New
#1
Malware.Trace infection
Good Morning. I woke this morning to see that my normal nightly full system scan by SUPERAntiSpyware found a registry malware called Malware.Trace with this information:
HKUS\S-1-5-21-2418211180-2028737814-1402298196-1003\SOFTWARE\MICROSOFT\WINDOWS NT\Current Version\WinLogOn\ (SHELL -C:\Windows\eHome\McrMgr.exe)
Right now SAS has it quarantined but I am concerned about root kits and keyloggers as I work from this computer from home and security is a must. I am looking for a way to find out if this I remove this file from my system from the SAS quarantine will I be done with it?
Microsoft Security Essentials: did not find the infection
MBam: did not find the infection
AdAware: did not find the infection
Norton 360: did not find the infection
Here is my log file from SAS:
SUPERAntiSpyware Scan Log
SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!
Generated 12/28/2010 at 06:30 AM
Application Version : 4.47.1000
Core Rules Database Version : 6081
Trace Rules Database Version: 3893
Scan type : Complete Scan
Total Scan Time : 00:30:40
Memory items scanned : 786
Memory threats detected : 0
Registry items scanned : 15154
Registry threats detected : 1
File items scanned : 53845
File threats detected : 12
Adware.Tracking Cookie
C:\Users\Shannon\AppData\Roaming\Microsoft\Windows\Cookies\shannon@cdn.at.atwola[1].txt
C:\Users\Shannon\AppData\Roaming\Microsoft\Windows\Cookies\shannon@tacoda.at.atwola[1].txt
C:\Users\Shannon\AppData\Roaming\Microsoft\Windows\Cookies\shannon@atwola[2].txt
C:\Users\Shannon\AppData\Roaming\Microsoft\Windows\Cookies\shannon@ar.atwola[3].txt
C:\Users\Shannon\AppData\Roaming\Microsoft\Windows\Cookies\shannon@click.tigeronline[2].txt
C:\Users\Shannon\AppData\Roaming\Microsoft\Windows\Cookies\shannon@doubleclick[1].txt
C:\Users\Shannon\AppData\Roaming\Microsoft\Windows\Cookies\shannon@at.atwola[1].txt
C:\Users\Shannon\AppData\Roaming\Microsoft\Windows\Cookies\shannon@ar.atwola[1].txt
C:\Users\Shannon\AppData\Roaming\Microsoft\Windows\Cookies\Low\shannon@ar.atwola[2].txt
C:\Users\Shannon\AppData\Roaming\Microsoft\Windows\Cookies\Low\shannon@at.atwola[2].txt
C:\Users\Shannon\AppData\Roaming\Microsoft\Windows\Cookies\Low\shannon@atwola[2].txt
C:\Users\Shannon\AppData\Roaming\Microsoft\Windows\Cookies\Low\shannon@ar.atwola[1].txt
Malware.Trace
(x86) HKU\S-1-5-21-2418211180-2028737814-1402298196-1003\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON#SHELL
Any help would be greatly appreciated, also as soon as possible due to work issues, need clean machine to work.
Thank you in advance; let me know if you need more information.
Oh, running Windows 7 Professional.