• Announcements

    • cpucean

      Bitdefender Business Support Forum Rules - Read carefully before posting   09/13/2016

      Bitdefender Business Support Forum Rules (PLEASE READ BEFORE POSTING) In order to post to the Official Bitdefender Support Forums, you will need to register using a valid email address, and following the instructions to validate your membership. If you like to register, click here. GENERAL RULES Understand that once you have registered as a new user, you consequently agree with ALL THE FORUM RULES written below. These rules were designed to ensure you get the most from interacting with other users in a pleasant and constructive manner and to prevent any sort of abuse. 1. First and foremost, this is a support forum for Bitdefender. Do NOT post comparative tests for security software for they are unrelated to the main character of the forum. Also, the support process can take many forms: a troubleshooting routine is meant to locate the cause of the issue not offer a permanent solution –do NOT post replies in the form of "I need a fix now" instead of the information requested for without locating the cause there isn't any way to implement a fix. 2. Once an official position has been posted concerning a bug in Bitdefender and the ETA for the fix, the topic will be closed down. Do not ask for the topic to be reopened unless you still have the bug after the update targeted to handle this issue. 3. Users that have reached a 50% warn level will have their posts subjected to moderator approval and if they continue to ignore forum rules their account will be banned. 4. Users are not allowed to use clones(using more than one account by a single person). Breaking this rule will lead to a permanent IP ban. 5. Users are not allowed to use anonymous proxy. Breaking this rule will first result in a warning, followed by subjecting the user's posts to moderator approval/banning of the account. 6. When reporting an issue concerning Bitdefender make sure to offer the following basic information: - name and version of your Bitdefender product; - name and version of your Operating System; - the complete error message (if any) that you receive and, if possible, attach a screenshot with it; - name of other security solutions that you are running; - when asking questions about (un)detected files (false alarms, or files that you suspect to be infected, but aren't detected), please attach a complete Bitdefender scan log. Be sure to keep Bitdefender fully updated so the log contains accurate info – on the support forum we only accept the posting of scan logs, for sample submission of false positive/false negative samples please upload them onto a web based platform where we can retrieve and analyze them. 7. Topics related to the lack of response from the support department need to be backed up by as much information as possible concerning the issue that you have been facing. When you send an e-mail to support a Ticket ID will automatically be created - make sure to mention it in the forum post for it will speed up the entire process. 8. Moderators do NOT offer support by PM. Do not send personal messages to moderators unless they expressly request it from your side/ you wish to have a closed topic re-opened/ you wish to report a forum member or topic for abusive language or spam/ you are unsure as to posting a possible solution and you wish to consult with a moderator first. All users are treated as equal on this forum and by sending a PM to a moderator you will not be entitled to faster support. In case of rule violation reports, you can also use the built-in Report button to announce all moderators that there's a topic/post/user that violated the posting rules. Please do NOT use this function to ask for help, or announce the moderating team that you need urgent support! As said, all issues are handled as fast as possible, and none has priority over another. 9. Any form of aggressive language, directed at other forum members or at the Bitdefender Moderating Team or staff is completely forbidden. Continuous attacks will result in an account suspension or BAN. Also, any form of explicit, antisemitic or racial language, or social attacks (by images, text, PMs, signature, or any other form of communication on Bitdefender forum) will NOT be tolerated and will result in an immediately account BAN. Take into consideration that this forum a public place. Treat everyone else just like you want to be treated. 