BitDefender Antivirus 2009

BitDefender Antivirus 2009

BitDefender Antivirus 2009

16. Antivirus

BitDefender protects your computer from all kinds of malware (viruses, Trojans, spyware, rootkits and so on). The protection BitDefender offers is divided into two categories:

Real-time protection

- prevents new malware threats from entering your system.

BitDefender will, for example, scan a word document for known threats when you open it, and an e-mail message when you receive one.

Note

Real-time protection is also referred to as on-access scanning - files are scanned as the users access them.

On-demand scanning

- allows detecting and removing the malware that already resides in the system. This is the classic scan initiated by the user - you choose what drive, folder or file BitDefender should scan, and BitDefender scans it on-demand. The scan tasks allow you to create customized scanning routines and they can be scheduled to run on a regular basis.

16.1. Real-time Protection

BitDefender provides continuous, real-time protection against a wide range of malware threats by scanning all accessed files, e-mail messages and the communications through Instant Messaging Software applications (ICQ, NetMeeting, Yahoo Messenger,

MSN Messenger). BitDefender Antiphishing prevents you from disclosing personal information while browsing the Internet by alerting you about potential phishing web pages.

To configure real-time protection and BitDefender Antiphishing, go to Antivirus>Shield in the Advanced View.

Antivirus 96

BitDefender Antivirus 2009

Real-time Protection

You can see whether Real-time protection is enabled or disabled. If you want to change the Real-time protection status, clear or select the corresponding check box.

Important

To prevent viruses from infecting your computer keep Real-time protection enabled.

To start a quick system scan, click Scan Now.

16.1.1. Configuring Protection Level

You can choose the protection level that better fits your security needs. Drag the slider along the scale to set the appropriate protection level.

There are 3 protection levels:

Antivirus 97

BitDefender Antivirus 2009

Protection level Description

Permissive

Default

Aggressive

Covers basic security needs. The resource consumption level is very low.

Programs and incoming mail messages are only scanned for viruses. Besides the classical signature-based scan, the heuristic analysis is also used. The actions taken on infected files are the following: clean file/deny access.

Offers standard security. The resource consumption level is low.

All files and incoming&outgoing mail messages are scanned for viruses and spyware. Besides the classical signature-based scan, the heuristic analysis is also used. The actions taken on infected files are the following: clean file/deny access.

Offers high security. The resource consumption level is moderate.

All files, incoming&outgoing mail messages and web traffic are scanned for viruses and spyware. Besides the classical signature-based scan, the heuristic analysis is also used. The actions taken on infected files are the following: clean file/deny access.

To apply the default real-time protection settings click Default Level.

16.1.2. Customizing Protection Level

Advanced users might want to take advantage of the scan settings BitDefender offers.

The scanner can be set to scan only specific file extensions, to search for specific malware threats or to skip archives. This may greatly reduce scanning times and improve your computer's responsiveness during a scan.

You can customize the Real-time protection by clicking Custom level. The following window will appear:

Antivirus 98

BitDefender Antivirus 2009

Antivirus

Shield Settings

The scan options are organized as an expandable menu, very similar to those used for exploration in Windows. Click the box with "+" to open an option or the box with

"-" to close an option.

Note

You can observe that some scan options, although the "+" sign appears, cannot be opened. The reason is that these options weren't selected yet. You will observe that if you select them, they can be opened.

Scan accessed files and P2P transfers options - scans the accessed files and the communications through Instant Messaging Software applications (ICQ,

NetMeeting, Yahoo Messenger, MSN Messenger). Further on, select the type of the files you want to be scanned.

Option

Scan accessed files

Description

Scan all files

All the accessed files will be scanned, regardless their type.

Scan program files only

Only the program files will be scanned. This means only the files with the following extensions: .exe; .bat; .com; .dll; .ocx;

99

BitDefender Antivirus 2009

Antivirus

Option Description

.scr

; .bin; .dat; .386; .vxd; .sys; .wdm;

.cla

; .class; .ovl; .ole; .exe; .hlp;

.doc

; .dot; .xls; .ppt; .wbk; .wiz; .pot;

.ppa

; .xla; .xlt; .vbs; .vbe; .mdb; .rtf;

.htm

; .hta; .html; .xml; .xtp; .php;

.asp

; .js; .shs; .chm; .lnk; .pif; .prc;

.url

; .smm; .pdf; .msi; .ini; .csc; .cmd;

.bas

; .eml and .nws.

Scan user defined extensions

Only the files with the extensions specified by the user will be scanned. These extensions must be separated by ";".

Scan for riskware

Scans for riskware. Detected files will be treated as infected. The software that includes adware components might stop working if this option is enabled.

Select Skip dialers and applications from

scan if you want to exclude these kind of files from scanning.

