A few hours ago Malwarebytes scanned my phone and found a Trojan virus. It was unable to uninstall the application because the trojan is located on a system app. I have included a screenshot with the specifics. I'm on stock 4.2.2 and rooted and unlocked. I went into recovery, wiped my system and did a standard wipe and restored a safe system backup from when I first got the phone. The same thing pops up. I haven't installed any applications except updates and Facebook and twitter from the play store and I still get a warning. Is this an error with Malwarebytes or is this a real threat?
Link to the screenshot: http://i.imgur.com/O7hnZU6.jpg
Edit: Could be a problem with Marwarebytes. Scanned with Lookout and was clean.
This has to do with the security policies (Usually keyboards(screen locks too!) lockscreens or email and such) and is a really poor false positive presented by malwarebytes in my opinioin.
Keyguard basically refers to the code that handles the unlocking of the phone. it's like the keypad lock on your phone. Read here
I've had errors with malwarebytes and uninstalled it. Lookout seems to be good. I also use AVG
Are anti viruses even necessary with Android?
Related
So I ran 'MyBackup' for the Apps and Data on my phone before loading the bootloader onto the phone because of the data loss that happens.
http://forum.xda-developers.com/showthread.php?t=1136261
So now i got the phone back up, i have loaded 'MyBackup' back onto the phone to restore the files.
turned on USB debugging, and then ran the restore on the apps..
Now I am getting the pesky security warning:
-Security Warning-
This application comes from an unknown source, and for your security only applications from trusted sources can be installed.
So what now ? Do I just chalk up a loss and manually load everything back onto it ?
Thanks
egiblock said:
So I ran 'MyBackup' for the Apps and Data on my phone before loading the bootloader onto the phone because of the data loss that happens.
http://forum.xda-developers.com/showthread.php?t=1136261
So now i got the phone back up, i have loaded 'MyBackup' back onto the phone to restore the files.
turned on USB debugging, and then ran the restore on the apps..
Now I am getting the pesky security warning:
-Security Warning-
This application comes from an unknown source, and for your security only applications from trusted sources can be installed.
So what now ? Do I just chalk up a loss and manually load everything back onto it ?
Thanks
Click to expand...
Click to collapse
Enable side loading.
There are several ways to do it just search.
That's the warning that comes up when sideloading is not enabled. Have you checked to make sure you still have the checkbox for installing non-market apps in settings?
And if you don't see this option in the settings (I didn't) search for gladenable in the dev section. It will enable sideloading and let you restore the apps.
you guys pointed me in the right direction..
1) I installed Chainfire’s “GingerBreak” application
2) I installed GladiAtrix Enabler v1.05 (GladEnabler)
Rebooted the phone.
non-app setting was already checked after the reboot...
Successfully restored the apps without any error messages. although clicking on 'install' for every application was annoying.
Long story short: Coming close to insanity from all notifications (but not wanting to miss e-mail and sms/whatsapp, I rooted my G900FXXU1ANG2 in order to use NotifyClean.
I, hence, also installed the Xposed framework. Subsequently, installed NoBloat and backed up and deleted a number of System apps.
Much to my demise, however, one of my favorite apps, S Health now malfunctions popping an "Unfortunately, S HealthService has stopped".
I have restored just about everything I have had backed up and deleted except for fonts, weather stuff and print services.
Still can't get the app back to it's original state. The best I have managed to achieve is to have the app run but unable to save my (profile) data (which renders the app rather useless).
I have also tried setting the app back to its original state (uninstall updates + force stop) and updating it again from Samsung.
Alas, no dice.
Can anyone help?
ST
http://gs5.wonderhowto.com/how-to/f...hes-when-using-xposed-your-galaxy-s5-0157344/
It's due to an incompatibility with Xposed framework. Search xda forum and you will find the work around solution (don't remember where I read it). But there is a solution!
[SOLVED] It was installed in the Secure Folder.. that's why I couldn't find it. I managed to install Avast, and then install it on the Secure Folder. Following that I ran Avast scan inside the secure folder and it found the apk and removed it. Pesky app..
Recently downloaded an apk that locked my phone.. I noted that it had the Draw over other apps permissions but didn't think it could cause this..
Anyway, this app fills the whole screen and can not remove it. I was able to turn off the phone by long pressing the power and volume buttons and when restarting I discovered that I was able to use the phone for a couple minutes before the malware appeared again.
During this time I was able to power off phone and get to Safe Mode. I disabled all the apps which had the overlay permission and also apps that affect system configuration.
But I am currently not being able to find it and uninstall it. Although doing the above steps the malware still appears and locks my screen when I enter normal mode.
**Is there a way to find the latest app installed and remove it without root? Otherwise, would it be possible to remove it via ADB? I've never used it but I believe it could be useful this time.. the only thing is I am not sure what's the .apk name..
I'm using a Galaxy S8 international version without root
Thanks in advance for your help!!!!
SOLVED IT.
Name: VideoChat.apk
It was installed in the Secure Folder.. that's why I couldn't find it. I managed to install Avast, and then install it on the Secure Folder. Following that I ran Avast scan inside the secure folder and it found the apk and removed it. Pesky app..
