Thanks for reaching out. I presume you're trying the scan command via Responder? If yes, then it is indeed possible to scan the entire C drive. You should be able to enter a scan action like so, scan --path "C:\" and that should work. See screenshot.
A scan action result is going to generate an alert if a malicious file is found and you should see that alert on the Alerts page (/app/security/alerts). An alert is not generated otherwise. See the screenshot for such an alert.
You can see the results of action requests, including the scan action, on the Response console, the Host's Details flyout for the host. Hosts are listed out on the Endpoint list page (app/security/administration/endpoints). You can also see the action's result on the Response Actions History page (app/security/administration/response_actions_history) by expanding the action item. See screenshots.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.