Scan boot

Scan inside archives

Scans the system’s boot sector.

The accessed archives will be scanned. With this option on, the computer will slow down.

All packed files will be scanned.

Scan packed files

First action

Select from the drop-down menu the first action to take on infected and suspicious files.

Deny access and continue

In case an infected file is detected, the access to this will be denied.

Clean file

Delete file

Disinfects infected files.

Deletes infected files immediately, without any warning.

M o v e f i l e t o quarantine

Moves infected files into the quarantine.

100

BitDefender Antivirus 2009

Antivirus

Option Description

Second action

Select from the drop-down menu the second action to take on infected files, in case the first action fails.

Deny access and continue

In case an infected file is detected, the access to this will be denied.

Delete file

Deletes infected files immediately, without any warning.

M o v e f i l e t o quarantine

Moves infected files into the quarantine.

Do not scan files greater than [x]

Kb

Type in the maximum size of the files to be scanned. If the size is 0 Kb, all files will be scanned, regardless their size.

Do not scan archives greater than [20000] Kb

Do not scan network shares

Type in the maximum size of the archives to be scanned in kilobytes (KB). If you want to scan all archives, regardless of their size, type

0.

If this option is enabled, BitDefender will not scan the network shares, allowing for a faster network access.

We recommend you to enable this option only if the network you are part of is protected by an antivirus solution.

Scan e-mail traffic - scans the e-mail traffic.

The following options are available:

Option

Scan incoming mails

Scan outgoing mails

Description

Scans all incoming e-mail messages.

Scans all outgoing e-mail messages.

Scan http traffic - scans the http traffic.

Show warning when a virus is found - opens an alert window when a virus is found in a file or in an e-mail message.

101

BitDefender Antivirus 2009

For an infected file the alert window will contain the name of the virus, the path to it, the action taken by BitDefender and a link to the BitDefender site where you can find more information about it. For an infected e-mail the alert window will contain also information about the sender and the receiver.

In case a suspicious file is detected you can launch a wizard from the alert window that will help you to send that file to the BitDefender Lab for further analysis. You can type in your e-mail address to receive information regarding this report.

Scan files received/sent over IM. To scan the files you receive or send using

Yahoo Messenger or Windows Live Messenger, select the corresponding check boxes.

Click OK to save the changes and close the window.

16.1.3. Configuring the Behavioral Scanner

The Behavioral Scanner provides a layer of protection against new threats for which signatures have not yet been released. It constantly monitors and analyses the behavior of the applications running on your computer and alerts you if an application has a suspicious behavior.

The Behavioral Scanner alerts you whenever an application tries to perform a possible malicious action and prompts you for action.

If you know and trust the detected application, click Allow.

The Behavioral Scanner will no longer scan the application for possible malicious behavior.

If you want to immediately close the application, click OK.

Antivirus

Behavioral Scanner Alert

To configure the Behavioral Scanner, click Scanner Settings.

102

BitDefender Antivirus 2009

Behavioral Scanner Settings

If you want to disable the Behavioral Scanner, clear the Behavioral Scanner is

enabled check box.

Important

Keep the Behavioral Scanner enabled in order to be protected against unknown viruses.

Configuring the Protection Level

The Behavioral Scanner protection level automatically changes when you set a new real-time protection level. If you are not satisfied with the default setting, you can manually configure the protection level.

Note

Keep in mind that if you change the current real-time protection level, the Behavioral

Scanner protection level will change accordingly.

Drag the slider along the scale to set the protection level that best fits your security needs.

Antivirus 103

BitDefender Antivirus 2009

Protection level Description

Critical

High

Medium

Low

Applications are strictly monitored for possible malicious actions.

Applications are intensely monitored for possible malicious actions.

Applications are moderately monitored for possible malicious actions.

Applications are monitored for possible malicious actions.

Managing Excluded Applications

You can configure the Behavioral Scanner not to check specific applications. The applications that are not currently checked by the Behavioral Scanner are listed in the

Excluded Applications table.

To manage the excluded applications, you can use the buttons placed at the top of the table:

Add - exclude a new application from scanning.

Remove - remove an application from the list.

Edit - edit an application path.

16.1.4. Disabling Real-time Protection

If you want to disable real-time protection, a warning window will appear.

Antivirus

Disable Real-time Protection

You must confirm your choice by selecting from the menu how long you want the real-time protection to be disabled. You can disable real-time protection for 5, 15 or

30 minutes, for an hour, permanently or until the system restart.

104

BitDefender Antivirus 2009

Warning

This is a critical security issue. We recommend you to disable real-time protection for as little time as possible. If real-time protection is disabled, you will not be protected against malware threats.

