The Large Volume Uploads By Vsserv To Fu.nimbus.bitdefender.com Occur Again! What To Do?
The case in http://forum.bitdefender.com/index.php?sho...23505&st=20 happened again after using BitDefender Internet Security 2011 for 42 days, (not BitDefender Antivirus as in the last topic)
What can I do now?
Comments
-
Hello
Could you please upgrade to Bitdefender 2012?
http://forum.bitdefender.com/index.php?act...f=224&id=42
Thank you.0 -
Hello
Could you please upgrade to Bitdefender 2012?
http://forum.bitdefender.com/index.php?act...f=224&id=42
Thank you.
I upgraded to Bitdefender 2012 on Dec 23 2011, the upload recurred this morning (Dec 28 2011), but VSSERV did not upload to fu.nimbus.bitdefender.com, it did to 195.210.4.17(80) and thor.bitdefender.com0 -
Hello
Could you please tell me what have you used to monitor the traffic? Also, could you please tell me what about of data are we talking about?
Thank you. Take care.0 -
Hello
Could you please tell me what have you used to monitor the traffic? Also, could you please tell me what about of data are we talking about?
Thank you. Take care.
There are many monitoring software e.g.: DU Meter(www.hageltech.com), Bandwidth Monitor(www.bwmonitor.com), Internet Traffic Agent(http://flexbyte.com/internet-traffic-agent/), BWMeter(www.desksoft.com/BWMeter.htm) and more.
As described in the topic http://forum.bitdefender.com/index.php?sho...23505&st=20, one day I was aware of large volume upload traffic, and then I closed the opened programs one by one to verify what program was causing that traffic and found the only connection left was established by VSSERV to fu.nimbus.bitdefender.com.
What we are talking about is the question: WHY did VSSERV upload to remote sites? WHAT data is uploaded?0 -
Welcome back
I just talked with my colleagues from the online department.
That website is used for cloud detection. All active connection are scanned using that servers. Basically when a software is connecting to an IP, the software and the IP are automatically checked on our servers. If the IP is in our blacklist or the software is malware but we don't have a detection for it, the connection will be dropped by the firewall module.
We do not collect personal data or files.
Please check our EULA for further references regarding data upload:
http://www.bitdefender.com/media/html/en/eula/eula.html
Thank you. Happy Holidays!0 -
.........................................
Basically when a software is connecting to an IP, the software and the IP are automatically checked on our servers. ............................
We do not collect personal data or files.
Please check our EULA for further references regarding data upload:
http://www.bitdefender.com/media/html/en/eula/eula.html
Thank you. Happy Holidays!
Do you mean the LARGE volume upload was because VSSERV and fu.nimbus.bitdefender.com were automatically checked on your servers?
I have checked the EULA, but the size of VSSERV is 1514KB not more than ten MB.
The problem is not the upload itself but the LARGE volume as internet traffic quota is crucial to me.0 -
Welcome back
I has talking about the internet traffic overall.
That file is not uploaded. When a new file/website is discovered, Bitdefender created a hash (http://en.wikipedia.org/wiki/Hash_function) and uploads that to our servers. There is scanned and an answer is sent to the client. If that application/website is clean, access will be permitted, if not it will be blocked by the product.
We do provide a local cache that is automatically updated everyday, but for some resources the scan is made in cloud.
Thank you for your time. Happy New Year!0 -
Happy New Year!
In the last topic http://forum.bitdefender.com/index.php?sho...23505&st=20 (when I was using Bitdefender Antivirus 2011), I had not encountered the issue again after doing the following steps as instructed:
1. Start your PC in Windows Safe Mode,
2. Locate the file:
C:\Program Files\BitDefender\BitDefender 2011\update_components.xml
2. Open the file with Notepad and modify the following line:
<Product enabled="1" name="00010004000500010001000600050001" type="0" id="-1">
Basically you will modify the "1" into "0".
3. Save the file (overwrite the original XML file);
4. Go to the location where you installed BitDefender and locate the following files:
- bdnimbus.dll
- midascomm.dll
5. Rename both files to:
- bdnimbus.old
- midascomm.old
6. Restart the PC in normal mode.
And now, what can I do to get rid of the LARGE volume upload?0 -
Welcome back.
Please right click on BitDefender icon from system tray(the "B" icon) and choose "Show". In the main window, click on "Settings". From the advanced interface, click on Privacy Control module and select the Antiphishing tab.
Please disable all the options from there and reboot your machine.
Let me know if everything is OK now.
Thank you. Take care.0 -
I have set all 6 options in Privacy Control -> Antiphising including “Show Bitdefender Tool Bar” to OFF, but the small dragger at the top of the webpage still exist, when clicked Bitdefender toolbar is shown, and in the settings of the toolbar, Antiphishing Filter and Search Advisor are still ON, only Antimalware Filter is OFF.
And the upload by VSSERV still occurs too, the remote site is 195.210.4.17(80)0 -
The connections (maybe uploads too) established by VSSERV occurs several times in a day, even after I tried to add a firewall rule to deny outbound traffic of VSSERV, it still exists!
Sometimes the remote sites is thor.bitdefender.com or my2.bitdefender.com or 149.bitdefender.com
When I checked in Bitdefender window -> Firewall -> Advanced -> Firewall activity, in the Network Activity window, one of the processes was vsserv.exe /service, PID/Protocol 824, Out 6.3 MB, In 392.0 KB (If I did not go offline immediately after every need, the outbound traffic might be many times larger).0 -
As I have upgraded to Bitdefender Internet Security 2012, this post might more relevant be in Bitdefender 2012 Product.
0 -
I have tried using another PC installed with Bitdefender Antivirus 2011, and no any upload for several hours. But when I was back with the PC with Bitdefender Internet Security 2012, the mysterious uploads recurred.
0 -
Hello
Could you please upgrade to Bitdefender 2012?
http://forum.bitdefender.com/index.php?act...f=224&id=42
Thank you.
I will do this, thank you!0 -
Hello
Let me know if you need something else.
Take care.0 -
- Now, the remote sites are 195.210.4.17, thor.bitdefender.com, my2.bitdefender.com, 149.bitdefender.com.
- I have set all 6 options in Privacy Control -> Antiphising including “Show Bitdefender Tool Bar” to OFF, but the small dragger at the top of the webpage still exists, when clicked Bitdefender toolbar is shown, and in the settings of the toolbar, all of the options are ON.
- A few days ago, when I checked Settings -> Firewall -> Advanced -> Firewall Activity, the largest volume of outbound traffic (and continuously) was by the web browser to https://mybitdefender.com/safego/activated_................... But my Safego Status: Not activated.
- The connections (maybe uploads too) established by VSSERV occurs many times in a day, even after I tried to add a firewall rule to deny outbound traffic of VSSERV, it still exists!0 -
Another point noted is that, if the web browser (Firefox) is not loaded, the mysterious/large volume upload rarely occurs.
0 -
Hello
Those web servers are used to scan the web traffic. Every visited page is uploaded in cloud and scanned.
In this way, the power of our engines is loaded in the cloud, make your PC to consume less resources.
This behavior is normal and this is common for antivirus products that have a cloud component.
Take care.0