Detects ATI Catalyst drivers as Unclassified.Trojan.93 Browser Modifier

  • Thread starter Thread starter hagbard72
  • Start date Start date
H

hagbard72

I've just reinstalled XP Pro, put on the newest Catalyst drivers and
installed AntiSpyware. Ran AntiSpyware and got the following:

Unclassified.Trojan.93 Browser Modifier

Infected registry keys/values detected
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\InprocServer32
C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\InprocServer32
ThreadingModel Apartment
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\ProgID
Catalyst Context Menu
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\TypeLib
{5E2121EE-0300-11D4-8D3B-444553540000}
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\VersionIndependentProgID
Catalyst Context Menu
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000} SimpleShlExt
Class

When I removed, Catalyst no longer worked, of course. What is up here?
 
-----Original Message-----
I've just reinstalled XP Pro, put on the newest Catalyst drivers and
installed AntiSpyware. Ran AntiSpyware and got the following:

Unclassified.Trojan.93 Browser Modifier

Infected registry keys/values detected
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\InprocServer32
C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\InprocServer32
ThreadingModel Apartment
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\ProgID
Catalyst Context Menu
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\TypeLib

Catalyst Context Menu
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000} SimpleShlExt
Class

When I removed, Catalyst no longer worked, of course. What is up here?



.
Pls see my post in the online section under the following
heading> 'MSAS finds Trojan 93?'

I hope this help

NarcD
 
Message is no longer available apparantly.

-----Original Message-----
I've just reinstalled XP Pro, put on the newest Catalyst drivers and
installed AntiSpyware. Ran AntiSpyware and got the following:

Unclassified.Trojan.93 Browser Modifier

Infected registry keys/values detected
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\InprocServer32
C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\InprocServer32
ThreadingModel Apartment
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\ProgID
Catalyst Context Menu
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\TypeLib

Catalyst Context Menu
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000} SimpleShlExt
Class

When I removed, Catalyst no longer worked, of course. What is up here?



.
Pls see my post in the online section under the following
heading> 'MSAS finds Trojan 93?'

I hope this help

NarcD
 
I have cat drivers and those registry entries; MSAS did
not flag them on my system.
XP SP2 all updates CAT 5.7, MSAS 1.0.615 / 5743
 
Correction to my previous post: quick scan did not flag
the ATI keys, full deep system scan did. I've put them in
ignore list.
It also flagged autoclick.exe in C:\Windows. I've
quarantined that file, as its properties did not enable me
to identify the software that installed. I'm currently
testing various IE based tabbed browsers, and it may come
from them. I'll find out if anything breaks.
-----Original Message-----
I have cat drivers and those registry entries; MSAS did
not flag them on my system.
XP SP2 all updates CAT 5.7, MSAS 1.0.615 / 5743
 
The posts that I'm seeing about this lead me to believe that this is a false
positive in the latest definition set.

--

JRosenfeld said:
Correction to my previous post: quick scan did not flag
the ATI keys, full deep system scan did. I've put them in
ignore list.
It also flagged autoclick.exe in C:\Windows. I've
quarantined that file, as its properties did not enable me
to identify the software that installed. I'm currently
testing various IE based tabbed browsers, and it may come
from them. I'll find out if anything breaks.
 
Back
Top