Facebook   Twitter   Google+   YouTube Get FREE Online Help Free Download IObit Products  

Go Back   IObit.Com Forums > IObit Security Software > False Positive Reports by IObit Products
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

False Positive Reports by IObit Products Report the false positives from IObit Products. We will fix all false positives as soon as possible.

Reply
 
Thread Tools Display Modes
  #1  
Old Jun. 20th, 2010, 15:51
burrellbuzzman burrellbuzzman is offline
Junior Member
 
Join Date: 23 Nov 2009
Posts: 20
Default Possible False Positive "Misleading.DefenseCenter"

Not sure if this is a false positive?
It is a Registry entry, so I am not sure whether I can even upload anything to virustotal.com or upload a file to you guys to check whether the detected threat is "clean".

I have included a log file, so please let me no if this is a false positive and what I can do to help you find out if it is, if there isn't already a solution

Thanks Rob

Edit:
I couldn't upload the log file but this is what it says;

IObit Security 360

OS:Windows 7
Version:1.4.1.11
Define Version:1612
Time Elapsed:00:01:36
Objects Scanned:48175
Threats Found:1

|Name|Type|Description|ID|
Misleading.DefenseCenter, Registry Value, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Shell Extensions\Approved Value={5E2121EE-0300-11D4-8D3B-444553540000}, 4-29254

Last edited by burrellbuzzman : Jun. 20th, 2010 at 15:54.
Reply With Quote
  #2  
Old Jun. 20th, 2010, 15:55
burrellbuzzman burrellbuzzman is offline
Junior Member
 
Join Date: 23 Nov 2009
Posts: 20
Default

There is no space between the "Curr entVersion" in the actual file and i couldn't edit the space out in the first post; so it is the same as above but with "CurrentVersion" instead of "Curr entVersion"
Reply With Quote
  #3  
Old Jun. 20th, 2010, 19:26
enoskype's Avatar
enoskype enoskype is offline
Mediator®
 
Join Date: 27 Oct 2006
Posts: 10,173
Default

Hi burrellbuzzman,

This could well be a false positive, as the key is for ATI cards.

What is written under the Data column when you go to the Registry Entry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Shell Extensions\Approved
in Registry Editor for the Value={5E2121EE-0300-11D4-8D3B-444553540000}, IS360 gives as a threat?

You can open the Registry Editor by typing regedit to the Run... in Start menu and hitting Enter.

Cheers.
__________________
enoskype

- Beauty lies in the eye of the beholder and belongs to the man who can appreciate it. -
Reply With Quote
  #4  
Old Jun. 20th, 2010, 21:20
burrellbuzzman burrellbuzzman is offline
Junior Member
 
Join Date: 23 Nov 2009
Posts: 20
Default

Thanks for the response,

Just went into regedit and under the Data column for the associated key which is in my first post, is says:

Catalyst Context Menu extension

As you said it is to do with ATI cards i guess this is a false positive.

Is there any other information that you need from my end?

Thanks again, Rob
Reply With Quote
  #5  
Old Jun. 20th, 2010, 21:32
enoskype's Avatar
enoskype enoskype is offline
Mediator®
 
Join Date: 27 Oct 2006
Posts: 10,173
Default

Hi burrellbuzzman.

Please put it in the Ignore List untill a response from IObit Team.

Cheers.
__________________
enoskype

- Beauty lies in the eye of the beholder and belongs to the man who can appreciate it. -
Reply With Quote
  #6  
Old Jun. 20th, 2010, 22:59
burrellbuzzman burrellbuzzman is offline
Junior Member
 
Join Date: 23 Nov 2009
Posts: 20
Default

ok thanks

Rob
Reply With Quote
  #7  
Old Jun. 21st, 2010, 01:29
hxin's Avatar
hxin hxin is offline
IObit Support
 
Join Date: 20 Jan 2010
Posts: 283
Smile

Quote:
Originally Posted by burrellbuzzman View Post
Not sure if this is a false positive?
It is a Registry entry, so I am not sure whether I can even upload anything to virustotal.com or upload a file to you guys to check whether the detected threat is "clean".

I have included a log file, so please let me no if this is a false positive and what I can do to help you find out if it is, if there isn't already a solution

Thanks Rob

Edit:
I couldn't upload the log file but this is what it says;

IObit Security 360

OS:Windows 7
Version:1.4.1.11
Define Version:1612
Time Elapsed:00:01:36
Objects Scanned:48175
Threats Found:1

|Name|Type|Description|ID|
Misleading.DefenseCenter, Registry Value, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Shell Extensions\Approved Value={5E2121EE-0300-11D4-8D3B-444553540000}, 4-29254
Hi burrellbuzzman

The Defensecenter is a rogueware , but the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Shell Extensions\Approved Value={5E2121EE-0300-11D4-8D3B-444553540000} is a FP.
We will solve this issue in our later update definition 1614.

Thanks for your feedback.
__________________
IObit Support Team
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Get FREE Online Help



Free Download IObit Products




Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Rogue/Misleading/Scareware that are not false positive Tim Xue False Positive Reports by IObit Products 11 Apr. 21st, 2011 05:53
install.exe by MS, is it false positive? [SOLVED] enoskype False Positive Reports by IObit Products 2 Aug. 4th, 2009 00:02
False Positive - Logitech [SOLVED] bigjeff22 False Positive Reports by IObit Products 1 Jul. 29th, 2009 08:08
Teamviewer False Positive [SOLVED] Magic[Hunter] False Positive Reports by IObit Products 2 Jul. 21st, 2009 17:00
comdlg32.ocx - false positive? [SOLVED] enitharmon False Positive Reports by IObit Products 6 Jul. 21st, 2009 14:29


All times are GMT +0. The time now is 04:31.


Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.