More on the latest variant of 'Petya' Ransomware outbreak here
From the central Enterprise Console you can run a full system scan of individual endpoint computers or an entire group of computers. This article gives us an idea how the full system scan works and how it is done.
The following settings are applied to the Full system scan through the Sophos Anti-Virus and HIPS policy assigned to the machine in SEC:
All other scan settings are the same as the 'Scan my computer' option on the endpoint. Please be aware that the full system scan will not scan for the following:
The clean up option for the full system scan will be set to Log only. The option Automatically clean up items that contain a virus/Spyware will not be enabled.
The following sections are covered:
Applies to the following Sophos products and versions Enterprise ConsoleEnterprise Console 5.5.0Enterprise Console 5.4.1Enterprise Console 5.4.0
Note: If the scan was cancelled locally you will see an error on the Alert and Error Details tab and in and in the Computer Details for that computer.
What happens if I choose to run a scan and the target computer is switched off?
When you select to perform an action (any action) in the console this is sent from the Enterrpise Console to the endpoint computer by the Remote Management System (RMS) in the form of a .msg file.
If the computer is switched off, or your management server cannot connect to the endpoint computer immediately to communicate the request to scan, a .msg file will be stored on the server in the Envelopes for later transmission. For more details see The Envelopes folder in Endpoint Security and Control.
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. If you need technical support please post a question to our community. Alternatively for licensed products open a support ticket.