Some Questions About Bitdefender's Advanced Threat Defense And Ideas About Bitdefender's Program(s)

My first question is with ATD.

I've turned off real-time protection, left ATD running alone, and then added some exception rules of my specific application in the ATD's setting, but ATD still seems to interfere my process when it's deleting its own cache files (maybe there're some suspected files in the cache directory).

I am wondering if ATD still monitors excluded/trusted applications when they are manipulating suspected files?


Question 2 is:

Would ATD download allowlist from BD's cloud?

(Actually I am not sure if BD have cloud like KSN/Livegrid...)

I just wanna know if ATD could use some kind of auto-downloaded allowlist to reduce false positives and improve performance.

Lastly, I have a few wishes as a Bitdefender user:

  1. I want to have a choice to decide if BD need to start when system's booting, or to decide turn the whole BD off when needed.
  2. I want to upload suspected file within the BD client, just like ESET.
  3. Can I choose the protection level of real-time protection? I mean I am able to decide if BD monitors on executed, on accessed, or on created&modified.
  4. I've turned real-time protection off, but the "Bitdefender virus shield" still takes up hundreds MBs of memory space, in comparison to other AVs. Just hope this would be optimized in the future.


  • Hello @ArthurArresto and welcome to the Community!

    Bitdefender Advanced Threat Defense continuously monitors the applications and processes running on your computer. It monitors suspicious activities such as copying files to important Windows operating system folders, executing or injecting code into other processes, multiplying them, changing Windows registry or installing drivers.

    You can find out more information regarding this advanced security module by clicking on the link below:

    The below article will show you how to stop Advanced Threat Defense from blocking a trusted process or application if it performs threat-like actions:

    In regards to your inquiries, I shall address each point below, as follows:

    The anti-malware engines are loaded automatically at boot from vsserv.exe. This is the main process of Bitdefender in charge of real-time protection. Currently, the antivirus does not have an option to disable protection at the flick of a switch, however, the security modules can be temporarily disabled, if needed, usually for troubleshooting purposes. You can find the complete steps here:

    In the event a file is deemed suspicious, or it has evaded detection, you can use the form below to submit your findings to the Bitdefender Labs for analysis. The same process applies for false positive detections as well:

    After installing the security software, this easy to follow, step-by-step guide may help speed up your system:

    In the event Bitdefender is still using a considerable amount of resources on your devices, I would recommend a more in-depth investigation of the affected machine. Our engineers can have a closer look and provide optimization advice, if needed. You can get in touch with our engineers by choosing one of the contact methods available here:

    I hope the information is helpful.


    Premium Security & Bitdefender Endpoint Security Tools user

  • ArthurArresto
    edited November 2022

    Thank you Alexandru.

    I exclueded most of my trusted softwares in ATD's setting, let ATD monitors new&unknown processes only. I am doing this because it does reduce the BD's memory consumption.

    Do you think if this would be any risk?🤔

  • Hi,

    If the software is trusted, i see no issues whatsoever, as long as ATD is still enabled.


    Premium Security & Bitdefender Endpoint Security Tools user