Page tree
Skip to end of metadata
Go to start of metadata

In the Settings area you can configure the relevant program module how you want. In general there is no need to make any changes at all here, as your G DATA software has already been optimally configured for your system during installation. The following general functions are available for the settings:

 Save settings: You can save the settings you have made to a GDataSettings file. If you are using your G DATA software on multiple computers, you can use this to create settings on one computer, save them and load the settings file onto the other computers.
 Load settings: You can use this to load a GDataSettings file you have created on this or any other computer.
 Reset settings: If you have made a mistake when configuring your G DATA software, you can use this button to reset all of the software settings to the factory settings. When doing so you can specify whether you want to reset every settings area or just specific ones. To do this, simply tick the checkboxes for the areas you want to reset.

General

Security/performance

f you want to use virus protection on a slow computer, there is the option of improving the security level to the benefit of performance, thus improving the operating speed of the computer. In the diagram you can see what effect optimising the settings can bring.

  • Standard computer (recommended): You have the complete protection of the G DATA software at your disposal. The two antivirus engines in the software work hand in hand. In addition, all read and write access on your computer is checked for malware.
Engine: Your G DATA software works using two antivirus engines. In principle, use of both engines should guarantee optimum virus protection results.
  • Slow computer: In order not to compromise the processing speed of slower computers, your G DATA software can also work with just one engine. This is the only protection offered by numerous antivirus programs on the market that only work with one engine in the first place. This means that the level of protection is still good. Furthermore you can specify that scans are only carried out in monitor mode when write processes are being executed. This means that only newly saved data is checked, improving performance even more.
  • User-defined: Here you can custom select whether you want to use both engines or just one engine and you can specify whether the monitor should be active when reading and writing, just when writing (executing) or not at all (not recommended).

Password

By allocating a password you can protect the settings for your G DATA software. In this way another user of your computer cannot switch off e.g. the virus monitor or idle scan.

To allocate a password, please enter it in "Password" then "Re-enter password" to prevent typing errors. You can also enter a hint for the password under "Password hint".

Note: The password hint is displayed if an incorrect password has been entered. Hence the password hint should only enable you to infer the password.
Note: Such password protection represents enhanced protection of the software. You can achieve maximum security by working with multiple user accounts. Hence as administrator you should manage e.g. virus protection in your user account and other users (e.g. children, friends or relatives) cannot make changes via their user accounts with restricted permissions.
Note: If you no longer need a password for your G DATA software – e.g. after setting up different user accounts – you can use the "Remove password" button to remove the requirement to enter a password.

Antivirus

Real-time protection

The virus monitor real-time protection continuously checks your computer for viruses; it controls read and write operations, and as soon as a program attempts to execute malware or spread malicious files it prevents it from doing so. The virus monitor is your most important protection! It should never be switched off.

The following options are available:

  • Monitor status: Specify here whether the monitor should be enabled or disabled.
  • Use engines: The software works with two engines, which are two essentially independent virus checking programs. Every engine by itself would already provide you with a high degree of protection against viruses, but it is precisely the combination of both engines that gives the very best results. You can accelerate the virus check in older and slower computers by using just one engine, but normally you should keep the setting Both engines.
  • Infected files: If a virus is detected, you will be asked in the default setting how you want to deal with the virus and the infected file. If you would always like to perform the same action, you can set this here. The highest protection for your data is offered here by the setting Disinfect (if not possible: place in quarantine).
  • Infected archive: Here you determine whether archive files (e.g. files with the extension RAR, ZIP or PST) should be handled differently from normal files. However, please note that moving an archive to quarantine can damage it so that it can no longer be used after it is moved back from Quarantine.
  • Behavior monitoring: If behaviour monitoring is enabled, every activity on the system is monitored regardless of the virus monitor. This means that malware for which no signature yet exists is also detected.
  • AntiRansomware: Protection against encryption Trojans.
  • Exploit Protection: An "exploit" exploits vulnerabilities in popular software and can use them to take control of your computer in the worst case. Exploits can even come into effect when applications (e.g. PDF viewer, browser etc) are routinely updated. Exploit Protection protects you against such access – and proactively protects you against previously unknown attacks.

Monitor exceptions

By clicking on the Exceptions button you can exclude specific drives, directories and files from the scan and so significantly accelerate parts of the virus detection process.

To do this, proceed as follows:

1. Click the Exceptions button.

2. Click New in the Monitor exceptions window.

3. Now, select whether you want to exclude a drive, a directory or a file or a file type.

4. Underneath this, select the directory or drive you want to protect. In order to protect files, enter the complete file name in the entry field under File mask. You can also use wildcards here.


Note: Wildcards function as follows:

  • The question mark symbol (?) represents individual characters.
  • The asterisk symbol (*) represents entire character strings.

For instance, in order to protect all files with the file extension .sav, enter *.sav. In order to protect a special selection of files with sequential file names (e.g., text1.doc, text2.doc, text3.doc), enter text?.doc for example.

You can repeat this procedure as often as desired and also delete or modify the existing exceptions.

Monitor - Advanced settings

Furthermore, you can click the button ADVANCED to specify which additional tests should be performed by the virus monitor.

Normally you do not have to change any settings here.

  • Mode: Here you can specify whether files should be checked when run, when read or when written to and read. If a file is checked when written to, the check is carried out as soon as a new file or file version is created to see if an unknown process may have infected this file. Otherwise files are only checked when they are read by programs.
  • Monitor critical folders in particular: You can use this function to specifically check especially critical folders, e.g. folders shared on the network, personal data or Cloud services (such as Microsoft Dropbox, OneDrive, Google Drive etc). After you have made your selection in the dialogue box, this is then always monitored in Check read & write access mode – regardless of the settings you use for all other files, folders and directories. If you have selected the Check read & write access mode for all files by default, the settings option for critical folders is greyed out.
  • Check network access: If your computer has a network connection to unprotected computers (for example, other laptops), it is a good idea to check the network accesses to see if any malicious programs are being transferred. If you use your computer as a stand-alone computer without network access, you don't need to enable this option. If you have installed virus protection on each computer in the network, it is recommended that you turn off this option. Otherwise, some files will be checked twice, which negatively affects speed.
  • Heuristics: In the heuristical analysis, viruses are not only detected by means of virus updates that you regularly receive from us online, but are also identified on the basis of certain characteristics typical of viruses. This method increases the level of security, but in rare cases may generate false alarms.
  • Check archive: Checking compressed data in archives (these can be recognized by their file extensions such as ZIP, RAR or PST) is very time-consuming and can normally be omitted if the virus monitor is generally active on the system. To increase the speed of the virus check, you can limit the size of the archive files that are browsed to a specific value in kilobytes.
  • Check email archives: Because the software already checks incoming and outgoing emails for virus infections, it is usually a good idea to omit regular checks of email archives since this process may take several minutes, depending on the size of the mail archive.
  • Check system areas during system start: In general, system areas (e.g. boot sectors) in your computer should not be excluded from virus checks. You can specify here whether you want to run a check on system start-up or when media is changed (for example, a new CD-ROM). Generally you should have at least one of these two functions activated.
  • Check system areas during change of medium: In general, system areas (e.g. boot sectors) in your computer should not be excluded from virus checks. You can specify here whether these should be checked on system start-up or whenever a media change occurs (new CD-ROM etc). Generally you should have at least one of these two functions activated.
  • Check for diallers / spyware / adware / riskware: You can also check your system for dialers and other malicious programs with this software. These are e.g. programs that establish expensive, unwanted Internet connections, in which the potential for financial damage is no less significant than that of a virus. They may for example secretly record your surfing habits or even all the keyboard entries you make (including your passwords) and forward these to third parties via the Internet at the earliest opportunity.
  • Only check new or modified files: If you activate this function, files that have not been changed for a long time and that were previously flagged as harmless are skipped. This provides a performance improvement in everyday work – without compromising security.