16.1.5. Configuring Antiphishing Protection

BitDefender provides real-time antiphishing protection for:

■ Internet Explorer

■ Mozilla Firefox

■ Yahoo! Messenger

■ Windows Live (MSN) Messenger

You can choose to disable the antiphishing protection completely or for specific applications only.

You can click White List to configure and manage a list of web sites that should not be scanned by BitDefender Antiphishing engines.

Antivirus

Antiphishing White List

You can see the web sites that BitDefender does not currently check for phishing content.

105

BitDefender Antivirus 2009

To add a new web site to the white list, type its url address in the New address field and click Add. The white list should contain only web sites you fully trust. For example, add the web sites where you currently shop online.

Note

You can easily add web sites to the white list from the BitDefender Antiphishing toolbar integrated into your web browser.

If you want to remove a web site from the white list, click the corresponding Remove button.

Click Close to save the changes and close the window.

16.2. On-demand Scanning

The main objective for BitDefender is to keep your computer clean of viruses. This is first and foremost done by keeping new viruses out of your computer and by scanning your e-mail messages and any new files downloaded or copied to your system.

There is a risk that a virus is already lodged in your system, before you even install

BitDefender. This is why it's a very good idea to scan your computer for resident viruses after you've installed BitDefender. And it's definitely a good idea to frequently scan your computer for viruses.

To configure and initiate on-demand scanning, go to Antivirus>Scan in the Advanced

View.

Antivirus 106

BitDefender Antivirus 2009

Scan Tasks

On-demand scanning is based on scan tasks. Scan tasks specify the scanning options and the objects to be scanned. You can scan the computer whenever you want by running the default tasks or your own scan tasks (user-defined tasks). You can also schedule them to run on a regular basis or when the system is idle so as not to interfere with your work

16.2.1. Scan Tasks

BitDefender comes with several tasks, created by default, which cover common security issues. You can also create your own customized scan tasks.

Each task has a Properties window that allows you to configure the task and to see the scan results. For more information, please refer to

Configuring Scan Tasks” (p.

110)

.

There are three categories of scan tasks:

Antivirus 107

BitDefender Antivirus 2009

Antivirus

System tasks - contains the list of default system tasks. The following tasks are available:

Default Task

Deep System Scan

Full System Scan

Quick System Scan

Autologon Scan

Description

Scans the entire system. In the default configuration, it scans for all types of malware threatening your system's security, such as viruses, spyware, adware, rootkits and others.

Scans the entire system, except for archives. In the default configuration, it scans for all types of malware threatening your system's security, such as viruses, spyware, adware, rootkits and others.

Scans the Windows, Program Files and All

Users folders. In the default configuration, it scans for all types of malware, except for rootkits, but it does not scan memory, the registry or cookies.

Scans the items that are run when a user logs on to

Windows. By default, the autologon scan is disabled.

If you want to use this task, right-click it, select

Schedule and set the task to run at system startup.

You can specify how long after the startup the task should start running (in minutes).

Note

Since the Deep System Scan and Full System Scan tasks analyze the entire system, the scanning may take a while. Therefore, we recommend you to run these tasks on low priority or, better, when your system is idle.

User tasks - contains the user-defined tasks.

A task called My Documents is provided. Use this task to scan important current user folders: My Documents, Desktop and StartUp. This will ensure the safety of your documents, a safe workspace and clean applications running at startup.

Misc tasks - contains a list of miscellaneous scan tasks. These scan tasks refer to alternative scanning types that cannot be run from this window. You can only modify their settings or view the scan reports.

Three buttons are available to the right of each task:

108

BitDefender Antivirus 2009

Schedule - indicates that the selected task is scheduled for later. Click this button to open the Properties window,

Scheduler

tab, where you can see the task schedule and modify it.

Delete - removes the selected task.

Note

Not available for system tasks. You cannot remove a system task.

Scan Now - runs the selected task, initiating an

immediate scan .

To the left of each task you can see the Properties button, that allows you to configure the task and view the scan logs.

16.2.2. Using Shortcut Menu

A shortcut menu is available for each task. Right-click the selected task to open it.

The following commands are available on the shortcut menu:

Scan Now

runs the selected task, initiating an immediate scan.

Paths

opens the

Properties window,

Paths

tab, where you can change the scan target of the selected task.

Shortcut Menu

Note

In the case of system tasks, this option is replaced by Show Task Paths, as you can only see their scan target.

Schedule - opens the Properties window,

Scheduler

tab, where you can schedule the selected task.

Antivirus 109

BitDefender Antivirus 2009

Logs - opens the Properties window,

Logs

tab, where you can see the reports generated after the selected task was run.

Clone - duplicates the selected task. This is useful when creating new tasks, as you can modify the settings of the task duplicate.

Delete - deletes the selected task.

Note

Not available for system tasks. You cannot remove a system task.

Open - opens the Properties window,

Overview

tab, where you can change the settings of the selected task.

