Jump to content

Trojan removal


Recommended Posts

Hi all, I am wondering if there is any possibility to remove Android/Trojan.Spy.Agent.rdr as it has infected my entire system applications which malwarebytes seems to be the only mobile malware program that can detect it. I'm currently running aosp extended on s9, and wiped full internal storage and system numerous times. 

Link to post
Share on other sites

11 minutes ago, rootsmessenger said:

I just found 42 infections with Trojan.Spy.Agent.rdr on my Sony Z1 with CM 12.1 Android 5.1.1 and I'm hesitating to remove all those as it looks like it will erase 

from Gallery to Configuration all kind of system apps... I will post further info from my phone including screenshots.

 

Here are some screenshots.IMG_20190525_132820.thumb.jpg.57e73ca9b86e8881418527f5bc7fd89f.jpgIMG_20190525_132726.thumb.jpg.190cb087932422a51751cf5204bbd75d.jpg

IMG_20190525_132726.jpg

Link to post
Share on other sites

9 minutes ago, Miltonvo said:

Me too, 82 infections, already Format data but they come back

Same here. 193 infections in system apps. Formatted data factory reset. Same thing.

Looks like it will require a system wipe, but I hope there is a less invasive option.

Link to post
Share on other sites

Same here! I am on a Leeco LeMax 2 with AOKP Custom Rom and got 65 infections at my system applications... i made a full system wipe/format new twrp unroot new root reinstall three different backups and customroms after the reboot malwarebyte still said it is infected. i think it is a problem with malwarebytes database update.

Link to post
Share on other sites

Are we sure these aren't some sort of false positive? I too have 82 detections of Android/Trojan.Spy.Agent.rdr in deeply fundamental system apps/services.

However, I did a complete system wipe with TWRP and installed a more up-to-date version of the firmware I use. Still the exact same number of infections. How is that possible?

Link to post
Share on other sites

19 minutes ago, cavenilvino said:

Are we sure these aren't some sort of false positive? I too have 82 detections of Android/Trojan.Spy.Agent.rdr in deeply fundamental system apps/services.

However, I did a complete system wipe with TWRP and installed a more up-to-date version of the firmware I use. Still the exact same number of infections. How is that possible?

I think there's a very good chance these are false positives. The trick is how to verify.

Link to post
Share on other sites

I just started a topic in the Malwarebytes for Android section. I've got a Leaggo M8 Pro phone and suddenly had 67 similar supposed trojan found following the latest signature updates. Nothing identified until this latest update and I'm pretty sure they are false positives - they all seem to be original system files and there's been no updates to this phone for ages, so I don't expect anything's made its way onto the phone recently. I've whitelisted the files as I don't expect they are a real threat - unless someone knows differently? 

Link to post
Share on other sites

The worst thing you can do is blindly trust a malware scanner and wipe your entire phone just because the scanner claims every single system file as infected. That's impossible. I also have 98 "infections" after last update. I simply ignored it 'cause after more than 20 years of internet you know if it can be or not.

Link to post
Share on other sites

It's also bad that this forum blocks every post over VPN connections without communicating it the right way. Absolutely annoying.

Still no changes in database, still 98 "infections" on my phone. Remembers me of the problem where an update of Malwarebytes for Windows slowed the PC down 'til  it was more or less useless by producing 100 % CPU usage. Took also rather long before some "officials" talked to us customers.

And even if the infections were real... wouldn't that mean that Malwarebytes has let them through without noticing??

Link to post
Share on other sites

Just scanned my device with some other antivirus tools.

Kaspersky finds nothing

Sophos finds nothing

Avira finds nothing

Malwarebytes still finds 98 "infections" on all system files. So I can just recommend everyone to IGNORE these "infections" until the signature files are fixed by Malwarebytes.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.