Hello everyone.
I’ve been receiving a Avast! Virus warning for the past two weeks every time I try to open Firefox or Internet Explorer. When I do, I get this warning “Win32:Fasec [trj]” has been found in “C:\Windows\System32\msqpdxirtocicx.dll” file.
I’ve tried to search for this file and can’t find it (With all files and folders view turned on). I’ve also tried Google searches and msqpdxirtocicx.dll doesn’t even come up. Any thoughts on how to get rid of this would be greatly appreciated.
The file name is with exception of the first three characters msq are randomly created so you would be unlikely to find anything.
You could try a forum search for Win32:Fasec as this has been in the viruses and worms forum before and if I remember rightly a pain as it may be protected/regenerated by a rootkit. So we need to find what is regenerating/restoring it.
If you haven’t already got this software (freeware), download, install, update and run it, preferably in safe mode and report the findings (it should product a log file).
MalwareBytes Anti-Malware, On-Demand only in free version http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe, right click on the link and select Save As or Save File (As depending on your browser), save it to a location where you can find it easily later.
Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead.
Use SUPERantispyware, MBAM or Spyware Terminator to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete them.
I appreciate the help. I’m home today, so I’m going to go hunting this morning with the tools that have been suggested.
I’ll let you know what or if I find anything.
