Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Malware.Trace detected

08 Feb 2013   #1
ROBO731

Windows 7 Home Premium x64
 
 
Malware.Trace detected

SuperAntiSpyware detected a threat called Malware.Trace in the registry. The locations is:

HKEY_USERS\S-1-5-21-2727477870-1681592241-1705532872-1000\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\SHELL

Several google results were saying that it's something that appears to be a legitimate antivirus. The antivirus software that I have installed now are SuperAntiSpyware, Avast, and MalwareBytes. All the free versions. Another thing to note is that when I launch Minecraft.exe Avast blocks a threat from quantserve. This just started happening in the past few days. I must have gotten this virus in this past week since I do antivirus scans and backups every week. Also, I see some strange process running. Here's a picture of the results. You can see the process on the right. I haven't removed the threat yet, in case there's some kind of specific way I should get rid of this. please help me out.

-capture.png




My System SpecsSystem Spec
.
08 Feb 2013   #2
Golden
Microsoft MVP

Windows 7 Ult. x64
 
 

My System SpecsSystem Spec
08 Feb 2013   #3
ROBO731

Windows 7 Home Premium x64
 
 

So I should remove this with windows offline defender, not superantispyware? Also, I see a folder on my second drive, my hard drive called msdownload.tmp I'm not sure what it is, but it's a hidden folder with no files in it. Can you tell me what this virus is exactly?
My System SpecsSystem Spec
.

08 Feb 2013   #4
Golden
Microsoft MVP

Windows 7 Ult. x64
 
 

I would use Windows Defender Offline, since it scans from outside the Windows boot environment.

Leave msdownload.tmp alone - it looks like a temporary folder for Windows downloads. Don't attempt to manually remove anything unless you know what you are doing.
My System SpecsSystem Spec
08 Feb 2013   #5
ROBO731

Windows 7 Home Premium x64
 
 

Ok, So should I just remove it? Why link windows defender?
My System SpecsSystem Spec
08 Feb 2013   #6
Layback Bear

Windows 7 Pro. 64/SP-1
 
 

What is Windows Defender Offline?

Windows Defender Offline

You will find these sites helpful. Read completely and carefully.
My System SpecsSystem Spec
08 Feb 2013   #7
cottonball

Windows 7 Home Premium
 
 

ROBO731,

Let's take a look at your system and see where Malware.Trace (aka: TraceSweeper) is found...

Please download OTL, by Old Timer:
http://oldtimer.geekstogo.com/OTL.exe

Save to the Desktop.
  • Double-click on OTL.exe to run it.
  • Under Output, select: Minimal Output
  • Under Extra Registry section, select: Use SafeList
  • Click: Scan All Users
  • Click: Run Scan at the top left.

When done, two Notepad files open with reports:
  • OTL.txt <-- Opens on Desktop
  • Extra.txt <-- Minimized, and seen on the Taskbar (Save on your Desktop for now)
Please post the contents of OTL.txt and Extra.txt in your reply.
My System SpecsSystem Spec
09 Feb 2013   #8
ROBO731

Windows 7 Home Premium x64
 
 

I'm running the scan now. I appreciate the help. I'll post the logs as soon as it's done.
My System SpecsSystem Spec
09 Feb 2013   #9
ROBO731

Windows 7 Home Premium x64
 
 

Okay, the logs are far to long to paste here, so I've attached them instead.

OTL.Txt

Extras.Txt

I have to go to sleep for tonight. I'll be back tomorrow.


My System SpecsSystem Spec
09 Feb 2013   #10
cottonball

Windows 7 Home Premium
 
 

Please download RogueKiller:
Tlcharger RogueKiller (Site Officiel)

When you get to the website, go to where it says:
(Download link) Lien de téléchargement:

Select the version that applies to your system: x64

Click the dark-blue button that applies to download.

Save to the Desktop

Close all windows and browsers
Right-click RogueKiller and select 'Run as Administrator'

Press: SCAN

A report opens on the Desktop: RKreport.txt

Please provide the RKreport.txt (Mode: Scan) in your reply.

(Pleas,e do not delete anything!)
My System SpecsSystem Spec
Reply

 Malware.Trace detected




Thread Tools






Similar help and support threads
Thread Forum
BSOD after computer awakening, no malware detected
Strange, opened the lid of my laptop, which woke it up, then clicked on my browser, then boom. Haven't installed anything recently, except Virtual box, but it wasn't running at the time, so I'm stumped. Everything is working fine now, so I just wanted to make sure what the cause was as I ran a scan...
BSOD Help and Support
Computer trace
Dear All, i just bought second hands laptop, i notice it has computer trace on it, i tried to disable this , somehow i can't i dont know if the other use is legit user or not, so i wanna disable this one in case can you please advise?
Hardware & Devices
PC trace on domian ?
Lately my pc on work have been joined into a domain, there is no third party software installed at my pc at all. Does that mean that they can know what i am opening or browsing or how much traffic is on my pc like downloading. Please give me details on this matter. Thanks.
Network & Sharing
Malware.Trace infection
Good Morning. I woke this morning to see that my normal nightly full system scan by SUPERAntiSpyware found a registry malware called Malware.Trace with this information: HKUS\S-1-5-21-2418211180-2028737814-1402298196-1003\SOFTWARE\MICROSOFT\WINDOWS NT\Current Version\WinLogOn\ (SHELL...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 16:24.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App