User guide

ManualsBrandsWincomm ManualsComputer equipmentWEB-6681 Series

Scanning Results and Cleaning Rootkits

Quick Heal Anti-Rootkit Scanning

1. Start Quick Heal Anti-Rootkit.

2. In the left side of the main window click on Start Scan.

3. Quick Heal Anti-Rootkit will start scanning your system for suspicious rootkit activity in running Processes, Windows

Registry and Files and Folders.

4. After completing the scan result is displayed in three different tabs that will display hidden items in running Processes,

Windows Registry and Files and Folders.

5. You can now select and take appropriate action against each displayed threat. Like you can terminate the rootkit Process

or rename the rootkit Registry entry or Files.

6. After taking the appropriate action you need to restart your system so that rootkit cleaning take place.

Action to be taken on Scan Results

Process

After scanning Quick Heal Anti-Rootkit will detect and display a list of

hidden Processes. You can select process or process for termination, but

make sure that list of Processes for termination doesn’t include any know

trusted process.

Quick Heal Anti-Rootkit also displays summary of process scanning as

total number of Processes scanned and number of hidden Processes

detected.

Terminating Hidden

Process

After selecting list of Processes for termination click on Terminate button.

If a process is successfully terminated then its PID (Process Identifier)

field will show n/a and process name will be appended by Terminated.

All terminated Processes will be renamed after a restart.

Registry

Similar to process scan Quick Heal Anti-Rootkit will display a list of hidden

Registry key's. You can select keys for renaming, but make sure that list

of key's for renaming doesn’t include any known trusted registry key.

Quick Heal Anti-Rootkit also displays summary of Registry scanning as

total number of items scanned and number of hidden items detected.

Renaming Hidden

Registry Key

After selecting list of key's for renaming click on Rename button.

Renaming operation requires reboot hence Key name will be prefixed by

Rename Queued.

Files and Folders

Similar to process and Registry Quick Heal Anti-Rootkit will display a list of

hidden Files and Folders. You can select Files and Folders for renaming,

but make sure that list of Files and Folders for renaming doesn’t include

any know trusted file.

Quick Heal Anti-Rootkit also displays list of executable Alternate Data

Streams.

Quick Heal Anti-Rootkit also displays summary of File scanning as total

number of files scanned and number of hidden files detected.

Renaming Hidden Files

and Folders

After selecting list of Files and Folders for renaming click on Rename

button. Renaming operation requires reboot hence Files and Folders name

will be prefixed by Rename Queued.