Related
Hey does anyone know of a good antivirus app for a rooted zenfone 2e? I want one that is free but has as many features as possible as well. Thanks.
I used to use Avast but the best anti virus is you, the user. Know your system, know the internet. If youre rooting, you will/should eventually get very familiar with android, how it behaves, the file system, permissions, built-in apps, etc. Avoid indiscriminate app downloads, especially from places other than the play store, and never follow links that youre unsure of. My opinion is that Windows is the only OS that AV is pretty much necessary.
I second avast. An interesting feature is that it will survive a factory reset if stolen.
zshep99 said:
Hey does anyone know of a good antivirus app for a rooted zenfone 2e? I want one that is free but has as many features as possible as well. Thanks.
Click to expand...
Click to collapse
Unlike the PC, it is extremely unlikely you will "get" a virus on your android. It is you who has to install the malware to make it happen. And it is extremely easy to remove the malware. A factory reset would do it and as root user you could simply restore your nandroid backup.
tetakpatalked from Nexus 7 flo
Most antivirus apps come with a huge amount of crap no one needs. They often drain your battery and slow your smartphone down. I have also seen antivirus apps which behave more like spyware by replacing advertisements in other apps or direct you to untrustworthy websites when opening the webbrowser.
My opinion: You do not need an antivirus app on your smartphone. Make sure you install most apps via appstore. Take care with apps from 3rd party websites. (Especially if the website says you have an virus on your smartphone => scareware!)
I would never install Antivir-Apps, since they will drop your phone-performance. And what do you get for this? Nothing. Just be carefully of what you are downloading.
i thinks for android no needs one antivirus..
Kenfary72 said:
i thinks for android no needs one antivirus..
Click to expand...
Click to collapse
+ one
Envoyé de mon E5333 en utilisant Tapatalk
Kenfary72 said:
i thinks for android no needs one antivirus..
Click to expand...
Click to collapse
+ two
My opinion is that android doesn't need antivirus software when the user is careful about what he downloads.
no disregard to anyone, but are you sure you are in developers forum ?!?! this is not a google store !
do you still live in Symbian world ? even the google play itself has malwares ! or you just want to ignore it ? beside those, hangroid can be easily hacked. the only system that dose not a antivirus is winphone, and it has not need it yet ! but they will come for it very soon.
personally i will never trust ios o even open my email, and in android i have an original payed antivirus that really can respond to a virus. i have original nod32 (i do NOT like it, but i didn't get a better one in hangroid.)
visited by lenovo tab2 a8.
best regards, josef.
josef2600 said:
no disregard to anyone, but are you sure you are in developers forum ?!?! this is not a google store !
do you still live in Symbian world ? even the google play itself has malwares ! or you just want to ignore it ? beside those, hangroid can be easily hacked. the only system that dose not a antivirus is winphone, and it has not need it yet ! but they will come for it very soon.
personally i will never trust ios o even open my email, and in android i have an original payed antivirus that really can respond to a virus. i have original nod32 (i do NOT like it, but i didn't get a better one in hangroid.)
visited by lenovo tab2 a8.
best regards, josef.
Click to expand...
Click to collapse
Best antivirus is still brain.apk
Just do not instal every bulls* and you are good to go.
Most antivirus apps are snakeoil/bloatware which will not protect you from anything!
It is good to think about an anti-virus. Android malwares exist, so everyone who's telling here that AVs for Android are a no-go are jumping the gun. However, the Android system already has some security measures into place. So is it still worth it? Yes. The Play Store can't guarantee a 100% clean virus free app collection. History has shown that. "use your brain" is also not a really constructive argument, it is easy to install a sample or virus infected application. Is it that dumb to use an AV on Android? No.
My suggestion, *buy* an AV. For example I have a yearly subscription to Freedome from F-Secure (VPN service). Primarly for my laptop but you can install it on three devices (I have it on 2 laptops and my smartphone). For the smartphone, besides a VPN the app will also scan the device for malicious apps so I got all my important security features in one app. I know that Avast has something similar. I paid 50 euros for one year, which is next to nothing considering the features and piece of mind. And for all those that go on ranting on my post here, I am a security professional in Android and see malware samples from the inside (reverse engineer) all the time
I encourage you to look in those options: VPN and App scan.
tetakpatak said:
Unlike the PC, it is extremely unlikely you will "get" a virus on your android. It is you who has to install the malware to make it happen. And it is extremely easy to remove the malware. A factory reset would do it and as root user you could simply restore your nandroid backup.
tetakpatalked from Nexus 7 flo
Click to expand...
