Active Protection Blaock CCleaner
At random times, I get a notice from Active Protection that it had blocked an attempt by CCleaner64.exe to modify a backup file. It gives a file path of C:\Users\Owner\AppDa...E3D9212\hntcgiu4,tib.
I'm not sure what is going on here. C Cleaner process is running .
Robert, the core function of AAP is to prevent any application other than ATI from modifying backup .TIB files as these are your means of recovery from malware / ransomware etc.
The path you mention for the file path in the AppData folders looks strange as I would not expect to find any Acronis .TIB files in this path and a quick search on my own computer gives no files found.
I notice that " C:\Users\Owner\AppDa...E3D9212\hntcgiu4,tib" ends with ",tib" rather than ".tib". Is it possible that these are, in fact, just random characters and AAP is being a bit overcautious?
Good question Patrick, will need the OP to say whether this was the case or a typing error?
Typing error, should be .tib, sorry. I'm not sure why CCleaner is trying to modify the file, but I'd like to find a way to stop this. I will also check on their forum, if they have one.
Robert, have you actually gone to the .TIB file location and checked to see what this file is, i.e. what is the file size, can you double-click on it and browse the contents to show that it is actually an ATI image file etc?
As I said earlier, I can see no reason for a .TIB file to be in any of the AppData folders and have none on 3 different systems that I have checked.
One other thought here tho;, why not just setup an exclusion in CCleaner for *.tib files? I also use CCleaner and have never seen it trying to touch an .tib files, so what version of CCleaner are you running? Please ensure that it is not version 5.33 which was compromised with malware recently! Upgrade to 5.35 if you don't already have it.
I have finally discovered where the file is and whose it is. It is part of temp file that is part of an installation package of flight sim scenery. It is an ATI file. I presume CCleaner was trying to remove the temp folder. I will work forward from there. I will also set up that exclusion. Thanks.
Robert, glad you have found the reason for the .tib file - the CCleaner exclusion should do the rest for you. Thanks for giving your feedback.