Sorry if this is the wrong place to post - Samsung Galaxy Note 20 Ultra Questions & Answers

I think I have a ton of virus on my phone .does anyone know what this means and how I can remove it.malwarebytes app scan results say 0.of 1 threat removed
I was browsing using opera and came across this pop up
And got scared so did a scan and saw this
I cant find anyway to remove these threats
.I've used 10 different antivirus apps and they all say my phone is clean.phone is super fast and feels great so not sure why it's all infected like malwarebytes says

Anyone?

If you want help, it's helpful to use an informative subject line so people can see what your post is about and decide if they want to click on it.

The safety way is factory reset your phone.

Just return the phone. You know you want to.

haircut123 said:
I think I have a ton of virus on my phone .does anyone know what this means and how I can remove it.malwarebytes app scan results say 0.of 1 threat removed
I was browsing using opera and came across this pop up
And got scared so did a scan and saw this
I cant find anyway to remove these threats
.I've used 10 different antivirus apps and they all say my phone is clean.phone is super fast and feels great so not sure why it's all infected like malwarebytes says
Click to expand...
Click to collapse
I think these are kind of ads, I always get ads like 5 viruses detected. Also check if you have installed any apk that doesn't show an icon in app manager, uninstall that.

Looks like the website is compromised not your phone.

Related

[Q] Possible malware aMusic201011_3.apk

I just upgraded to Titanium Backup Pro and after exiting the program my Browser pops up with this page advertising HotMusic for the Android with a sexy female photo. I exit the browser, and immediately my phone starts downloading the above app. I then get the message that HotMusic application was stopped from loading as it wasn’t from the Android Market. I checked ASTRO File Manager and under downloads I find aMusic201011_3.apk sitting there (with the female thumbnail photo), so I delete it, and run a Lookout malware scan. I’ve searched online as well as on the boards and don’t find any mention of this application or the site. My questions are, is this malware, and has any one else had this problem? Also, if I update to a different ROM will I still have the protection of some unwanted software being able to sideload onto my phone.
Thanks
tahoeflyer said:
I just upgraded to Titanium Backup Pro and after exiting the program my Browser pops up with this page advertising HotMusic for the Android with a sexy female photo. I exit the browser, and immediately my phone starts downloading the above app. I then get the message that HotMusic application was stopped from loading as it wasn’t from the Android Market. I checked ASTRO File Manager and under downloads I find aMusic201011_3.apk sitting there (with the female thumbnail photo), so I delete it, and run a Lookout malware scan. I’ve searched online as well as on the boards and don’t find any mention of this application or the site. My questions are, is this malware, and has any one else had this problem? Also, if I update to a different ROM will I still have the protection of some unwanted software being able to sideload onto my phone.
Thanks
Click to expand...
Click to collapse
I don't have Titanium Pro, but are there ads in it? Possible you clicked one?
In my experience with computers (ie: people using IE calling me to fix their malware), these sort of things often intentionally don't manifest themselves until a bit after their initial infestation.. My guess is so it's harder to determine where they came from.
What other programs have you installed recently? Honestly I still am not that quick to believe that there is malware going on, rather some accidental click or selection, but..
I'm surprised as well, but have come across hijacked respectable websites in the past, so I feel anything is possible. I did not have the browser open when the event took place, nor was it running in the background. I find it hard to believe that the developers of the Titanium package intentionally placed this package on it.
Is this possibly a new malware package or vulnerability exploit of the Android system (or am I just the lucky one)?
Do you still have the "aMusic201011_3.apk" which was downloaded? Might make to easier to figure out
khaytsus said:
I don't have Titanium Pro, but are there ads in it? Possible you clicked one?
In my experience with computers (ie: people using IE calling me to fix their malware), these sort of things often intentionally don't manifest themselves until a bit after their initial infestation.. My guess is so it's harder to determine where they came from.
What other programs have you installed recently? Honestly I still am not that quick to believe that there is malware going on, rather some accidental click or selection, but..
Click to expand...
Click to collapse
Joel doesn't include ads in his app. It's all ad-free and purely run off donations, which I'm sure he receives a lot of.
But I agree with you that OP probably mis-tapped something and thats what caused all this.
Thanks, maybe it was a faulty thumb
Thank you for your responses. It's possible that my thumb hit an ad, it happened very quickly after paying for the pro/premium version. My first inclination was to stop the browser, and then delete the program, so unfortunately I did not keep a copy.
There has not been any further problems with the phone, so consider this post finished. Thanks