10. Users are not allowed to open polls on the Bitdefender Support Forum. The only members that are allowed to open polls are the moderators. FORUM SIGNATURES, AVATARS AND DISPLAY NAMES The signature is optional on the forum, and should be a personal message of the user that chooses it. Moderators are obliged to include a link for the Bitdefender Forum Rules in their signature. Users will only be allowed to display a custom signature after having completed 15 posts on the forum. The following will NOT be tolerated: 1. Any type of explicit reference to the brand name and symbols of other security solutions available on the international market today, except Bitdefender. This is a support forum dedicated only to Bitdefender and advertising competitor products will lead to editing out the advertisement and a 20% increase in the warn level. 2. The use of images higher than 300 pixels width and/or 100 pixels height. 3. The use of images or text containing the words "Moderator", "Administrator" or "Admin" in the signatures. These will only confuse other users. 4. The use of images taken from other users of this forum. Please use unique avatars. 5. Use of signatures pointing to external links,they will be removed without any notice. WARNINGS Those who repeatedly violate these rules will receive a warn/suspend/ban. POSTING RULES 1. Topic titles must be as concise as possible, and starting posts must provide relevant information on the issues included, to ensure a fast and precise response from those who are willing to help. For example: avoid titles such as "Heeeeeelp!" but instead write "Question about the Bitdefender Antivirus". The last title has a lot more chances of receiving fast responses. Also, topic titles such as "Program X ######! " together with the lack of any constructive arguments will not be tolerated, the topic will be deleted and the user will receive a 20% warning. 2. Post new topics in the correct sections. The forum is structured by Product type (Home/Office or Business protection) and by product version (2008, 2009, 2010 or older versions). If you post the question in the correct section, you have a higher chance of getting a correct answer for your problems. 3. Bumps/Topic advertisements or any other attempts to make a topic more visible without adding any new or relevant information will NOT be tolerated and the post will be DELETED. 4. When posting a reply on a topic try to keep the suggestion within a relevant range – for example, when there is a post concerning an error message in Bitdefender 2009 do not recommend downgrading to Bitdefender 2008 for this suggestion does not address the original issue. Multiple posting of this type will lead to an increase of the warn level with 20%. 5. Off-topic replies (those that have nothing to do with the topic) will be deleted, and users will also receive a written warning . Repeated posting of off-topic replies will lead to an increase in the warn level with 10%. 6. Keep text color, fonts and letter casing within a normal and pleasant range - any post that contains only upper case text will automatically be subjected to editing, the same applies to posts containing characters larger than size 20. 7. Before opening a new topic, we strongly suggest that you use the SEARCH button, to be sure that the problem was not already discussed. In case you start a new topic with an issue that was already discussed, the new topic will be closed down, redirected and merged into the initial one. 8. Do not ask the same thing on more sections of the forum. Do not post the same topic more than once. Twin topics will be removed and redirected to the original one in order to avoid confusion. 9. Do NOT request/post warez software, cracks, serial numbers or any other actions which involve software piracy. Topics and replies related to cracking security software, advice on breaching security systems, cracking security protocols, flood attacks or posts that promote cracking or Internet attacks in any way will be deleted at once and the users that posted them will have their accounts suspended at once. Also, no support will be offered for users that are using a cracked version of BitDefender on their systems. 10. Please avoid topic titles such as "URGENT" since all cases are treated as soon as possible. 11. Be patient – there are a lot of issues on the forum and we are doing the best we can to answer them all. Therefore, you may receive your answer immediately, but it may also take several days just as well. 12. We do not allow people to post threads that advertise or solicit any products, services, funds or donations – all topics of this type will be automatically DELETED . Explicit advertising is also prohibited. FORUM RULES ARE SUBJECTED TO CONTINUOUS MODERATION AND CAN BE CHANGED AT ANY GIVEN TIME WITHOUT PRIOR NOTIFICATION. ANY TOPIC DEBATING FORUM RULES WILL BE CLOSED DOWN AND AUTOMATICALLY DELETED FOR THESE RULES ARE NOT SUBJECTED TO DEBATE. Bitdefender Business Support Forum Team
    • Aurelian Neagu