Click to collapse
Remember stagefight thingy ? One could have abused it to gain root privileges and install a binary that run at start, a raw binary, not a package.
Tell me how it is easy to uninstall it, you would first have to track it, if it's purpose wasn't to patch other binaries, and then, you're good to reflash system partition.
No system is invulnerable
Of course, it's tough to get a virus on android, but there's still common malware, adware, scareware, and raw security flaws. There is still need for security solutions, mostly for the raw flaws.
Best choice for you from my point of view
CM Security & Malwarebytes Anti-Malware
I agree with Magissia if you think over that what you are going to do.
Virustotal AND vulnerability patches
Hi,
I have purchased a Lenovo Vibe Z2 mobile phone from a website but it was shipped from Hong Kong. The phone arrived (here in the UK) all brand new (wrapping still on it) and I'm happy with it (well it works).
On further reading, apparently the Lenovo Vibe Z2 is a model with spyware built into the ROM, and this spyware can lead people to hacking you or spying on your calls/texts/data usage. Clearly, I don't want this.
I have installed Malwarebytes and 360 Security to hopefully detect any malicious content. The scans reported no threats. I guess that doesn't mean there are no threats but just the scans didn't detect any. Maybe if the malware is built into the ROM (so I've read) then the scans will think it is friendly software, or maybe the scans don't scan the ROM.
1) How can I tell if my phone is loaded with spyware or any malicious content?
2) How can I remove this spyware if it is installed?
3) Do I need to use internet security or anti virus with my Lenovo Android phone?
Someone has suggested doing a ROM install with official firmware. I'm lost with this suggestion so it raises a few more questions:
1) Is the suggestion the usual way to remove malicious software?
2) Can I be sure it will actually remove the malicious software, or is it a try and hope scenario?
3) Is there a particular official version of firmware I need for my Lenovo Vibe Z2?
4) Is there a link or video that can show me a) where to download a SAFE version of the official firmware b) and how to do a ROM install?
I'm willing to give a try if it is the standard approach to removing malicious software but I just don't know how to do it at present.
I'm not a phone buff. I simply would like a clean phone (i.e. no malicious content) to make and receive calls/texts and to browse the net without anyone spying on, or recording what I'm doing.
Please advise?
Thanks.
XDA Visitor said:
Hi,
I have purchased a Lenovo Vibe Z2 mobile phone from a website but it was shipped from Hong Kong. The phone arrived (here in the UK) all brand new (wrapping still on it) and I'm happy with it (well it works).
On further reading, apparently the Lenovo Vibe Z2 is a model with spyware built into the ROM, and this spyware can lead people to hacking you or spying on your calls/texts/data usage. Clearly, I don't want this.
I have installed Malwarebytes and 360 Security to hopefully detect any malicious content. The scans reported no threats. I guess that doesn't mean there are no threats but just the scans didn't detect any. Maybe if the malware is built into the ROM (so I've read) then the scans will think it is friendly software, or maybe the scans don't scan the ROM.
1) How can I tell if my phone is loaded with spyware or any malicious content?
2) How can I remove this spyware if it is installed?
3) Do I need to use internet security or anti virus with my Lenovo Android phone?
Someone has suggested doing a ROM install with official firmware. I'm lost with this suggestion so it raises a few more questions:
1) Is the suggestion the usual way to remove malicious software?
2) Can I be sure it will actually remove the malicious software, or is it a try and hope scenario?
3) Is there a particular official version of firmware I need for my Lenovo Vibe Z2?
4) Is there a link or video that can show me a) where to download a SAFE version of the official firmware b) and how to do a ROM install?
I'm willing to give a try if it is the standard approach to removing malicious software but I just don't know how to do it at present.
I'm not a phone buff. I simply would like a clean phone (i.e. no malicious content) to make and receive calls/texts and to browse the net without anyone spying on, or recording what I'm doing.
Please advise?
Thanks.
Click to expand...