[Q] I think a spyware is taking pics

Ever since I rooted my phone, I sometimes hear the camera taking pics even though the camera app isnt being used. Could there be a spyware taking pics? How do I make sure of this? Sorry if this sounds paranoia loll
install an antivirus app.
Could just be you accidently pressing something or a kombination to take screenshots.
each Android application must obtain explicit permission to use certain controls on system / hardware... During installation, you are deciding whether to allow them or not. if you root your phone does not change anything in your system.. unless you are now recognized as superuser (SU) so unless you have not installed together with the root also an unknown app (visible between the app installed) I do not think there is one in spyrware your system. for safetyinstall an antivirus and do a scan.
tbh i think most antivirus apps for android are there to comfort the user, making him feel safe...
i doubt they would catch something in a real world scenario..
Dark3n said:
tbh i think most antivirus apps for android are there to comfort the user, making him feel safe...
i doubt they would catch something in a real world scenario..
Click to expand...
Click to collapse
Every single time I see the anti-virus thing come up, I think to myself "Does it actually do anything"
I've never seen it catch anything, I'm sure there must be virus' out there for Android.. But is the anti virus really capable of dealing with it?
But anyway, if you can't find anywhere the pictures are being saved too, its probably not. But if it is..
If you're anything like me, your phones either in your pocket, or face up on the desk. The pictures it takes wouldn't be particularly interesting.
Actually Android viruses are few and many times they are in part of apps downloaded out of the Android Market.
antivirus programs are useful but do not have much to do for now ... they are only installed for greater safety, in the end if your phone is rooted you can always install a new rom or do well wipe the virus is eliminated.
excuse my rough English
lol that would be weird
japaaan said:
Ever since I rooted my phone, I sometimes hear the camera taking pics even though the camera app isnt being used. Could there be a spyware taking pics? How do I make sure of this? Sorry if this sounds paranoia loll
Click to expand...
Click to collapse
Easy way is install gemini app manager. It can show you all apps that use specific features such as camera sms and so on.
If you see an app uses the camera that shouldn't need to then it may be a malware app though its more likely your pressing a preset key combination or button that activates the camera or takes a screenshot and just makes the sound when doing so.
Dave
Sent from my LG P920 using Tapatalk
The antivirus I had didn't scan (or at least let me know it had) til I installed the app. Seems pretty pointless to me.
Sent from my R800i using XDA App
Some screen shot apps can take pictures with a "snap sound" if the phone gets shaken, settings of the app will allow you disable it
HTC Wildfire S (VM) "s-off" "rooted" Stock Rom

[Q] official.androidsecuritybox.ru What is this?

I received an email from a family member, but it was obviously a spam/malware email not sent by them. I know not to blindly open, and click on any links, but I do research on the emails to see if I can find out where it came from, and what kind of threat it really is. It only contained a simple line of text with a link as seen below in the first screenshot. If you expand the link it points to the second screenshot which redirects to gxfox(dot)com which is flagged as a bad site by WOT, but Virustotal, Lookout, along with other anti-virus scans say it's a safe site.
I tried searching for more info, but nothing really came up, but I did see a preview of the site as a spam site for some raspberry ketone thing on a security preview site I use, so I decided to try to open it on my phone thinking what could really happen on an Android? I used my Nexus One running CM7.2 with both security exploits patched, and also Lookout with the premium package enabled. When I clicked on the link the browser opened, and it tried to redirect to the gxfox(dot)com, but instead the page just tried to load "official.androidsecuritybox.ru/securitypatch", and I only had a blank white page that never did load anything. The page never finished loading either as it was stuck on this address. I mean you know when a page finishes loading as you can click the refresh, or when it's loading you click the stop. Well I tried clicking the stop, but nothing happened, so I had to just end the browser via task manager.
Long story short I can't find any info on "official.androidsecuritybox.ru/" I did get results for some similar things that had "data" instead of "box" at the end, but no real info if this is a security feature of the Android system/browser, or from some other app/setting.
Does anyone know of this?
Never heard of it, but it probably isn't a good idea to go on the site if you think the email was sent because of a malicious program. Done a Google and I can't find anything either. Do a virus scan on your Android (AVG can do this, not sure about Lookout) and see if the site has installed anything dodgy onto your Nexus One.
Orange
OrangeFlash81 said:
Never heard of it, but it probably isn't a good idea to go on the site if you think the email was sent because of a malicious program. Done a Google and I can't find anything either. Do a virus scan on your Android (AVG can do this, not sure about Lookout) and see if the site has installed anything dodgy onto your Nexus One.
Orange
Click to expand...
Click to collapse
Nothing was installed. I did multiple scans with AV, and searched with file explorers to see if any folders have been changed. Nothing happened. I took it a step more, and tried to open the address in a regular browser on a PC that is safe guarded, and it wouldn't open there either. I used Chrome, and all that returned was the white blank page saying the address couldn't be reached. I'm really thinking it's the Android Security doing it's job by blocking what would have been a phishing/malware site, and then Chrome just didn't know what to do with the address because it's really not a website. I'm just one of those people who don't like to rest without knowing exactly what something is. :fingers-crossed:

Strange thing happened to me tonight!