Note

Due to the particular nature of the Misc Tasks category, only the Logs and Open options are available in this case.

16.2.3. Creating Scan Tasks

To create a scan task, use one of the following methods:

Duplicate

an existing task, rename it and make the necessary changes in the

Properties

window.

■ Click New Task to create a new task and configure it.

16.2.4. Configuring Scan Tasks

Each scan task has its own Properties window, where you can configure the scan options, set the scan target, schedule the task or see the reports. To open this window click the Open button, located on the right of the task (or right-click the task and then click Open).

Note

For more information on viewing logs and the Logs tab, please refer to

Viewing Scan

Logs” (p. 129) .

Configuring Scan Settings

To configure the scanning options of a specific scan task, right-click it and select

Properties. The following window will appear:

Antivirus 110

BitDefender Antivirus 2009

Overview

Here you can see information about the task (name, last run and schedule status) and set the scan settings.

Choosing Scan Level

You can easily configure the scan settings by choosing the scan level. Drag the slider along the scale to set the appropriate scan level.

There are 3 scan levels:

Protection level Description

Low

Medium

Offers reasonable detection efficiency. The resource consumption level is low.

Programs only are scanned for viruses. Besides the classical signature-based scan, the heuristic analysis is also used.

Offers good detection efficiency. The resource consumption level is moderate.

All files are scanned for viruses and spyware. Besides the classical signature-based scan, the heuristic analysis is also used.

Antivirus 111

BitDefender Antivirus 2009

Protection level Description

High

Offers high detection efficiency. The resource consumption level is high.

All files and archives are scanned for viruses and spyware. Besides the classical signature-based scan, the heuristic analysis is also used.

A series of general options for the scanning process are also available:

Run the task with Low priority. Decreases the priority of the scan process. You will allow other programs to run faster and increase the time needed for the scan process to finish.

Minimize scan window on start to systray. Minimizes the scan window to the

system tray . Double-click the BitDefender icon to open it.

Shut down the computer when scan completes if no threats are found

Click OK to save the changes and close the window. To run the task, just click Scan.

Customizing Scan Level

Advanced users might want to take advantage of the scan settings BitDefender offers.

The scanner can be set to scan only specific file extensions, to search for specific malware threats or to skip archives. This may greatly reduce scanning times and improve your computer's responsiveness during a scan.

Click Custom to set your own scan options. A new window will appear.

Antivirus 112

BitDefender Antivirus 2009

Antivirus

Scan Settings

The scan options are organized as an expandable menu, very similar to those used for exploration in Windows. Click the box with "+" to open an option or the box with

"-" to close an option.

The scan options are grouped into 3 categories:

Scan Level. Specify the type of malware you want BitDefender to scan for by selecting the appropriate options from the Scan Level category.

Option

Scan for viruses

Scan for adware

Description

Scans for known viruses.

BitDefender detects incomplete virus bodies, too, thus removing any possible threat that could affect your system's security.

Scans for adware threats. Detected files will be treated as infected. The software that includes adware components might stop working if this option is enabled.

113

BitDefender Antivirus 2009

Antivirus

Option

Scan for spyware

Scan for application

Scan for dialers

Scan for rootkits

Description

Scans for known spyware threats. Detected files will be treated as infected.

Scan for legitimate applications that can be used as a spying tool, to hide malicious applications or for other malicious intent.

Scans for applications dialing high-cost numbers.

Detected files will be treated as infected. The software that includes dialer components might stop working if this option is enabled.

Scans for hidden objects (files and processes), generally known as rootkits.

Virus scanning options. Specify the type of objects to be scanned (file types, archives and so on) by selecting the appropriate options from the Virus scanning

options category.

Option Description

Scan files Scan all files

All files are scanned, regardless of their type.

Scan program files only

Only the program files will be scanned. This means only the files with the following extensions: exe; bat; com; dll; ocx; scr; bin

; dat; 386; vxd; sys; wdm; cla; class; ovl

; ole; exe; hlp; doc; dot; xls; ppt; wbk; wiz

; pot; ppa; xla; xlt; vbs; vbe; mdb; rtf; htm

; hta; html; xml; xtp; php; asp; js; shs; chm

; lnk; pif; prc; url; smm; pdf; msi; ini; csc

; cmd; bas; eml and nws.

Scan user defined extensions

Only the files with the extensions specified by the user will be scanned. These extensions must be separated by ";".

Open packed programs

Scans packed files.

Open archives

Scans inside archives.

114

BitDefender Antivirus 2009

Antivirus

Option

Open e-mail archives

Scan boot sectors

Scan memory

Scan registry

Scan cookies

Description

Scanning archived files increases the scanning time and requires more system resources. You can click the Archive size limit field and type the maximum size of the archives to be scanned in kilobytes (KB).