      Malware Area Rules   09/14/2016

      Here you have a number of rules for this malware subforum.   Please read them carefully before posting:   1. Any user posting here is automatically assumed to have agreed with the Forum Rules.   2. This area is dedicated to those having problems cleaning the system or simply suspecting an infection.
      Also, those who post here are supposed to be BitDefender users (either home-use products or scan online services).
      If this condition is not met, we reserve the right to refuse support.   3. It is forbidden to attach any suspicious files, infected or potentially dangerous (Viruses, Trojans, Spyware, False Detections or potentially dangerous links).   4. It is forbidden to refer to other security solutions for system disinfection.It is also forbidden posting comparative tests between BitDefender and other security products.   5. When opening a new topic, give as many details about the problem as you can along with a recent scan report and screenshots (if necessary).   6. It is recommended for the scan report to be copied in the topic (not attached) so everyone can see it.   7. Removal instructions will be offered only by persons approved (forum moderators for example) or having knowledge about viruses and how to remove them.   8. Users that provide misleading information will be sanctioned.   9. Topics not covered in this format will be deleted or moved.

      10. If you have a False Positive or a False Negative to report please use our Submit Form   Thank you.

Trojan.clicker. Html.iframe.ak And Win32.worm.nimda.r Bitdefender Cannot Remove These

10 posts in this topic

Hello. I have BitDefender Total Security 2010, and while running a scan, it detected these two infections: Trojan.Clicker.HTML.IFrame.AK and Win32.Worm.Nimda.R, and also in my case, it could not delete them, clean them or even quarantine them. Simply, no action could be taken to clean or get rid of these threats. I have googled them and found so far that they (specially the trojan.clicker) to be classified as high risks. I cannot see anything from BitDefender to actually help in the removal of these threats. It seems they are not new threats, so I really do not understand how is it not possible for a "Total Security" tool to remove them.

Please help and send the instructions on how to fix this as soon as possible, because we are vulnerable and at high risk here.

My OS is Windows 7 64-bit, Home Premium Edition, I am working on a VAIO with Intel Core 2 Duo Processor, 4 Gigs of RAM, 350 Gigs of HDD. Although I mainly use Google Chrome, sometimes I also use IE and Firefox, all of them the latest versions.

My email should be in your database, but just in case, please let me know the solution for this at: jlme64@gmail.com or jlme64@prodigy.net.mx, as soon as you can, please.

Thank you very much.

Share this post

Link to post
Share on other sites

I enclose (attach) the log for the scanning process, in order for you to be able to help me on this matter. Please do so urgently, as soon as possible. Thank you.

Jorge Medina

BitDefender Log File

BitDefender Log File

Product: BitDefender Total Security 2010 Version: BitDefender Antivirus Scanner Scanning task: Deep System Scan Log date: 29/07/2011 01:20:21 a.m. Log path: C:\ProgramData\BitDefender\Desktop\Profiles\Logs\deep_scan\1311920421_3_02.xml

Scan paths:

Path 0000: C:\

Scan Level:

Scan for viruses: Yes Scan for adware: Yes Scan for spyware: Yes Scan for applications: Yes Scan for dialers: Yes Scan for rootkits: Yes Scan for keyloggers: Yes

Virus Scanning Options:

Scan registry keys: Yes Scan cookies: Yes Scan boot sectors: Yes Scan memory processes: Yes Scan archives: Yes Scan runtime packers: Yes Scan e-mails: Yes Scan all files: Yes Heuristic Scan: Yes Scanned extensions: not configured Excluded extensions: not configured

Target Processing:

Default first action for infected objects: Disinfect Default second action for infected objects: None Default first action for suspect objects : None Default second action for suspicious objects: None Default action for hidden objects: None Default first action for encrypted infected objects: Disinfect Default second action for encrypted infected objects: None Default first action for encrypted suspicious objects: None Default second action for encrypted suspicious objects: None Default action for password-protected objects: Log only

Scan Engines Summary

Virus signatures: 8651221 Archive plugins: 48 E-mail plugins: 7 Scan plugins: 14 System plugins: 5 Unpack plugins: 9


Scanned items: 411913 Infected items: 2 Suspect items: 0 (no suspected items have been detected) Hidden items: 0 (no hidden items have been detected during this scan) Resolved items: 0 (infected or suspect items have been found and were ignored or could not be fixed) Unresolved items: 2