Manual virus check

Here you can configure basic program settings for the manual virus check (also called on-demand scan).

However, in normal operation this is not required.

  • Use engines: The software works with two engines – two virus checking programs optimized for one another. You can accelerate the virus check in older and slower computers by using just one engine, but normally you should keep the setting Both engines.
  • Infected files: Has your software detected a virus? In the standard setting, the software now asks you what you would like to do with the infected file. If you would always like to perform the same action, you can set this here. The highest protection for your data is offered here by the setting Disinfect (if not possible: place in quarantine).
  • Infected archive: Here you determine whether archive files (e.g. files with the extension RAR, ZIP or PST) should be handled differently from normal files. However, please note that moving an archive to quarantine can damage it so that it can no longer be used after it is moved back from Quarantine.
  • Pause the virus check at times of high system load: A virus check should normally be carried out when the computer is not being used. If you then need to use the computer, the virus check is paused so that your computer can run at normal speed for you. This virus check will then carry on when you stop working.

Exceptions for on-demand scan

By clicking on the EXCEPTIONS button you can exclude specific drives, directories and files from the scan and so significantly accelerate parts of the virus detection process.

To do this, proceed as follows:

1. Click the EXCEPTIONS button.

2. Click on  NEW  in the  Exceptions for on-demand scan  window .

3. Now, select whether you want to exclude a drive, a directory or a file or a file type.

4. Underneath this, select the directory or drive you want to protect. In order to protect files, enter the complete file name in the entry field under File mask. You can also use wildcards here.

Note: Wildcards function as follows:

  • The question mark symbol (?) represents individual characters.
  • The asterisk symbol (*) represents entire character strings.

For instance, in order to protect all files with the file extension .sav, enter *.sav. In order to protect a special selection of files with sequential file names (e.g., text1.doc, text2.doc, text3.doc), enter text?.doc for example.

You can repeat this procedure as often as desired and also delete or modify the existing exceptions.


Apply exceptions to idle scan: While the on-demand scan checks the computer for viruses at one specific time, the idle scan is an intelligent virus scanner that continuously checks all files on your computer to see if they aren't already infected. The idle scan works like a screen saver; it only activates when you do not use your computer for a while and stops immediately as soon as you continue to use it again. Here you can specify whether the defined exceptions should also apply to the idle scan.

Manual virus check - Advanced

You can create additional virus scan settings by clicking the ADVANCED button.

In most cases, however, it is completely sufficient to use the specified default settings.

File types: You can specify here which file types should be inspected by the software for viruses. Selecting the option "Program files and documents only" entails certain speed benefits.

Heuristics: In the heuristic analysis, viruses are not only detected by the virus database, which you receive with every update of the antivirus software, but are also identified on the basis of particular characteristics typical of viruses. This method increases the level of security, but in rare cases may generate false alarms.

Check archive: Checking compressed data in archives (these can be recognized by their file extensions such as ZIP, RAR or PST) is very time-consuming and can normally be omitted if the virus monitor is generally active on the system. To increase the speed of the virus check, you can limit the size of the archive files that are browsed to a specific value in kilobytes.

Check email archives: Here you can specify whether your email archive is examined for infections as well.

Check system areas: In general, system areas (e.g. boot sectors) in your computer should not be excluded from virus checks.

Check for diallers / spyware / adware / riskware: You can also check your system for dialers and other malicious programs with this function. These are e.g. programs that establish expensive, unwanted Internet connections, in which the potential for financial damage is no less significant than that of a virus. They may for example secretly record your surfing habits or even all the keyboard entries you make (including your passwords) and forward these to third parties via the Internet at the earliest opportunity.

Check for rootkits: Rootkits attempt to evade conventional virus detection methods. Additional monitoring for this malware is always advisable.

Only check new or modified files: If you activate this function, files that have not been changed for a long time and that were previously flagged as harmless are skipped. This provides a performance improvement in everyday work – without compromising security.

Generate log: You can use this checkbox to require the software to set up a log for the virus check process. This log can be viewed in the Logs area.

Offer virus checking for removable data media: If you check this box, whenever a removable data medium (USB stick, external hard drive etc) is connected to your computer, you will be asked whether the device should be checked for viruses.

Updates

If updating the software or virus signatures via the Internet does not work, you can perform all the operations necessary to enable updates to take place automatically in this area. In the options, enter the access data (user name and password) that you received via email when you registered your software online. The G DATA update server will use this data to recognize you so updates can now run completely automatically.

If you have purchased a new license and want to activate it, select Activate new license. The Internet settings display special options that are only required in a few exceptional cases (proxy server, other region). The version check should only be temporarily disabled if you are having difficulty updating the virus signatures.

Activate new license

If you have not yet registered your G DATA software, you can do this now by clicking on ACTIVATE NEW LICENSE then entering your registration number and customer data. Depending on the type of product, you will find your registration number e.g. on the back of the user manual, in the confirmation email for a software download, or on the CD sleeve. On entering the registration number your product will be enabled.

Click the ACTIVATE NOW button and your access data will be generated on the update server. If the login is successful, an info screen appears with the message Logged in successfully, which you can exit using the CLOSE button.

Warning: You will also receive access data for your documentation and for any software reinstallations by email. Therefore please make sure that the email address indicated in your online registration is correct; otherwise you will not receive the access data.

Finally the access data is automatically transferred to the original input mask so you can now update virus signatures via the Internet.