Scans inside mail archives.

Scans the system’s boot sector.

Scans the memory for viruses and other malware.

Scans registry entries.

Scans cookie files.

Action options. Specify the action to be taken on the each category of detected files using the options in the Action options category.

Note

To set a new action, click the current action and select the desired option from the menu.

• Select the action to be taken on the infected files detected. The following options are available:

Action

None (log objects)

Disinfect files

Delete files

Move files to Quarantine

Description

No action will be taken on infected files. These files will appear in the report file.

Remove the malware code from the infected files detected.

Deletes infected files immediately, without any warning.

Moves infected files into the quarantine.

Quarantined files cannot be executed or opened; therefore, the risk of getting infected disappears.

115

BitDefender Antivirus 2009

Antivirus

• Select the action to be taken on the suspicious files detected. The following options are available:

Action

None (log objects)

Delete files

Move files to Quarantine

Description

No action will be taken on suspicious files. These files will appear in the report file.

Deletes suspicious files immediately, without any warning.

Moves suspicious files into the quarantine.

Quarantined files cannot be executed or opened; therefore, the risk of getting infected disappears.

Note

Files are detected as suspicious by the heuristic analysis. We recommend you to send these files to the BitDefender Lab.

• Select the action to be taken on the hidden objects (rootkits) detected. The following options are available:

Action

None (log objects)

Move files to Quarantine

Make visible

Description

No action will be taken on hidden files. These files will appear in the report file.

Moves hidden files into the quarantine. Quarantined files cannot be executed or opened; therefore, the risk of getting infected disappears.

Reveals hidden files so that you can see them.

Archived files action options. Scanning and handling files inside archives are subject to restrictions. Password-protected archives cannot be scanned unless you provide the password. Depending on the archive format (type), BitDefender may not be able to disinfect, isolate or delete infected archived files. Configure the actions to be taken on the archived files detected using the appropriate options from the Archived files action options category.

○ Select the action to be taken on the infected files detected. The following options are available:

116

Antivirus

BitDefender Antivirus 2009

Action

Take no action

Disinfect files

Delete files

Move files to Quarantine

Description

Only keep record of infected archived files in the scan log. After the scan is completed, you can open the scan log to view information on these files.

Remove the malware code from the infected files detected. Disinfection may fail in some cases, such as when the infected file is inside specific mail archives.

Immediately remove infected files from the disk, without any warning.

Move infected files from their original location to the

quarantine folder

. Quarantined files cannot be executed or opened; therefore, the risk of getting infected disappears.

○ Select the action to be taken on the suspicious files detected. The following options are available:

Action

Take no action

Delete files

Move files to Quarantine

Description

Only keep record of suspicious archived files in the scan log. After the scan is completed, you can open the scan log to view information on these files.

Deletes suspicious files immediately, without any warning.

Moves suspicious files into the quarantine.

Quarantined files cannot be executed or opened; therefore, the risk of getting infected disappears.

○ Select the action to be taken on the password-protected files detected. The following options are available:

117

BitDefender Antivirus 2009

Action

Log as not scanned

Prompt for password

Description

Only keep record of the password-protected files in the scan log. After the scan is completed, you can open the scan log to view information on these files.

When a password-protected file is detected, prompt the user to provide the password in order to scan the file.

Note

If you choose to ignore the detected files or if the chosen action fails, you will have to choose an action in the scanning wizard.

If you click Default you will load the default settings. Click OK to save the changes and close the window.

Setting Scan Target

To set the scan target of a specific user scan task, right-click the task and select Paths.

The following window will appear:

Antivirus 118

BitDefender Antivirus 2009

Antivirus

Scan Target

You can see the list of local, network and removable drives as well as the files or folders added previously, if any. All checked items will be scanned when running the task.

The section contains the following buttons:

Add Items(s) - opens a browsing window where you can select the file(s) / folder(s) that you want to be scanned.

Note

You can also use drag and drop to add files/folders to the list.

Remove Item(s) - removes the file(s) / folder(s) previously selected from the list of objects to be scanned.

Note

Only the file(s) / folder(s) that were added afterwards can be deleted, but not those that were automatically "seen" by BitDefender.

119

BitDefender Antivirus 2009

Besides the buttons explained above there are also some options that allow the fast selection of the scan locations.

Local Drives - to scan the local drives.

Network Drives - to scan all network drives.

Removable Drives - to scan removable drives (CD-ROM, floppy-disk unit).

All Entries - to scan all drives, no matter if they are local, in the network or removable.

Note

If you want to scan your entire computer, select the checkbox corresponding to All

Entries.

Click OK to save the changes and close the window. To run the task, just click Scan.

Viewing the Scan Target of System Tasks

You can not modify the scan target of the scan tasks from the System Tasks category.