Click to collapse
OP reposted:
http://forum.xda-developers.com/general/xda-assist/lenovo-vibe-z2-spyware-malware-help-t3493067
Thread closed.
model number : lenovo a5500-hv
android version: 4.4.2
baseband version: a5500-hv.v34, 2014/05/08 22:28
kernel version: 3.4.67
build number: a5500hv_a442_000_011_140508_row
As shared in subject, my tab ANDROID is infected by malware where multiple issues have starting lately
a) Constant popup message stating" Unfortunately, com.system.update has stopped"
b) Constant popup message stating" Unfortunately, org.snow.down.update has stopped"
c) Constant popup displaying to INSTALL application" com.android.keyguard"
d) Automatic checking (on) in Settings> Security> Allow installation of apps from unknown sources, despite my regular check off( its gets reactivated again). Device Administrators viewed are Android Device Manager (ticked), Daemon Service( twice listed- unchecked).
e) Installed Malwarebytes Anti-malware, upon scanning detected these 11 malwares, which it is unable to delete ( Norton is unable to detect those even). Any open app which I try to use after some seconds are abruptly closed.
Malware name- Path
Android/ Backdoor.Triada.c - /system/priv-app/higher.apk ( File linked to be uninstalled- AppManage)
Android/ Backdoor.Triada.js - /system/priv-app/BCTService.apk ( File linked to be uninstalled- bcct_service)
Android/ Trojan.Rootnik.I - /system/priv-app/Bseting.apk ( File linked to be uninstalled- com.android.sync)
Android/ Trojan.SMSSend.ge - /system/app/com.android.token.apk ( File linked to be uninstalled- com.android.taken)
Android/ Trojan.OveeAd.F - /system/priv-app/com.mws.tqy.vsdp.apk ( File linked to be uninstalled- com.system.update)
Android/ Backdoor.Triada.J - /system/priv-app/com_android_goglemap_services.apk ( File linked to be uninstalled- GoogleMapService)
Android/Trojan.Dropper.Shedun.dc - /system/priv-app/parlmast.apk ( File linked to be uninstalled- GuardService)
Android/Trojan.Dropper.Agent.MJ - /system/priv-apk/Sooner.apk ( File linked to be uninstalled- PhoneService)
Android/Trojan.OveeAd.J - /system/priv-apk/com.tsr.eny.hyu.apk ( File linked to be uninstalled- system.bin)
Android/Trojan.Guerrilla.Q - /system/priv-apk/NAT.apk ( File linked to be uninstalled- SysTool)
Android/Trojan.Triada.m - /system/priv-apk/com.glb.filemanager.apk ( File linked to be uninstalled- UPDATE)
PS: If I try to connect to Internet, app icons are downloaded and auto open displaying porn images.
Please assist to REMOVE the MALWARE INFECTION. Tried FACTORY DATA RESET from Settings, but no help. Tab not rooted.
Solution
Last night i got some pesky malwares. For now i think i removed them. Get Avast and see what it can find. After that try to remove the files from file explorer and the most important thing - go to Settings-Security-Device Administrators. From there remove everything and now from Avast you should be able to remove the infected apps. Hope i helped
Tried cm's stubborn Trojan remover from play store and it did the trick- as in disabled the infected processes but at end took my mail ID with followup request if raised to get the device cleaned from malware. Cross checked from Malwarebytes and kaspersky, and looks seemingly clean with no active culprits. Though not checked with WiFi or data connection through sim.
Sent from my A0001 using XDA-Developers mobile app
Ashish1+1 said:
Tried cm's stubborn Trojan remover from play store and it did the trick- as in disabled the infected processes but at end took my mail ID with followup request if raised to get the device cleaned from malware. Cross checked from Malwarebytes and kaspersky, and looks seemingly clean with no active culprits. Though not checked with WiFi or data connection through sim.
Sent from my A0001 using XDA-Developers mobile app
Click to expand...
Click to collapse
Did it root your phone first? Else I can't see how it would be able to get to those apps installed as system. If so, if it was me, I'd unroot my phone at the very least & uninstall the CM apps since they do not have a good reputation so far as data snooping goes and excessive app permissions etc goes.
eg (from The Capitol Forum)
The apps require extensive access to the devices on which they run, and they are able to harvest a great deal of data about users’ interests, demographics and location. Cheetah Mobile’s business model is not significantly different from the way in which some major American tech companies such as Facebook monetise their free products. However, Cheetah Mobile is different from American tech companies in that its headquarters are located in China and its data servers are primarily located there as well, and its main business partners are major Chinese tech firms. The Chinese government, according to sources, accesses its companies’ data for internal security, economic competitiveness or other purposes. Cheetah Mobile, and similar companies, represents a major point of entry for China to access American app marketplaces and their users to gather information. However, U.S. government officials in national security and intelligence agencies are highly aware of surveillance and hacking both inside and outside China, presumably coming from actors affiliated with the Chinese state.
