Jump to content

Trojan.Dropper.AI - a question about this...

Eagleeye
 Share

Recommended Posts

Eagleeye

Eagleeye

Posted
Posted

Good afternoon everyone,

During a first quick scan by MBAM Pro, it discovered the Trojan.Dropper.AI in the FSS.exe file. After clicking on the remove items button and restarting the computer, I ran a 2nd quick scan with MBAM. This time, MBAM shows the same trojan in the Minitoolbox.exe file.

I again clicked on the remove items button and rebooted a 2nd time. I ran a 3rd quick scan with MBAM and this time nothing was found.

My question: Both the MiniToolBox application & Farbar Service Scanner program have been on my Desktop for a few months now, but have never shown up as having any malware in the executable files when I've done twice-daily scans with both MBAM and SAS...until today. Is there any explanation for this? (i.e. how these two files could have been infected in the first place).

I've been unable to find any information about this particular trojan here on the MBAM site.

(The last time either of the aforementioned programs were used was about 3 months ago).

Thank you for your time and any information. :blink:

Link to post
Share on other sites
Eagleeye

Eagleeye

Posted
  • Author
Posted

Thanks very much for your respective replies, daledoc1 and shadowwar!

The unfortunate thing is MBAM removed the FSS program (After the first reboot, I no longer saw the FSS icon on the Desktop and there were no files for the program in the Program Files listing either); I removed the MiniToolBox application from my computer myself. I'm a little nervous when MBAM detects things like this.

Thanks again.

Link to post
Share on other sites
daledoc1

daledoc1

Posted
Posted

The unfortunate thing is MBAM removed the FSS program

Not sure why a home user would need to keep FSS on the system, unless one were having ongoing problems with internet connectivity? <just asking>

For future reference, there's a False Positives subforum dedicated to these sorts of things. :)

In order to report a potential FP, the preferred method is to please follow the instructions in this topic: READ BEFORE REPORTING A FALSE POSITIVE!, followed by starting a new thread in that FP section >>HERE<<. :)

(For example: http://forums.malwar...howtopic=105856) :)

daledoc1

Link to post
Share on other sites
Eagleeye

Eagleeye

Posted
  • Author
Posted

Hi again daledoc1,

You're correct about the Internet connectivity issue. A few months back, I managed to pick up a Sirefef trojan (gen). It was found during a scan with SAS. Either the malware itself or perhaps during the removal process by SAS, the ipsec.sys file was deleted and I could not access the Internet at all. Since I didn't have a 2nd computer to use to obtain help in the forum here, I had to spend $123.00 at the local computer repair shop to get this XP fixed.

I'll check out the other info you provided via the links.

Many thanks again! :D

Link to post
Share on other sites
Eagleeye

Eagleeye

Posted
  • Author
Posted

Thanks for the additional info, Rich.

I checked the Quarantine area and the two infected files are still shown there.

Best regards,

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.