Help Center> Host Security Service (New)> User Guide> Prevention> Virus Scan> Scanning for Viruses
Updated on 2024-05-16 GMT+08:00
View PDF

Scanning for Viruses

Once a static virus file is started, it may become a malicious process and become a security risk of servers. Therefore, scanning static virus files is important in server security protection. HSS virus scan function can scan virus files on servers and provides the following virus scan methods:

  • Quick Scan: Quick virus scanning tasks can save time and costs. This function scans and removes preset key system files and directories.
  • Full-disk Scan: A time-consuming full-disk virus scanning can be implemented on servers.
  • Custom Scan: You can customize virus scanning tasks as required.

Constraints

A virus scan uses a lot of memory, CPU, and I/O resources. Perform this operation during off-peak hours. For details about the resource usage, see How Many CPU and Memory Resources Are Occupied by the Agent When It Performs Scans?

Quick Scan

  1. Log in to the management console.
  2. In the upper left corner of the page, select a region, click , and choose Security & Compliance > HSS.
  3. Choose Prevention > Virus Scan. The Virus Scan page is displayed.
  4. Click Quick Scan. The dialog box is displayed.
  5. Set parameters related to the quick scan task as prompted.

    • Task Name: You can customize a task name.
    • Select Server: Select the server for which you want to perform quick scan.

      The server cannot be selected when it is in the scanning state.

    • Handling Policy: Select the handling mode for the detected virus files.
      • Automatic Handling: Virus files that have been further confirmed are automatically isolated. Suspicious files are labeled with suspicious and need to be handled after manual confirmation.
      • Manual Handling: Alarms are generated only for detected infected files. You need to manually confirm the files before handling them.

  6. Click Scan and start the scanning task.

Full-disk Scan

  1. Log in to the management console.
  2. In the upper left corner of the page, select a region, click , and choose Security & Compliance > HSS.
  3. Choose Prevention > Virus Scan. The Virus Scan page is displayed.
  4. Click Full-disk Scan. The dialog box is displayed.
  5. Set parameters related to the full-disk scan task as prompted.

    • Task Name: You can customize a task name.
    • Select Server: Select the server for which you want to perform full-disk scan.
      • The server cannot be selected when it is in the scanning state.
      • The Full-disk Scan function scans all disks but not network directories.
    • Handling Policy: Select the handling mode for the detected virus files.
      • Automatic Handling: Virus files that have been further confirmed are automatically isolated. Suspicious files are labeled with suspicious and need to be handled after manual confirmation.
      • Manual Handling: Alarms are generated only for detected infected files. You need to manually confirm the files before handling them.

  6. Click Scan and start the scanning task.

Custom Scan

  1. Log in to the management console.
  2. In the upper left corner of the page, select a region, click , and choose Security & Compliance > HSS.
  3. Choose Prevention > Virus Scan. The Virus Scan page is displayed.
  4. Click Custom Scan.
  5. Set the parameters of the customized antivirus policy as prompted. For details about the parameters, see Table 1.

    Table 1 Custom antivirus policy parameters

    Parameter

    Description

    Task Name

    Name of a custom antivirus task.

    File Type

    Type of the file to be scanned. Currently, the following types of files can be scanned:

    • Executable: executable files and dynamic link libraries (DLLs), such as .exe, .dll, and .so files.
    • Compressed: such as .zip, .rar, and .tar
    • Script: such as .bat, .py, and .ps1
    • Document: such as TXT, DOC, and PDF
    • Image: such as BMP, JPG, and GIF
    • Audio & Video: such as MP3, MP4, and FLV files

    Directory Settings

    Directory where virus-infected files need to be scanned. If this parameter is not set, full scan is performed by default. Full scan does not cover network directories.

    Exclude Specified Directories

    Directories that do not require virus scan.

    Select Server

    Servers to be scanned. Servers in the scanning state cannot be selected.

    Handling Policy
    Select the processing mode for the detected virus files.
    • Automatic Handling: Virus files that have been further confirmed are automatically isolated. Suspicious files are labeled with suspicious and need to be handled after manual confirmation.
    • Manual Handling: Alarms are displayed only for detected virus-infected files. You need to manually confirm the files before handling them.

  6. Click Scan and start the scanning task.

Follow-up Procedure

  • View the execution status of a scan job
    1. On the Virus Scan page, click the Scan tasks to view the execution status of virus scan tasks.

      To stop an ongoing scan task, click Cancel in the Operation column of the target scan task.

      Figure 1 Viewing scan tasks
    2. Click to view the scan status and number of scanned files of each server.

      Click Cancel in the Operation column of the target server to stop scanning the server.

  • View and handle viruses

    After a virus scan task is complete, you can manually handle the detected virus files based on service requirements. For details, see Viewing and Handling Viruses.

Parent Topic: Virus Scan