Avast WEBforum

Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: Jazhawk on December 17, 2008, 12:19:38 AM

Title: msqpdxwqsctmei.dll pops up when I launch my browser
Post by: Jazhawk on December 17, 2008, 12:19:38 AM
Avast (Home version) alerts me to this file in my windows/system32 folder msqpdxwqsctmei.dll.  I click to delete it twice and it goes away.  I thought it was when I launched IE but it happens with FF as well. I did a search and nothing matching this name shows up.  I did a search on my computer after unhiding the files and did not find it.

Any ideas?

-Jazhawk
Title: Re: msqpdxwqsctmei.dll pops up when I launch my browser
Post by: DavidR on December 17, 2008, 12:23:25 AM
It looks like a randomly named file common for malware. What was the malware name given by avast ?

What is your firewall ?

If it keeps coming back, there is likely to be an undetected or hidden element to the infection that restores or downloads the file again.

If you haven't already got this software (freeware), download, install, update and run it, preferably in safe mode and report the findings (it should product a log file).
1. SUPERantispyware (http://www.superantispyware.com) On-Demand only in free version.
2. MalwareBytes Anti-Malware, On-Demand only in free version http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe (http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe), right click on the link and select Save As or Save File (As depending on your browser), save it to a location where you can find it easily later.
Title: Re: msqpdxwqsctmei.dll pops up when I launch my browser
Post by: polonus on December 17, 2008, 12:43:22 AM
Hi jazhawk,

Also consider this info for this malware: http://forum.kaspersky.com/lofiversion/index.php/t95900.html
This is a downloader Zlob infection, the malware was first seen to appear in Poland,
Try the suggestions given by DavidR, if this does not cleanse the malware sufficiently, we should consider using a special tool like ComboFix and have the log.txt analyzed to be cleansed with a prescribed script in ComboFix,

polonus
Title: Re: msqpdxwqsctmei.dll pops up when I launch my browser
Post by: Jazhawk on December 17, 2008, 01:44:08 AM
It looks like a randomly named file common for malware. What was the malware name given by avast ?

What is your firewall ?

If it keeps coming back, there is likely to be an undetected or hidden element to the infection that restores or downloads the file again.

If you haven't already got this software (freeware), download, install, update and run it, preferably in safe mode and report the findings (it should product a log file).
1. SUPERantispyware (http://www.superantispyware.com) On-Demand only in free version.
2. MalwareBytes Anti-Malware, On-Demand only in free version http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe (http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe), right click on the link and select Save As or Save File (As depending on your browser), save it to a location where you can find it easily later.


The name that shows up is Win32:Fasec [trj].

-Jazhawk
Title: Re: msqpdxwqsctmei.dll pops up when I launch my browser
Post by: polonus on December 17, 2008, 01:57:17 AM
Hello Jazhawk,

Here is a pretty good analysis of the malware you mentioned there, it is a root-kit Trojan, read:
http://novirusthanks.org/blog/?p=526

polonus
Title: Re: msqpdxwqsctmei.dll pops up when I launch my browser
Post by: Jazhawk on December 17, 2008, 08:02:05 AM
Thanks all.  I ran superAntispyware and found 3 rootkits tickling my ivory's.  Got rid of those and it looks like I have a clean bill of health again.

Thank you for the assist.

-Jazhawk
Title: Re: msqpdxwqsctmei.dll pops up when I launch my browser
Post by: DavidR on December 17, 2008, 03:47:21 PM
You're welcome.

If rootkits were running, there removal could reveal other things, so I would suggest you run another scan with avast and MBAM if you haven't already done so.