Hello All!!
Tonight*I was reviewing different YouTube videos and I clicked on one and it started playing one of those ads that you get every once in a while in front of the actual video and all the sudden I saw the screen go blank and I started seeing what appeared to me to be like a dos window for lack of a better definition with some typing scrolling across and it said something to the effect of personal data gathered or something like that and really freaked me out so I pulled the battery & took my sd card out and booted it back up but I'm not sure exactly what the hell that was.
Have any of you seen anything like this?
I'm really concerned because I have a lot of personal and customer data on my phone.Is there anything I can use to scan it to see if something was able to be *installed? I don't think it had enough time to get any information out just in case it was able to install something but it really freaked me out.*I'm a microsoft network administrator but androids are out of my knowledge base.Any information would be greatly appreciated!Regards
ITAdmin said:
Hello All!!
Tonight*I was reviewing different YouTube videos and I clicked on one and it started playing one of those ads that you get every once in a while in front of the actual video and all the sudden I saw the screen go blank and I started seeing what appeared to me to be like a dos window for lack of a better definition with some typing scrolling across and it said something to the effect of personal data gathered or something like that and really freaked me out so I pulled the battery & took my sd card out and booted it back up but I'm not sure exactly what the hell that was.
Have any of you seen anything like this?
I'm really concerned because I have a lot of personal and customer data on my phone.Is there anything I can use to scan it to see if something was able to be *installed? I don't think it had enough time to get any information out just in case it was able to install something but it really freaked me out.*I'm a microsoft network administrator but androids are out of my knowledge base.Any information would be greatly appreciated!Regards
Click to expand...
Click to collapse
It is probably your browser crashed and started to collect crash info to submit to Google. Check if you can disable that or at least you can get a pop up window asking if you want to submit crash data to Google.
Install adaway and you won't get any ads playing on youtube...
Sweet! That makes sense as I have been having issues with my phone. Can't wait for my Saygus V Squared to show up!! That's going to be one great smartphone!
Thanks again for the help. Now I feel better that I didn't get compromised by a virus. Do android phones get viruses by the way? I've read both opinions that they do and don't? ?
Thanks again!
Tom
ITAdmin said:
Sweet! That makes sense as I have been having issues with my phone. Can't wait for my Saygus V Squared to show up!! That's going to be one great smartphone!
Thanks again for the help. Now I feel better that I didn't get compromised by a virus. Do android phones get viruses by the way? I've read both opinions that they do and don't? ?
Thanks again!
Tom
Click to expand...
Click to collapse
Probably didn't get compromised...
Every OS has viruses even linux, but at least on Android you can get under the hood (because it is open source unlike IOS or Windows). Let me give you an example: there are firewalls for Windows/IOS, but they all depend on Windows binaries. Only on Android (because it is based on open source Linux) you can have a firewall with its own binaries, which means that you can really restrict system and still have internet access. Try to disable internet access to system in windows and you won't have any internet access. And once you enable it, all bets are off, because windows can freely communicate with Microsoft servers and who knows what others, which could be exploited by anyone.. So, if you don't want to have viruses in Windows, don't use the internet...
I think that answers the question.