You can only see their scan target.

To view the scan target of a specific system scan task, right-click the task and select

Show Task Paths. For Full System Scan, for example, the following window will appear:

Antivirus

Scan Target of Full System Scan

120

BitDefender Antivirus 2009

Full System Scan and Deep System Scan will scan all local drives, while Quick

System Scan will only scan the Windows and Program Files folders.

Click OK to close the window. To run the task, just click Scan.

Scheduling Scan Tasks

With complex tasks, the scanning process will take some time and it will work best if you close all other programs. That is why it is best for you to schedule such tasks when you are not using your computer and it has gone into the idle mode.

To see the schedule of a specific task or to modify it, right-click the task and select

Schedule Task. The following window will appear:

Antivirus

Scheduler

You can see the task schedule, if any.

When scheduling a task, you must choose one of the following options:

Not Scheduled - launches the task only when the user requests it.

Once - launches the scan only once, at a certain moment. Specify the start date and time in the Start Date/Time fields.

121

BitDefender Antivirus 2009

Periodically - launches the scan periodically, at certain time intervals(hours, days, weeks, months, years) starting with a specified date and time.

If you want the scan to be repeated at certain intervals, select Periodically and type in the At every edit box the number of minutes/hours/days/weeks/ months/years indicating the frequency of this process. You must also specify the start date and time in the Start Date/Time fields.

On system startup - launches the scan at the specified number of minutes after a user has logged on to Windows.

Click OK to save the changes and close the window. To run the task, just click Scan.

16.2.5. Scanning Objects

Before you initiate a scanning process, you should make sure that BitDefender is up to date with its malware signatures. Scanning your computer using an outdated signature database may prevent BitDefender from detecting new malware found since the last update. To verify when the last update was performed, click Update>Update in the settings console.

Note

In order for BitDefender to make a complete scanning, you need to shut down all open programs. Especially your email-client (i.e. Outlook, Outlook Express or Eudora) is important to shut down.

Scanning Methods

BitDefender provides four types of on-demand scanning:

Immediate scanning

- run a scan task from the system / user tasks.

Contextual scanning

- right-click a file or a folder and select BitDefender Antivirus

2009.

Drag&Drop scanning

- drag and drop a file or a folder over the

Scan Activity Bar .

Manual scanning

- use BitDefender Manual Scan to directly select the files or folders to be scanned.

Immediate Scanning

To scan your computer or part of it you can run the default scan tasks or your own scan tasks. This is called immediate scanning.

To run a scan task, use one of the following methods:

Antivirus 122

BitDefender Antivirus 2009

■ double-click the desired scan task in the list.

■ click the Scan now button corresponding to the task.

■ select the task and then click Run Task.

The BitDefender Scanner will appear and the scanning will be initiated. For more information, please refer to

BitDefender Scanner” (p. 125) .

Contextual Scanning

To scan a file or a folder, without configuring a new scan task, you can use the contextual menu. This is called contextual scanning.

Right-click the file or folder you want to be scanned and select BitDefender Antivirus 2009.

The BitDefender Scanner will appear and the scanning will be initiated. For more information, please refer to

BitDefender Scanner” (p. 125) .

You can modify the scan options and see the report files by accessing the Properties window of the

Contextual Menu Scan task.

Contextual Scan

Drag&Drop Scanning

Drag the file or folder you want to be scanned and drop it over the Scan Activity Bar as shown below.

Antivirus 123

BitDefender Antivirus 2009

Drag File

Drop File

The BitDefender Scanner will appear and the scanning will be initiated. For more information, please refer to

BitDefender Scanner” (p. 125) .

Manual Scanning

Manual scanning consists in directly selecting the object to be scanned using the

BitDefender Manual Scan option from the BitDefender program group in the Start

Menu.

Note

Manual scanning is very useful, as it can be performed when Windows works in Safe

Mode, too.

To select the object to be scanned by BitDefender, in the Windows Start menu, follow the path Start Programs BitDefender 2009 BitDefender Manual Scan. The following window will appear:

Antivirus 124

BitDefender Antivirus 2009

Choose the object that you want to be scanned and click OK.

The BitDefender Scanner will appear and the scanning will be initiated. For more information, please refer to

BitDefender Scanner” (p. 125)

.

Manual Scanning

BitDefender Scanner

When you initiate an on-demand scanning process, the BitDefender Scanner will appear. Follow the three-step guided procedure to complete the scanning process.

Step 1/3 - Scanning

BitDefender will start scanning the selected objects.

Antivirus 125

BitDefender Antivirus 2009

Scanning

You can see the scan status and statistics (scanning speed, elapsed time, number of scanned / infected / suspicious / hidden objects and other).

Note

The scanning process may take a while, depending on the complexity of the scan.

