Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware.trace found


  • Please log in to reply
21 replies to this topic

#1 AlexH123

AlexH123

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:48 PM

Posted 03 December 2014 - 01:45 PM

Hi,
 
I'm new to the site, and I've recently encountered a very annoying problem on my Windows 8.1. Malwarebytes (free version) has repeatedly found Malware.trace on my computer. I have quarantined and deleted it, but it keeps reappearing.
 
 
Another issue I am having is that, after downloading AVG free (from avg.com, not free.avg.com), my task manager no longer works. I do ctrl+alt+del, click Task Manager, and it opens, but the main pane is blank and white, while the title bar shows not responding.
 
Any tips or help is appreciated.

 

Thanks,

Alex

 


Edited by AlexH123, 03 December 2014 - 02:43 PM.


BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:48 PM

Posted 03 December 2014 - 04:04 PM

Hello and welcome Alex.

There are a few issues with free AVG and Windows 8.1. Please see a few articles frim AVG on these problems below -

AVG system requirements and supported operating systems
Reinstall AVG after upgrade to Windows 8 or 8.1
AVG PC TuneUp compatibility with Windows 8.1

 

Please also run this Temp File cleaner, as the detection may have been caught, but not thrown out yet.

 

Please download Temp File Cleaner by Old Timer
Usage Instructions:

1.Download TFC from the download link above and save the file on your desktop.
2.Close ALL running applications as TFC will terminate them before attempting to clean up the temporary files.
3.Double-click on the TFC icon.
4.When the program opens, click on the Start button.  TFC will terminate the Explorer process and all running applications and then begin the process of cleaning out all of your temp folders.
5.When done, press OK > Exit, and Reboot your computer and finish the cleanup..............

 

  • Please download Malwarebytes Anti-Malware andf ollow the simple directions to install the program to desktop
  • Right click and choose "Run as administrator" to open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link
  • Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware.
  • Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.
  • If you find malware and tick it to remove it, you may be asked th re-boot the computer to finish cleaning.
  • Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.

If you wish to Uninstall and Reinstall your free version please visit This Malwarebytes Page.

 

Let us know the results -

 

If you have the time >> Run ESET Online Scanner.

  • For Internet Explorer users only, hold down Control  (Ctrl) and click on This Link to open ESET OnlineScan in a new window.
  • Click the ESET Online button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu. to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.

     

    Temporarily Disable your Antivirus and accept any security warnings from your browser.

  • Under scan settings, check "Scan Archives" but not Remove Threats yet
  • Click Advanced settings and select the following:
    Scan potentially unwanted applications
     Scan for potentially unsafe applications
     Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer.
  • Please be patient (make a coffee or do something else) as this will take some time (2 hours is not unusual for a first scan).
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as *ESETScan*. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.

 

Thank you.



#3 AlexH123

AlexH123
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:48 PM

Posted 03 December 2014 - 04:19 PM

Thanks for your help.

 

I downloaded and ran TFC and it cleaned up 1.7mb of temporary files; quick question: what exactly does TFC do (and is it safe?)

 

I will run MalwareBytes and let you know what happens.

 
 



#4 AlexH123

AlexH123
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:48 PM

Posted 03 December 2014 - 04:22 PM

Some more info: after doing some research, it appears that I may have downloaded AVG from the wrong website:

 

http://www.avg.com/ppc/us-en/av_buy?ECID=ad:go:se:US-EN-SCH-AVG-Exact&utm_source=google&utm_medium=cpc&utm_term=avg&utm_content=&utm_campaign=US-EN-SCH-AVG%20Exact&gclid=CO3B187mqsICFWIA7AoddWsAvg

 

Before I ran TFC, I went into safe mode today and deleted all files associated with my AVG download in Program Files(x86). Task manager also works, now.

 

Will let you know when Malwarebyte finishes!



#5 AlexH123

AlexH123
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:48 PM

Posted 03 December 2014 - 04:41 PM

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 12/3/2014
Scan Time: 4:17:38 PM
Logfile:
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.12.03.12
Rootkit Database: v2014.12.03.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: (I deleted this part)

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 331977
Time Elapsed: 18 min, 37 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)


The strange thing is, that even though malwarebytes did not find anything, it did find Malware.trace in November 4, then again in November 20~, then today.