Unable to activate your license? If you cannot log in to the server, this may be due to a proxy server. Click on the INTERNET SETTINGS button (see help section Internet Settings). You can then check the settings for your Internet connection. If there are problems updating the virus signatures, by default you should first check whether you can access the Internet from a web browser (e.g. Internet Explorer). If you cannot connect to the Internet at all, the problem probably lies with your Internet connection and not with the proxy server data

Internet settings

If you use a proxy server, please put a check-mark next to Use proxy server. You should only change these settings if your virus signature update is not working. If necessary, consult your system administrator or Internet service provider about the proxy address. If necessary you can also enter the access data for the proxy server here.

Proxy server: A proxy server consolidates all requests to networks and distributes them to computers connected to it. If for example you use your computer in a company network, it may be useful for you to connect to the net via a proxy server. In the event of problems with the virus signature update you should generally first check to see if you can access the Internet at all via a web browser. If you cannot connect to the Internet at all, the problem probably lies with your Internet connection and not with the proxy server data.

Manage access

With this option you have the chance of defining for yourself which Internet connections you want use for receiving software updates. This is especially useful if you sometimes connect via a network in which data transfers are paid for, e.g. with specific mobile phone tariffs with no real data flat rate.

Virus signature import/export

With computers that are never or only rarely connected to the Internet, or where there are restrictions on the data volume for downloads, you can also update virus signatures via a data medium (e.g. USB stick), or run an offline update. To do so, you must export the virus signatures to the storage medium using a computer that is connected to the Internet and has the necessary permissions. You can then import them via the "Import from" function on the computer with no Internet connection. The system on this computer will then be protected by the latest virus signatures as well. Unlike regular virus updates via the Internet, here this is up to the user, who must ensure him- or herself that signature updates are run as often as possible.

Automatically update virus signatures

If you do not want the G DATA software to bother automatically updating the virus signatures, you can remove the check here. However, disabling this entails a high security risk and should only be done in exceptional cases. If the period between updates is too short for you, you can adjust it as you want and e.g. specify that updates should only be carried out when connecting to the Internet. This option is useful for example with computers that are not permanently connected to the Internet.

Generate log: If you check this box, every virus signature update is recorded in the log, which you can view in the additional G DATA software functions (in SecurityCenter under Logs). Besides these entries, you will find e.g. information on virus detections and other actions carried out by the software in the log.

Web protection

If web protection is enabled, web content is checked for malware while you are browsing. You can create the following settings here.

  • Scan web content (HTTP): Under the web protection options you can specify that all HTTP web content should be checked for viruses, even when browsing. Infected web content is not run at all and the corresponding pages are not displayed. To set this option, please check Scan web content (HTTP).

If you do not want to check web content, the virus monitor will still of course take action if infected files are executed. That means your system is also protected without checking Internet content as long as the virus monitor is active.

You can also specify certain websites as exceptions if you consider them harmless. For more information please read the section Define exceptions. You can use the Advanced button to create further settings for handling web content.

  • Phishing protection: With so-called phishing, scammers on the Internet attempt to redirect customers of a particular bank or shop to fake websites in order to steal their data there. Activating the phishing protection is highly recommended.
  • Submit URLs of infected websites: Through this function you can automatically – and anonymously of course – report websites that are deemed unsafe by the software. With that, you optimise security for all users.
  • Manage browser extensions (HTTPS): For increased protection against infected and fraudulent websites even when using HTTPS, G DATA  has recently developed additional web protection extensions for the Mozilla Firefox , Google Chrome and Microsoft Edge Internet browsers. We support Microsoft Edge as of Windows Service Pack 5. For information on installing the extensions, click here.
  • BankGuard browser protection: Banking Trojans are becoming more and more of a threat. Every hour, online criminals are developing new malware variants (like ZeuS or SpyEye) that they use to steal your money. Banks secure data traffic on the Internet. However, the data is decrypted in the browser and banking Trojans can attack it there. However, the pioneering BankGuard technology from G DATA secures your banking transactions from the outset and provides instant protection where the attack takes place. By checking that the network libraries used are genuine, G DATA BankGuard ensures that your web browser has not been manipulated by a banking Trojan. We recommend leaving G DATA BankGuard protection switched on.
Note: Besides the man-in-the-middle method, in which the attacker manipulates the communication between the user and the target computer, there is also the man-in-the-browser (MITB) attack method. With this method, the attacker infects the browser itself and accesses the data before it is encrypted. The BankGuard module also protects you against this type of attack, by comparing the so-called digital fingerprint of a file or a part of a web page with a database on the Internet. In this way fraud is immediately detected and the G DATA software automatically converts the fraudulent data connection back to the original.
  • Keylogger protection: Keylogger protection also monitors whether keyboard input on your system is being spied on, independently of virus signatures. This would give attackers the option of logging your password input. This function should always be enabled.

Web protection - Define exceptions

To add a website to the exceptions in the whitelist, please proceed as follows:

  1. Click on the EXCEPTIONS button. The Whitelist window will appear. This will display the websites that have been categorised as safe and entered here.
  2. To add another website, click on the NEW button. An input screen will appear. Enter the name of the website (e.g. www.harmlesssite.com) under URL and, if necessary, enter a comment under Note about why you have included this website. Confirm your input by clicking on OK.
  3. Now click on OK to confirm all changes to the whitelist.

To remove a website from the Whitelist, highlight it in the list using your mouse and then just click on the DELETE button.

Web protection - Advanced settings

Here you can specify which server port numbers should be monitored by web protection. Generally port number 80 will suffice for monitoring normal browsing.

  • Avoid browser timeout: Since the software processes web content before it is displayed in the web browser, it requires a certain amount of time to do so depending on the data traffic. Therefore it is possible for an error message to appear in the web browser because the browser is not receiving data immediately, since the antivirus software is checking it for malicious routines. By activating the Avoid browser timeout checkbox, you can disable this error message and, as soon as all browser data has been checked for viruses, the data will appear as normal in the web browser.
  • Enable notification when checking downloads: Enable this function to get a notification whenever a download is being checked.
  • Size limit for downloads: You can use this function to interrupt HTTP checks for web content that is too large. The contents are then monitored by the virus monitor as soon as suspected malicious routines become active. The advantage of the size limit is that there are no delays caused by virus checks when surfing the web.

Email check

The email check enables you to scan incoming and outgoing emails and file attachments for viruses and eliminate possible infections at the source. The software can directly delete file attachments or repair infected files if viruses are found.

Warning: In Microsoft Outlook, emails are scanned by a plugin. This provides the same level of protection as the protection function for POP3/IMAP offered by AntiVirus. 

