Status
Not open for further replies.

LochNess

New Member
I have been a longtime subscriber to CCleaner but have experienced an unusual issue... After loading and installing CCleaner, NIS 2013 identifies the following as an Unproven and Unknown in Community File: $RKNMA5L.exe

This has occurred on several occasions but only NIS 2013 tags it as a problem... not found by Malwarebytes or HitmanPro.... Also, NIS 2013 is not able to give a location and I am not able to find it with search...

Could it be a false positive ? I haven't asked Piriform as of yet... thought I'd try posting first... Same has been true for several of the latest CCleaner versions...

And, I wasn't able to google it... thanks in advance for your thoughts on this matter...
 

LochNess

New Member
RE: Question CCleaner and Unknown File

Umbra Corp. said:
where did you download Ccleaner?
I've downloaded (Piriform WebSite) and installed several recent versions including the newest... over, approximately, the last six months... my heuristic settings on NIS 2013 are set to aggressive...

Besides Mbam and HMP, I've also scanned with eset online and MS Safety Scanner... I quit at that point...

When I uninstalled CCleaner, NIS 2013 failed to find the tagged file... It wouldn't concern me but it has happened consistently... I'm leaning toward 'False Positive', but it's persistence 'nags' me a bit..
 

Littlebits

Retired Staff
It is most likely a false positive, try setting heuristic to default level on NIS 2013 and see if the file is still detected, if not then you probably should keep the heuristic settings to default. NIS 2013 offers excellent detection when heuristic settings are at default level, setting them at aggressive will only create false positives it will not provide any better detection since NIS 2013 provides other real-time features to identify threats besides of just heuristics.

Thanks.:D
 

jamescv7

Level 61
Verified
Trusted
It could be probably one of the known flag threat name called "WS.Reputation.1" since its using through Cloud Scanning capabilities.

If its an FP from its observe, you may exclude from the list.
 
Status
Not open for further replies.