Scan time: 01:32:36 Files per second: 74 Skipped items: 20123 Password-protected items: 0 Over-compressed items: 0 Individual viruses found: 2 Scanned folders: 11181 Scanned boot sectors: 4 Scanned archives: 2422



BitDefender Log File

Input-output errors: 4 Scanned processes: 121 Infected processes: 2 Scanned registry keys: 4639 Infected registry keys: 0 Scanned cookies: 1 Infected cookies: 0

Remaining issues:

Object Path

<System>=>VirtMem Region Dump 0x31c0000 + 7f000 [9404] (pgexec dump) <System>=>VirtMem Region Dump 0x5380000 + 434000 [9404] (pgexec dump)

Threat Name



Final Status


Disinfect failed (object was not found) Disinfect failed (object was not found)


Share this post

Link to post
Share on other sites

Same problem here.

Since a few days, Bitdefender detect two infections on my computers.

Impossible to delete / quarantine.

Can you help us ?


ps : here is a copy of the scan log.

<System>=>VirtMem Region Dump 0x3fa0000 + 7f000 [1676] (pgexec dump) Trojan.Clicker.HTML.IFrame.AK Échec de la désinfection (l'objet n'a pas été trouvé)

<System>=>VirtMem Region Dump 0x6320000 + 434000 [1676] (pgexec dump) Win32.Worm.Nimda.R Échec de la désinfection (l'objet n'a pas été trouvé)

Share this post

Link to post
Share on other sites

The problem is caused due to a conflict between BitDefender and Ad-aware.

More exactly Ad-aware loads a number of suspicios/infected links in the memory and BitDefender picks them up.

The fix for this is to remove Ad-aware.

Share this post

Link to post
Share on other sites
The problem is caused due to a conflict between BitDefender and Ad-aware.

More exactly Ad-aware loads a number of suspicios/infected links in the memory and BitDefender picks them up.

The fix for this is to remove Ad-aware.

First of all: forgive my english. I'm not a native speaker!

I just saw that information on another site and I tried to fix the problem that way! I loaded Bitdefender and now everything seems to be ok!

Thank you.

Share this post

Link to post
Share on other sites
First of all: forgive my english. I'm not a native speaker!

I just saw that information on another site and I tried to fix the problem that way! I loaded Bitdefender and now everything seems to be ok!

Thank you.

I am glad to hear about this.

If the problem shows up again then please let me know. :)

Share this post

Link to post
Share on other sites

I have the same issue with BitDefender showing Win32.Worm.Nimda.R. I am unable to delete or quarntine and I do not have Ad-Aware. What can I do to remove the worm?

Share this post

Link to post
Share on other sites
I have the same issue with BitDefender showing Win32.Worm.Nimda.R. I am unable to delete or quarntine and I do not have Ad-Aware. What can I do to remove the worm?

Please run a deep system scan and post here the scan log results.

Share this post

Link to post
Share on other sites
Please run a deep system scan and post here the scan log results.

HI Cristi,

Im having the same problem here, im unable to remove/delete/quarentene: Win32.worm.nimda.r

I do not have Ad-Awareyou were discussing earlier with someone else before.

please help me.

my scan log result is the following:(please see below)

BitDefender Log File

Product: BitDefender Total Security 2011

Scanning task: Deep System Scan

Log date: August-04-11 10:49:10 PM

Log path: C:\ProgramData\BitDefender\Desktop\Profiles\Logs\dcf483c4-26d0-4e6f-ba28-6a53a00adae1\1312513099_1_03.xml

Scan paths:

Path : C:\

[-]Scan Results Summary

[-]Remaining issues:Object Path Threat Name Final Status

Process: VirtMem Region Dump 0x64b0000 + 432000 Win32.Worm.Nimda.R Infected

[+]Resolved issues:Object Path Threat Name Final Status

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@server.iad.liveperson[1].txt Cookie.Sialiv Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\Low\di@ru4[1].txt Cookie.Ru4 Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@ads.pointroll[1].txt Cookie.PointRoll Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@nhl.112.2o7[1].txt Cookie.2o7 Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@casalemedia[2].txt Cookie.Casalemedia Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@www.burstnet[2].txt Cookie.BurstNet Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\Low\di@network.realmedia[2].txt Cookie.RealMedia Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\Low\di@statcounter[2].txt Cookie.Statcounter Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\Low\di@trafficmp[2].txt Cookie.Trafficmp Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@apmebf[1].txt Cookie.Apmebf Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@r1-ads.ace.advertising[1].txt Cookie.Advertising Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@bs.serving-sys[1].txt Cookie.BS.Serving-Sys Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\Low\di@advertising[1].txt Cookie.Advertising Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\Low\di@doubleclick[2].txt Cookie.DoubleClick Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\Low\di@realmedia[2].txt Cookie.RealMedia Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@tribalfusion[3].txt Cookie.TribalFusion Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@burstnet[2].txt Cookie.BurstNet Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@pixel.rubiconproject[1].txt Cookie.Rub Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@sympatico[2].txt Cookie.Sympatico.CA Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\Low\di@apmebf[2].txt Cookie.Apmebf Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@mediaplex[2].txt Cookie.Mediaplex Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@tap.rubiconproject[1].txt Cookie.Rub Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@questionmarket[1].txt Cookie.QuestionMarket Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@www.webxtracking[2].txt Cookie.Tracking Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@tjx.112.2o7[1].txt Cookie.2o7 Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@advertising[1].txt Cookie.Advertising Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@advertising[3].txt Cookie.Advertising Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@doubleclick[2].txt Cookie.DoubleClick Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@pointroll[1].txt Cookie.PointRoll Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@realmedia[2].txt Cookie.RealMedia Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@msnportal.112.2o7[1].txt Cookie.2o7 Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@rubiconproject[2].txt Cookie.Rub Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@network-ca.247realmedia[1].txt Cookie.247RealMedia Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@searsca.122.2o7[1].txt Cookie.2o7 Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@zedo[1].txt Cookie.Zedo Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@tribalfusion[2].txt Cookie.TribalFusion Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@fastclick[1].txt Cookie.FastClick Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@pelmorexmedia.122.2o7[1].txt Cookie.2o7 Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@ads.networldmedia[1].txt Cookie.AJRotator Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\Low\di@rubiconproject[1].txt Cookie.Rub Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@service.sympatico[1].txt Cookie.Sympatico.CA Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@2o7[1].txt Cookie.2o7 Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@cisco.112.2o7[1].txt Cookie.2o7 Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@dominionenterprises.112.2o7[1].txt Cookie.2o7 Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@trafficmp[1].txt Cookie.Trafficmp Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@statcounter[1].txt Cookie.Statcounter Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@cbsdigitalmedia.112.2o7[1].txt Cookie.2o7 Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@statse.webtrendslive[2].txt Cookie.WebTrendsSt Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@247realmedia[2].txt Cookie.247RealMedia Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\Low\di@fastclick[2].txt Cookie.FastClick Deleted

Cookie: C:\Users\DI\AppData\Roaming\Microsoft\Windows\Cookies\di@smartadserver[2].txt Cookie.SmartAdServer Deleted

[-]Not scanned objects:Object Path Reason: Final Status

File: C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.dat=>_TUProjDT.dat Password-protected Not scanned (file was password-protected)

File: C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.dat=>IRIMG1.JPG Password-protected Not scanned (file was password-protected)

File: C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.dat=>_TUProj.dat Password-protected Not scanned (file was password-protected)

File: C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.dat=>DataSafe_Green.ico Password-protected Not scanned (file was password-protected)

File: C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.dat=>IRIMG1.BMP Password-protected Not scanned (file was password-protected)

[-]Detailed Scan Summary


Scanned items: 343337

Infected items: 52

Suspect items: 0 (no suspected items have been detected)

Resolved items: 57

Unresolved items: 0

Share this post

Link to post
Share on other sites
This topic is now closed to further replies.