Incoming mails

The following options are available for virus protection for incoming emails:

  • In case of an infection: Here you can specify what is supposed to happen if an infected email is discovered. Depending on the purposes for which you are using your computer, different settings apply here. Generally we recommend using the Disinfect (if not possible: delete attachment/text) setting.
  • Check received emails: By activating this option, all emails you receive while you are working on your computer are checked for viruses.
  • Attach report to received infected mails: When you enable the report option and a virus is found, the warning VIRUS appears in the subject header of the infected email. There is also a message at the beginning of the email text: Warning! This email contains the following virus followed by the virus name and whether the virus has been deleted or whether it was possible to repair the infected file.

Outgoing mails

The software also allows you to scan your emails for virus infection before you send them, to ensure you do not inadvertently send viruses yourself. If you try to actually send a virus (unintentionally), the message The email [subject header] contains the following virus: [virus name] appears. The mail cannot be sent, and the corresponding email will not be sent. Please check the box next to Check emails before sending to scan outgoing emails.

Scan options

Here you can enable or disable basic virus check options:

  • Use engines: The software works using two engines – two analysis units optimized for one another. In principle, use of both engines should guarantee optimum virus protection results.
  • OutbreakShield: This option lets you activate the OutbreakShield. With OutbreakShield activated, the software creates checksums of emails, compares these with constantly updated anti-spam blacklists on the Internet and, as a result, is able to react to a mass-mailing before the relevant virus signatures become available. OutbreakShield uses the Internet to monitor increased volumes of suspicious emails, enabling it to close the window between the mass mail outbreak and its containment with specially adapted virus signatures, practically in real time. The OutbreakShield is an integral part of the email virus blocker.

Encrypted connections (SSL)

Many email providers (such as GMX, WEB.DE, T-Online and Freenet) have now started using SSL encryption. This means that emails and email accounts have become significantly more secure. However, it is still necessary to use antivirus software to protect your email as well. G DATA offers the Encrypted Connections (SSL) module for this. This gives you the added option of checking SSL-encrypted email for viruses and malware.

To enable the G DATA software to check email that has been SSL-encrypted, a G DATA software certificate must be imported into the email program. This ensures that your G DATA software can check incoming email.

It supports all email programs that can either import certificates or can access the Windows certificate store, e.g.:

  • Outlook 2003 or higher
  • Thunderbird
  • The Bat
  • Pegasusmail

Please proceed as follows if the G DATA certificate is not installed automatically:

  1. Your email program should not be active when installing the certificate. Therefore please close all email programs before generating and installing the certificate.
  2. In the G DATA software, check the box next to Check SSL Connections.
  3. Click on the Export Certificate button. The G DATA software will now generate a certificate. This file is called GDataRootCertificate.crt.
  4. Now open the GDataRootCertificate.crt file. A dialogue window appears in which you can install the certificate on your computer.
  5. In the dialogue window, click on the Install Certificate button and follow the instructions from the installation wizard.

You are done. Outlook and every other email program that can access the Windows certificate store now has the certificate required for checking SSL-encrypted incoming email for viruses and other malware.

Note: If you use Thunderbird (portable) and the certificate is not imported automatically, you will need to import this later and manage the trust settings for the generated G DATA certificate. To do this, please select the CERTIFICATES button in Thunderbird (portable) under Options > Advanced > Certificates. If you click here, various tabs appear. Please select the Authorities tab and then the IMPORT button. You can now select the "G DATA Mail Scanner Root" certificate.

If you now check the boxes next to the following option fields and click OK, your Thunderbird portable will be protected by G DATA:

  • Trust this CA to identify websites.
  • Trust this CA to identify email users.
  • Trust this CA to identify software developers.

There are similar functions in other email programs for importing certificates. In case of doubt, please see the appropriate help text to read how this works for the email program you use.

Email check - Advanced settings

If you do not use the default ports for your email programs, you can enter the port you use for incoming or outgoing emails under Server port(s). Click on the Default button to automatically restore the default port numbers. You can also enter multiple ports. Separate each of these with a comma.

Warning: Microsoft Outlook is protected by a special plugin that allows you to scan folders and emails directly from Outlook. In order to scan an email or a folder in Outlook for viruses, just click on the G DATA icon and the currently selected email folder will be scanned.

Since the software processes incoming emails before the email program itself, you may get an error message if there is a large quantity of emails or the connection is slow. This is because it is not receiving the email data immediately as it is being scanned for viruses by the software. Such error messages in the email program are prevented by checking the box next to Avoid mail server timeout, and as soon as any email data has been scanned for viruses, it is then forwarded to the email program as normal.

Automatic virus checks

You can switch the idle scan on or off from here. Furthermore you can also regularly scan your computer, or areas of your computer, for infections instead or as well. For example, you can then run such scans at times when you are not using your computer.

Scheduled virus checks: In many cases it is sufficient for the computer to be checked by the idle scan. However, you can also use the New button to set up various automatic virus checks that are independent of one another. Hence it is possible for you to check the Downloads folder daily, whereas you check your MP3 collection only once a month for example.

The following sections explain how you set up individual virus checks.

Automatic virus check - General

Enter the name you want to give the newly created virus check here. It is a good idea to use meaningful names to differentiate between the various jobs, for instance, Local hard disks (weekly scan) or Archive (monthly scan).

If you check Switch off the computer when the job is finished, the computer will automatically shut down once the automatic virus check has been completed. This is useful if for example you want to run a virus check when your day at work has finished.

Job: Each individually listed, automatic task for checking the computer or specific areas of it is called a job.

Analysis scope

Here you can choose whether the virus check should be done on the local hard drives, whether memory and autostart areas should be tested, or if you only want to test certain directories and files. If this is the case, use the Selection button to specify the directories you want.


Check following directories and files: In the directory tree, you can open and select directories by clicking on the plus symbols. Their contents will then be shown in the file view. Each directory or file that you mark with a check will be scanned by the software. If not all files in a directory are checked, this directory is marked with a grey checkmark.

Automatic virus check - Scheduling

This tab allows you to specify when the automatic update should run and how often. You set up the default schedule under Run and then specify it in more detail under Time. Of course, if you select On system start-up, you need not set any scheduling as the software will run the scan each time your computer starts up.

  • Run job automatically on next system startup if systems was powered off at the scheduled start time: Activating this option means that virus checks that are not run automatically are automatically run later as soon as the computer is powered up again.
  • Do not run on batteries: To prevent limiting battery service life unnecessarily, you can specify for notebooks, for example, that automatic virus checks can only be run when the portable computer is connected to the mains.

Scan settings

This area allows you to define which settings should be used for the automatic virus check.