Click to expand...
Click to collapse
see the alteco report (about investment risks but they ran tests on other apps that didn't do anything, what battery savers don't help!!! :silly: )
https://drive.google.com/file/d/0B_zW4GWDn5wpVDBiLUpDcE9IS0E/view
Now I haven't used the app you quote but if it didn't root your phone then it can't have removed the malware and they are likely up to their old tricks ie the app doesn't really work, they have just been blocked or something. (Ask yourself why aren't there other apps from well known companies that can remove trojans in system on play store?) ANd with their dodgy reputation for ads, & selling user data if it did root your phone you may only be slightly better off!!?? But at least it should only be your user data they are gathering and not your bank account number to try and get ya money like the malware guys!
Anyhow happy for you if you really are free of malware and don't forget to change all your passwords for all accounts, your routers etc else you could be reinfected by the time you read this!
I would reflash the stock ROM to be sure (backup ALL your pics, txts address, whatsapp etc etc)
I would also be interested to know how the app worked, if you can explain it. Did it say it would ROOT your phone? (there is nothing in their write up to say it will, Google would not allow an app that can root on play store, as far as I know) Do you have an app that can read what system apps are installed, like Link2sd? Does that show any of the malicious apk?
Thanks, No I did not root my phone but judging by the way removal came (easy) I too was bit surprised with outcome. No sooner I decided to remove the cm app Trojans and malware again became evident meaning it was just being suppressed in a way not removed and now again came back (when removed).
Sent from my A0001 using XDA-Developers mobile app
Ashish1+1 said:
Thanks, No I did not root my phone but judging by the way removal came (easy) I too was bit surprised with outcome. No sooner I decided to remove the cm app Trojans and malware again became evident meaning it was just being suppressed in a way not removed and now again came back (when removed).
Sent from my A0001 using XDA-Developers mobile app
Click to expand...
Click to collapse
Sorry to hear this. However I think it is possible that the CM app did its job as those malicious apps have probably already rooted your phone, so CM may have just used that root access without informing you, though whether or not other apps like CM app can still use that root, I'm not sure, it depends if its been left "on". I did watch a video on youtube for CM Stubborn Trojan app and the guy had to root his phone first. (You could try some/several of the root checker apps, if you want to know). So lets assume the CM app worked properly and removed trojan as it could get root without giving you a root request notification.
It's entirely possible that your reinfection is from your external SD card or via some other means eg. your router has had some ports opened or some other means. (Sorry I should have said reset router when I said change router password [do this for all routers you use & update firmware & ensure remote access is off (ref. dirty cow) while you are about it too!]
So I would reinstall CM Stubborn Trojan (lets assume it removes malware as it has root, even if it just blocks them it helps us) so you can then reflash official stock ROM for your country (& update to newest version if available), you must flash the FULL stock ROM so all partitions are reflashed. partial stock or custom ROM will not do this & potentially leave you open to reinfection! Reflash the FULL STOCK ROM is the only way to "easily" be sure you have cleaned the malware from your phone. NOTE: just doing a factory reset will NOT remove the malicious apps if they are in operating system folders, this only works for malicious apps in user data areas! Then you must make sure all possible ways you can be reinfected eg via sync, external SD cards or storage, your PC, router etc are cleaned/blocked/reset/updated
If you are not getting updates for your ROM you might want to consider installing a custom ROM (AFTER you have flashed the stock ROM!) from a reliable & trustworthy source, if available for your model, so that you get security patch updates. But you need to research and consider the risks of things like bricks, security etc for yourself first.
