Kit
I have an issue with a couple of users who have Webroot Secure Anywhere Complete installed.
I have been using your products for over 5 years now and recommend them to anyone and everyone, however the exclusion issue may be going to cause me a problem today!
These users are using a database application and intermittently they lose the Copy/Paste functionality in this application and indeed on the whole PC, one is Windows 7 the other Windows XP.
The database support department have been approached and we were advised to turn off Webroot and see what happened. Turns out that turning Webroot off alleviates the Copy/Paste functionality not working, so it looks as if Webroot is the root cause. I will say that my investigations have uncovered plenty of noise on the Internet of users with similar issues where other applications and functionality have been highlighted as possible causes ie RDPclient.exe etc.
Anyway, the DB vendor has advised that we exclude a couple of folders from the realtime scanning and see if that fixes the issue with Webroot turned on....
...over to you 🙂, before I take the decision to find an alternative.
Regards
Brian
Edit: Split off into new topic - Kit
Page 1 / 3
Hi Brian!
I moved your message off into its own topic to allow peopleto find it more easily and to reflect the issue rather than the assumed cause.
The good news is that it's unrelated to realtime scanning. Third party software companies will generally recommend exclusion from the AV as a mattr of course and for troubleshooting.
The symptoms you are experiencing are related to the Identity Shield functionality, which is explicitly made to block access to certain functionality such as the screen contents and clipboard in some cases. There are a few possibilities on what is occurring in this specific one. I make the assumption, though possibly inaccurately, that a browser is running while this symptom occurs. If no browser is running at all and this continues to happen, contact support immediately for diagnostics gathering and escalation.
Go to the Identity & Privacy tab and click "View/Edit Protected Applications"
- Is the DB program or any part of it listed under "Deny"? If so, change it to "Allow".
- Review the "Deny" list. Any program that you explicitly trust that is set to "Deny" may be changed to "Allow" safely.
If this resolves the issue, you may want to open a support ticket from one of the affected systems with the reason of System Impact (Slowdown) or similar and request cloud evaluation of the DB program. If it's not a common one, it may still be Unknown in the database and that can cause it to be placed into Deny.
If...
- The DB program is listed under "Protect"
- Turning off the Identity Shield (follow up by doing a "shut down protection" and then re-run it with the Identity Shield off) corrects it but nothing was listed under "Deny"
...and/or
- Setting all items under the Protected Applications list from "Deny" or "Protect" to "Allow" resolves it
You may temporarily resolve it by setting everything to Allow (Including browsers, however they will return to the list when they update), or by turning the Identity Shield off. Contact with support for escalation is highly recommended at that point.
I moved your message off into its own topic to allow peopleto find it more easily and to reflect the issue rather than the assumed cause.
The good news is that it's unrelated to realtime scanning. Third party software companies will generally recommend exclusion from the AV as a mattr of course and for troubleshooting.
The symptoms you are experiencing are related to the Identity Shield functionality, which is explicitly made to block access to certain functionality such as the screen contents and clipboard in some cases. There are a few possibilities on what is occurring in this specific one. I make the assumption, though possibly inaccurately, that a browser is running while this symptom occurs. If no browser is running at all and this continues to happen, contact support immediately for diagnostics gathering and escalation.
Go to the Identity & Privacy tab and click "View/Edit Protected Applications"
- Is the DB program or any part of it listed under "Deny"? If so, change it to "Allow".
- Review the "Deny" list. Any program that you explicitly trust that is set to "Deny" may be changed to "Allow" safely.
If this resolves the issue, you may want to open a support ticket from one of the affected systems with the reason of System Impact (Slowdown) or similar and request cloud evaluation of the DB program. If it's not a common one, it may still be Unknown in the database and that can cause it to be placed into Deny.
If...
- The DB program is listed under "Protect"
- Turning off the Identity Shield (follow up by doing a "shut down protection" and then re-run it with the Identity Shield off) corrects it but nothing was listed under "Deny"
...and/or
- Setting all items under the Protected Applications list from "Deny" or "Protect" to "Allow" resolves it
You may temporarily resolve it by setting everything to Allow (Including browsers, however they will return to the list when they update), or by turning the Identity Shield off. Contact with support for escalation is highly recommended at that point.
Most clipboard applications begin with similar issue.. I had been wondering and and finally setting them allow in identity shield sorts the problem.
I'm told there is some development being done around fixing the copy/paste problems. Hopefully we'll start to see some results of that work pretty soon. 🙂
Thank You for the answer! I've been cursing *@(@*@ about what's been blocking my copy/paste operations and now I know.
I'm adding the troublesome apps into the listing for now. Keep us posted!
I'm adding the troublesome apps into the listing for now. Keep us posted!
Kit, if you do choose "allow" does that allow for the entire browser to then be vulnerable to attack ?
