Detects ATI Catalyst drivers as Unclassified.Trojan.93 Browser Modifier

H

hagbard72

I've just reinstalled XP Pro, put on the newest Catalyst drivers and
installed AntiSpyware. Ran AntiSpyware and got the following:

Unclassified.Trojan.93 Browser Modifier

Infected registry keys/values detected
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\InprocServer32
C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\InprocServer32
ThreadingModel Apartment
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\ProgID
Catalyst Context Menu
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\TypeLib
{5E2121EE-0300-11D4-8D3B-444553540000}
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\VersionIndependentProgID
Catalyst Context Menu
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000} SimpleShlExt
Class

When I removed, Catalyst no longer worked, of course. What is up here?
 
G

Guest

-----Original Message-----
I've just reinstalled XP Pro, put on the newest Catalyst drivers and
installed AntiSpyware. Ran AntiSpyware and got the following:

Unclassified.Trojan.93 Browser Modifier

Infected registry keys/values detected
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\InprocServer32
Click to expand...
C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\InprocServer32
Click to expand...
ThreadingModel Apartment
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\ProgID
Click to expand...
Catalyst Context Menu
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\TypeLib

Catalyst Context Menu
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000} SimpleShlExt
Class

When I removed, Catalyst no longer worked, of course. What is up here?



.
Pls see my post in the online section under the following
Click to expand...
heading> 'MSAS finds Trojan 93?'

I hope this help

NarcD
 
A

Andre Da Costa [Extended64]

Run the following programs plus an Antivirus in Safe mode:
Ad-Aware - http://www.lavasoftusa.com
Spybot - http://www.safer-networking.org/
CWShredder - http://www.intermute.com/products/cwshredder.html
Spy Sweeper - http://www.webroot.com
Ccleaner - http://www.ccleaner.com

Free AntiVirus:
http://free.grisoft.com/freeweb.php/doc/1/
--
Andre
Extended64 | http://www.extended64.com
Blog | http://www.extended64.com/blogs/andre
http://spaces.msn.com/members/adacosta
FAQ for MS AntiSpy http://www.geocities.com/marfer_mvp/FAQ_MSantispy.htm
 
H

hagbard72

Message is no longer available apparantly.

-----Original Message-----
I've just reinstalled XP Pro, put on the newest Catalyst drivers and
installed AntiSpyware. Ran AntiSpyware and got the following:

Unclassified.Trojan.93 Browser Modifier

Infected registry keys/values detected
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\InprocServer32
Click to expand...
C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\InprocServer32
Click to expand...
ThreadingModel Apartment
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\ProgID
Click to expand...
Catalyst Context Menu
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\TypeLib

Catalyst Context Menu
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000} SimpleShlExt
Class

When I removed, Catalyst no longer worked, of course. What is up here?



.
Pls see my post in the online section under the following
Click to expand...
heading> 'MSAS finds Trojan 93?'

I hope this help

NarcD
 
J

JRosenfeld

I have cat drivers and those registry entries; MSAS did
not flag them on my system.
XP SP2 all updates CAT 5.7, MSAS 1.0.615 / 5743
 
J

JRosenfeld

Correction to my previous post: quick scan did not flag
the ATI keys, full deep system scan did. I've put them in
ignore list.
It also flagged autoclick.exe in C:\Windows. I've
quarantined that file, as its properties did not enable me
to identify the software that installed. I'm currently
testing various IE based tabbed browsers, and it may come
from them. I'll find out if anything breaks.
-----Original Message-----
I have cat drivers and those registry entries; MSAS did
not flag them on my system.
XP SP2 all updates CAT 5.7, MSAS 1.0.615 / 5743
Click to expand...
 
B

Bill Sanderson

The posts that I'm seeing about this lead me to believe that this is a false
positive in the latest definition set.

--

JRosenfeld said:
Correction to my previous post: quick scan did not flag
the ATI keys, full deep system scan did. I've put them in
ignore list.
It also flagged autoclick.exe in C:\Windows. I've
quarantined that file, as its properties did not enable me
to identify the software that installed. I'm currently
testing various IE based tabbed browsers, and it may come
from them. I'll find out if anything breaks.
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

MSAS finds Trojan 93? 3
False Positive in def.file 5753 for ATI Radeon Catalyst !!! 3
Ati-Catalyst detected as Unclassified.Trojan.93 2
How to get to spy net and i keep getting three spyware everytime i scan 1
False Trojan detection for ATI Catalyst Panel? 6
FALSE POSITIVE? Steganos Security Suite 6 detected as AutoSearch 1
False positive on Avencis product (SSOX) 1
Unclassified.Trojan.93 9

Top