Hope this helps you clean your phone
Sometimes, it's times, it's the firmware itself that is infected
IronRoo said:
Did it root your phone first? Else I can't see how it would be able to get to those apps installed as system. If so, if it was me, I'd unroot my phone at the very least & uninstall the CM apps since they do not have a good reputation so far as data snooping goes and excessive app permissions etc goes.
eg (from The Capitol Forum)
see the alteco report (about investment risks but they ran tests on other apps that didn't do anything, what battery savers don't help!!! :silly: )
https://drive.google.com/file/d/0B_zW4GWDn5wpVDBiLUpDcE9IS0E/view
Now I haven't used the app you quote but if it didn't root your phone then it can't have removed the malware and they are likely up to their old tricks ie the app doesn't really work, they have just been blocked or something. (Ask yourself why aren't there other apps from well known companies that can remove trojans in system on play store?) ANd with their dodgy reputation for ads, & selling user data if it did root your phone you may only be slightly better off!!?? But at least it should only be your user data they are gathering and not your bank account number to try and get ya money like the malware guys!
Anyhow happy for you if you really are free of malware and don't forget to change all your passwords for all accounts, your routers etc else you could be reinfected by the time you read this!
I would reflash the stock ROM to be sure (backup ALL your pics, txts address, whatsapp etc etc)
I would also be interested to know how the app worked, if you can explain it. Did it say it would ROOT your phone? (there is nothing in their write up to say it will, Google would not allow an app that can root on play store, as far as I know) Do you have an app that can read what system apps are installed, like Link2sd? Does that show any of the malicious apk?
Click to expand...
Click to collapse
In my case, I have a similar issue - however, it's an infected SYSTEM file - which Malwarebytes spotted (but is unable to remove), and is NOT related to the KingRoot dodgy file. It's actually two different Trojans - both in /system/priv-app (settings.apk and smsservices.apk) - the first is the more problematical. (It's problematical because it's a critical system file/app/service - killing it without a replacement is NOT an option.) How the heck do you replace such a critical system file when it got itself hijacked?
In this case, I would agree with just a complete factory reset or ROM reflash. Like it is simply too much of an issue to try removing and recovering everything. Especially, once it's deep within your system....
Josh Ross said:
In this case, I would agree with just a complete factory reset or ROM reflash. Like it is simply too much of an issue to try removing and recovering everything. Especially, once it's deep within your system....
Click to expand...
Click to collapse
This was what I did finally, I went to service centre and spent bucks. They reloaded the firmware I suppose ( not flashing it) and instantaneously it was as good as new. I think, malware was itself part of original installation like uc browser- it was there. It just activated after some time or may be I clicked on some advertisement while running app and then the hell happened.
Any ways, its working fine, added an adblocker, restricted usage to few apps and keeping my fingers crossed for future.
Sent from my A0001 using XDA-Developers Legacy app
Yeah, the bloatware that you get with some phones nowadays is unbearable. If there is an option, go with a rooted phone, custom ROM, some couple custom solutions for protection and you will be good to go. And they work better than defaults most of the time. Good luck! Hopefully, we will only be hearing good news from you
PGHammer said:
In my case, I have a similar issue - however, it's an infected SYSTEM file - which Malwarebytes spotted (but is unable to remove), and is NOT related to the KingRoot dodgy file. It's actually two different Trojans - both in /system/priv-app (settings.apk and smsservices.apk) - the first is the more problematical. (It's problematical because it's a critical system file/app/service - killing it without a replacement is NOT an option.) How the heck do you replace such a critical system file when it got itself hijacked?
Click to expand...
Click to collapse
I'd reflash stock.
Hi guys, I believe my galaxy tab s4 is contaminated with a virus . I already did many factorys resets and didnt installed no apps but from time to time , even when Im at the home screen with Avast only or with the antivirus that comes with the tablet activated, google play store opens without my request showing a program called IQ Option broker. What should I do?
malandrex said:
Hi guys, I believe my galaxy tab s4 is contaminated with a virus . I already did many factorys resets and didnt installed no apps but from time to time , even when Im at the home screen with Avast only or with the antivirus that comes with the tablet activated, google play store opens without my request showing a program called IQ Option broker. What should I do?
Click to expand...
Click to collapse
Could be a fake Play store app reinstalling itself somehow eg from SD card. Is your antivirus scanning your external storage also? Check if you have more than one play store app shown in settings>apps (not your normal apps screen as they can be hidden there). Or it could be an overlay made to look like Playstore screen ... you did get official Avast app right?
else something has installed itself in system folder which is why factory reset not working and you will need to reinstall your FULL Samsung factory ROM suggest you use Samsung SmartSwitch like RootJunky here (use high quality cable eg samsung usb cable, else danger of bricking)
https://m.youtube.com/watch?v=9QhJngOuLQ4
malandrex said:
Hi guys, I believe my galaxy tab s4 is contaminated with a virus . I already did many factorys resets and didnt installed no apps but from time to time , even when Im at the home screen with Avast only or with the antivirus that comes with the tablet activated, google play store opens without my request showing a program called IQ Option broker. What should I do?