To temporarily stop the scanning process, just click Pause. You will have to click

Resume to resume scanning.

You can stop scanning anytime you want by clicking Stop&Yes. You will go directly to the last step of the wizard.

Wait for BitDefender to finish scanning.

Step 2/3 - Select Actions

When the scanning is completed, a new window will appear, where you can see the scan results.

Antivirus 126

BitDefender Antivirus 2009

Antivirus

Actions

You can see the number of issues affecting your system.

The infected objects are displayed in groups, based on the malware they are infected with. Click the link corresponding to a threat to find out more information about the infected objects.

You can choose an overall action to be taken for all issues or you can select separate actions for each group of issues.

The following options can appear on the menu:

Action

Take No Action

Disinfect

Delete

Unhide

Description

No action will be taken on the detected files.

Disinfects infected files.

Deletes detected files.

Makes hidden objects visible.

127

BitDefender Antivirus 2009

Click Continue to apply the specified actions.

Step 3/3 - View Results

When BitDefender finishes fixing the issues, the scan results will appear in a new window.

Summary

You can see the results summary. Click Show log file to view the scan log.

Important

If required, please restart your system in order to complete the cleaning process.

Click Close to close the window.

BitDefender Could Not Solve Some Issues

In most cases BitDefender successfully disinfects the infected files it detects or it isolates the infection. However, there are issues that cannot be solved.

Antivirus 128

BitDefender Antivirus 2009

In these cases, we recommend you to contact the BitDefender Support Team at www.bitdefender.com

. Our support representatives will help you solve the issues you are experiencing.

BitDefender Detected Suspect Files

Suspect files are files detected by the heuristic analysis as potentially infected with malware the signature of which has not been released yet.

If suspect files were detected during the scan, you will be requested to submit them to the BitDefender Lab. Click OK to send these files to the BitDefender Lab for further analysis.

16.2.6. Viewing Scan Logs

To see the scan results after a task has run, right-click the task and select Logs. The following window will appear:

Antivirus

Scan Logs

Here you can see the report files generated each time the task was executed. For each file you are provided with information on the status of the logged scanning process, the date and time when the scanning was performed and a summary of the scanning results.

129

BitDefender Antivirus 2009

Two buttons are available:

Delete - to delete the selected scan log.

Show - to view the selected scan log. The scan log will open in your default web browser.

Note

Also, to view or delete a file, right-click the file and select the corresponding option from the shortcut menu.

Click OK to save the changes and close the window. To run the task, just click Scan.

Scan Log Example

The following figure represents an example of a scan log:

Scan Log Example

The scan log contains detailed information about the logged scanning process, such as scanning options, the scanning target, the threats found and the actions taken on these threats.

16.3. Objects Excluded from Scanning

There are cases when you may need to exclude certain files from scanning. For example, you may want to exclude an EICAR test file from on-access scanning or

.avi

files from on-demand scanning.

Antivirus 130

BitDefender Antivirus 2009

BitDefender allows excluding objects from on-access or on-demand scanning, or from both. This feature is intended to decrease scanning times and to avoid interference with your work.

Two types of objects can be excluded from scanning:

Paths - the file or the folder (including all the objects it contains) indicated by a specified path will be excluded from scanning.

Extensions - all files having a specific extension will be excluded from scanning.

Note

The objects excluded from on-access scanning will not be scanned, no matter if they are accessed by you or by an application.

To see and manage the objects excluded from scanning, go to Antivirus>Exceptions in the Advanced View.

Antivirus

Exceptions

131

BitDefender Antivirus 2009

You can see the objects (files, folders, extensions) that are excluded from scanning.

For each object you can see if it is excluded from on-access, on-demand scanning or both.

Note

The exceptions specified here will NOT apply for contextual scanning.

To remove an entry from the table, select it and click the Delete button.

To edit an entry from the table, select it and click the Edit button. A new window will appear where you can change the extension or the path to be excluded and the type of scanning you want them to be excluded from, as needed. Make the necessary changes and click OK.

Note

You can also right-click an object and use the options on the shortcut menu to edit or delete it.

You can click Discard to revert the changes made to the rule table, provided that you have not saved them by clicking Apply.

16.3.1. Excluding Paths from Scanning

To exclude paths from scanning, click the Add button. You will be guided through the process of excluding paths from scanning by the configuration wizard that will appear.

Antivirus 132

BitDefender Antivirus 2009

Step 1/4 - Select Object Type

Antivirus

Object Type

Select the option of excluding a path from scanning.

Click Next.

133

BitDefender Antivirus 2009

Step 2/4 - Specify Excluded Paths

Antivirus

Excluded Paths

To specify the paths to be excluded from scanning use either of the following methods:

■ Click Browse, select the file or folder that you want to be excluded from scanning and then click Add.

