ehsanotaku

yeh , already discussed this Google Ads and AirPush Ad frameworks in details in the following links with modes. They said as long as it does not contain malicious code inside it's decompiled body they let it be. ( patched HOSTS file and add blocker implanted in place , so i would be safe i guess ). http://forum.xda-developers.com/showthread.php?p=58680250#post58680250 Thank you so much guys ^:^

Thanks for answering me on such short notice. Developers who were responsible for those respective Roms were quite legitamate in XDA . I was just wandering about the time of detection and when these possible malicious codes added to database of well-known Av's/Anti Spyware apps ( last modification of both Roms were in middle of 2013 i guess , not sure though ). Files extracted per your request . Regards CallRecorder.rar Uninstall_Master.rar

Made a topic here, but I was informed this is a wright place for my issue. Regards Logs.rar Quarantine.rar

Okey, so i am going to make a replicate of this post,, thank you for yourhelp ^:^

Thnaks pal, you can't move it to the proper section?

Dear fellow experts, I was experimenting with 2 following customed Mod for my testing Android device from XDA forum , which i encounterd 2 types of possible malware according to virus total, However, mbar-1.08.3.1004 rootkit (defination updated) stated my system was cleaned after completion of scanning process. I do not ask for any kind of removal advice in this section, just want to know if virustotal has a habit of flagging up false positives in this case. My Testing sandboxed system : Windows 7 starter edition ( netbook/ Dual partition with Linux remix) /ESET NOD 32; version 7 updated >> already marked both files as infected //Super Antivirus free version , so yeh no real protection here with this software/Comodo firewall installed , running under sandbox. TouchwizRES_V2.0 >> CRC32: 16916867 MD5: 4EAFE30EBB32003E0040B6E522DB3CDE SHA-1: 1925FDF6AEFE8E2835910454BA3D5262CBAB7296 System > App> CallRecorder.apk SHA256: 77fed0e20c430730c5a79d8c42f4dde2e9af980108380f0dcf af30b59588191d File name: 96c0568b04aaa7b2a37b21fe73d1ed69.apk Detection ratio: 16 / 56 Analysis date: 2015-01-22 13:42:07 UTC ( 1 week, 5 days ago ) https://www.virustotal.com/en/file/77fed0e20c430730c5a79d8c42f4dde2e9af980108380f0dcfaf30b59588191d/analysis/ [Aroma] Ace-i-Sure 12.0.0 >> CRC32: 596F10E2 MD5: A366F77A61D9D8463A50F283A8A9A74A SHA-1: 5F70794E1157A2EDFC41E287BF6354E7D3B02FBD aroma>app>Uninstall_Master.apk SHA256: 810f99b4ad132f530b12b564e0ae39c0504f9647babf48375d dab7a2bd1d4ca0 File name: b4d09f52d8b32d89b5a1e1f7e0a69c35.apk Detection ratio: 18 / 57 Analysis date: 2015-01-13 15:01:42 UTC ( 3 weeks ago ) https://www.virustotal.com/en/file/810f99b4ad132f530b12b564e0ae39c0504f9647babf48375ddab7a2bd1d4ca0/analysis/ZIP the entire contents (ALL the files, not just .LOG) of the MBAE logs directory as instructed. Regards Logs.rar Quarantine.rar