MS Anti-Spyware causing me trouble ?

  nd33cfc 11:38 13 Aug 2005

Lately my PC has been crashing on a regular basis. The problem seemed to arise after Antispy found "Trojan 93" in my system, which it got rid of for me. I then searched for this trojan on google and was directed to a forum which was giving reference to Antspyware wrongly identifieing a program as a threat. This program was related to "ATI" which is the drivers for my graphics card.
Has anyone else had cause to believe this to be true ? as i am now considering the option of uninstalling MS Antispy.
For info i have the following PC :- Windows XP Pro, AMD Athlon 2ghz processor, Radeon 9600 Pro graphics card, Zonealarm, Ad-aware, Norton Anti-virus, A-2 and MS Atispyware.

  ACOLYTE 11:48 13 Aug 2005

Re install the graffix card drivers,if it was a false posative then when you scan again it will find the Trojan 93 on the system again and it should then prove that its part of the card drivers.You should scan the system first to make sure its not on the before you reinstall.

  nd33cfc 00:36 15 Aug 2005

Thank you for your responce acolyte. I have removed and then re-installed the drivers for my graphics card. My last scan found no "Trojan 93", so this makes me believe that it was not my graphics card driver after all.
However, my PC still crashes occasionally. Last night my PC crashed during a scan from MS Antispy, maybe this is a coincidence, but it still makes me think the MS Antispy is causing my PC to crash.

I am now at a complete loss as to what "Trojan 93" was and why my PC crashes. Any advice would be very much appreciated. Thanx.

  ACOLYTE 16:29 15 Aug 2005

Well i cant offer much,i have had a scan around the web and a few people are having the same findings with trojan 93,seems to be related to the ATI catalyst drivers,the trojan itself is supposed to alter IE's security settings to LOW

did your MS flag these for removal?

Unclassified.Trojan.93 Browser Modifier more information...
Status: Removed
Severe threat - Severe-risk items have an extreme potential for harm, such as a

security exploit, and should be removed.

Infected registry keys/values detected

procServer32 C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll

procServer32 ThreadingModel Apartment

ogID Catalyst Context Menu

peLib {5E2121EE-0300-11D4-8D3B-444553540000}

rsionIndependentProgID Catalyst Context Menu

SimpleShlExt Class

it also seems related in some way to trojan-backdoor-zubox_1 i dont know how its related and from what i have read not many others do either.

But i would think its a false posative
as most ATI users have had the same thing with the problem click here but i cannot say for sure if it is a false posative you will have to make yout own decision about that.


This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Best Black Friday Deals 2017

Black Friday Deals for Designers & Artists: Adobe, Apple, Corel Painter, Microsoft Surface, Wacom &e…

Best Black Friday Apple Deals 2017

Black Friday 2017 : date, sites participants & bonnes affaires