  • Use engines: The software works with two engines – two virus checking programs optimized for one another. You can accelerate the virus check in older and slower computers by using just one engine, but normally you should keep the setting Both engines.
  • Infected files: Has your software detected a virus? In the standard setting, the software now asks you what you would like to do with the infected file. If you would always like to perform the same action, you can set this here. The highest protection for your data is offered here by the setting Disinfect and copy to quarantine.
  • Infected archive: Here you determine whether archive files (e.g. files with the extension RAR, ZIP or PST) should be handled differently from normal files. However, please note that moving an archive to quarantine can damage it so that it can no longer be used after it is moved back.

Furthermore, you can click the button ADVANCED to specify which additional virus checks should be performed or omitted.

In most cases, however, it is completely sufficient to use the specified default settings.

  • File types: You can specify here which file types should be inspected by the software for viruses.
  • Heuristics: In the heuristic analysis, viruses are not only detected by the virus database, which you receive with every update of the software, but are also identified on the basis of particular characteristics typical of viruses. This method increases the level of security, but in rare cases may generate false alarms.
  • Check archive: Checking compressed data in archives (these can be recognized by their file extensions such as ZIP, RAR or PST) is very time-consuming and can normally be omitted if the virus monitor is generally active on the system. The monitor can detect a previously hidden virus while the archive is being unzipped and can automatically prevent it from spreading.
  • Check email archives: Here you can specify whether your email archive is examined for infections as well.
  • Check system areas: In general, system areas (e.g. boot sectors) in your computer should not be excluded from virus checks.
  • Check for diallers / spyware / adware / riskware: You can also use this function to check your system for dialers and other malware (spyware, adware and riskware). These are e.g. programs that establish expensive, unwanted Internet connections, of which the potential for financial damage is no less significant than that of the virus. They may for example secretly record your surfing habits or even all the keyboard entries you make (including your passwords) and forward these to third parties via the Internet at the earliest opportunity.
  • Check for rootkits: Rootkits attempt to evade conventional virus detection methods. Additional monitoring for this malware is always advisable.
  • Generate log: By checking this box, you can specify that the software creates a log of the virus check process. This log can be viewed in the Logs area.

User account

Here you can specify the user account on the computer on which the virus check should take place. This account is required for access to network drives.

Antispam

Spam filter

The spam filter provides you with an extensive range of settings options for effectively blocking email with undesirable content or from undesirable senders (e.g. mass email senders). The program checks for numerous email characteristics that are typical of spam. These characteristics are used to calculate a value reflecting the likelihood of it being spam. You can use the USE SPAM FILTER button to enable or disable the spam filter.

In order to switch the different filter types of the spam filter on or off, simply set or remove the checkmark in front of the respective entry. To make changes to the various filters, just click on the relevant entry. A dialog then appears for changing the parameters.

The following settings options are available:

  • Spam OutbreakShield: The OutbreakShield detects and neutralises threats from malicious programs in mass emails before the relevant up-to-date virus signatures become available. OutbreakShield uses the Internet to monitor increased volumes of suspicious email, enabling it to close the window between the mass mail outbreak and its containment with specially adapted virus signatures, practically in real time. If you use a computer downstream from a proxy server, click on the Internet settings button to carry out the relevant changes. You should change these settings only if your OutbreakShield doesn't function.
  • Use whitelist: Certain sender addresses or domains can be explicitly excluded from suspected spam via the whitelist. Simply enter the email address (e.g. newsletter@infosite.com) or domain (e.g. infosite.com) that you want to exclude from suspected spam in the Addresses/Domains field and the G DATA software will treat messages from that sender or sender domain as not spam.

You can use the IMPORT button to insert predefined lists of email addresses or domains into the whitelist. Each address or domain must be listed on a separate line. A plain txt file format is used for storing this list; you can create this list using Windows Notepad for example. You can also use the EXPORT button to export whitelists as text files.

  • Use blacklist: Certain sender addresses or domains can be explicitly flagged as suspected spam via the blacklist. Simply enter the email address (e.g. newsletter@megaspam.de.vu) or domain (e.g. megaspam.de.vu) that you want to check for spam in the Addresses/Domains field and the G DATA software will generally treat emails from that sender or sender domain as emails with a very high spam probability. You can use the IMPORT button to insert predefined lists of email addresses or domains into the blacklist. Each address or domain must be listed on a separate line. A plain txt file format is used for storing this list; you can create this list using Windows Notepad for example. With the EXPORT button you can export blacklists as text files.
  • Use real-time blacklists (default setting): You can find lists on the Internet that contain the IP addresses of servers known to send spam. The G DATA software uses queries to the real-time blacklists to determine whether the sending server is listed. If it is, this increases the probability that it is spam. In general, we recommend that you use the default settings here, although you can also add your own Internet addresses to blacklists 1, 2 and 3.
  • Use keywords (email text): By defining a list of keywords you can also identify suspected spam through the words used in the email text. If at least one of these terms is included in the email text, the spam probability increases. You can change this list how you want by using the ADD, CHANGE and DELETE buttons. You can add predefined lists of keywords to your list using the IMPORT button. Entries in such a list must be listed one below the other in separate lines. A plain txt file format is used for storing this list; you can create this list using Windows Notepad for example. You can also use the EXPORT button to export a list of keywords as a text file. By checking Search for whole words only, you can specify that the G DATA software will only search for complete words in the subject line of an email.
  • Use keywords (subject): You can also identify suspected spam messages through the text in the subject line by defining a list of keywords. An occurrence of at least one of the listed terms in the subject line increases the spam probability.
  • Use content filter: The content filter is a self-learning filter that calculates spam probability on the basis of the words used in the email text. This filter not only works on the basis of predefined word lists but also learns from each new email received. You can view the word lists that are used by the content filter for identifying email as spam via the Query table contents button. You can delete all words in this table by using the Reset tables button, after which the content filter will restart its learning process again from the beginning.

Reaction

Here you can define how the spam filter should process email messages that may contain spam. You can use the spam probability value calculated for the affected email by the G DATA software to define three different levels of filtering.

  • Suspected spam: Here you can define how those email messages in which the G DATA software finds individual spam elements are handled. Such messages may not generally be spam, but can also be newsletters or part of a mass mailing that is of interest to the recipient in rare cases. In such cases, it is recommended that you inform the recipient that the email is suspected spam.
  • High spam probability: This covers emails that contain many spam characteristics and are rarely of interest to the recipient.
  • Very high spam probability: These are emails that meet all the criteria of spam. Such emails are rarely wanted, and rejecting email with these characteristics is recommended in most cases.

Each of these three graduated reactions can be customized. Simply click on the CHANGE button and define the response that the G DATA software should use. The Reject mail option allows you to specify that the email messages do not reach your mailbox. And with Insert spam warning in mail subject and mail text you can call attention to email messages that have been identified as spam to enable these to be filtered more easily. If you use Microsoft Outlook (caution: not to be confused with Outlook Express or Windows Mail), you also have the option of moving emails containing suspected spam to a fully customizable folder in your mailbox (Move mail to folder). You can create this folder directly via the G DATA software by defining the corresponding folder under Folder name.

