ClamWin Free Antivirus Forum Index
ClamWin Free Antivirus
Support and Discussion Forums
ClamWin Free Antivirus Forum Index » General Suggestions/Questions
Reply to topic
I'm curious--is this a virus or not...? (bgaritadumoka)
scarlett_156


Joined: 06 Jun 2008
Posts: 0
Location: eastern rural Colorado (USA)
Post Posted: Thu Feb 12, 2009 8:25 pm Reply with quote
I have had this thing, this DLL file, in my startup folder since December. It has never been identified as a virus or malware, but I know it wasn't there before and it wasn't something I deliberately installed. I can't tell what application is it associated with or who authored it. When I would try to remove it from the startup menu, it would just come right back, so I figured that it was something I didn't want.

Today I finally used safe mode with command prompt and deleted this DLL file. When I rebooted into Windows I got an error message saying that the file was missing. Then I removed the startup menu item. Nothing seems to be wrong with my comp as a result of me removing this thing.

The item is called: BGARITADUMOKA and the DLL is C:\Windows\UJONETETABEJUYOK.DLL.

When I tried to research this item, I found absolutely nothing.

Has anyone else had any experiences with this thing, whatever it is? is it a virus?

Thanks for reading.


~~~ yours in Chaos, Scarlett
View user's profileSend private messageSend e-mail
GuitarBob


Joined: 09 Jul 2006
Posts: 9
Location: USA
Post Posted: Thu Feb 12, 2009 10:03 pm Reply with quote
Hello Scarlett:

You can find out yourself whether or not something is/has a virus. Just upload it to Jotti at https://virusscan.jotti.org/ or to VirusTotal at https://www.virustotal.com/ on the web. Either service will scan a file for you for free against multiple antivirus programs (including Clam AV, which provides the engine/signature database for ClamWin). If more than a couple of AVs there find an infection, it is probably a real virus/malware. If only a couple of AVs find an infection, it is likely a false positive. Some of the AVs share signature databases, so I like to see five or more AVs finding an infection before I really worry about it.

You can send files not detected by ClamWin and false positive detections to Clam at https://www.clamav.net/sendvirus/ and they will develop a signature for a virus infection or adjust their signature if a virus is falsely detected by Clamwin as infected. ClamWin will benefit from anything you send Clam.

With all that said, the name looks suspicious. Many viruses use names that don't mean anything--perhaps they are generated by a computer. The file is a Dll (or "helper") file set up by a program. Many times viral DLL files are "dropped" in the Windows directory.

Regards,
View user's profileSend private message
I'm curious--is this a virus or not...? (bgaritadumoka)
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
 		All times are GMT  
Page 1 of 1  
  
  
ClamWin Free Antivirus Forum Index » General Suggestions/Questions
 Reply to topic