Skip to main content

Scanning for malware

The main objective of Bitdefender Endpoint Security Tools is to keep your computer free of malware. It does that primarily by scanning in real time accessed files, e-mail messages, and any new files downloaded or copied to your computer. Besides real-time protection, it also allows running scans to detect and remove malware from your computer.

Scan options

Run the bduitool command with one of the available scan options:

get scanprof [full|quick|custom]

Display the scan profile settings for the full, quick or a custom scan.

scan -s full|quick|task <taskID>|(custom <path1> <path2>...)

Run a full, quick or custom scan or a previous scan task determined by the task ID. For custom scan, you have to specify a list of paths to be scanned (folders and/or files) where you can also use wildcards.

For example, use:

  • scan -s full to run a full scan.

  • scan -s task <taskID> to run the task with the specified task ID

  • scan -s custom /home/user1/folder1 /home/user1/file.txt to run a custom scan on the specified file and folders.

If using wildcards for custom scans, please keep in mind the following:

  • scan -s custom /dir/*/direxpands a single directory level.

  • scan -s custom "/dir/*/dir" expands the full directory tree.

  • scan -s custom "/dir/*/dir?" substitutes a single character using the question mark (?).

scan -p

Pause all running scan tasks.

scan -r

Resume all paused scan tasks.

scan -q

Stop all running or paused scan tasks.


The pause, resume, or stop commands apply only to scans started from Bitdefender User Interface Tool.

get scantasks

Display details of all running scan tasks, including a task identifier. The tasks that are in progress are listed first.

get scanlog [taskID]

Display information about the last finished scan task. The command can also display details about the last run of a specific task, if the task ID is mentioned.

get scanstatus [<taskID>]

Display the status of the scan task with the specified task ID.


You can display detailed information regarding the quarantined files. Run the bduitool command with the below option:

get quar [-s <integer_value>]

Display a list of quarantined items. - s <integer_value> is a parameter that displays the specified number of most recent quarantined items.

For example, use:

  • get quar to display all quarantine items.

  • get quar -s 10 to display the first 10 items from quarantine.


Bitdefender Endpoint Security Tools keeps a detailed log of events concerning its activity on your computer.

Run the bduitool command with the below option:

get events [-s <integer value>]

Display the list of events that the Antimalware module has detected.


-s <integer value> : Display the specified number of most recent antimalware events.

-s undertype <type> : This parameter sets if the kernel module updates are performed through signature update (default) or product update. The accepted values for <type> are signatures or product.