Security Center provides the anti-virus feature that supports deep virus scan, virus alerts, and virus alert handling. This topic describes how to use the anti-virus feature to handle virus alerts.

Background information

The anti-virus feature provides deep scan and removal of persistent viruses. The anti-virus feature can detect and remove the following virus types:
  • Ransomware
  • Mining programs
  • DDoS Trojans
  • Trojans
  • Backdoor programs
  • Malicious programs
  • High-risk programs
  • Computer worms
  • Suspicious programs
  • Automatic mutating Trojans
Note The preceding virus types pose great security threats to your servers. Security Center generates alerts when they are detected. We recommend that you handle virus alerts at the earliest opportunity.

Procedure

  1. Log on to the Security Center console.
  2. In the left-side navigation pane, choose Defense > Anti-Virus.
  3. On the Anti-Virus page, click Process Now.
  4. Find a target alert and click Processing in the Actions column.
    To handle multiple alerts simultaneously, select target alerts and click Batch handled. To handle all alerts simultaneously, click Processing.
  5. In the Alert handling dialog box that appears, select a method to handle virus alerts.
    The following table lists the methods to handle virus alerts:
    Method Description
    Deep cleanup Select Deep cleanup to handle the viruses on you servers.
    Security Center experts have conducted tests and analysis of persistent viruses. Based on the test and analysis results, deep cleanup is dedicated to handling persistent viruses. Deep cleanup uses the following methods to handle viruses.
    • Terminate virus processes

      Terminates running virus processes to prevent viruses from compromising your service systems.

    • Quarantine virus files

      Quarantines virus files to prevent attackers from starting them. Security Center quarantines virus files. You can download, analyze, and restore quarantined files as needed. For more information, see Quarantine.

    • Deleted the persistence method injected by hackers.

      Attackers exploit crontab tasks and malicious download sources to implant persistent tasks, which allows attackers to implant more viruses and ensures the persistence of the viruses. Security Center provides dedicated analysis and virus removal to allow you to handle attacks against vulnerable crontab tasks and malicious download sources. In addition, Security Center uses AI learning to enhance the security of your assets and handles viruses within a few hours.

    Whitelist Click Whitelist to add an alert to the whitelist. After the alert is added to the whitelist, Security Center no longer generates alerts when the alert event reoccurs.
    Ignore Click Ignore to ignore an alert. After you ignore the alert, the status of the alert changes to Ignored. If the alert event reoccurs, Security Center will generate alerts.
    Handled manually If you have handled the alert manually, select Handled manually. After you select Handled manually, the status of the alert changes to Handled.
  6. Click Process Now.