Malware.Trace detected

ROBO731 · 08 Feb 2013

SuperAntiSpyware detected a threat called Malware.Trace in the registry. The locations is:

HKEY_USERS\S-1-5-21-2727477870-1681592241-1705532872-1000\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\SHELL

Several google results were saying that it's something that appears to be a legitimate antivirus. The antivirus software that I have installed now are SuperAntiSpyware, Avast, and MalwareBytes. All the free versions. Another thing to note is that when I launch Minecraft.exe Avast blocks a threat from quantserve. This just started happening in the past few days. I must have gotten this virus in this past week since I do antivirus scans and backups every week. Also, I see some strange process running. Here's a picture of the results. You can see the process on the right. I haven't removed the threat yet, in case there's some kind of specific way I should get rid of this. please help me out.

Golden · 08 Feb 2013

Tr this:

Windows Defender Offline

ROBO731 · 08 Feb 2013

So I should remove this with windows offline defender, not superantispyware? Also, I see a folder on my second drive, my hard drive called msdownload.tmp I'm not sure what it is, but it's a hidden folder with no files in it. Can you tell me what this virus is exactly?

Golden · 08 Feb 2013

I would use Windows Defender Offline, since it scans from outside the Windows boot environment.

Leave msdownload.tmp alone - it looks like a temporary folder for Windows downloads. Don't attempt to manually remove anything unless you know what you are doing.

ROBO731 · 08 Feb 2013

Ok, So should I just remove it? Why link windows defender?

Layback Bear · 08 Feb 2013

What is Windows Defender Offline?

Windows Defender Offline

You will find these sites helpful. Read completely and carefully.

cottonball · 08 Feb 2013

ROBO731,

Let's take a look at your system and see where Malware.Trace (aka: TraceSweeper) is found...

Please download OTL, by Old Timer:
http://oldtimer.geekstogo.com/OTL.exe

Save to the Desktop.

Double-click on OTL.exe to run it.
Under Output, select: Minimal Output
Under Extra Registry section, select: Use SafeList
Click: Scan All Users
Click: Run Scan at the top left.

When done, two Notepad files open with reports:

OTL.txt <-- Opens on Desktop
Extra.txt <-- Minimized, and seen on the Taskbar (Save on your Desktop for now)

Please post the contents of OTL.txt and Extra.txt in your reply.

ROBO731 · 09 Feb 2013

I'm running the scan now. I appreciate the help. I'll post the logs as soon as it's done.

ROBO731 · 09 Feb 2013

Okay, the logs are far to long to paste here, so I've attached them instead.

OTL.Txt

Extras.Txt

I have to go to sleep for tonight. I'll be back tomorrow.

cottonball · 09 Feb 2013

Please download RogueKiller:
Tlcharger RogueKiller (Site Officiel)

When you get to the website, go to where it says:
(Download link) Lien de téléchargement:

Select the version that applies to your system: x64

Click the dark-blue button that applies to download.

Save to the Desktop

Close all windows and browsers
Right-click RogueKiller and select 'Run as Administrator'

Press: SCAN

A report opens on the Desktop: RKreport.txt

Please provide the RKreport.txt (Mode: Scan) in your reply.

(Pleas,e do not delete anything!)