 194 - Index

L password requiring for configuration changes 168 language, changing 5 setting 9 license, renewing 152 Password Management Local heuristics 174 downloading component 75 lock icon in system tray 66, 69 using 74 login credentials, protection 65 personal security code 9-10 logon user history, clearing 125 phishing, protection from 62, 65, 71 LSP chain, monitoring 40 policies, resetting 59 popularity heuristics 172 M preferences, setting 156 processes Mac installation 3 block or allow 138 main interface 12 preventing changes 40 malware testing in a sandbox 140 protection statistics 146 man-in-the-browser attacks, protection from 72 proxy server settings 169 man-in-the-middle attacks, protection from 65, publications, Webroot 185 71 master boot record infections, protection Q against 27 media player bar history, clearing 130 quarantine memory dump files, removing 125 deleting items from 55 mobile apps 4 managing file detection 56 restoring items from 55 N using antimalware tools 58 network applications, monitoring 50 R Network heuristics 174 Realtime shield, changing settings 32 O Recycle Bin, deleting contents 120 registry streams, clearing history 125 Offline heuristics 174 removal script 59 offline protection in Realtime shield 34 renewing subscription 152 Offline shield 30 resource usage 156, 165 opening SecureAnywhere 12 rootkits, protection against 27 Overview panel 12 S P safe mode, rebooting in 59 padlock icon in system tray 66, 69 SafeStart sandbox, using 140

- 195 - User Guide for PCs

scans automatic quarantine 34 automatic scanning 18 Behavior shield 35 changing preferences 25 Core System shield 38 changing schedule 22 disabling 30 disabling automatic schedule 24 Offline shield 30 hide progress window 24 Realtime shield 32 launching on bootup 24 USB shield 30 reducing memory usage 27 viewing settings 30 removing a specific threat 59 Web Threat shield 41 running from Windows Explorer 27 Zero Day shield 30 running on-demand 19 shortcut, desktop saving a scan log 142 displaying after installation 164 scan new or modified files 34 including in installation 5 suppresing during games or movies 24 shredding files 132 suppressing on battery power 24 shutdown command, removing from tray viewing scan results 18 menu 165 screen capture programs, allowing 65 software updates 153 screen grabbers, protecting from 72 splash screen, disabling on bootup 164 screensaver, resetting 59 Start Menu, removing SecureAnywhere search engine results from 164 analyzing 43 starting SecureAnywhere 12 Web Threat protection 45 statistics, protection 146 Secure File Removal 132 status, viewing 15 SecureAnywhere editions 2 submit a file to Webroot 187 Security Center, listing SecureAnywhere in 164 subscription, extending 152 security code 9 support options 184 security question and answer 9 sync folders self protection 180 adding 88 set and forget protection 156 disabling from sync 95 settings sharing across computers 92 access control 166 synchronizing files 81 basic configuration 162 System Analyzer 143 heuristics 172 System Cleaner importing or exporting to another changing application settings 126 computer 177 changing Internet Explorer history 128 proxy server 169 changing Windows Desktop settings 120 self protection 180 changing Windows system settings 123 shields running a cleanup 114 automatic blocking 34 running from Explorer 118

- 196 - Index

running on a schedule 117 Windows, removing activity traces 123 running on bootup 118 using Secure File Removal 132 X viewing the cleanup log 135 X in search results 45 System Control 138 system requirements 2 Z System Temp folder, clearing 125 system tray icon, showing 164 Zero Day shield 30 system tray menu 14

T

Technical Support 184 threat log, saving 186 tray alerts 14

U uninstalling SecureAnywhere 7 updates automatically downloading 164 checking for 153 URL grabbing attacks, protection from 71 URL history, clearing 130 USB heuristics 174 USB shield 30 users, disabling access for 168

W wallpaper, resetting 59 Web Threat shield 41 Webroot publications 185 Webroot Support 184 website surfing, protection 44 website threat protection 44 website whitelists and blacklists 42 Windows Desktop, removing history traces 120 Windows firewall 48 Windows Temp folder, clearing 124

- 197 -