Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer Mac Boost Advice IObit Coupons A Good Utility Program From IObit IObit Promo Codes IObit Coupon Codes IObit Coupons and Deals FAQs Driver Booster Pro Review

Potential False Positive (Registry) {293364AE-43F8-11D3-BC2D-4000000A2806} - Need Help fron IObit Support Staff [SOLVED by db 1533]

Recommended Posts

Here is a copy of the Iobit Malware Fighter (v4) Log:

IObit Malware Fighter


OS: Windows 7


Database Version: 1529

Scan Mode:Manual

Time Elapsed: 11:41:38

Objects Scanned: 504260

Threats Found: 2

Save Time: 3/16/2016 1:11:05 AM



Malware GUID, GUID, HKEY_CLASSES_ROOT\CLSID\{293364AE-43F8-11D3-BC2D-4000000A2806}, 401917

Malware GUID, GUID, HKEY_CLASSES_ROOT\CLSID\{293364BA-43F8-11D3-BC2D-4000000A2806}, 401918


It looks like a registry key but I do not want to "remove" it if it's a false positive. I can't verify whether it is indeed a false positive by uploading the file to VirusTotal because I don't know where/how to find the registry file/entry in question. I've copied " HKEY_CLASSES_ROOT\CLSID\{293364AE-43F8-11D3-BC2D-4000000A2806}" into the search box of my C: Drive to no avail. I'm a tech neophyte and it would be nice to know what to do.


My Laptop is a 2010/11 SONY VAIO, with 6GB of RAM, Windows 7 Home Premium (Service Pack 1), running on a 64-bit OS.


Please kindly inform me as to the next steps I should take. My computer has been behaving erratically lately and it would be nice to know if removing these allegedly malicious files would solve the issues. Registry entries are tricky though so I don't want to "remove" an otherwise benign system file. I love IObit and I have almost all of the IObit security and maintenance panel downloaded (Advanced SystemCare, Driver Booster, Smart Defrag, etc).



Many Thanks in Advance IObit,

A. Heisenberg

Link to comment
Share on other sites

Hi there,


Thanks for your feedback.


To check whether it is a false positive, pelase take the steps as follows:


Please open registry editor and find the registries mentioned in your report and send us the screenshots to show the two registry items you mentioned.


How To Open Registry Editor guide: http://pcsupport.about.com/od/registry/ht/open-registry-editor.htm


Guide for taking screenshot.


http://graphicssoft.about.com /cs/general/ht/winscreenshot.htm


Looking forward to hearing from you.

Link to comment
Share on other sites

  • 2 weeks later...

Hi IObit Support Team,


Forgive me for the delay. For whatever reason the Iobit forum didn't inform me via email that the Iobit support staff had replied to my post (I'll have to look into the settings). You will find the registry editor screenshots attached to this post. I wasn't able to find the exact registry entry for the malicious files and I followed the instructions exactly as told. Neither HKEY_CLASSES_ROOT\CLSID\{293364AE-43F8-11D3-BC2D-4000000A2806}, 401917 nor HKEY_CLASSES_ROOT\CLSID\{293364BA-43F8-11D3-BC2D-4000000A2806}, 401918 seem to exist. Kindly check out the screenshots attached and let me know whether I'm searching in the wrong registry folders (or whether the registry's been deleted somehow - I haven't touched it so I'm not sure how that could have happened). Many thanks again.


Best Regards,

A. Heisenberg

Link to comment
Share on other sites

Hi Cicely,


Sorry to bother you again, I'm sure you have more important things to do. However I think my brother, in an attempt to "help" me, may have changed the Malware Bytes settings to "auto remove." As a result the reason I could not find those registry entries is because they've been removed. Should I be concerned since you stated they were false positives? Or did you think they were false positives because they couldn't be found in the registry index (because Malware Bytes had, unbeknowst to me, deleted them already)? From everything I've read, interfering with the registry can have a very harmful effect on the computer. I've attached the Malware Bytes screenshot of the removal notice as well as an error notice from a recent NVIDIA graphics/video driver update. Could the registry deletion be related to the sudden inability to update my graphics driver?


Kindly let me know what to do. Many thanks again.



Link to comment
Share on other sites

Hi Albert Heisenberg,


Thanks for your reply.


We judge it as false positive is according to our analysis. If Malware Bytes removed it, please do a restore or see whether there is any other way can restore it from Malware Bytes.

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...