Hi peacefl,
Kit is no longer with Webroot, so he might not reply (though he's more than welcome to!). However, this topic is six months old, and the issue in question may not even be an issue any longer. Are you encountering a problem with copy/paste? Does the problem go away when you disable the Identity Shield? Which program is having the issue?
To answer your question, if you were to choose to allow for a browser, yes it would make the browser vulnerable at least insofar as the protection offered by the Identity Shield specifically is concerned. You would still be protected against malicious executables trying to target a browser because of Webroot's other shields, but certain other avenues could be open to attack at that point.
If you can specify some details about the problem you're running into, I'm sure we can help.
Kit is no longer with Webroot, so he might not reply (though he's more than welcome to!). However, this topic is six months old, and the issue in question may not even be an issue any longer. Are you encountering a problem with copy/paste? Does the problem go away when you disable the Identity Shield? Which program is having the issue?
To answer your question, if you were to choose to allow for a browser, yes it would make the browser vulnerable at least insofar as the protection offered by the Identity Shield specifically is concerned. You would still be protected against malicious executables trying to target a browser because of Webroot's other shields, but certain other avenues could be open to attack at that point.
If you can specify some details about the problem you're running into, I'm sure we can help.
I work for a company and I have to use my browser to see customer tickets, but when I attempt to copy and paste, webroot is blocking that functionality I have went into that area described above and checked "Allow" for I.E., Chrome and Firefox. Is there some other way to tweak this in Webroot instead of that option so that it is actually protecting the browsers ? or no?.
Are you using a 3rd party app to interact with the browser? If so I could whitelist any 3rd party apps. As for leaving the browser on allow you are still protected from threats that are downloaded to your PC. The malware engine and threat detection is still running regardless of the setting. The entire browser shield is being completely reworked for our next realise and should elimate this type of issue.
O.o
True, I may not reply. Or I might...
Setting the browser to Allow as a whole does remove specifically a few parts of ID shield protection from the browser, but is useful for troubleshooting. Turning off the ID shield completely turns all of it off.
A better way to do it is to look for anything you recognize as safe that is marked as "Deny" in the ID Shield and set it to allow. Also get Unknowns of stuff you run while working with the tickets to Rak for determination, since Unknown things can get silently blocked by the ID shield in some configurations.
True, I may not reply. Or I might...
Setting the browser to Allow as a whole does remove specifically a few parts of ID shield protection from the browser, but is useful for troubleshooting. Turning off the ID shield completely turns all of it off.
A better way to do it is to look for anything you recognize as safe that is marked as "Deny" in the ID Shield and set it to allow. Also get Unknowns of stuff you run while working with the tickets to Rak for determination, since Unknown things can get silently blocked by the ID shield in some configurations.
This is getting really aggravating. Anytime I install a new program it iniitially isn't allowed to receive pastes. I've never seen another malware or virus protection program do that. Of course, I can then go into Indentity Shield and fix it. But sometime it surfaces again, for reasons I don't understand, and for the very same programs.
Most annoying is that I do some programming myself. Very often, a newly compiled program will be denied receiving pastes. And it happens over and over. Even if I fix it in identity Shield, a new compile will often result in the same problem again, for the same program.
Is there some way to turn off this feature and this feature only?
Most annoying is that I do some programming myself. Very often, a newly compiled program will be denied receiving pastes. And it happens over and over. Even if I fix it in identity Shield, a new compile will often result in the same problem again, for the same program.
Is there some way to turn off this feature and this feature only?
Sorry for the aggravation. The problem is that a new program, especially one you might have written yourself, won't be recognized and will block by default. You can't turn off just that feature - you'd have to turn off the Identity Shield function. You could submit a Feature Request for more granularity on that feature.
I have never had an issue with it after allowing certain programs under application protection list, unless maybe after an update, wsa detect it altogether as new program and you have to allow it again in application protection list under identity shield.
Hi mikespeir
Welcome to the Community Forums...:D
dtouch is quite correct re. what he says and all you should need to do is to set the app concerned to 'Allow' under 'Application Protection' tab in the advanced settings for the Identity Protection section (click on grea/cog to the right of the section heading in the main WSA panel). Of course, you should make very sure that you trust the app that you 'Allow' before allowing it.
And for more information & guidance in relation to this and similar areas of WSA, that can confuse users, please see this KB Article which should explain all that you need to know, but the section entitled 2. Identity & Privacy > Protected Applications is most pertinent to you OP.
Hope that helps?
Regards
Baldrick
Welcome to the Community Forums...:D
dtouch is quite correct re. what he says and all you should need to do is to set the app concerned to 'Allow' under 'Application Protection' tab in the advanced settings for the Identity Protection section (click on grea/cog to the right of the section heading in the main WSA panel). Of course, you should make very sure that you trust the app that you 'Allow' before allowing it.
