Installation order and should I enable Secure Boot on upgraded Windows 10 - 11 installation

Good day,

I am a BEST (Bitdefender Entpoint Security Tools) user with GravityZone.

My installation CD is a Windows 10, but now that I upgraded my PC, it has a TPM (Trusted Platform Module) as well as SecureBoot capabilities.

What I do is:

Install & boot Win10
Disable updates
Install Bitdefender (from a media device, without internet, either TotalSecurity / BEST)
Connect internet (I do update over VPN)
Upgrade to Win11

I have been using this system for a while, but was wondering if it's actually correct.

I also don't have SecureBoot enabled, because I thought the EDR takes care of that. I wonder is that correct?

Find more posts tagged with

Installation

boot

upgrade

Accepted answers

All comments

Septimiu

PS: the reason I ask is because, with Procexp and Procmon, I can only find antimalware_provider64.dll inside the following processes:

explorer.exe
procexp64.exe
esrv.exe

… and if I remember well, this .dll was present inside many more windows processes. I am wondering if something happened to my BEST anti-tamper or evasion and the .dll can no longer be injected into these processes by Bitdefender.

Andrei_S Enterprise

Hello @Septimiu ,

There is more simple way of knowing that BEST was installed correctly and this is by checking that all modules have been deployed and enabled on the endpoint where you installed it.

Secondly, you can check the status of your endpoints from the GravityZone console and ensure that they are reporting events when you schedule a scan and that the communication is working properly.

What you are asking to know which .dll is attached to which windows process is difficult to say as by doing some tests I had different results compared with what you shared on windows 10.

If you feel that you are experiencing an issue we can investigate it together with our Enterprise Support team by opening a case at https://www.bitdefender.com/en-us/support/contact-us

Kind Regards,

Andrei