Note: Even if you do not use Outlook, email messages that have been identified as spam can be moved to a different folder. Just add an alert in the subject line of the message (for instance "[Spam]") and define a rule in your email program to move emails with this text in the subject line to a different folder.

Advanced settings

This area enables you to make detailed changes to the G DATA software spam detection, adapting the system to suit your email traffic. However, it is generally recommended that default settings are used here. Making changes in the advanced settings should only be done if you have the relevant expertise and know exactly what you are doing.

More filters

The following filters are created by default; however, if necessary you can also switch them off by unchecking the box.

  • Disable HTML scripts
  • Filter malicious attachments

You can use the NEW button to set up new filter rules, or edit existing filters with the EDIT button. The filters created are shown in the list and can be enabled or disabled as required by checking the checkbox to the left. If you see a check in the checkbox, it means that that filter is active. If there is no checkmark in the box, the filter is inactive. To permanently delete a filter, click the relevant filter once to highlight it and then click the DELETE button.

The filter options available here are additional filters that support the actual G DATA software spam filter and make it easier for you to configure your own personal settings. The spam filter provides you with an extensive range of setting options for effectively blocking emails with undesirable content or from undesirable senders (e.g. mass email senders). The program checks for numerous email characteristics that are typical of spam. These characteristics are used to calculate a value reflecting the likelihood of it being spam. To this end multiple tabs are available providing you with all the relevant settings options sorted by subject.

When you create a new filter, a selection window appears in which you can specify the basic filter type. All of the other details about the filter can be created using a wizard, which will guide you through that filter type. This is a convenient way to create filters for every imaginable type of threat.

  • Disable HTML scripts: This filter disables scripts in the HTML part of an email. Scripts that might look OK on a web page tend to be rather irritating when they are integrated into an HTML email. In some cases, HTML scripts are also used to actively infect computers. In this event, scripts have the option of running not only when the infected attachment is opened but even in email preview mode.
  • Filter malicious attachments: A large number of filter options for filtering email attachments are provided. Most email viruses are spread through attachments, which usually have more or less well-hidden executable files. This can be a standard .exe file containing malware, or a VB script hidden in a graphic, film or music file that is assumed to be safe. In general, users should exercise extreme caution when opening email attachments. If in doubt, the sender of the email should be asked before opening files that have not been expressly requested.

Filter attachments

Under File extensions you can list the file extensions to which you would like to apply the respective filter. You can, for instance, combine all executable files (such as EXE and COM files) in a single filter, while also filtering out other formats (for instance MPEG, AVI, MP3, JPEG, JPG, GIF etc.) that are a burden for your mail server due to their size. You can, of course, also filter out archive files of your choice, such as ZIP, RAR or CAB files. Please use a semicolon to separate all file extensions of a filter group.

The function Also filter attachments in embedded mails ensures that the filtering performed under File extensions for the selected attachment types also applies to email messages that are themselves being forwarded as email attachments. This option should generally be enabled.

Choosing Only rename attachments has the effect that attachments that are to be filtered are not deleted automatically rather just renamed. This is not only recommended for executable files (such as EXE and COM) but also for Microsoft Office files that may contain executable scripts and macros. Renaming an attachment makes it impossible to open it simply by clicking it. Instead, the user must first save (and possibly rename) the attachment before it can be used. If the checkmark for the Only rename attachments function has not been set, the respective attachments are deleted directly.

Under Suffix you can enter a character string that should be appended to the file extension (*.exe_danger, for instance), which prevents this type of file from being executed by just clicking on it. Under Insert message in mail text you can inform the recipient of the filtered email that an attachment was deleted or renamed based on a filter rule.

Content filter

You can use the content filter to easily block email messages which contain certain subjects or text.

Simply enter the keywords and expressions to which the G DATA software should react under Search criterion. It is possible to use the AND and OR logical operators to link text components with one another.

Under Search scope you can now enter those elements of an email message that the software should search for the defined terms. The header is the part of an email message that, among other things, contains the email address of the sender and the recipient, the subject line, information on the programs and protocols used, and the date sent. If you have, for instance, activated Subject as the search area, only the content of the subject line will be checked, and no other information contained in the header. If you select Mail text as the search scope, you have the additional option of limiting the search scope to pure text emails, or extending the search to text in HTML emails (HTML text).

By checking Embedded mails you can define whether the content filter search should also cover email messages included as attachments in received messages.
Under Reaction you can determine what is to be done with emails identified as spam by the G DATA software. Using Reject mail means the email in question will not even be accepted by your email program.

If you check the box for Insert warning in mail subject and text you can prefix the actual text in the subject line with a warning (prefix in subject line), e.g. Spam or Warning. You can also enter text to be placed above the actual email text in the event of suspected spam (Message in text).

If you use Microsoft Outlook (caution: not to be confused with Outlook Express or Outlook Mail), you also have the option of moving emails containing suspected spam to a fully customizable folder in your mailbox (Move mail to folder). You can create this folder directly via the G DATA software by defining the corresponding folder under Folder name.

Sender filter

You can use the sender filter to easily block email coming from certain senders. To do this, simply enter the email addresses or domain names to which the G DATA software should react under Sender/domains. Use a semicolon to separate multiple entries.

Under Reaction you can determine what is to be done with emails identified as spam by the G DATA software.

Using Reject mail means the email in question will not even be accepted by your email program.

If you check the box for Insert warning in mail subject and text you can prefix the actual text in the subject line with a warning (prefix in subject line), e.g. Spam or Warning. You can also enter text to be placed above the actual email text in the event of suspected spam (Message in text).

If you use Microsoft Outlook (caution: not to be confused with Outlook Express or Windows Mail), you also have the option of moving emails containing suspected spam to a fully customizable folder in your mailbox (Move mail to folder). You can create this folder directly via the G DATA software by defining the corresponding folder under Folder name.

Language filter

The language filter lets you automatically define email in specific languages as spam. For example, if in general you do not have email contact with a German-speaking person, then you can set German as a spam language which should be filtered out. Simply select the languages in which you do not receive regular email contact and the G DATA software will raise the spam probability for such emails.
Under Reaction you can determine what is to be done with emails identified as spam by the G DATA software.

Using Reject mail means the email in question will not even be accepted by your email program.

If you check the box for Insert warning in mail subject and text you can prefix the actual text in the subject line with a warning (prefix in subject line), e.g. Spam or Warning. You can also enter text to be placed above the actual email text in the event of suspected spam (Message in text).

