Solved Question Re: CCleaner and Unknown File

Status
Not open for further replies.

LochNess

New Member
Thread author
Apr 2, 2011
87
I have been a longtime subscriber to CCleaner but have experienced an unusual issue... After loading and installing CCleaner, NIS 2013 identifies the following as an Unproven and Unknown in Community File: $RKNMA5L.exe

This has occurred on several occasions but only NIS 2013 tags it as a problem... not found by Malwarebytes or HitmanPro.... Also, NIS 2013 is not able to give a location and I am not able to find it with search...

Could it be a false positive ? I haven't asked Piriform as of yet... thought I'd try posting first... Same has been true for several of the latest CCleaner versions...

And, I wasn't able to google it... thanks in advance for your thoughts on this matter...
 

LochNess

New Member
Thread author
Apr 2, 2011
87
RE: Question CCleaner and Unknown File

Umbra Corp. said:
where did you download Ccleaner?

I've downloaded (Piriform WebSite) and installed several recent versions including the newest... over, approximately, the last six months... my heuristic settings on NIS 2013 are set to aggressive...

Besides Mbam and HMP, I've also scanned with eset online and MS Safety Scanner... I quit at that point...

When I uninstalled CCleaner, NIS 2013 failed to find the tagged file... It wouldn't concern me but it has happened consistently... I'm leaning toward 'False Positive', but it's persistence 'nags' me a bit..
 
Upvote 0

Littlebits

Retired Staff
May 3, 2011
3,893
It is most likely a false positive, try setting heuristic to default level on NIS 2013 and see if the file is still detected, if not then you probably should keep the heuristic settings to default. NIS 2013 offers excellent detection when heuristic settings are at default level, setting them at aggressive will only create false positives it will not provide any better detection since NIS 2013 provides other real-time features to identify threats besides of just heuristics.

Thanks.:D
 
Upvote 0

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
It could be probably one of the known flag threat name called "WS.Reputation.1" since its using through Cloud Scanning capabilities.

If its an FP from its observe, you may exclude from the list.
 
Upvote 0
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top