And for more information & guidance in relation to this and similar areas of WSA, that can confuse users, please see this KB Article which should explain all that you need to know, but the section entitled 2. Identity & Privacy > Protected Applications is most pertinent to you OP.
Hope that helps?
Regards
Baldrick
Well, thanks, but that's what I already do. For some reason (and it may be a variety of reasons) the setting gets changed back unexpectedly. I'm just having trouble seeing the need for that. Granted, it's something that could be exploited. But I used Norton (Symantec) for years and I don't remember it ever doing anything like that. (On the other hand, if I'd been happy with it, I would've stuck with it, right?) WebRoot, I think, employs a fairly unusual approach to combating malware and shareware, and it's served me well so far. If not for this one annoyance, I'd have no real gripe at all.
When do you observe such change in settings? Does it happen only for a certain application or many?
Following program updates certain apps settings gets reset.
Following program updates certain apps settings gets reset.
I work doing I.T. and this feature was supposed to be fixed on and update and it wasnt, so unfortuantly I had to uninstall it to be able to read my tickets from my company.
I installed the free bitdefender and have no issues with this.
I installed the free bitdefender and have no issues with this.
Hi mikespeir
Apologies if I was trying to teach 'my granny to suck eggs' so to speak. :$ Nt know what level of knowledge that you have of WSA I thought it best to start with the basics.
As dtouch says...it would be interesting to understand when this settings 'reset' may have happened? I have never come across it on my own systems...but that does not mean that it does not happen.
May I suggest that you set the settings as you want them/prefer them...and then periodically check to see if there has been any change...as and when there are further changes then I would suggest that you Submit a Support Ticket with all the information so that the Support Team can take a look.
Regards
Baldrick
Apologies if I was trying to teach 'my granny to suck eggs' so to speak. :$ Nt know what level of knowledge that you have of WSA I thought it best to start with the basics.
As dtouch says...it would be interesting to understand when this settings 'reset' may have happened? I have never come across it on my own systems...but that does not mean that it does not happen.
May I suggest that you set the settings as you want them/prefer them...and then periodically check to see if there has been any change...as and when there are further changes then I would suggest that you Submit a Support Ticket with all the information so that the Support Team can take a look.
Regards
Baldrick
I'll do some experimenting and see if I can identify more of the particulars of when it's happening.
Hi mikespeir
Thanks...that would be useful...and I for one a prepared to try to corroborate what you are seeing. So please posted back here even if you open that Support Ticket.
What OS/version are you running, as a matter of interest? ;)
Regards
Baldrick
Thanks...that would be useful...and I for one a prepared to try to corroborate what you are seeing. So please posted back here even if you open that Support Ticket.
What OS/version are you running, as a matter of interest? ;)
Regards
Baldrick
You can't even imagine how frustrating you made my life for the past few days and just by pure luck, i gave a thought to this and solved my problem by turning off the identity shield.
I am a translator and constantly use Sisulizer 3 translation software. I had to rush a translation that had many copy/paste situations that i could benefit from but NOOOO. Your precious anti-virus was silently HINDERING all the paste actions that are done partially within cells but whereas letting me paste the cell alltogether to another one just to confuse me more on finding the root of the problem.
If it wasn't just for some crappy windows support site that is filled with spam that i see sb glabbering about webroot hindering any copy/paste in his comp.
And do you know that the best part is ? Secure Anywhere actually prompt me to ALLOW the application, to seemingly let me choose if the software is allowed or not: And here the plot thickens as i select allow always and the identity shield is actually the my evil step-brother that loaths to hurt me discretely everytime i trust him and turn my head around.
In 2004-5 you were a great company, cool software, no slowing down, no crashes or unwanted infections. Somewhere around 2008 you started to degenerate and it wasn't for 3 pc license that i also use on my parents computers, you would have been long gone, guys. Believe me.
Btw this is purely to rant about how bad you have become and how actually your anti-virus did cost me hours of more manual work on the keyboard grinding the same sentences over and over again + the frustration of trying to find the root cause.
Shame on you.
Now take a step back and see the picturesque view of my hatred towards your software. If you want to show any kind of remorse whatsoever just offer me a FULL refund and i will gladly take it back.
Otherwise you may just as well reply me as " SUCK IT" because you are already on my untouchables list.
This was a tutorial on "how cheaply hard-coded lame anti-virus may cripple your soul and secretly wishes you to die in agony"
Thanks for nothing.
Bah !
I am a translator and constantly use Sisulizer 3 translation software. I had to rush a translation that had many copy/paste situations that i could benefit from but NOOOO. Your precious anti-virus was silently HINDERING all the paste actions that are done partially within cells but whereas letting me paste the cell alltogether to another one just to confuse me more on finding the root of the problem.
