So i got this malware on my android called android.troj.hideicon.fy which is located in file manager(i can´t desactivate the app or clean cache) i already tried to reset the phone to factory new, didnt work, also tried using stubborn trojan killer to kill the virus but it says it needs root permission(no idea how to do it), so what should i so? buying a new phone its not really an option, so is this malware dangerous and my person information is at risk?
-
After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.
Malware/Trojan Virus
- Thread starter m0zsca
- Start date
Is this "File Manager" a pre-installed app? I'm guessing so because a factory reset should remove all user-installed apps. If so that would strongly suggest that the phone came with this installed, possibly by the manufacturer. What phone is it?
If you want to root then we'll need to know what phone it is anyway: rooting methods depend on the device and often on the software version as well.
If you want to root then we'll need to know what phone it is anyway: rooting methods depend on the device and often on the software version as well.
yes, its a pre-installed app (it stores music, apk files, photos, etc... The phone is a Wiko Fever 4G Marshmallow 6.0.
From what i saw on google it seems to be a trojan adware which root the device and installed itself as a system application and the only way to fix it is to root it.
From what i saw on google it seems to be a trojan adware which root the device and installed itself as a system application and the only way to fix it is to root it.
My viko made an automatic updates today when i was just sitting and scroling twitter...and suddently this red box came up with exactly the same trojan file manager virus...****,,i tried to remove it but couldnt..but instead i could force the file manager app
to be inactive
So i tried to activate the file manager again..and after a few secunds i got the same warning box saying all this about the trojan virus again,,,,sooo for now i have just done this,,,went into all my apps and in there i found this File manager app,,and clicked it and from there i could
force the file manager app
to be inactive,,,Now i just dont know if there still is some of this virus liyng on my android,,but my virus scanner couldnt find anything after i have inactivated it...So im pretty sure that i have this viru inside this file manager app...but its just not active,,And thats not so good to have that app inactive aswell because it can make some other apps not work properly...I need some proff answers to this issue also Please
force the file manager app
to be inactive,,,Now i just dont know if there still is some of this virus liyng on my android,,but my virus scanner couldnt find anything after i have inactivated it...So im pretty sure that i have this viru inside this file manager app...but its just not active,,And thats not so good to have that app inactive aswell because it can make some other apps not work properly...I need some proff answers to this issue also Please
My viko made an automatic updates today when i was just sitting and scroling twitter...and suddently this red box came up with exactly the same trojan file manager virus...****,,i tried to remove it but couldnt..but instead i could force the file manager app
to be inactive
So i tried to activate the file manager again..and after a few secunds i got the same warning box saying all this about the trojan virus again,,,,sooo for now i have just done this,,,went into all my apps and in there i found this File manager app,,and clicked it and from there i could
force the file manager app
to be inactive,,,Now i just dont know if there still is some of this virus liyng on my android,,but my virus scanner couldnt find anything after i have inactivated it...So im pretty sure that i have this viru inside this file manager app...but its just not active,,And thats not so good to have that app inactive aswell because it can make some other apps not work properly...I need some proff answers to this issue also Please
Hmm, I thought Android 6 had largely eliminated those (i.e. it closed most of the exploits that they used, which is why "rooting apps" also stopped working on most recent devices).
The alternative to rooting would be if you can find the official firmware for that phone and reflash the system. I don't know whether Wiko make this available or what the tools needed for doing this are (this stuff is usually manufacturer-specific), but if you can find it then this process will overwrite the existing system software, including any malware that might have been added to the system.
What produced the "red box"? Is this some security app you have installed, or something else. I'd normally advise people to be wary of unexpected pop-ups like that: quite a few are fake warnings, stuff fed to your phone as ads and intended to encourage you to install an "anti-virus" app (which in some cases may be malware itself).
If this warning was produced by a trusted source then the proximity of this warning to an update would be worrying, since it would raise the possibility that the malware was part of the official software - assuming that the "automatic update" was an automatic system update rather than an app update, or that if it was an app update it was actually the file manager that was updated rather than something else.
the strange part is that i dindt do anything that would normally would get me a virus, i got it yesterday and i only used my phone to play a game, nothing more. Suddenly i receive a message from a pre-installed app called clean master that i got the malware outta nowhere, tried checking with avg antivirus and dindt detect anything, so it makes me think if this aint some kind of false virus and another of wiko problems.
Try installing MalwareBytes to get a third opinion. I don't trust Clean Master at all.
Clean Master is a junk app: Cheetah Mobile, the developers, make their money by producing (or buying) apps which then collect their user's data to sell to spammers, and the app itself is well known for claiming to be solving problems which didn't exist in the first place.
