Jump to content
Gibbo

Malware found: Android Trojan Dropper - can't be removed

Recommended Posts

Hi Nathan thanks! After MBAM found it, the disable option is grayed out. It is still running though; it seems to collect some data in the cache which I can delete, & I can push the stop service button which temporarily stops it, but it eventually restarts. Could you interpret the meaning of that? I'm not real smart phone savvy.

Share this post


Link to post
Share on other sites

Hi @moo4x,

Simply go into Settings > Apps, find the Adups app (listed as Wireless Update as you mentioned ) to open up its settings. From the Apps settings, you can disable it via clicking the Disable button.

Nathan

Share this post


Link to post
Share on other sites

The disable button is grayed out.

I suspect I'll be getting a new phone. Either that or paying a pro to remove the malware.

What is the exact procedure for transferring an MBAM license on a phone?

Does MBAM mobile only run on Android?

 

 

Share this post


Link to post
Share on other sites

Hi @moo4x,

Once again, go into Settings > Apps, find the Adups app to open up its settings. From the Apps settings, try Uninstall updates first.  There may be a drop down menu (three dots on upper right) with this option.  After that, then see if the the Disable button is highlighted.  Please let me know if this works or not.

No need to transfer the license.  As long as you us the same Google Account while installing, you will keep your Premium status.

Yes, MBAM Mobile is only for Android at this time.

Nathan

Share this post


Link to post
Share on other sites

This phone (Blu Life XL8) has no "Uninstall updates" setting. From the 3 dots, my options are "Sort By Side" & "Reset App Preferences". Should I try the second? "Adups" is not even shown as an app; either is anything similar.

Share this post


Link to post
Share on other sites

Thanks!

One thing I didn't state: the only way I can access Fota as an app is when MBAM finds an issue with it & I instruct Mbam to fix it.

Since I did as you suggested, for the moment Mbam is stating there is no Malware on the phone. This seems confusing to me, but I hope it's really that easy!

I am also curious: I have learned that this is a known issue with 4.42 on this specific phone & all versions of this specific phone factory shipped with this Malware. I am the original owner, though I didn't start using the phone until around 9 months ago. I am curious why Mbam didn't find it until a few days ago? This phone was manufactured in 2015 with a 2013 OS.

Do you think I'm now safe? I'll post again if Mbam finds the malware again.

Share this post


Link to post
Share on other sites
I have a Hafury Mix with android 7. It has been infected with the trojan "hiddad" that installed continuously the program "Chromes".
My solution:
Restore the mobile device to the factory state.
Uninstall the preinstalled applications from the factory. Without being root, I have uninstalled them with the ADB program. There are tutorials on the network.
Install an antivirus. I installed McFee.
Download applications from alternative locations to Play Store. I downloaded all of Uptodown.
Everything I have done has served me after many days in which the Trojan hiddad.dr was reinstalled in the program "Chromes" to be free of the virus or Trojan.
Now everything is going well.

Share this post


Link to post
Share on other sites

I got the fota virus from version 3.1.1.13 Malwarebytes it popped up it said its in UpgradeSys,Can someone please help, It doesnt delete! And i got my phone for christmas My phone is alcatec PIXI 4 Please can you help me

Share this post


Link to post
Share on other sites
1 hour ago, kubaborkowski2008 said:

I got the fota virus from version 3.1.1.13 Malwarebytes it popped up it said its in UpgradeSys,Can someone please help, It doesnt delete! And i got my phone for christmas My phone is alcatec PIXI 4 Please can you help me Andriod 6.0 Marshmallow.

 

Share this post


Link to post
Share on other sites

hmm I just removed com.adups.fota and fwupgradeprovider and those trojans. They was on my smartwatch :D so i rooted it with magisk and removed all from them with adb with su permissions system mounted rw. It is possible to remove instead of disabling

Share this post


Link to post
Share on other sites

Hi @henkka22,

You are correct, if you root your device you can remove using ADB.  However, this isn't something I personally recommend due to the potential damaging the device permanently aka "bricking" it.  But hey, glad it all worked for you though! ?

Nathan

Share this post


Link to post
Share on other sites

Malwarebytes for Android protects against Android/Trojan. Dropper. Android/Trojan. The dropper is a malicious app that contains additional malicious app(s) within its payload. The Android/Trojan. Dropper will install the additional malicious app(s) onto an infected mobile device. To fix all issues go through Dell error code 2000-0142 they will help out.

Share this post


Link to post
Share on other sites

Perhaps, the problem is in the app...

I had the similar issue with my redmi k20

the reason was the app (antivirus)

ÐоÑожее изобÑажение

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.