- Jun 21, 2011
- 136
So on two different laptops, one is actually an ASUS Notebook. Windows Defender finds this yesterday and again today. Misleading:Win32/Chekuem.
file: C:\WINDOWS\system32\drivers\rawdsk3.sys
Right click properties shows information on the file that I googled and found this so far. Software components for data protection, secure storage and transfer | EldoS
Direct access to disks and protected files from user-mode applications in Windows - RawDisk™
I understand Microsoft recognizes it as a threat. I looked it up. But on my ASUS I have Emsisoft Anti-Malware installed and Windows Defender is turned off. I did find Periodic Scanning was on, which I thought was off, so I turned it off again. Maybe an update enabled it? But on the Notebook and the laptop, both running the latest Windows 10, there is one common denominator. CCleaner. I started CCleaner on the ASUS and got the notice of the threat a second time. I also got a third threat notice on it. Trojan:Win32/Skeeyah.G
file: C:\Users\Darryl\Downloads\PotentiallyUnwanted.exe
A scan on the laptop found Misleading:Win32/Chekuem again even after quarantining it. The suggested action is to remove and restart your device. However, it then reads 0 threats found. This is what makes me wonder if it's not a false positive?
file: C:\WINDOWS\system32\drivers\rawdsk3.sys
Right click properties shows information on the file that I googled and found this so far. Software components for data protection, secure storage and transfer | EldoS
Direct access to disks and protected files from user-mode applications in Windows - RawDisk™
I understand Microsoft recognizes it as a threat. I looked it up. But on my ASUS I have Emsisoft Anti-Malware installed and Windows Defender is turned off. I did find Periodic Scanning was on, which I thought was off, so I turned it off again. Maybe an update enabled it? But on the Notebook and the laptop, both running the latest Windows 10, there is one common denominator. CCleaner. I started CCleaner on the ASUS and got the notice of the threat a second time. I also got a third threat notice on it. Trojan:Win32/Skeeyah.G
file: C:\Users\Darryl\Downloads\PotentiallyUnwanted.exe
A scan on the laptop found Misleading:Win32/Chekuem again even after quarantining it. The suggested action is to remove and restart your device. However, it then reads 0 threats found. This is what makes me wonder if it's not a false positive?
Last edited: