Skip to main content

Scanning for malware

The main objective of Bitdefender Endpoint Security Tools is to keep your computer free of malware. This is achieved by scanning accessed files, email messages, and any new files downloaded or copied to your computer in real time. Apart from real-time protection, it also allows running scans to detect malware and remove it from your computer.

You can scan the computer whenever you want by running default tasks or your own scan tasks (user-defined tasks). Scan tasks specify the scanning options and the objects to be scanned.

You can view previously completed scans on the Events page. For more information, refer to Check scan logs.

Scan a file or folder

You should scan files and folders whenever you suspect they might be infected. Right-click the file or folder you want to be scanned and select Scan with Bitdefender Endpoint Security Tools. The scan starts and you can monitor the progress on the Overview page.

If a file is password protected, you are prompted to enter the password before the scan can continue.

best_password_protected_file.png

At the end of the scan, you can see the result in the Tasks area.

Run a Quick scan

Quick scan checks the %windir%\system32 and %TEMP% folders to detect malware threatening the endpoint. A Quick scan is usually completed faster and uses fewer local system resources than a Full scan.

Quick scan is configured by default to allow scanning for:

  • Running processes and boot sectors

  • Critical memory regions

  • Only new and changed files

  • rootkit, adware, spyware and dialer applications in critical OS paths such as: %windir%\\system32\\, %temp%, /etc, /lib.

  • Potentially Unwanted Applications (PUA).

To run a Quick scan, follow these steps:

  1. Open the main window of Bitdefender Endpoint Security Tools.

  2. On the Overview window, click the best_scan_icon.png Scan drop-down button in the upper-right corner.

  3. Click Quick scan.

  4. Wait for the scan to complete. You can see the progress and the result of the scan in the Overview page.

Run a Full scan

The Full scan task scans the entire system for all types of malware threatening its security, such as viruses, spyware, adware, rootkits and others.

Note

Because a Full scan performs a thorough scan of the entire system, the scan may take a while. Therefore, it is recommended to run this task when you are not using your computer.

Before running a full scan, make sure Bitdefender Endpoint Security Tools is up to date in terms of malware signatures. Scanning your computer using an outdated signature database may prevent Bitdefender Endpoint Security Tools from detecting new malware found since the last update. For more information, refer to Updating the security agent.

Full scan is configured to allow scanning for:

  • New and modified files

  • Running processes, boot sectors, registries, and UEFI partitions

  • Email archives and network files from all drives, including removable ones

  • rootkits, adware, spyware, keylogger and dialer applications, on all drives, including removable ones

  • Potentially Unwanted Applications (PUA)

  • Browser cookies

To run a Full scan, follow these steps:

  1. Open the main window of Bitdefender Endpoint Security Tools.

  2. On the Overview window, click the best_scan_icon.png Scan drop-down button in the upper-right corner.

  3. Click Full scan.

  4. Wait for the scan to complete. You can see the progress and the result of the scan in the Overview page.

Note

Bitdefender Endpoint Security Tools automatically takes recommended actions on detected files.

Check scan logs

Each time you perform a scan, a scan log is created. It contains detailed information about the logged scanning process, such as scanning options, the scanning target, the threats found, and the actions taken on these threats.

After the scan is done, you can check the results in the Overview window.

To check scan logs at a later time, follow these steps:

  1. Open the main window of Bitdefender Endpoint Security Tools.

  2. Go to the Events window.

  3. Click the Modules drop-down.

  4. Select Antimalware. This section contains all malware scan events, including threats detected by on-access scanning, recent scans, user-initiated scans, and status changes for automatic scans.

  5. To open the scan log, click View log.

    Note

    If multiple events are aggregated, you must click the Antimalware event and select which log you want to view.

In this section:

A rootkit is a set of software tools that offer administrator-level access to a system. The term was first used for the UNIX operating systems and it referred to recompiled tools that provided intruders administrative rights, allowing them to conceal their presence so as not to be seen by the system administrators.

The main role of rootkits is to hide processes, files, logins, and logs. They may also intercept data from terminals, network connections, or peripherals if they incorporate the appropriate software.

Rootkits are not malicious in nature. For example, systems and even some applications hide critical files using rootkits. However, they are mostly used to hide malware or to conceal the presence of an intruder in the system. When combined with malware, rootkits pose a great threat to the integrity and the security of a system. They can monitor traffic, create backdoors into the system, alter files and logs and avoid detection.

Adware is often combined with a host application that is provided at no charge as long as the user agrees to accept the adware. Because adware applications are usually installed after the user has agreed to a licensing agreement that states the purpose of the application, no offense is committed.

However, pop-up advertisements can become an annoyance, and in some cases degrade system performance. Also, the information that some of these applications collect may cause privacy concerns for users who were not fully aware of the terms in the license agreement.

Any software that covertly gathers user information through the user's Internet connection without his or her knowledge, usually for advertising purposes. Spyware applications are typically bundled as a hidden component of freeware or shareware programs that can be downloaded from the Internet; however, it should be noted that the majority of shareware and freeware applications do not come with spyware. Once installed, the spyware monitors user activity on the Internet and transmits that information in the background to someone else. Spyware can also gather information about email addresses and even passwords and credit card numbers.

Spyware's similarity to a Trojan horse is the fact that users unwittingly install the product when they install something else. A common way to become a victim of spyware is to download certain peer-to-peer file swapping products that are available today.

Aside from the questions of ethics and privacy, spyware steals from the user by using the computer's memory resources and also by eating bandwidth as it sends information back to the spyware's home base via the user's Internet connection. Because spyware is using memory and system resources, the applications running in the background can lead to system crashes or general system instability.

A sector at the beginning of each disk that identifies the disk's architecture (sector size, cluster size, and so on). For startup disks, the boot sector also contains a program that loads the operating system.