Jump to content

runonce.exe falsepositive


sleeper0993

Recommended Posts

mbam-log-2012-12-08 (15-24-13).zip

I was having no computer issues, but a friend suggested I should install Malwarebytes to be safe. I run Windows XP 64. I use Avg-Anti-virus, and that showed no issues. When I ran Malwarebytes, it only flagged a Trojan.FakeAv in the file c:\windows\syswow64\runonce.exe. I at first ran the Windows System File Checker utility to scan and repair any corrupted system files.

I then re-ran Malwarebytes but the scan gave the same results. I then chose Malwarebytes option to quarantine the flagged file, but after a re-boot and re-scan, I get the same results. Attached is a log as you requested.

Link to post
Share on other sites

I also have an XP-64 machine on which runonce.exe is being flagged as Trojan.FakeAv, since yesterday. Zips of the logs and exe are attached.

McAfee VirusScan Enterprise does not detect it as a threat.

mbam_logs.ziprunonce.zip

Same problem, each time I'm told to restart and then it finds and cleans out this problem. Happened 2x last night, and 6 times today. It's an unforgiveable waste of my time either way:

1 If it is false positive, which I suspect it is -since checks with AVG 2013, and Spybot, turn up nothing

2 If it is real, because malwarebytes is not able to kill whatever is generating and/or regenerating the same runonce.exe

I've never seen anything like this.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.