Running an OnDemand Scan via User Interface

The OnDemand Scan, scans the file system and memory for malware and other threats and takes remediation actions. You can configure the OnDemand Scan Settings from the EDR UI. 

Perform the following steps to enable OnDemand Scan:

  1. Click New Anti-malware Profile. If a profile has already been created, click Edit from the Quick Actions menu
  2. Go to Step 3-OnDemand Scan.
  3. Enable the OnDemand Scan toggle. The page displays the Create a Scan Task and Optional Settings. 

Create Scan Task

Perform the following steps to create a scan task:

  1. Click the Add Icon to create scan task. to create a scan task and schedule the scan settings. 
  2. In the Task Details page, provide the following information:
    • Name and description of the task.  
    • Select the Run with low priority checkbox if you want the anti-malware scan or remediation process with reduced system resource usage.
    • Select the Shut down the computer scan is finished checkbox if you want to automatically power off or shut down the computer once a scheduled or on-demand malware scan has been completed. 
    • Select any one of the following Performance Scan:
      • Quick Scan- Select this option to perform scans only to the location most likely for a malware infection. 
      • Full Scan- This scan performs a complete scan of all the files and folders in the system.
      • Network Scan- To scan only the network devices, select this scan. 
      • Custom Scan- Select this option to perform scans at the locations mentioned in the Scan Configuration (step-iii) of this procedure.
    • In the Target section, specify the target for the scan. 
    • Click Next.

Scan Configuration

Perform the following steps to set the configurations for scan task behavior:

  1. Provide a name for the scan configuration. 
  2. Define a scope. 
  3. Select one of the following scan settings:
    • Aggressive - Select this option to scan all accessed files from local and network drives and archived and zero-risk files.
    • Normal - Select this option to scan all accessed files from local drives and application files from network drives.
    • Permissive - Select this option to scan accessed application files from local and network drives and incoming emails select this option.
    • Custom - Select this option to define the scan settings according to your organization's requirements.
  4. Select the Scan Inside Archives checkbox to detect and remove infected archived files. 
  5. Select the Scan Email Archives checkbox to scan emails, message files, and email databases. 
  6. Under Miscellaneous, select one or more scan options. 
  7. Choose your primary and secondary actions for the infected file.
  8. Choose your primary and secondary actions for the suspected file.
  9. Choose an action for rootkits.
  10. Click Next.

Define a Scan Schedule

Perform the following steps to create a scan schedule:

  1. From the Recurrence drop-down, select a Daily, Weekly, or Monthly scan recurrence. 
  2. Set a Start Date and Start Time. Additional fields will be displayed Based on your selection in the Recurrence drop-down.  
  3. (Optionally) You can select If scheduled run time is missed, run task as soon as possible checkbox. 
  4. Click Create Scan Task.

Configure Optional Settings

Perform the following steps:

  1. Select the Device Scan check box to scan external storage devices such as CD/DVD Media or USB Storage

  2. Select the Do not scan devices with stored data more than (MB) checkbox if you do not want the entire storage to be scanned. You can mention the unit in MB.

  3. Select the Retain a Backup File Copy checkbox if you want to disinfect the original file and save and quarantine a copy of the file.

  4. Click Next to configure settings for Behavioral Scan.

© 2024 Qualys, Inc. All rights reserved. Privacy Policy.