Avast (Home version) alerts me to this file in my windows/system32 folder msqpdxwqsctmei.dll. I click to delete it twice and it goes away. I thought it was when I launched IE but it happens with FF as well. I did a search and nothing matching this name shows up. I did a search on my computer after unhiding the files and did not find it.
Any ideas?
-Jazhawk
It looks like a randomly named file common for malware. What was the malware name given by avast ?
What is your firewall ?
If it keeps coming back, there is likely to be an undetected or hidden element to the infection that restores or downloads the file again.
If you haven’t already got this software (freeware), download, install, update and run it, preferably in safe mode and report the findings (it should product a log file).
Hi jazhawk,
Also consider this info for this malware: http://forum.kaspersky.com/lofiversion/index.php/t95900.html
This is a downloader Zlob infection, the malware was first seen to appear in Poland,
Try the suggestions given by DavidR, if this does not cleanse the malware sufficiently, we should consider using a special tool like ComboFix and have the log.txt analyzed to be cleansed with a prescribed script in ComboFix,
polonus
The name that shows up is Win32:Fasec [trj].
-Jazhawk
Hello Jazhawk,
Here is a pretty good analysis of the malware you mentioned there, it is a root-kit Trojan, read:
http://novirusthanks.org/blog/?p=526
polonus
Thanks all. I ran superAntispyware and found 3 rootkits tickling my ivory’s. Got rid of those and it looks like I have a clean bill of health again.
Thank you for the assist.
-Jazhawk
You’re welcome.
If rootkits were running, there removal could reveal other things, so I would suggest you run another scan with avast and MBAM if you haven’t already done so.