Antimalware
The Antimalware module protects the system against all kinds of malware threats such as viruses, Trojans, spyware, rootkits, and adware.
The module also comes with the Boot-Start Driver for Windows 10 and Windows 11 endpoints. This driver includes an Early Launch Anti-Malware (ELAM) feature, that ensures the Antimalware module loads before any other third-party components during a system startup. ELAM allows the module to control the initialization of subsequent boot drivers, potentially preventing untrusted boot drivers from loading.
Protection is divided into these categories:
On-access scanning: prevents new malware threats from entering the system.
On-execute scanning: proactively protects against threats, and can automatically discover and block fileless attacks at pre-execution, depending on how the security agent installed on endpoints is set to operate.
On-demand scanning: allows detecting and removing malware already residing in the system.
The Antimalware module is configured in the following subsections :
The Antimalware module behaves differently depending on how the security agent installed on endpoints is set up to run:
Detection and prevention mode: This operation mode sets the Antimalware module to detect and block threats. When it detects a virus or other malware, the Bitdefender security agent will automatically attempt to remove the malware code from the infected file and reconstruct the original file. This operation is referred to as disinfection.
Files that cannot be disinfected are moved to quarantine in order to isolate the infection. When a virus is in quarantine, it cannot do any harm because it cannot be executed or read.
Advanced users can configure scan exclusions if they do not want specific files or file types to be scanned.
EDR (Report only) mode: This operation mode exclusively enables On-execute scanning, set to only report threats, and not block them.
This mode of operation is available for users that want to install a lightweight EDR solution in their environments, that can run alongside other prevention solutions. For blocking capabilities, you are required to add a full product license.
Contact your sales representative or visit the Bitdefender website for more information.
Note
This module is available for:
Windows for workstations
Windows for servers
Linux
macOS
Note
Availability and functioning of this feature may differ depending on the license included in your current plan.