Clean Master is a junk app: Cheetah Mobile, the developers, make their money by producing (or buying) apps which then collect their user's data to sell to spammers, and the app itself is well known for claiming to be solving problems which didn't exist in the first place.
fixed it, apparently it was due to an update of the file manager app, i just had to unistall and reset to factory said app.
dupong try this to see if it works( go to definitions, applications, search for file manager and click on it, click on the options button, the one on ur top rigth with a form of three points and then u will see a option that says to unistall update and then reset the app to factory, click on that and the malware will dissapear, i dindt lose any files on it, at least it worked for me.
Edit: After i started the app with the malware gone the google play store automatically updates the app to the most recent version (for some damn reason) and the malware appears again, so i had to repeat the procedure and also disable automatic updates on the google play store and it seems the malware is gone for good now. This may also update automatically when u start the file manager app, so i would advise to never run that app anymore.
dupong try this to see if it works( go to definitions, applications, search for file manager and click on it, click on the options button, the one on ur top rigth with a form of three points and then u will see a option that says to unistall update and then reset the app to factory, click on that and the malware will dissapear, i dindt lose any files on it, at least it worked for me.
Edit: After i started the app with the malware gone the google play store automatically updates the app to the most recent version (for some damn reason) and the malware appears again, so i had to repeat the procedure and also disable automatic updates on the google play store and it seems the malware is gone for good now. This may also update automatically when u start the file manager app, so i would advise to never run that app anymore.
Last edited:
I use cm security,,is malvarebytes better..?....I was just sitting and scrolling tweeter,,and i could see that there was running apps updates on my phone too,,,and then it shows up that i was infected with this trojan and it shows also that it was in the file manager app..but this app was kinda redin the top and light purple in the buttom with a papper in the middle....i couldnt delete it with CM security but i could inactivate the file...then it was placed i the map inactivated apps...when i scrolled the ALL APPS then there was another yellow file manager app there too..After i have inactiveted the red app..then CM didnt find any trheads anymore,,wich is good ,,,but the file is still in the map inactivated apps...And from there i cannot do anything else than activate it again,,i cant delete it
go to play store and search for file manager(the developer is shenzen ufo tecnhology, i assume its the same u have) and try unistall it to see if it works, from what i gathered the new updated version of the app seems to have that trojan(the app probably got hacked), i also saw other people complaining about it.
Its the same as mine, did u try as i said above? unistalling the app in google store? it goes back to the first version and it doesnt update automatically even with the auto app updates on, the malware has completely dissapeared for me. If it works the file manager will still be on ur phone, just dont start it.
If it doesnt work, wait a few days to see if the app is fixed, if not u either have to root it or buy a new phone. Myself dont know how dangerous is this trojan.
That sounds a good plan. I don't understand why dupong22 couldn't turn off auto update of apps from the play store though: it's usually only Google Play Services and the Play Store itself you can't stop updating.
As for MalwareBytes vs CM Security, it really comes down to the fact that CM's business model is monetising their users' data, and I dislike that generally and certainly don't want to give a data-mining company full access to my phone, which a security app by definition has.
As for MalwareBytes vs CM Security, it really comes down to the fact that CM's business model is monetising their users' data, and I dislike that generally and certainly don't want to give a data-mining company full access to my phone, which a security app by definition has.
I cant uninstall file manager at all,,not in google play,,and not on my phone.so i still have this red/purple file manager in the map of inactivated apps-because the only thing i could do wiyh the file was to inactivate it..My girfriend has exactly the same phone VIKO,,and in her apps the file manager app is yellow..I am also worry that i have this file on my phone even though it is inactivated and CM security cant find any virus to whven i scan,,But i dont like to have a file that i know might have the virus inside.
And where exactly can i stop the auto updates
I wouldn't trust CM(Cheetah Mobile) for anything, as that's basically a data mining and advertising platform, and NOT security AFAIK.
What exactly is a "VIKO"? Can't find anything about it. If it's a cheapo China phone, often sold online and imported. A few of those have been known to include malware baked into their firmware. Maybe see about returning it for a refund?
Last edited:
The original post was about a Wiko phone, so I've assumed that Viko is a persistent typo.
Automatic updates can be turned off globally in the Play Store settings, or per app via the 3 dot button when viewing an individual app.
If an app is disabled then there should be no updates, and any updates you have received will be uninstall. That might explain why you currently aren't seeing any malware warnings if it was only in an update.
Automatic updates can be turned off globally in the Play Store settings, or per app via the 3 dot button when viewing an individual app.
If an app is disabled then there should be no updates, and any updates you have received will be uninstall. That might explain why you currently aren't seeing any malware warnings if it was only in an update.
Clean Master was the shitnez back I the day. It wad sold, then came the ads.
WIKO Pulp,,not viko