MSAS finds Trojan 93?

N

NarcD

I recently updated Antispyware on the 6/08/05 with the
latest Dat file >1743.

I think it has detect a False postive, but im not sure
about this. The info i recieved when scanning my system was
the following>

Infected registry keys/values detected
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\InprocServer32
C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\InprocServer32
ThreadingModel Apartment
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\ProgID
Catalyst Context Menu
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\TypeLib
{5E2121EE-0300-11D4-8D3B-444553540000}
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\VersionIndependentProgID
Catalyst Context Menu
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}
SimpleShlExt Class

I have scanned my system with Ewido, A2, TDS-3, McAfee and
Trend Micro all found nothing apart from MSAS
(antispyware). would really like to hear what microsoft
thinks a bout this .

thank you N
 
G

Guest

-----Original Message-----
I recently updated Antispyware on the 6/08/05 with the
latest Dat file >1743.

I think it has detect a False postive, but im not sure
about this. The info i recieved when scanning my system was
the following>

Infected registry keys/values detected
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\InprocServer32
C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\InprocServer32
ThreadingModel Apartment
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\ProgID
Catalyst Context Menu
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\TypeLib
{5E2121EE-0300-11D4-8D3B-444553540000}
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\VersionIndependentProgID
Catalyst Context Menu
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}
SimpleShlExt Class

I have scanned my system with Ewido, A2, TDS-3, McAfee and
Trend Micro all found nothing apart from MSAS
(antispyware). would really like to hear what microsoft
thinks a bout this .

thank you N

.

-----Original Message-----
I recently updated Antispyware on the 6/08/05 with the
latest Dat file >1743.

I think it has detect a False postive, but im not sure
about this. The info i recieved when scanning my system was
the following>

Infected registry keys/values detected
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\InprocServer32
C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\InprocServer32
ThreadingModel Apartment
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\ProgID
Catalyst Context Menu
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\TypeLib
{5E2121EE-0300-11D4-8D3B-444553540000}
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\VersionIndependentProgID
Catalyst Context Menu
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}
SimpleShlExt Class

I have scanned my system with Ewido, A2, TDS-3, McAfee and
Trend Micro all found nothing apart from MSAS
(antispyware). would really like to hear what microsoft
thinks a bout this .

thank you N

.
I have come to the conclusion it is a FP, pls see these
sites for extra info>

http://castlecops.com/p600694-SpySw...or_zubox_1.html


http://vil.nai.com/vil/content/v_130135.htm

Take care all



NarcD
 
R

Rich

I to am getting the same result ,but after removing ati
ccc is no longer available . So i run another check and
it is gone ,then i reinstall ati ccc and ms as reports
trojan agian this must be a false reading at the
moment ,so i choose to always ignore this. This as well
as i cannot set scheduler to any pm time as it always
reverts back to am. To me it seems that this a couple of
bugs with the latest version of ms as as these probs did
not arise with upto 31/7 version of software.
 
B

Bill Sanderson

Thanks for these reports--false postives should be reported in the
..signatures group, if you haven't already.

The scheduler bug is indeed a bug. As a workaround set your language
setting to English US, set your intended schedule, and reset your language
setting to its usual.

The schedule will then appear wrong, but should, in fact, happen in the
afternoon.

--
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top