Jump to content

Recommended Posts

I'm currently using Malwarebytes for PC and Android Phone, Few days ago while Scanning my Android Phone , Malwarebytes just detected a Malware the malware name is Android/PUP.Riskware.Autoins.Fota I just wanna ask if this malware is dangerous and what the virus can do to me and my phone. I search the virus name in google but the result is nothing. 

 

Hoping to get an answer.

malware1.png

malware2.png

malware3.png

malware4.png

Share this post


Link to post
Share on other sites

I'm having the same issue! I wanted to make a post on this forum about this today. I think this might be a false positive. But we need to wait for an answer

 

Share this post


Link to post
Share on other sites

Update: I just factory reset my phone. The app is still there and malewarebytes is detecting it. This started happening after the newest update. Seems like a false positive. But I dont know for sure

Share this post


Link to post
Share on other sites

Hello, maybe you can upload the App, here too for analyzing?

Thanks.

MAM

Share this post


Link to post
Share on other sites

Hello, can you not directly upload the App here in the forum from your smartphone?

Sign up here on the forum with your smartphone, and upload this avoidable app. Is not that possible?

MAM

Share this post


Link to post
Share on other sites

Nope. My phone is not rooted. As I said, this app was pre-installed on my phone. I'm very confused as to what to do since this never happend before. I dont want to use my phone until this is reseolved.

Share this post


Link to post
Share on other sites

This is really weird. There are 2 files. FWUprage_com.fw.upgrade_16_1.1... witch virus total says its ok, and then there's FWUprageProvider.apk which has a 14/60 detection ratio. I'm going to do a second factory reset to make sure the file is pre-installed. I'm very confused here. I'll probably contact allview support.

Share this post


Link to post
Share on other sites

Ok, good luck finding out what's really going on ....

Maybe other experts here say something else.

MAM

Share this post


Link to post
Share on other sites

I've got the same issue as the OP, exactly the same "malware". However I can't disable the responsible app only "Force Stop" is available to click, the "Disable" button is greyed out and unclickable. I got the phone earlier this year from a reputable company so I'm surprised about this preinstalled "malware". I've read the articles helpfully posted by mbam_mtbr but the advice is to click the "Disable" button which I can't do.


MJRoajs - have you found a solution?


Does anyone have any further advice?

Share this post


Link to post
Share on other sites

I've got the same issue as the OP, exactly the same "malware". However I can't disable the responsible app only "Force Stop" is available to click, the "Disable" button is greyed out and unclickable. I got the phone earlier this year from a reputable company so I'm surprised about this preinstalled "malware". I've read the articles helpfully posted by @mbam_mtbr but the advice is to click the "Disable" button which I can't do.


@MJRoajs @pad201234 have either of you found a solution?


Does anyone have any further advice?

Share this post


Link to post
Share on other sites

Even we have done wipe our Redmi Pro, and do not install any application except malwarebytes, and we run, still wrote PUP.Riskware.Autoins.Fota caught there, so it is true that the default from xiaome and exist in its system

Screenshot_2017-12-04-07-52-40-526_org.malwarebytes.antimalware.thumb.png.1d96f4ee66bb5f5e578549b1c39ad8f8.png

Share this post


Link to post
Share on other sites

I have contacted my phones support. They said that that app is indeed a system app that's used by google play. I don't think that's true. They probably got that information from the manufacturer. I read some more about this issue and it's common with cheaper chineese phones. They said that If I want to I can send the phone in and they will check it, wich I will not do because I will get the same information. I bought a new phone now. To the rest of you with this issue I would suggest just using the phone since I've been using mine for over a year not even knowing the app was there, turs out there are alot more of those apps on my phone. So just keep using your phone or install a new rom of android.

Share this post


Link to post
Share on other sites

I've also started getting this Fota detected as of about 2 weeks ago.

File /system/app/FWUpgradeProvider/FWUpgradeProvider.apk

on a Lenovo Tab 2 A7-10F (upgraded to official Lenovo Android 5.0 months ago)

Edited by Felipe2
Clarity

Share this post


Link to post
Share on other sites

I bought my Lenovo Tab 2 from a reputable store in unopened original packaging and have only updated from Lenovo OTA from Android 4.3.3 to 5.0. 

It's detected multiple times because I copied the file to the SD card.

False positive? Or something to worry about?

Forgot to mention that Norton Mobile Security fails to pick up either the original or the copy.

 

IMG_20171211_184847_112.jpg

IMG_20171211_184911_180.jpg

IMG_20171211_184937_417.jpg

IMG_20171211_184954_869.jpg

Edited by Felipe2
Additional info

Share this post


Link to post
Share on other sites

I'm having the same issue with my xperia C4 and it's not fixed after 2 factory resets

Android/PUP.Riskware.Autoins.Fota

/system/app/FWUpgradeProvider/FWUpgradeProvider.apk

@mbam_mtbr Should i be worried? do you have a solution for that?

Thanks

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.