Views:

Scan one or more endpoints for file-based threats such as viruses, spyware, and grayware.

This task is supported by the following services:
  • Trend Micro Apex One as a Service
  • Standard Endpoint Protection
When searching for suspicious files on endpoints, you may trigger a one-time malware scan for a single endpoint using the context menu in Workbench or for up to 200 endpoints using the Response drop-down menu in Endpoint Inventory.
Important
Important
  • Agents on target endpoints must be connected and upgraded to the latest version.
  • If the agent on a target endpoint is disconnected, the task is queued until the agent reconnects. Queued tasks time out after 24 hours.
  • Depending on number of files, size of files, and storage device speed on target endpoints, the task may take several hours to complete.

Procedure

  1. After identifying endpoints to scan, access the context or response menu and click Scan for Malware.
    The Scan for Malware Task screen appears.
  2. Confirm the targets of the response.
  3. Specify a Description for the response or event.
  4. Click Create.
    Trend Vision One creates the task and displays the current task status in Response Management.
  5. Monitor the task status.
    1. Open Response Management.
    2. (Optional) Locate the task using the Search field or by selecting Scan for Malware from the Action drop-down menu.
    3. View the task status.
      • In progress (in_progress=GUID-A55897DB-3DEA-4F5C-B7F9-70B3D7FB9EDE=1=en-us=Low.jpg): Trend Vision One sent the command and is waiting for a response.
      • Successful (successful=GUID-1E31AD86-DE2E-48B5-85F7-7C78A3E8BB11=1=en-us=Low.jpg): The command was successfully executed.
      • Partially successful (partially_successful_icon=GUID-20230103030733.jpg): One or more commands was unsuccessful.
      • Manually terminated (rejected=bd05fc87-5b5d-4d84-bfb1-3a6dc09ddac5.jpg): The command was manually terminated in Response Management.
      • Queued (queued=GUID-65C0DF81-E50D-4D51-9602-2E9B7A0E5F14=1=en-us=Low.jpg): The managing server queued the command because the agent was offline.
      • Unsuccessful (error=5cc21722-7ceb-480c-b9c2-a47d420cf1cc.jpg): An error or time-out occurred when attempting to send the command to the managing server, the agent is offline for more than 24 hours, or the command execution timed out.
        Note
        Note
        If the task status is Queued (queued=GUID-65C0DF81-E50D-4D51-9602-2E9B7A0E5F14=1=en-us=Low.jpg) or Unsuccessful (error=5cc21722-7ceb-480c-b9c2-a47d420cf1cc.jpg), you can click the Resend command (resendCommand=GUID-47F93E03-99D1-49B4-95D0-C6D07F10B592=1=en-us=Low.jpg) icon to immediately send the exact same command to the managing server.
    You may view the task progress or results by clicking on the corresponding task ID in Response Management. To terminate the task, click the options (options_icon=GUID-408062FA-DA13-4ECA-81EB-31A5B68355A1=1=en-us=Low.jpg) icon and select Terminate task.