Jump to content

Recommended Posts

Long story short, I rooted my Android device with Kingroot (APK was obtained from hxxp://d-h.st/dueJ, hopefully this isn't a tampered version, if someone could please double check?), and at the end of the process, there's this super-user management tool called Kinguser that got installed on my device.

 

  • This Kinguser app got detected by Malwarebytes as Lotoor or something like that (meanwhile SuperSU or other super-user management tool doesn't get detected as anything).
  • Tried replacing this with SuperSU, but SuperSU couldn't replace the binaries.
  • Tried Freezing the app, and it can't be frozen (even bloatwares can be frozen).
  • Submitted to APK to VirusTotal, and looks like it's a new file to VirusTotal, so either this file is unique to my device, or no one has tried scanning it on VirusTotal yet.

 

This app also has permissions like Camera, which is totally unnecessary for a super-user management tool (and can't find any actual Camera function inside the app either).

 

So, is this thing actually malicious? Or behaves the above way but isn't actually malicious (e.g. to protect against unroot)? And, can it be malicious in the future if it's not actually malicious now (e.g. if it has a backdoor)?

 

 

Inside the attachment is the APK file for this Kinguser thing.

Kinguser.zip

 

Thank you so much in advance for the help!!

Share this post


Link to post
Share on other sites

Hi Crino_milk,

 

Kingroot is classified as Lotoor because it is a rooting tool and uses Exploits to gain root. A lot of advanced users use these tools to root their devices, but there are also bad guys who bundle these tools with malware so they can achieve root. So, we classify to warn users of the app, if you are knowingly using then you should be ok.

 

Regards,

 

-Armando

Share this post


Link to post
Share on other sites

Kingroot is the best app which allow you to root your device in just click. If anybody ask me question which the the best way to root your phone, Then my answer will always be the Kingroot. This app will work on many android version like Android Kitkat, Android Lollipop and even on Android Marshmallow.


Rooting your Android with Kingroot is simple as taking a spoon of sugar from sugar box. The procedure is very simple, app is in the Chinese language, you just need to tap on the blue button and you are done. Kingroot.apk is made in china and also most used in China.


rooting device is always a difficult and risky process, So when you root your device with Kingroot make sure read all the steps properly, then only  start the process. There is one disadvantage of Kingroot.apk is it will not work for all devices.


Edited by gonzo
live link is not allowed

Share this post


Link to post
Share on other sites

The problem I have with Kingroot is that it can't be uninstalled on certain phones. They take a lot of effort to get it to work on as many phones as possible, but no effort to help you remove it. Malwarebytes seems incapable of removing it also even though it says it did.

Share this post


Link to post
Share on other sites

I found the same thing. My tablet is a RCA Viking Pro and King Root is the only way to root it and must be installed through the apk version as it wont connect to a PC. To answer bobsrighty-oh, you need a "root file explorer" like ES-File Explorer to remove King Root because it installs itself as a system app. I wouldn't worry about antivirus's saying King Root is bad because hacking tools like AutoKMS for Windows and Microsoft Office show up the same way. Just make sure you get the App or Program from its source.

Share this post


Link to post
Share on other sites
2 minutes ago, ncrouch141 said:

I found the same thing. My tablet is a RCA Viking Pro and King Root is the only way to root it and must be installed through the apk version as it wont connect to a PC. To answer bobsrighty-oh, you need a "root file explorer" like ES-File Explorer to remove King Root because it installs itself as a system app. I wouldn't worry about antivirus's saying King Root is bad because hacking tools like AutoKMS for Windows and Microsoft Office show up the same way. Just make sure you get the App or Program from its source.

To add to that, People will repackage hacking tools to insert adds, actual maleware and other crap you don't want into your system, so stick with ligit sources and the developers' website of the app orprogram you're trying to get.

Share this post


Link to post
Share on other sites

I was finally able to remove the last traces of Kingroot by doing a factory re set and update. For the longest time Sony and Verizon stopped supporting the Z3v. Then for what ever reason (that I'm thankful for) Sony started to support the phone again. This updated the phone to Lollipop and removed Kingroot. Ironically I installed Kingroot to be able to update the phone and get bloat off. My problem wasn't so much with Malwarebytes always finding it in a scan, or that it was malicious, It was that you couldn't get the phone to show that it wasn't rooted even after supposedly unrooting  or derooting it with Kingroot itself. Under "About Phone" it always showed up as being rooted, and some apps, like GooglePay won't install on a rooted device. Anyway, my problem has been solved and I just wanted to let people know that Malwarebytes can't remove that last bit of Kingroot that just never goes away, and to beware if you decide to try it. 

Share this post


Link to post
Share on other sites

Hey guys try unroot using kingoroot, or u can try using superuser , tell me if you get the device unrooted,go in kingoroot superuser and tap the 3dots, and there will be remouve root access, 

 

Share this post


Link to post
Share on other sites

Kingroot is the best app for rooting any device. It's very easy and simple. I root your device with only one click.

Share this post


Link to post
Share on other sites

ryandennis135 is probably a bot. He's just repeating the Kingroot propaganda. Kingroot will root your phone,sort of. You're not able to remove all the factory bloatware and are stuck with Kingroot bloatware which includes Kinguser. Rooted phones require one of the superuser apps to make major changes to the root, not Kinguser. In some cases you can remove Kinguser and replace with SU but not always. They have made this harder to do. When it comes time to remove KR it never fully goes away unless you factory reset your phone even though it's uninstaller says it's gone. If you don't mind a half rooted phone and limited options it's OK. Kinda like it's OK to have a '79 Pinto when you really want a Focus RS.

Share this post


Link to post
Share on other sites

Hello, well i am unsure in this issue. But could be so.

MAM

Edited by MAM
edit

Share this post


Link to post
Share on other sites

Just as I said. Let's face It; it's a shortcut and and there are usually drawbacks to shortcuts. Go to XDA developers forum and look for threads on rooting your particular phone. It's way more complicated but you have way more control over your phone. 

Share this post


Link to post
Share on other sites

If you want to replace KingUser KingRoot with SuperSU, I have two methods/ways to replace it. Try one of them that compatible with your Android device cos there is one android phone doesn't compatible with one of method. Read this How to Replace KingUser KingRoot with SuperSU. If you haven't rooted your Android device you can read to download and install KingRoot this How to Root any Android Device Using KingRoot.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.