usercashcom.dll is it a trojan ??

Discussion in 'ESET NOD32 Antivirus' started by Vasot, May 17, 2009.

Thread Status:
Not open for further replies.
  1. Vasot

    Vasot Registered Member

    Joined:
    May 17, 2009
    Posts:
    2
    Hi
    I have discovered a file called usercashcom.dll in my C:Windows\System32\Plugins\YouCrypt

    Nod32 4.0.424.0 does not seem to recognize it as a dangerous file but from what it have heard around the net it maybe a potential Trojan.Clicker.Win32.Pophot.au

    I want to confirm if this file is dangerous..
    Thanks
     
  2. AKAJohnDoe

    AKAJohnDoe Registered Member

    Joined:
    Sep 26, 2007
    Posts:
    989
    Location:
    127.0.0.1
    Kind of obvious for a trojan, really more of a big nose/glasses/mustache disguise that fools no one.
     
  3. jimwillsher

    jimwillsher Registered Member

    Joined:
    Mar 4, 2009
    Posts:
    668
    I find this to be the best utility to confirm if a file is dangerous. Kaspersky are often weeks ahead of ESET in terms of new variants, and if something looks dodgy and ESET says it's clear, Kaspersky's online scanner invariably find a threat. ESET will find the same threat a few days/weeks later....

    We use ESET (250 users) as it's easier to manage than Kaspersky, even though it's not as thorough.


    Jim
     
    Last edited: May 18, 2009
  4. Vasot

    Vasot Registered Member

    Joined:
    May 17, 2009
    Posts:
    2
    Thanks :)
    I checked the file with the Kaspersky utility and says that i am clean but i will still keep an eye on it...

    http://img43.imageshack.us/img43/1261/suspiciousfileisclean.jpg
     
  5. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    You can send the file in a .ZIP or .RAR archive protected with a password of "infected" to ESET's virus lab at samples@eset.sk if you would like for them to examine it.

    Be sure to include information such as why you think the file might be malicious (activities you have observed that is, beyond the name), location(s) in which it was found on your computer and any other information you think might be relevant or helpful for analysis.

    Also, include a link to this message thread and your contact information in the message, in case they have any questions.

    Regards,

    Aryeh Goretsky
     
Thread Status:
Not open for further replies.