If i were you, i would factory reset, even if you did successfully remove that app.
Hey guys all the browsers on my s8 are infected with a pop up redirecting malware. I delete the cash delete and reinstall the browsers and it didn't fix it. I used an anti-virus and a malware remover and they didn't detect anything. Help me please
Try to uninstall all third party apps that you may have installed yourself.
If this resolves the issue, just install what you are fully aware is safe.
If you are installing APK's outside of Google Play without experience then you are asking for trouble.
APKMirror is the only site I deem safe when it comes to downloading APK's.
If you can't remove the "malware" by following my steps above, my only other suggestion is that you attempt to backup your files onto a computer (LEAVE he APK's) and do a factory reset either through settings if possible and if not, use the recovery button combination and format /data
***YOU WILL LOOSE DATA IF NOT BACKED UP*** This includes old messages etc, if there's something important inside of an app such as notes, make a backup elsewhere.
Scroll all the way down in you settings / app list and there you most likely will find an app without a logo or name. Just delete this and your phone will be malware free. (at least that's what I did last week)
macweeds said:
Scroll all the way down in you settings / app list and there you most likely will find an app without a logo or name. Just delete this and your phone will be malware free. (at least that's what I did last week)
Click to expand...
Click to collapse
Thanks man i did find an app without a name deleted it and now everything is fine thank you
Glad to help!
Need help with my galaxy s8 +. It is restarting in loop. How can I fix it.
Stock? You add any new apps recently?
blackhawk said:
Stock? You add any new apps recently?
Click to expand...
Click to collapse
added few apps few days back. but they were banking apps. I think to fix it i need to update by downloading firmware but not sure
If you can access the boot menu try clearing the system cache.
If that doesn't work, factory reset.
It's likely caused by an app you recently added or uninstalled.
Think hard before installing any suspect apps or you'll be doing this again.
3rd party launcher and power management apps are prime suspects.
blackhawk said:
If you can access the boot menu try clearing the system cache.
If that doesn't work, factory reset.
It's likely caused by an app you recently added or uninstalled.
Think hard before installing any suspect apps or you'll be doing this again.
3rd party launcher and power management apps are prime suspects.
Click to expand...
Click to collapse
factory reset will end up in deleting all the data I have right. I am trying to avoid losing my data.
KAMS.JOSHIS said:
factory reset will end up in deleting all the data I have right. I am trying to avoid losing my data.
Click to expand...
Click to collapse
Yes. You should have had it backed up. Android crashes are very rare but they happen.
You have a SD card slot?
Use it! Use the SD card as a data drive, all critical data goes here. Copies of apps and everything you need to do a complete restore as well.
Only the OS, loaded apps and the download folder go on the internal memory.
Frequently backup the SD card to at least 2 hhds that are physically and electronically isolated from each other and not attached to the PC.
You may be able to get it to boot into Safe Mode to retrieve your data. Don't count of this in the future!
I should also point out that the Android platform should be very stable; any system instability is often the only if any sign you'll get before a crash. Take any signs of instability seriously.
A crash is normally caused by poorly written 3rd party apps including malware. Pre-Pie OS's are suspectable to a rootkit that can't be eliminated by a factory reset. The phone's firmware must be reflashed. Also suspect malware when abnormal behavior is noticed and act fast to limit damage. Any download (including jpegs) or recent apps are suspect.
My current OS load is around a year or older. Still fast and stable. Not one crash. It's heavily but sanely used. This is what Android is capable of.
In 1.5 years I picked off one trojan preloader and an malicious scripted jpeg before they could do any real damage. The former didn't recieve it's needed second download before being discovered and the latter damaged some files in the download folder before being deleted that same day it was downloaded by me. The preloader was an unauthorized browser download, a real nasty one too. Always look over your download folder contents frequently especially after a questionable encounter
Delete any unknown content. Vet files before allowing them into your database from the download folder. Online Virustotal is a useful tool for malware detection in files/apps.
blackhawk said:
I should also point out that the Android platform should be very stable; any system instability is often the only if any sign you'll get before a crash. Take any signs of instability seriously.
A crash is normally caused by poorly written 3rd party apps including malware. Pre-Pie OS's are suspectable to a rootkit that can't be eliminated by a factory reset. The phone's firmware must be reflashed. Also suspect malware when abnormal behavior is noticed and act fast to limit damage. Any download (including jpegs) or recent apps are suspect.
My current OS load is around a year or older. Still fast and stable. Not one crash. It's heavily but sanely used. This is what Android is capable of.
In 1.5 years I picked off one trojan preloader and an malicious scripted jpeg before they could do any real damage. The former didn't recieve it's needed second download before being discovered and the latter damaged some files in the download folder before being deleted that same day it was downloaded by me. The preloader was an unauthorized browser download, a real nasty one too. Always look over your download folder contents frequently especially after a questionable encounter
Delete any unknown content. Vet files before allowing them into your database from the download folder. Online Virustotal is a useful tool for malware detection in files/apps.
Click to expand...
Click to collapse
Thanks for your suggestions blackhawk !!