If it wasn't just for some crappy windows support site that is filled with spam that i see sb glabbering about webroot hindering any copy/paste in his comp.
And do you know that the best part is ? Secure Anywhere actually prompt me to ALLOW the application, to seemingly let me choose if the software is allowed or not: And here the plot thickens as i select allow always and the identity shield is actually the my evil step-brother that loaths to hurt me discretely everytime i trust him and turn my head around.
In 2004-5 you were a great company, cool software, no slowing down, no crashes or unwanted infections. Somewhere around 2008 you started to degenerate and it wasn't for 3 pc license that i also use on my parents computers, you would have been long gone, guys. Believe me.
Btw this is purely to rant about how bad you have become and how actually your anti-virus did cost me hours of more manual work on the keyboard grinding the same sentences over and over again + the frustration of trying to find the root cause.
Shame on you.
Now take a step back and see the picturesque view of my hatred towards your software. If you want to show any kind of remorse whatsoever just offer me a FULL refund and i will gladly take it back.
Otherwise you may just as well reply me as " SUCK IT" because you are already on my untouchables list.
This was a tutorial on "how cheaply hard-coded lame anti-virus may cripple your soul and secretly wishes you to die in agony"
Thanks for nothing.
Bah !
"You can provide additional security for software applications that may contain confidential information, such as Instant Messaging clients or tax preparation software. By protecting these applications, you secure them against information-stealing Trojans like keyloggers, man-in-the-middle attacks, and clipboard stealers. You can add any applications to the Protected Applications list and assign them to one of the protection levels"
http://www.webroot.com/En_US/SecureAnywhere/PC/WSA_PC_Help.htm#C6_IDProtection/CH6c_ManagingProtectedApps.htm
You need to allow the application which is connected with the problem
What you want to do is access the Identiy Shield tab and click on the Protected Applications link. This will open the section that configures the apps that you want to "Protect" from data stealers and to "Allow" access to system data. Change your program to "Allow".
http://www.webroot.com/En_US/SecureAnywhere/PC/WSA_PC_Help.htm#C6_IDProtection/CH6c_ManagingProtectedApps.htm
You need to allow the application which is connected with the problem
What you want to do is access the Identiy Shield tab and click on the Protected Applications link. This will open the section that configures the apps that you want to "Protect" from data stealers and to "Allow" access to system data. Change your program to "Allow".
Hi Ohzman
Rant noted...but at the risk of annoying you further you are ranting in the wrong place. We are mainly volunteers here with no commercial affiliation to Webroot.
And if you are looking for a refund then again, you are looking for it in the wrong place...you should be contacting Sales Support (please see this link which outlines such thinkgs and provides contact detail, etc.)
Hope that helps a little.
Regards
Baldrick
Rant noted...but at the risk of annoying you further you are ranting in the wrong place. We are mainly volunteers here with no commercial affiliation to Webroot.
And if you are looking for a refund then again, you are looking for it in the wrong place...you should be contacting Sales Support (please see this link which outlines such thinkgs and provides contact detail, etc.)
Hope that helps a little.
Regards
Baldrick
I just realized I never got back to anybody on this. The reason is that I can't find any predictability to the problem. The other day I had an application open and pasted something into it. Keeping the application open all this time, mind you, I came back a few minutes later and tried pasting again. No go. I couldn't believe it! I went into identity shield and, sure enough, that application was set to Deny. Again, I hadn't even closed the application between pastes.
As a former developer myself, I know that there has to be some predictability to a problem before you can fix it. But I haven't found any rhyme no reason to it.
As a former developer myself, I know that there has to be some predictability to a problem before you can fix it. But I haven't found any rhyme no reason to it.
Hi mikespeir
Thanks for the feedback. The weird thing is I cut and paste all the time and I have NEVER come across this issue...which suggests that there is some very specific cause to it. Can you reappraise me as to exactly where the application was 'Deny'ed?
Cheers
Baldrick
Thanks for the feedback. The weird thing is I cut and paste all the time and I have NEVER come across this issue...which suggests that there is some very specific cause to it. Can you reappraise me as to exactly where the application was 'Deny'ed?
Cheers
Baldrick
Hi mikespeir,
I haven't noticed the described issues on any of my machines, where WSA is the first as well as the only line of defence against threats.
Oh..., by the way...
Regards,
Mike
Well..., I can fully confirm this!@ wrote:
The weird thing is I cut and paste all the time and I have NEVER come across this issue...which suggests that there is some very specific cause to it.
I haven't noticed the described issues on any of my machines, where WSA is the first as well as the only line of defence against threats.
Oh..., by the way...
A Big Kudo for you Baldrick!@ wrote:
Rant noted...but at the risk of annoying you further you are ranting in the wrong place. We are mainly volunteers here with no commercial affiliation to Webroot
Regards,
Mike
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.