Hi,
My Comodo Firewall reported that bwnhdxluosjiajz.dll is trying to connect to the Internet. I have no idea what it is and where it has possibly come from. I have googled to find what it is or to learn about its whereabouts… but google was of zero help.
[I suspect it has something to do with FOXIT PHANTOM PDF SUITE and/or FOXIT PDF EDITOR which, I installed yesterday. And this said .dll has been spotted since then]. I have allowed it to run without checking the “Remember my answer”.
Can someone please enlighten me on this .dll and confirm is it safe or not for me to let it pass through the firewall?
That’s a very oddly named dll and not something I’ve seen in Phantom. Which not to say it’s not something that’s loaded within that process.
You might want to download something like Process hacker http://processhacker.sourceforge.net/ and use the dll search function, which you can find under the ‘Hacker’ menu. That will give you a path…
Correction: it’s not a Comodo Firewall alert - it is a Defense+ alert.
And by the way I used seperate Patch to Activate the products, i.e. Foxit Phantom and Foxit Editor.
I downloaded the Patch and Keygen from : URL Removed; Please DO NOT Post Links Like These
I don’t know about Phantom PDF, but what a key for in Foxit Reader (that does not use the said dll)?
The fancy name of the dll (probably random) and the fact that the download was made from utorrent with cracks leads to think, as usual, of virus in the said cracks.
Where did you download the installer? if it’s cracked version I would recommend you to block this internet connection.
Deadman’s advice is something I recommend. VT uploader
I would also recommend you to download malwarebytes, superantispyware and hitman pro (keep hitman pro even if the 30 day license goes out; it will still scan for malware.)
No one is saying that torrent technology itself vehiculates virus.
But it is an evident observation that they are not used to share your grandmother's birthday pictures and that a significative proportion of paid softwares downloaded through torrent and/or p2p is not you or me making a philanthropic share of our legit keys, neither these softwares working with the help of "neutral" keygens or serials, but crippled with deliberately virused cracking executables.
Directory: Foxit Phantom PDF Suite v2.2.3 ZWT[32-64 bit] + PDF Editor
Files:
[phantom-add-on] Foxit.PDF.Editor221.1119 / crack_Core_cr-x1098 / cr-fxt-k.exe 229.5 KB
crack_ZWT_zfp2000 / keygen.exe
The related behavior clearly advocates for a virus, installed through a dubious torrent download, and also shows the failure not of CIS (defense+ intercepted it altough apparently CAV did not) but of the user, allowing something no one has no idea about.
The related behavior clearly advocates for a virus, installed through a dubious torrent download, and also shows the failure not of CIS (defense+ intercepted it altough apparently CAV did not) but of the user, allowing something no one has no idea about.
Hi Everyone
and Many thanks for your replies and suggestions.
However, I still don’t know for sure where the suspect .dll is from. I only had a suspicion that it could be from a Foxit torrent download which I have installed.
@Brucine: how does the “user” know a particular torrent is dubious? I know of few unreliable methods of determining, like reputation of the uploader… but beyond that we do not know until we use it, do we?
I have applied the suggestions you guys have made and have found that only 40% and less of the AntiVirus software have found it to be offensive [a VirusTotal report]. I have blocked the .dll and waiting to see what effect it has on the overall functioning of my PC.
Thank You all once again. I will post again if there is any problem regarding the same.