■ Type the path that you want to be excluded from scanning in the edit field and click

Add.

Note

If the provided path does not exist, an error message will appear. Click OK and check the path for validity.

The paths will appear in the table as you add them. You can add as many paths as you want.

To remove an entry from the table, select it and click the Delete button.

Click Next.

134

BitDefender Antivirus 2009

Step 3/4 - Select Scanning Type

Antivirus

Scanning Type

You can see a table containing the paths to be excluded from scanning and the type of scanning they are excluded from.

By default, the selected paths are excluded from both on-access and on-demand scanning. To change when to apply the exception, click on the right column and select the desired option from the list.

Click Next.

135

BitDefender Antivirus 2009

Step 4/4 - Scan Excluded Files

Scan Excluded Files

It is highly recommended to scan the files in the specified paths to make sure that they are not infected. Select the check box to scan these files before excluding them from scanning.

Click Finish.

Click Apply to save the changes.

16.3.2. Excluding Extensions from Scanning

To exclude extensions from scanning, click the Add button. You will be guided through the process of excluding extensions from scanning by the configuration wizard that will appear.

Antivirus 136

BitDefender Antivirus 2009

Step 1/4 - Select Object Type

Antivirus

Object Type

Select the option of excluding an extension from scanning.

Click Next.

137

BitDefender Antivirus 2009

Step 2/4 - Specify Excluded Extensions

Antivirus

Excluded Extensions

To specify the extensions to be excluded from scanning use either of the following methods:

■ Select from the menu the extension that you want to be excluded from scanning and then click Add.

Note

The menu contains a list of all the extensions registered on your system. When you select an extension, you can see its description, if available.

■ Type the extension that you want to be excluded from scanning in the edit field and click Add.

The extensions will appear in the table as you add them. You can add as many extensions as you want.

To remove an entry from the table, select it and click the Delete button.

138

BitDefender Antivirus 2009

Click Next.

Step 3/4 - Select Scanning Type

Antivirus

Scanning Type

You can see a table containing the extensions to be excluded from scanning and the type of scanning they are excluded from.

By default, the selected extensions are excluded from both on-access and on-demand scanning. To change when to apply the exception, click on the right column and select the desired option from the list.

Click Next.

139

BitDefender Antivirus 2009

Step 4/4 - Select Scanning Type

Scanning Type

It is highly recommended to scan the files having the specified extensions to make sure that they are not infected.

Click Finish.

Click Apply to save the changes.

16.4. Quarantine Area

BitDefender allows isolating the infected or suspicious files in a secure area, named quarantine. By isolating these files in the quarantine, the risk of getting infected disappears and, at the same time, you have the possibility to send these files for further analysis to the BitDefender lab.

To see and manage quarantined files and to configure the quarantine settings, go to

Antivirus>Quarantine in the Advanced View.

Antivirus 140

BitDefender Antivirus 2009

Quarantine

The Quarantine section displays all the files currently isolated in the Quarantine folder.

For each quarantined file, you can see its name, the name of the detected virus, the path to its original location and the submission date.

Note

When a virus is in quarantine it cannot do any harm because it cannot be executed or read.

16.4.1. Managing Quarantined Files

To delete a selected file from quarantine, click the Remove button. If you want to restore a selected file to its original location, click Restore.

You can send any selected file from the quarantine to the BitDefender Lab by clicking

Send.

Antivirus 141

BitDefender Antivirus 2009

Contextual Menu. A contextual menu is available, allowing you to manage quarantined files easily. The same options as those mentioned previously are available. You can also select Refresh to refresh the Quarantine section.

16.4.2. Configuring Quarantine Settings

To configure the quarantine settings, click Settings. A new window will appear.

Antivirus

Quarantine Settings

Using the quarantine settings, you can set BitDefender to automatically perform the following actions:

Delete old files. To automatically delete old quarantined files, check the corresponding option. You must specify the number of days after which the quarantined files should be deleted and frequency with which BitDefender should check for old files.

Note

By default, BitDefender will check for old files every day and delete files older than 30 days.

Delete duplicates. To automatically delete duplicate quarantined files, check the corresponding option. You must specify the number of days between two consecutive checks for duplicates.

142

Antivirus

BitDefender Antivirus 2009

Note

By default, BitDefender will check for duplicate quarantined files every day.

Automatically submit files. To automatically submit quarantined files, check the corresponding option. You must specify the frequency with which to submit files.

Note

By default, BitDefender will automatically submit quarantined files every 60 minutes.

Scan quarantined files after update. To automatically scan quarantined files after each update performed, check the corresponding option. You can choose to automatically move back the cleaned files to their original location by selecting Restore

clean files.

Click OK to save the changes and close the window.

143

Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertisement

Table of contents