Whenever you trigger a restore with the Malicious File Scan option enabled, a scan job is initiated. You can monitor and manage all the scan jobs from the Jobs page in Ransomware Recovery. A Last Updated at timestamp is displayed beside the page heading to help you understand when the details of the page was last updated.
Only after the job is complete, the restore activity starts and the clean files are restored and all the malicious files are blocked. You can view a summary of the scan job from the Jobs page.
You can cancel an ongoing job if you initiated the scan by mistake or no longer need to scan the data for malicious files.
Click the Job ID to view the following job details:
|Job Details section|
|Job ID||The unique ID of the scan job.|
|Job Type||Denoting that the job was Malicious File Scan.|
|Start Time||The time when the scan was initiated.|
|End Time||The time when the scan finished. If the job ended prematurely due to cancelation, or due to failure, this field displays that timestamp.|
|Product Job ID||The ID of the restore job.|
The name of the data source.
|Resource Type||The type of the data source. Example: File Server.|
|User Name||The name of the user to whom the endpoint belongs. This field is only displayed when the data source is an endpoint.|
|Organization||The name of the organization to which the server belongs. This field is only displayed when the data source is a server.|
The current status of the job. It can be any of the following:
|Created By||The name of the administrator or inSync Client user who initiated the restore.|
|Scan Details section|
|Files Selected For Restore||The total number of files that the administrator or an inSync Client user selected for this restore job.|
|Files Scanned||The number of files scanned for this restore job.|
|Files Scan Skipped||The number of files that were skipped during the scan. There can be various reasons for this such as file deleted midway through the scan, file corrupted, file path not accessible, and so on.|
The number of malicious files. Click the number to view the details of the malicious files and also download a CSV containing the file names and SHA1 value of each file.
Use the Download File Report option to download and view the details of malicious files.
The Download File Report option is enabled when Druva encounters and displays a count for blocked files.