MS Anti-Spyware causing me trouble ?

  nd33cfc 11:38 13 Aug 05
Locked

Lately my PC has been crashing on a regular basis. The problem seemed to arise after Antispy found "Trojan 93" in my system, which it got rid of for me. I then searched for this trojan on google and was directed to a forum which was giving reference to Antspyware wrongly identifieing a program as a threat. This program was related to "ATI" which is the drivers for my graphics card.
.
Has anyone else had cause to believe this to be true ? as i am now considering the option of uninstalling MS Antispy.
.
For info i have the following PC :- Windows XP Pro, AMD Athlon 2ghz processor, Radeon 9600 Pro graphics card, Zonealarm, Ad-aware, Norton Anti-virus, A-2 and MS Atispyware.

  ACOLYTE 11:48 13 Aug 05

Re install the graffix card drivers,if it was a false posative then when you scan again it will find the Trojan 93 on the system again and it should then prove that its part of the card drivers.You should scan the system first to make sure its not on the before you reinstall.

  nd33cfc 00:36 15 Aug 05

Thank you for your responce acolyte. I have removed and then re-installed the drivers for my graphics card. My last scan found no "Trojan 93", so this makes me believe that it was not my graphics card driver after all.
However, my PC still crashes occasionally. Last night my PC crashed during a scan from MS Antispy, maybe this is a coincidence, but it still makes me think the MS Antispy is causing my PC to crash.

I am now at a complete loss as to what "Trojan 93" was and why my PC crashes. Any advice would be very much appreciated. Thanx.

  ACOLYTE 16:29 15 Aug 05

Well i cant offer much,i have had a scan around the web and a few people are having the same findings with trojan 93,seems to be related to the ATI catalyst drivers,the trojan itself is supposed to alter IE's security settings to LOW

did your MS flag these for removal?


Unclassified.Trojan.93 Browser Modifier more information...
Status: Removed
Severe threat - Severe-risk items have an extreme potential for harm, such as a

security exploit, and should be removed.

Infected registry keys/values detected
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\In

procServer32 C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\In

procServer32 ThreadingModel Apartment
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\Pr

ogID Catalyst Context Menu
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\Ty

peLib {5E2121EE-0300-11D4-8D3B-444553540000}
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}\Ve

rsionIndependentProgID Catalyst Context Menu
HKEY_CLASSES_ROOT\clsid\{5E2121EE-0300-11D4-8D3B-444553540000}

SimpleShlExt Class

it also seems related in some way to trojan-backdoor-zubox_1 i dont know how its related and from what i have read not many others do either.

But i would think its a false posative
as most ATI users have had the same thing with the problem click here but i cannot say for sure if it is a false posative you will have to make yout own decision about that.

HTH

This thread is now locked and can not be replied to.

What is Amazon Go and will it come to the UK? The store without checkouts or queues

1995-2015: How technology has changed the world in 20 years

Why ecommerce hasn't taken off on social media

Super Mario Run preview | Hands-on first impressions of Super Mario Run: Mario's iPhone & iPad…