If you use Microsoft Outlook (caution: not to be confused with Outlook Express or Windows Mail), you also have the option of moving emails containing suspected spam to a fully customizable folder in your mailbox (Move mail to folder). You can create this folder directly via the G DATA software by defining the corresponding folder under Folder name.

Miscellaneous

You can configure more settings in this area.

  • Scan unread emails in the inbox at program start: Only for Microsoft Outlook: This option is used for checking email for suspected spam. The G DATA software will then check all unread emails in your Inbox folder and subfolders as soon as you open Outlook.
  • Other email programs (using POP3): For technical reasons, emails received via POP3 cannot be deleted directly. If a filter is set to reject emails, this email is then assigned default replacement text. The replacement text for rejected email is: The message has been rejected. However, you can also customise the text for these notification functions. In the text you define for the Subject and Mail text, the following wildcards (defined using a percentage symbol followed by a lower case letter) are available:


%s Sender

%u Subject


In your email client, you can define a rule that automatically deletes emails containing the replacement text defined here.

Firewall

Automatic

If you no longer want to deal with the firewall, you should switch the setting to Automatic. Besides autopilot mode, which is the best option for many users, you also have a wide range of options for optimizing the G DATA firewall for your requirements.

In the firewall settings there are two basic areas that can be custom-configured.

Autopilot

Here you can specify whether the firewall should operate independently and in self-learning mode so the user is not consulted about deciding whether to block or allow queries from the Internet, or whether the user should be asked in case of doubt.

  • Autopilot mode: Here the firewall works fully autonomously and automatically keeps threats from the local PC. This setting offers practical all-around protection and is recommended in most cases.
  • Create rules manually: If you want to custom configure your firewall, you can set up your firewall protection how you want via manual rule creation.
  • Offer to use autopilot mode when launching a full screen application: During computer games (and other full-screen applications), it can be disruptive if the firewall interrupts the flow of the game with inquiry windows or simply interferes with the display. To ensure that you can enjoy uninterrupted gaming without security compromises, the autopilot is a useful setting because it suppresses the inquiries of the firewall. If you are not using the autopilot as a default setting, you can use this function to ensure that it is always activated if you are using a program running in full-screen mode.

User-defined security settings

As you use the computer for your normal daily tasks, the firewall learns which programs you do or do not use for Internet access and which programs represent a security risk. The advantage of using the default security levels is that you can still adapt the firewall to your individual requirements without too much administrative input or specialist knowledge of network security. You can set the security level by simply adjusting the slide control. The following security levels are available:

  • Maximum security: The firewall rules are generated using very strict guidelines. So you should be familiar with specialized network concepts (TCP, UDP, ports, etc.). The firewall detects the slightest inconsistencies and will issue frequent queries during the learning phase.
  • High security: The firewall rules are generated using very strict guidelines. So you should be familiar with specialized network concepts (TCP, UDP, ports, etc.). The firewall may issue frequent queries during the learning phase.
  • Standard security: The firewall rules are generated at the application level only. Wizards keep network-specific details away from you. You will be queried as little as possible during the learning phase.
  • Low security: The firewall rules are generated at the application level only. Wizards keep network-specific details away from you. You will only be rarely queried during the learning phase. This level of security still offers highly effective protection against any connection requests that may occur.
  • Firewall disabled: You can disable the firewall completely if required. This means that your computer is still connected to the Internet and any other networks, but the firewall is no longer protecting it against attacks or electronic espionage.

If you wish to create specific settings for your firewall, check User-defined security settings. Please note however that for these settings you'll need at least a basic understanding of network security.

Queries

Here you can specify whether, when and how the firewall should query users when programs request a connection to the Internet or network.

Define rule

If the firewall detects a connection being made to the network, an information box appears in which you specify how to proceed for this particular application. Specify here precisely how to proceed in terms of allowing or forbidding network access:

  • Per Application: This enables you to specify universal authorization or denial of network access by the currently selected application on any port and using any transfer protocol (e.g. TCP or UDP).
  • Per Protocol/Port/Application: The application requesting network access is only permitted to go online with the requested transfer protocol and on the specified port. If the same application requests an additional network connection on another port or using a different protocol, the query will appear again, allowing you to create another rule for it.
  • Application, if at least x inquiries are pending: There are applications (e.g. Microsoft Outlook) that send identical requests to multiple ports when requesting network access or that use different protocols simultaneously. Since, for example, this would cause several queries in the Protocol/Port/Application setting, you can specify here that applications should receive general permission or refusal for network use as soon as you have allowed or denied connection by the user.

Unknown server applications

Applications that are not yet managed using a rule in the firewall may be handled in a different manner. The time of the inquiry lies within a certain latitude. If the server application goes to "on receipt", this means that it is waiting for a connection request as if on standby. Otherwise the query is only generated when the actual connection request is made.

Check for unprotected networks

Of course, a firewall can only function properly if all the networks accessed by the computer it is protecting can also be detected and monitored by it. Therefore you should always have this check enabled for unprotected networks.

Repeat application queries

You can bundle recurring requests for connection of an application. This way, queries do not keep appearing during connection attempts for which you have not yet specified a rule, but rather only in e.g. 20-second intervals or some other period of time defined by you.

Reference checking

During reference checking the firewall calculates a checksum based on the file size and other criteria for applications for which it has already enabled network access. If the checksum for this program suddenly changes, it may be because the program has been modified by a malware program. In such cases, the firewall generates an alarm.

Perform reference checking for loaded modules: Here not just applications but also modules used by applications (e.g. DLLs) are monitored. Since these frequently change or new modules are downloaded, consistent checking for modified and unknown references for modules may result in a considerable administration effort. Every modified module would cause a security request to be sent in its trail to the firewall. Therefore module checking should only be used in this way for very high security requirements.

Miscellaneous

Further setting alternatives are available here.

Wizard default settings

Specify here whether, in general, you wish to create new rules using the Rule wizard or in advanced editing mode. For users who are not familiar with the subject of network security, we recommend using the rule wizard.

‎‎Check a program at startup

Here you can specify whether the firewall looks for unknown server applications on each program startup. These search functions should always be enabled unless you are working in an enclosed network.

Save connection log

 Here you can specify for how long the firewall connection data should be saved. You can retain the data for anywhere between an hour and 60 hours and view it in the Log area.