#6 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:48 PM

Posted 03 December 2014 - 05:08 PM

Can you open Malwarebytes > Go to History > Application Logs and Double click on the symbol at the start of the line where the item(s) were found. This will open that particular day / log, and just Copy / Paste the listed item back here, using the instructions above.

It will not "release the item" just show us the log .....

 

what exactly does TFC do (and is it safe?)

First perfectly safe. It cleans older download Temp files that are not required. You have visited us via Internet Explorer or Firefox or similar and it merely cleans any unwanted parts of any uploaded tools. Or if you empty your Recycle bin, they are then cleaned up a bit better, instead of staying in the Bin -

 

I hope this helps you, always ask if you are not sure :) .



#7 AlexH123

AlexH123
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:48 PM

Posted 03 December 2014 - 05:36 PM

Here is the log from earlier today:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 12/3/2014
Scan Time: 9:49:20 AM
Logfile:
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.12.03.07
Rootkit Database: v2014.12.02.02
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: (I deleted this for safety)

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 336743
Time Elapsed: 25 min, 24 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 1
Malware.Trace, C:\Users\Public\ASR.dat, Quarantined, [b6584b1390ecb4820cd60ad59f64ba46],

Physical Sectors: 0
(No malicious items detected)


(end)

 

 

Here is the log from November 18th:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 11/18/2014
Scan Time: 4:00:06 PM
Logfile:
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.11.18.06
Rootkit Database: v2014.11.18.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: (I deleted this part)

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 332405
Time Elapsed: 22 min, 5 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 1
Malware.Trace, C:\Users\Public\ASR.dat, Quarantined, [ae915fde631935010dabdef1b74cb947],

Physical Sectors: 0
(No malicious items detected)


(end)



#8 AlexH123

AlexH123
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:48 PM

Posted 03 December 2014 - 05:37 PM

I will try to run ESET tomorrow if I have time, thanks again for your help!



#9 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:48 PM

Posted 03 December 2014 - 05:48 PM

Thank you -

 

I will do a quick check on that item.



#10 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:48 PM

Posted 03 December 2014 - 06:10 PM

Well I checked several areas (including Malwarebytes Malware Removal area.

 

Generally a Temporary File Cleaner will remove a stuck item like this, The entries you had were Quarantined, so it looks like a minor data file that is showing in a hidden area. Do not try and scan in Safe Mode as I think this is usually useless in these cases.

 

The site for AVG is OK as it is their site, but your 8.1 comes with its own built in Antivirus if you wish to use that (I currently do)

Please run ESET Online when you have the chance (just a double check) and install AVG "ONLY" if you wish after that (I will look for a post in your morning)

 

I think that covers every thing -



#11 AlexH123

AlexH123
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:48 PM

Posted 03 December 2014 - 06:18 PM

Will do.

 

Is there any guarantee that Malware.trace won't pop up again after I've run ESET?

 

Also, I forgot to mention, I forgot to restart my computer after running TFC, so I'll go ahead and do that right now; please let me know if this will create any problems..,

 

Thanks again.



#12 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:48 PM

Posted 03 December 2014 - 07:00 PM

Is there any guarantee that Malware.trace won't pop up again after I've run ESET?

 

Is there any guarantee that I will not walk outside and get hit by a drunk driver ??  :devil: Sorry but I do make bad jokes at times (I hope nobody was offended)..

But the odds are 99.5% or better in your favor.



#13 AlexH123

AlexH123
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:48 PM

Posted 03 December 2014 - 08:32 PM

Haha, alright.



#14 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:48 PM

Posted 03 December 2014 - 09:06 PM

Personally I think it was just stuck in the Recycle bin, and we finally removed it.

 

Catch you after you post clean or a few items -



#15 AlexH123

AlexH123
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:48 PM

Posted 04 December 2014 - 07:10 AM

Running ESET now, will post as soon as its done.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users