Click to expand...
Click to collapse
Download Odin 3.xx (current version)
Browse SamMobile for firmware for your device, download factory ROM. Pay close attention to the region code for your ROM, CSC code. Use one compatible with your device and regional settings. It can be found on the IMEI sticker on the back of the device
Follow the flashing instructions to the letter that you will find on SamMobile website.
Once completed the device is fully refreshed and has latest available software at the time of the build. Do device setup and download app updates.
Enjoy.
Many thanks for both replies , but I have a few more questions:
a) Does this virus have the power to attack my router? If so, what should I inspect at my router? Should I use my brother´s ios iphone as a router while cleaning my device?
b) If I attach the tablet at my PC to perform the firmwire installation, could the virus be transmitted to it? What should I do to avoid it?
c) Where can I safely download this ODIN?
And answering some questions you made:
a) The avast app was downloaded from the store
b) Ive already tried disconnecting the sd card, perform a factory reset without the card but the problem persists.
c) I logged at my google account and when looking at my registered activity, Google claims I did opened the Google Play Store and searched for the IQ Option Broker app. So the virus acts as if it was me.
malandrex said:
Many thanks for both replies , but I have a few more questions:
a) Does this virus have the power to attack my router? If so, what should I inspect at my router? Should I use my brother´s ios iphone as a router while cleaning my device?
b) If I attach the tablet at my PC to perform the firmwire installation, could the virus be transmitted to it? What should I do to avoid it?
c) Where can I safely download this ODIN?
And answering some questions you made:
a) The avast app was downloaded from the store
b) Ive already tried disconnecting the sd card, perform a factory reset without the card but the problem persists.
c) I logged at my google account and when looking at my registered activity, Google claims I did opened the Google Play Store and searched for the IQ Option Broker app. So the virus acts as if it was me.
Click to expand...
Click to collapse
b) Possibly access is possible via your modem (or Bluetooth as serious bug was just patched this month if an attacker knows your BT MAC ... though likely take a while to rollout to all Samsung so you moray not be patched). If you suspect modem then you need to therefore also update your modem firmware (assuming its been patched & is not old & still vulnerable to some old bug, or buy new one) AND change both user & admin passwords
There is an XDA article with link to safe Odin download, google to find. But I'd recommend using Samsung SmartSwitch as this is official way & no special knowledge required.
Re item c) then possible it's just someone trying to load an app remotely via your Google account, does it show any unrecognised login from another device? Also I'm not 100% sure if this requires user to tap install on newer phones, so might not be what you are seeing. Change Google password. (your phone not infected in this case as you didn't click install) Always use a different password)(used same password then check your email address on have I been pwnd)
See below
IronRoo said:
b) Possibly access is possible via your modem (or Bluetooth as serious bug was just patched this month if an attacker knows your BT MAC ... though likely take a while to rollout to all Samsung so you moray not be patched). If you suspect modem then you need to therefore also update your modem firmware (assuming its been patched & is not old & still vulnerable to some old bug, or buy new one) AND change both user & admin passwords
There is an XDA article with link to safe Odin download, google to find. But I'd recommend using Samsung SmartSwitch as this is official way & no special knowledge required.
Re item c) then possible it's just someone trying to load an app remotely via your Google account, does it show any unrecognised login from another device? Also I'm not 100% sure if this requires user to tap install on newer phones, so might not be what you are seeing. Change Google password. (your phone not infected in this case as you didn't click install) Always use a different password)(used same password then check your email address on have I been pwnd)
Click to expand...
Click to collapse
b) I have 2 modens here, one from the internet provider , which is at bridge mode and one that spreads the signal. THe last one is modern and updated and the bridged one , there is no way I can acesss the firmwire besides its info. However , when I had to put it at bridge mode, I had to use an ethernet cable with a computer which maybe wasnt the most protected one. Could that process corrupts a firmwire modem?
c) But I have 2 stage factor. Shouldnt my phone receive an SMS alerting someone is logging at my account? And no, I havent seen any unrecognized login when I accessed my google account.
