Configuring rootkit scanning (Blacklight)
Rootkit scanning can be used to scan for files and drives hidden by rootkits.
Rootkits are typically used to hide malicious software, such as spyware, from users, system tools and traditional
antivirus scanners. The items hidden by rootkits are often infected with viruses, worms or trojans.
Rootkit scanning settings
The settings for rootkit scanning are displayed on the
Manual scanning
page of the
Settings
tab.
Rootkit scanning can be run as a manual operation or as part of a full computer check.
Select
Enable rootkit scanning
to enable scanning for files and drives hidden by rootkits. This option also
enables users to run local quick scans for rootkits and other hidden items.
Select
Include rootkit scanning in full computer check
to scan for items hidden by rootkits when a full
computer check is started from the local host, or when a manual scanning operation is launched from Policy
Manager Console.
Select
Report suspicious items after full computer check
to specify that detected suspicious items are
shown in the disinfection wizard and in the scanning report after a full computer check. When this option is
selected, you can see from the scanning reports whether any items hidden by rootkits have been detected
on the managed hosts.
Launching a rootkit scan for the whole domain
In this example, a rootkit scan is launched for the whole domain.
1.
Select
Root
on the
Policy domains
tab.
2.
Go to the
Settings
tab and select the
Manual scanning
page.
3.
In the
Rootkit scanning
section, make sure that
Enable rootkit scanning
is selected.
4.
Select the
Report suspicious items after full computer check
check box.
5.
Check that the other settings on this page are suitable, and modify them if necessary.
6.
Go to the
Operations
tab, and click the
Scan for viruses and spyware
button.
Note:
You have to distribute the policy for the operation to start.
7.
Click
to save and distribute the policy.
After the scanning operation on the local hosts has finished, you can see if any rootkits were detected from
Scan reports
on the
Reports
tab.
72
| F-Secure Client Security | Configuring virus and spyware protection
Summary of Contents for ANTI-VIRUS FOR MICROSOFT EXCHANGE 9.00
Page 1: ...F Secure Client Security Administrator s Guide...
Page 2: ......
Page 8: ...8 F Secure Client Security TOC...
Page 44: ......
Page 62: ......
Page 86: ......
Page 114: ......
Page 118: ......
Page 135: ...Tammasaarenkatu 7 PL 24 00181 Helsinki Finland F Secure Client Security Virus information 135...
Page 148: ......
Page 158: ......