Tuner

General

You can create the following settings here:

  • Delete restore data: Here you can specify when restore data (which the G DATA software creates in the event of changes) should be deleted.
  • Delete old data: Here you can specify when old data (e.g. old TEMP folders) should be deleted.
  • Delete desktop shortcuts: Here you can specify when desktop shortcuts that are not required (that have not been used for a corresponding number of days) should be deleted. 
  • Search for Office updates as well during Microsoft updates: Here you can specify whether or not the tuner is supposed to search the Internet automatically for current Windows updates and Office updates. Updating both elements saves time and keeps you fully up to date from a security technology perspective. Of course, the search for Office updates only works if Microsoft Office is installed on the relevant computer.
  • Do not create detailed logs about deleted items: The tuner is structured in such a way that it consistently logs information about any changes that are made. If you think that a log file containing relevant information on what the tuner has deleted is a security risk, you can suppress the creation of such a deletion log.
  • Permanently delete temporary files: You can use this function to exclude web files (e.g. cookies, temporary Internet files etc.) from the tuner's restore option, i.e. you can prevent such files from being restored. By activating this function, you considerably reduce the number of files that the tuner has to manage in the Restore area. This improves performance.
  • Automatic computer restart not permitted by the service: You can use this option to prevent a possible computer restart that the tuner might otherwise carry out as part of a scheduled tuning process. Since the tuner would only perform a computer restart without asking when no user is logged on, it is definitely recommended that this option is not activated in the majority of cases.
  • Allow creation of individual restore points: Without this function the G DATA software can no longer carry out a restore.
  • Ignore volume type when defragmenting: As the majority of vendors recommend against defragmenting their SSDs, defragmenting is excluded in the G DATA Tuner for this type of drive by default. If the type of the G DATA software drives cannot be automatically determined, but you are certain that there are no SSD volumes in your computer, you can leave the box here checked. The tuner will then start defragmenting every hard drive located in the system every time it is run.

Configuration

In this area you can select all the modules that the tuner should use for a tuning process. Selected modules are then either started automatically as a scheduled event (see Scheduling) or manually. To activate a module simply double-click it. You can optimize the following main tuning areas as you want here:

  • Security: Various functions that download data automatically from the Internet are only of use to the provider and have no benefit for you. These functions may often leave you vulnerable to malware. With these modules you can protect your system and keep it up-to-date.
  • Performance: Temporary files, e.g. backup files that are no longer required, log files or installation files that still take up disk space following the installation slow down your hard drive and take up valuable disk space. Moreover processes and file links that are no longer required can significantly slow down your system. You can use the modules listed here to remove this superfluous load from your computer and speed the computer up.
  • Data protection: This summarizes the modules that deal with protecting your data. Traces that are created unintentionally while surfing or using the computer in general and that contain a lot of information about your user behavior, or even important data and passwords, are deleted here.

Folder protection

On this tab you can exclude specific folders (including your Windows partition) from being automatically deleted with old files.

 Just click the Add icon and select the corresponding folder or the desired drive.

 To grant access to excluded folders again, select them from the displayed list and click on the Delete button.

File protection

You can use file protection to protect certain files from being deleted by the tuner, for example game scores for computer games or similar files with unusual file extensions, which could also be interpreted as backup or temp files.

 To protect specific files, click the Add button and enter the corresponding file name. You can also use wildcards here.
Wildcards function as follows:

  • The question mark symbol (?) represents individual characters.
  • The asterisk symbol (*) represents entire character strings.

For instance, in order to protect all files with the file extension .sav, enter *.sav. To protect e.g. files of different types that have file names that start identically, you enter text*.* for example.

Now choose the folder in which the files are to be protected by clicking the ADVANCED button. Here you can now select the storage location where the files to be protected are located. The Tuner now protects the files thus defined in this folder only (e.g. only game scores in the relevant games folder).

 To grant access to excluded folders again, select them from the displayed list and click on the Delete button.

Scheduling

The Scheduling tab allows you to specify when the automatic tuning job should run and how often.

Under Daily, you can use the Weekdays settings, for example, to specify that the computer should only carry out the tuning job on workdays or just every other day, or on weekends only, when it is not being used for work. To change date and time entries under Time, simply highlight the element you want to change (e.g. day, hour, month, year) with the mouse and use the arrow keys or the small arrow icon to the right of the input field to move the relevant element chronologically.

If you do not want to run an automatic tuning process, just remove the check from the box next to the Enabled entry for the automatic tuning process.

Device control

You can use device control to specify for your computer which storage media are permitted to read and/or write data. Hence for example you can prevent private data from being moved to a USB stick or burned to a CD. Furthermore, with removable data carriers such as USB sticks or external USB hard drives, you can specify precisely which removable data carriers can be used for downloading data. This means for example that you can use your own USB hard drive to back up data, but other hard drives are not granted access.

To use device control, check the box next to Enable device control and select the devices you want to define restrictions for:

  • Data media (e.g., USB sticks)
  • CD/DVD drives
  • Disk drives

You now have the option of defining rules for the individual storage media.

General rules

Here you can specify whether the relevant device cannot be used at all (Block access), whether it can only download data but not be used for storing it (Read access), or whether there are no restrictions for this device (Full access). This rule then applies for all users of your computer.

User-specific rules

If you want to grant restricted permissions for storage media to specific users only, in this area you can first select the user name of the user set up on your computer then restrict access to the relevant storage medium as described in General rules. In this way, for example, as administrator and owner of the computer you can permit full access for yourself but just restricted permissions for other users.

Select the user here. If you now click on OK, another dialog opens in which you can specify which access method you want for this user and whether authorization for this user is limited to a specific period (e.g. two weeks) (Validity).

Note: User-specific rules override general rules. This means that if you specify generally that access to USB sticks is not permitted, you can still allow a specific user to use them via a user-specific rule. If a user has been allocated certain access restrictions via device control that are time-limited, the general rules will apply for this user again when this restriction expires.

Device-specific rules

When using removable data carriers such as USB sticks or external hard drives, you can also specify that only specific removable data carriers are allowed to access your computer. To do so, attach the removable data carrier to your computer and click on the Add button. In the dialog that appears, you can select the removable data carrier you want. If you now click on OK, another dialog opens in which you can specify which access method you want for this data carrier and whether authorization for this data carrier is limited to a specific period (e.g. two weeks) (Validity) and whether every user is allowed to use this data carrier under his user access or not.

Backup

In this area you can create general settings for the backup module functionality.

  • Directory for temporary files: Specify here where temporary backup module data should be saved. These files are created when generating or restoring a backup, and are automatically deleted again when the relevant process is complete. However, you need to have sufficient hard disk storage space available here, otherwise the backup/restore speed will be limited. This setting should only be changed if there is insufficient storage space available for temporary files on the selected drive.
  • Check source/destination drive on same hard disk: Normally the backup module will warn the user whenever he tries to create a backup on the same data medium that the original files are located on. This occurs because, in the event of a failure or loss of this data medium, by default the backup would no longer be available either. However, if you want to regularly run backups to the original data medium for a specific reason, you can disable this warning message here.

  • No labels