But your reply gave me an idea...: Maybe an access to my google account was made from a "public" computer and since the access wasnt terminated, as I use this computer a lot, a bot may be trying to remotely install this app.
malandrex said:
b) I have 2 modens here, one from the internet provider , which is at bridge mode and one that spreads the signal. THe last one is modern and updated and the bridged one , there is no way I can acesss the firmwire besides its info. However , when I had to put it at bridge mode, I had to use an ethernet cable with a computer which maybe wasnt the most protected one. Could that process corrupts a firmwire modem?
c) But I have 2 stage factor. Shouldnt my phone receive an SMS alerting someone is logging at my account? And no, I havent seen any unrecognized login when I accessed my google account.
But your reply gave me an idea...: Maybe an access to my google account was made from a "public" computer and since the access wasnt terminated, as I use this computer a lot, a bot may be trying to remotely install this app.
Click to expand...
Click to collapse
b) would need to be a modem exposed hero their internet with known vulnerability, so not sure.
C) yes, should have got a msg so can role that out, I guess.
Suppose it' possible that public pc could be comprised and doing that ... bit of a long shot ...
IronRoo said:
b) would need to be a modem exposed hero their internet with known vulnerability, so not sure.
C) yes, should have got a msg so can role that out, I guess.
Suppose it' possible that public pc could be comprised and doing that ... bit of a long shot ...
Click to expand...
Click to collapse
I think I found the culprit , when I reviewd the few apps Ive installed on my tablet and googled them . There is Netflix, Omega Wars game, PUBG and COD Mobile, handycalc, Go Read, Hube and... QuickPic gallery!!!!!!!!! I used this app on my ancient galaxy S2 and at my other 2 previous tablets. When I looked for the program at Google Play one hour ago ,QuickPic wasnt available anymore!!!! I googled about it and saw many people complaining about this program when a chinese company bought it a few years ago . Maybe QuickPiC installed some crapware at my device!!!!
malandrex said:
Hi guys, I believe my galaxy tab s4 is contaminated with a virus . I already did many factorys resets and didnt installed no apps but from time to time , even when Im at the home screen with Avast only or with the antivirus that comes with the tablet activated, google play store opens without my request showing a program called IQ Option broker. What should I do?
Click to expand...
Click to collapse
BTW, can you find same app on Google, is it called IQ Forex, is closest I could fined
IronRoo said:
BTW, can you find same app on Google, is it called IQ Forex, is closest I could fined
Click to expand...
Click to collapse
The name of the program is IQ Option , from IQ Option developer
malandrex said:
The name of the program is IQ Option , from IQ Option developer
Click to expand...
Click to collapse
I can't find this one but doesn't mean anything, maybe not available in my country or not compatible with my phone.
PS: Don't rule out a compromised router even top of her range can be affected eg
https://threatpost.com/critical-netgear-bug-impacts-nighthawk-router/153445/
IronRoo said:
I can't find this one but doesn't mean anything, maybe not available in my country or not compatible with my phone.
PS: Don't rule out a compromised router even top of her range can be affected eg
https://threatpost.com/critical-netgear-bug-impacts-nighthawk-router/153445/
Click to expand...
Click to collapse
Dont have much free time , but despite the fact I think the router is still safe, Ill reset it on a weekend and change again its id and password as this is a process that takes too much time ( mostly due to my ignorance at the beginning of the process ).
Im thinking about taking my tablet for a Samsung assistance, but Im worried theyll change one virus for another if the employees are corrupt. Do you think I should take the risk or Im beeing too paranoic?
Hey,
I bought an android 11 phone from a Chinese website.
It has a Chinese rom and it came open box with google play installed(the seller probably opened it to install it).
My question is, what should I do to make sure there are no viruses, trojans etc. on it.
Is factory reset enough or other measures are required as well?
Also, can I make sure that the recovery/bootloader or other partitions wern't messed with?
Thanks,
Return phone and request refund of purchase price.
Do you mean there is no way of checking?
It's proved that phones produced for and sold in China contains pre-installed software what spies user: it's due to a directive by the Chinese government.
You can check this by monitoring device's network traffic.
And if I'll change it to global rom?
If you have a third-party antivirus app installed on your device, check the app developer's website to familiarise yourself with the expected notification you will see if that app detects a problem.
Whether you want to get rid of malware manually or use a virus removal tool or third-party app — such as an anti-malware scanner.