Jump to content

IanH2

Members
  • Content Count

    5
  • Joined

  • Last visited

Community Reputation

0 Neutral

About IanH2

  • Rank
    New Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Hi Nathan, no, I didnt spot that app with the chinese character this time, perhaps I should reinstall the image with the running malware and see if it appears again - perhaps I didnt give it time to install. I have reflashed the pre malware breakout rom, and run the commands to remove com.adups.fota.sysoper and com.adups.fota as explained . (they were present), and verified that they have been removed. ( I also removed mtklogger for good measure, as it is alleged to be another malware*, and I remember mtk something messing with the su root app) Hopefully the phone will be OK now.
  2. .. and one more note, when using twrp to back up the phone with malware active , it could not back up the first system entity because of corruption. Did the malware modify it?.
  3. Backed up the active malware phone with TWRP (and verified that when I restore the latest (active malwared) backup the nastiness returns). With malware running rampant both eset and malwarebytes are unable to see a problem, presumably because the malware got root permissions. I re-installed an earlier backup with the presumed sleeping, latent malware, malwarebytes gave it a clean bill of health - initially eset reports the following problems: android/agent,BOA android/agent.AZS android/triada.JA trojandropper.agent.dzf android.Hiddad.AEV Android/Agent
  4. After restoring from a twrp backup it has happened again today!, this time I noticed some funny business with super su being woken up and fake button presses by an app calling itself mtk factory tools or some such, (which isnt installed), when I look at the supersu log it has no record of the activity, at the moment the only problem is the browser being unusable due to ads, it hasnt got to the stage of locking the screen with ads, yet... I think this thing is in the factory rom and is on a time delay. Thanks Doogee!. Malwarebytes doesnt see a problem. I have emailed an apps report
  5. I had exactly the same problem today, I have an x5 max pro (with factory rom 3.18.19+ doogee info@doogee.cc 20180319), and the the chinese virus app as above was present and not removable. the full screen ads " 'interesting for you' by mgid" could not be closed, and locked even the power button. So i removed the battery and installed a backup with twrp. Is this malware preinstalled, and coming to life on a timer, or does it come via recently installed apps as a sideload?, the only app I installed recently was 'scanner pro' from the play store, I doubt it was responsible. I have malware
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.