Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Malware.Trace detected

08 Feb 2013   #1
ROBO731

Windows 7 Home Premium x64
 
 
Malware.Trace detected

SuperAntiSpyware detected a threat called Malware.Trace in the registry. The locations is:

HKEY_USERS\S-1-5-21-2727477870-1681592241-1705532872-1000\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\SHELL

Several google results were saying that it's something that appears to be a legitimate antivirus. The antivirus software that I have installed now are SuperAntiSpyware, Avast, and MalwareBytes. All the free versions. Another thing to note is that when I launch Minecraft.exe Avast blocks a threat from quantserve. This just started happening in the past few days. I must have gotten this virus in this past week since I do antivirus scans and backups every week. Also, I see some strange process running. Here's a picture of the results. You can see the process on the right. I haven't removed the threat yet, in case there's some kind of specific way I should get rid of this. please help me out.

Malware.Trace detected-capture.png




My System SpecsSystem Spec
.
08 Feb 2013   #2
Golden
Microsoft MVP

Windows 7 Ult. x64
 
 

My System SpecsSystem Spec
08 Feb 2013   #3
ROBO731

Windows 7 Home Premium x64
 
 

So I should remove this with windows offline defender, not superantispyware? Also, I see a folder on my second drive, my hard drive called msdownload.tmp I'm not sure what it is, but it's a hidden folder with no files in it. Can you tell me what this virus is exactly?
My System SpecsSystem Spec
.

08 Feb 2013   #4
Golden
Microsoft MVP

Windows 7 Ult. x64
 
 

I would use Windows Defender Offline, since it scans from outside the Windows boot environment.

Leave msdownload.tmp alone - it looks like a temporary folder for Windows downloads. Don't attempt to manually remove anything unless you know what you are doing.
My System SpecsSystem Spec
08 Feb 2013   #5
ROBO731

Windows 7 Home Premium x64
 
 

Ok, So should I just remove it? Why link windows defender?
My System SpecsSystem Spec
08 Feb 2013   #6
Layback Bear

Windows 10 Pro. 64/ version 1709 Windows 7 Pro/64
 
 

What is Windows Defender Offline?

Windows Defender Offline

You will find these sites helpful. Read completely and carefully.
My System SpecsSystem Spec
08 Feb 2013   #7
cottonball

Windows 7 Home Premium
 
 

ROBO731,

Let's take a look at your system and see where Malware.Trace (aka: TraceSweeper) is found...

Please download OTL, by Old Timer:
http://oldtimer.geekstogo.com/OTL.exe

Save to the Desktop.
  • Double-click on OTL.exe to run it.
  • Under Output, select: Minimal Output
  • Under Extra Registry section, select: Use SafeList
  • Click: Scan All Users
  • Click: Run Scan at the top left.

When done, two Notepad files open with reports:
  • OTL.txt <-- Opens on Desktop
  • Extra.txt <-- Minimized, and seen on the Taskbar (Save on your Desktop for now)
Please post the contents of OTL.txt and Extra.txt in your reply.
My System SpecsSystem Spec
09 Feb 2013   #8
ROBO731

Windows 7 Home Premium x64
 
 

I'm running the scan now. I appreciate the help. I'll post the logs as soon as it's done.
My System SpecsSystem Spec
09 Feb 2013   #9
ROBO731

Windows 7 Home Premium x64
 
 

Okay, the logs are far to long to paste here, so I've attached them instead.

OTL.Txt

Extras.Txt

I have to go to sleep for tonight. I'll be back tomorrow.


My System SpecsSystem Spec
09 Feb 2013   #10
cottonball

Windows 7 Home Premium
 
 

Please download RogueKiller:
Tlcharger RogueKiller (Site Officiel)

When you get to the website, go to where it says:
(Download link) Lien de téléchargement:

Select the version that applies to your system: x64

Click the dark-blue button that applies to download.

Save to the Desktop

Close all windows and browsers
Right-click RogueKiller and select 'Run as Administrator'

Press: SCAN

A report opens on the Desktop: RKreport.txt

Please provide the RKreport.txt (Mode: Scan) in your reply.

(Pleas,e do not delete anything!)
My System SpecsSystem Spec
Reply

 Malware.Trace detected




Thread Tools




Similar help and support threads
Thread Forum
Malwarebytes detected an .msi file as malware, false positive?
Malwarebytes detected the file C:\Windows\Installer\54bba62.msi as a Trojan.Crypt. I did a google search and found nothing. Any info or suggestions?
System Security
Malware detected, clean now but comp still running poorly.
Good day everyone, I'm not sure how it happened but last week I noticed my comp running incredibly slow, freezing up, programs malfunctioning, etc... I ran Anti-Malwarebytes and sure enough I had some Malware. Here is the initial Scan: Malwarebytes Anti-Malware Scan Date: 5/21/2015 Scan...
System Security
BSOD after computer awakening, no malware detected
Strange, opened the lid of my laptop, which woke it up, then clicked on my browser, then boom. Haven't installed anything recently, except Virtual box, but it wasn't running at the time, so I'm stumped. Everything is working fine now, so I just wanted to make sure what the cause was as I ran a scan...
BSOD Help and Support
Malware.Trace infection
Good Morning. I woke this morning to see that my normal nightly full system scan by SUPERAntiSpyware found a registry malware called Malware.Trace with this information: HKUS\S-1-5-21-2418211180-2028737814-1402298196-1003\SOFTWARE\MICROSOFT\WINDOWS NT\Current Version\WinLogOn\ (SHELL...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 13:11.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App