Finally Proof My Andoid OS Hacked

I've known for 2 years I've been hacked. Everyone I know thinks I'm crazy because for 2 years I've been convinced that my phone was being controlled remotely even though I've changed devices, profiles, and deleted more apps than I can count. Finally yesterday I dicovered Total Virus Scan and it found this. I've had at least 50 antivirus apps with no success and I was not sure if maybe I wasn't a going crazy. I even would stop using my phone for a month or more at a time because that was the only time I had issues. Whoever is behind this has taught me everything I know about android and hacking by directing me in a way that is hard to explain. I'd just see what they wanted me to do by a random page that would pop up, or sentence highlighted, or other discreet cues. If I have not had 100% accuracy on certain issues I've been informed about by following these cues I would be certain I was crazy but there has been like 50 personal issues I've been informed about by following these cues and not a single time has it been we wrong. Unfortunately I let it consume me for about a year and almost ruined my life because of it and what I've learned has seriously altered my life. Yesterday Total Virus Scan found this Keylogger, 2 Trojan, RAT in OS. How do I remove these from my OS andcatch who is behind this? Attached is screenshot of the 4 issues found. Also on SD Maid it said my device wasn't rooted but had a built-in superuser app. Can't find the screenshot I had of that but had a url of toybox. A bunch of numbers then said [email protected] something. Any help will be much appreciated. Thank you in advance.
Could you try to create a backup of those apps and upload somewhere? Maybe it is possible to check it
Try to uninstall those apps with an app uninstaller
If you are unable to uninstall those apps they might be deeply installed? Ive been under the same situation 4-5years ago
Maybe a firmware reflash would do the job but everything will get deleted so try to backup everything
DrunkTrooper said:
Could you try to create a backup of those apps and upload somewhere? Maybe it is possible to check it
Try to uninstall those apps with an app uninstaller
If you are unable to uninstall those apps they might be deeply installed? Ive been under the same situation 4-5years ago
Maybe a firmware reflash would do the job but everything will get deleted so try to backup everything
Click to expand...
Click to collapse
It's not the apps. From what I've read one of the Trojans, the one in Google framework, is a dropper and reproduces and hides them in legit clean apps. That is why antivirus software doesn't pick them up. I've done at least 100 scan's with every malware finder I can find and this is the first time I have gotten a hit on anything but I know for a fact it's been there for at least 2 years. Everything I know about android whoever this person is taught me. It's almost as if they are a friend because they've directed me to learning about someone close to me who was doing me wrong, taught me everything I know about android and hacking, it's crazy man. I can't explain how they communicate with me all I can say is I will just see it and know. Something highlighted briefly, a random page popping up that directly coorilates with what is happening in my life, but also have tried getting money out of me and removed pictures of my wife from my device. I want to find out if it's someone I know before I remove it. If so, I'm thinking criminal charges and anything else I can do to mess with their life like they have mine. They truly destroyed my life for about 18 months and just now getting everything back together. I don't really talk about it anymore because everyone thought I went crazy but still privately search for the cause and who wmis behind it and yesterday I finally found it. Showed my mother and step son and even with these screenshots they still say I'm crazy and seeing things. Just glad I finally have proof. I can't explain what it's like to have EVERYONE around you saying you are crazy and seeing things that aren't there and knowing you aren't. It really sucks and I wouldn't wish what I've experienced the last couple years on my worst enemy.
EJay80 said:
I've known for 2 years I've been hacked. Everyone I know thinks I'm crazy because for 2 years I've been convinced that my phone was being controlled remotely even though I've changed devices, profiles, and deleted more apps than I can count. Finally yesterday I dicovered Total Virus Scan and it found this. I've had at least 50 antivirus apps with no success and I was not sure if maybe I wasn't a going crazy. I even would stop using my phone for a month or more at a time because that was the only time I had issues. Whoever is behind this has taught me everything I know about android and hacking by directing me in a way that is hard to explain. I'd just see what they wanted me to do by a random page that would pop up, or sentence highlighted, or other discreet cues. If I have not had 100% accuracy on certain issues I've been informed about by following these cues I would be certain I was crazy but there has been like 50 personal issues I've been informed about by following these cues and not a single time has it been we wrong. Unfortunately I let it consume me for about a year and almost ruined my life because of it and what I've learned has seriously altered my life. Yesterday Total Virus Scan found this Keylogger, 2 Trojan, RAT in OS. How do I remove these from my OS andcatch who is behind this? Attached is screenshot of the 4 issues found. Also on SD Maid it said my device wasn't rooted but had a built-in superuser app. Can't find the screenshot I had of that but had a url of toybox. A bunch of numbers then said [email protected] something. Any help will be much appreciated. Thank you in advance.
Click to expand...
Click to collapse
You need to utube Beef, it's a exploit that takes over your browser that's started with script embedded in a web page, text, messenger msg, etx. You may confuse it with malware because the attackers will gain the same info if not more by using social engineering.
remove all google accounts from settings, perform a factory reset, create new google account and check Total Virus Scan again.
You can use same google account just don’t restore data
Arealhooman said:
You can use same google account just don’t restore data
Click to expand...
Click to collapse
I don't recommend this as google account is device administrator, anyone knowing that password can remotely install apps

Categories

Resources