Jump to content

Trojan.Agent.Trace in regedit.log - possible false positive?


factor828
 Share

Recommended Posts

Hello everyone,

my name is Arnold.  

Two days ago I bought a new Acer ES1-131 laptop and after removing most of the OEM crapware I today decided to run a full Malwarebytes Anti-Malware scan. To my surprise, the software reported to have found a Trojan.Trace.Agent in the file "regedit.log". I searched for information about it on the internet and noticed that there were other users who also reported a similar infection, e. g.
https://forums.malwarebytes.org/topic/181844-trojanagenttrace-found-in-regeditlog/
https://forums.malwarebytes.org/topic/186531-possible-infection/

However, I have my doubts whether this really is an infection or just MBAM heuristics acting up. Before I let MBAM quarantine the file I decided to take a look at it and noticed that the file creation date was 12.11.2015 so way before my purchasing of the laptop. I also uploaded the same file to VirusTotal and the detection ratio was 0 / 53
https://virustotal.com/en/file/fd1490528bb4af472f09817f3d5ec6b0dd4919c1d8b26f24bf546cb188158640/analysis/1470377582/

However, even though on VirusTotal Malwarebytes reports regedit.log as clean, after I tried removing the file from the quarantine and scanning it again, MBAM again returned a positive.

The PUP extension thing from Amazon in Firefox reported in the log was installed by Acer by default.   

Just to be on the safe side, could a more knowledgeable person please look at the logs and determine whether it is just a false positive or if there really is something fishy going on with my laptop? I also attach FRST logs with all the options checked and the regedit.log file itself. Please advise me about any additional scans I should perform to check if everything is alright.

I appreciate your help in this matter!

Arnold  

BTW. I was not sure if I should post in the False Positives or Malware Removal Help section of the forum so I apologize if I chose incorrectly.

Addition.txt

FRST.txt

MBAM-scan.txt

Shortcut.txt

regedit.log

Link to post
Share on other sites

  • Staff

Hi and welcome to the forums, Arnold.

I apologize for the delay. The Trojan.Agent.Trace in regedit.log looks like a false positive in your case and this has been removed in database v2016.08.09.01 which is available now.

The AmazonTB detection isn't a false positive, but you can ignore our detection if you'd like to keep it.

If you'd still like your FRST logs reviewed, please head over to Malware Removal Help.

Thank you for reporting! :)

Edited by thisisu
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.