Jump to content

Malware found: Android Trojan Dropper - can't be removed


Recommended Posts

Hi Nathan thanks! After MBAM found it, the disable option is grayed out. It is still running though; it seems to collect some data in the cache which I can delete, & I can push the stop service button which temporarily stops it, but it eventually restarts. Could you interpret the meaning of that? I'm not real smart phone savvy.

Link to post
Share on other sites

The disable button is grayed out.

I suspect I'll be getting a new phone. Either that or paying a pro to remove the malware.

What is the exact procedure for transferring an MBAM license on a phone?

Does MBAM mobile only run on Android?

 

 

Link to post
Share on other sites
  • Staff

Hi @moo4x,

Once again, go into Settings > Apps, find the Adups app to open up its settings. From the Apps settings, try Uninstall updates first.  There may be a drop down menu (three dots on upper right) with this option.  After that, then see if the the Disable button is highlighted.  Please let me know if this works or not.

No need to transfer the license.  As long as you us the same Google Account while installing, you will keep your Premium status.

Yes, MBAM Mobile is only for Android at this time.

Nathan

Link to post
Share on other sites

Thanks!

One thing I didn't state: the only way I can access Fota as an app is when MBAM finds an issue with it & I instruct Mbam to fix it.

Since I did as you suggested, for the moment Mbam is stating there is no Malware on the phone. This seems confusing to me, but I hope it's really that easy!

I am also curious: I have learned that this is a known issue with 4.42 on this specific phone & all versions of this specific phone factory shipped with this Malware. I am the original owner, though I didn't start using the phone until around 9 months ago. I am curious why Mbam didn't find it until a few days ago? This phone was manufactured in 2015 with a 2013 OS.

Do you think I'm now safe? I'll post again if Mbam finds the malware again.

Link to post
Share on other sites
  • 2 weeks later...
I have a Hafury Mix with android 7. It has been infected with the trojan "hiddad" that installed continuously the program "Chromes".
My solution:
Restore the mobile device to the factory state.
Uninstall the preinstalled applications from the factory. Without being root, I have uninstalled them with the ADB program. There are tutorials on the network.
Install an antivirus. I installed McFee.
Download applications from alternative locations to Play Store. I downloaded all of Uptodown.
Everything I have done has served me after many days in which the Trojan hiddad.dr was reinstalled in the program "Chromes" to be free of the virus or Trojan.
Now everything is going well.
Link to post
Share on other sites
  • 5 weeks later...
  • 6 months later...

hmm I just removed com.adups.fota and fwupgradeprovider and those trojans. They was on my smartwatch :D so i rooted it with magisk and removed all from them with adb with su permissions system mounted rw. It is possible to remove instead of disabling

Link to post
Share on other sites
  • 1 month later...

Malwarebytes for Android protects against Android/Trojan. Dropper. Android/Trojan. The dropper is a malicious app that contains additional malicious app(s) within its payload. The Android/Trojan. Dropper will install the additional malicious app(s) onto an infected mobile device. To fix all issues go through Dell error code 2000-0142 they will help out.

Link to post
Share on other sites
  • 9 months later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.