Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Malware.Trace detected

08 Feb 2013   #1

Windows 7 Home Premium x64
 
 
Malware.Trace detected

SuperAntiSpyware detected a threat called Malware.Trace in the registry. The locations is:

HKEY_USERS\S-1-5-21-2727477870-1681592241-1705532872-1000\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\SHELL

Several google results were saying that it's something that appears to be a legitimate antivirus. The antivirus software that I have installed now are SuperAntiSpyware, Avast, and MalwareBytes. All the free versions. Another thing to note is that when I launch Minecraft.exe Avast blocks a threat from quantserve. This just started happening in the past few days. I must have gotten this virus in this past week since I do antivirus scans and backups every week. Also, I see some strange process running. Here's a picture of the results. You can see the process on the right. I haven't removed the threat yet, in case there's some kind of specific way I should get rid of this. please help me out.

Malware.Trace detected-capture.png



My System SpecsSystem Spec
.

08 Feb 2013   #2

Microsoft Community Contributor Award Recipient

Windows 7 Ult. x64 Windows 8.1 x64
 
 

My System SpecsSystem Spec
08 Feb 2013   #3

Windows 7 Home Premium x64
 
 

So I should remove this with windows offline defender, not superantispyware? Also, I see a folder on my second drive, my hard drive called msdownload.tmp I'm not sure what it is, but it's a hidden folder with no files in it. Can you tell me what this virus is exactly?
My System SpecsSystem Spec
.


08 Feb 2013   #4

Microsoft Community Contributor Award Recipient

Windows 7 Ult. x64 Windows 8.1 x64
 
 

I would use Windows Defender Offline, since it scans from outside the Windows boot environment.

Leave msdownload.tmp alone - it looks like a temporary folder for Windows downloads. Don't attempt to manually remove anything unless you know what you are doing.
My System SpecsSystem Spec
08 Feb 2013   #5

Windows 7 Home Premium x64
 
 

Ok, So should I just remove it? Why link windows defender?
My System SpecsSystem Spec
08 Feb 2013   #6

Windows 7 Pro. 64/SP-1
 
 

What is Windows Defender Offline?

Windows Defender Offline

You will find these sites helpful. Read completely and carefully.
My System SpecsSystem Spec
08 Feb 2013   #7

Windows 7 Home Premium
 
 

ROBO731,

Let's take a look at your system and see where Malware.Trace (aka: TraceSweeper) is found...

Please download OTL, by Old Timer:
http://oldtimer.geekstogo.com/OTL.exe

Save to the Desktop.
  • Double-click on OTL.exe to run it.
  • Under Output, select: Minimal Output
  • Under Extra Registry section, select: Use SafeList
  • Click: Scan All Users
  • Click: Run Scan at the top left.

When done, two Notepad files open with reports:
  • OTL.txt <-- Opens on Desktop
  • Extra.txt <-- Minimized, and seen on the Taskbar (Save on your Desktop for now)
Please post the contents of OTL.txt and Extra.txt in your reply.
My System SpecsSystem Spec
09 Feb 2013   #8

Windows 7 Home Premium x64
 
 

I'm running the scan now. I appreciate the help. I'll post the logs as soon as it's done.
My System SpecsSystem Spec
09 Feb 2013   #9

Windows 7 Home Premium x64
 
 

Okay, the logs are far to long to paste here, so I've attached them instead.

OTL.Txt

Extras.Txt

I have to go to sleep for tonight. I'll be back tomorrow.


My System SpecsSystem Spec
09 Feb 2013   #10

Windows 7 Home Premium
 
 

Please download RogueKiller:
Tlcharger RogueKiller (Site Officiel)

When you get to the website, go to where it says:
(Download link) Lien de téléchargement:

Select the version that applies to your system: x64

Click the dark-blue button that applies to download.

Save to the Desktop

Close all windows and browsers
Right-click RogueKiller and select 'Run as Administrator'

Press: SCAN

A report opens on the Desktop: RKreport.txt

Please provide the RKreport.txt (Mode: Scan) in your reply.

(Pleas,e do not delete anything!)
My System SpecsSystem Spec
Reply

 Malware.Trace detected




Thread Tools



Similar help and support threads for2: Malware.Trace detected
Thread Forum
Computer trace Hardware & Devices
PC trace on domian ? Network & Sharing
Circular Kernel Context Logger trace - calling any trace experts..... BSOD Help and Support
Malware.Trace infection System Security
boot trace Performance & Maintenance

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 07:32 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33