Hello, due to some events in my life and some information from a friend I've come to believe that I was infected with a kernel rootkit in my devices. I've handled windows thanks to this site but I am wondering if there is a way to detect and remove rootkits in android systems? I can use all kinds of help and thanks in advance.
Android Rootkit problem.
- Thread starter DanteAlighieri
- Start date
- Status
- May 26, 2014
- 1,058
Does a Factory Reset Remove Viruses From Your Phone?
Maybe this might help (if you want an av for your phone(Bitdefender) pm me with your e-mail and I will send you a link. Gl
Maybe this might help (if you want an av for your phone(Bitdefender) pm me with your e-mail and I will send you a link. Gl
Last edited:
- Jan 8, 2011
- 22,361
Can you share some details about the Android device?
- Make and model:
- Processor:
- Android OS version:
In the news:
Okay, Fırat update; there is a service called com.google.android.feedback which has access to everything. Like camera, recording audio, all kinds of logs. I found out this is a service that lets people send feedbacks. İf so this much privelege is so fishy. Btw this is the only app that got lit up by logging testapp.
What do you guys think? İs this our culprit?
What do you guys think? İs this our culprit?
- Jan 8, 2011
- 22,361
I recommend scanning with Malwarebytes for Android.
If your device is indeed infected, the best solution is to Factory Reset, which wipes all unsaved and non-backed up data. This action is non-reversible.
If your device is indeed infected, the best solution is to Factory Reset, which wipes all unsaved and non-backed up data. This action is non-reversible.
Whatever this is, it does not show in any AV. And it either does not go away with factory reset or I keep getting infected again. I have solid evidence about this
What are you experiencing as far as symptoms that suggest you have an infection. What apps have you personally installed that are synced to the phone.
Are you aware the phone has a history of issues reported and are any of these familiar symptoms?
vivo Y15s - Full phone specifications
I am not experiencing anything wrong with the phone but sometime ago a friend of mine told me that he saw my personal Info in some shady telegram group. He told me that it is some hacking group that was targeting individuals and he gave me enoguh Info for me to believe hım. Thing is he is chickening so he does not give me any more information. I had suspicions about my PC as well but someone here helped me.
And before you ask, what my friend told was very private and specific. Like "which ball i am scratching at what hour" specific.
And before you ask, what my friend told was very private and specific. Like "which ball i am scratching at what hour" specific.
While that might just be a little too much information for most here, i have to ask where all have you divulged said information, only on your phone, on the internet "certain sites" ect. How many devices do you use that would contain said information.
That is not a symptom but a consequence, determining how your information was obtained would be where to start.
My phone and my PC. He told me a few different things and I concluded it must be these 2. I am not Someone that shares much on internet.
Someone here helped me on computer. We've found some things and got rid of it. Tho I cannot be sure until I see that friend again. In PC we've used FRST and some driver was corrupting antivirus. My work computer also gave a malware warning 2 weeks ago and got detained. But I have no evidince wheter two events are related.
Someone here helped me on computer. We've found some things and got rid of it. Tho I cannot be sure until I see that friend again. In PC we've used FRST and some driver was corrupting antivirus. My work computer also gave a malware warning 2 weeks ago and got detained. But I have no evidince wheter two events are related.
If you are not experiencing actual symptoms on your device like it bogging down or unusual traffic i would state it does not have a rootkit. I would though check all my accounts associated with said breached information and i would also scan my network and router "if able with current security installed on computer", even consider a hard reset of the router itself.
For all other users watching and or with similar issues.
I recommended using Emsisoft - Emergency Kit: Free Portable Malware Scan and Removal Portable, on his main computer on the network by placing a new folder on desktop "with belief the android does not have a rootkit", downloading and extracting the application in the same folder and launching it from to scan the main hub system on more time. I also recommended a hard reset of the router to flush anything that might be present, and last but not least in these circumstances i recommended some products for checking and prevention.
Traditional antivirus scanners will not detect a virus/malware coming through the network via packets in and out of the devices.
Usually packet sniffers or intrusion detection systems are used to detect these. Many internet security suites have features as such, like Norton, Eset,Kaspersky ect. You can even buy routers with built in security now days to thwart such things.
Packet sniffers like wireshark for example "one of the best" can be used to view/inspect and find the suspected traffic, but will not stop the traffic. Getting an application with IDS/IPS intrusion prevention system is your best bet to stop issues as such. Eset and Norton Security have 2 of the strongest firewalls and IDS/IPS systems on the market. I tested Nortons IDS/IPS frequently back in the day and it flagged attempts of malware even calling out to command and control servers to drop items back onto the system.
With all this information the last thing to add, is checking your accounts, removing as much personal information as possible and control whats divulged past that point.
I recommended using Emsisoft - Emergency Kit: Free Portable Malware Scan and Removal Portable, on his main computer on the network by placing a new folder on desktop "with belief the android does not have a rootkit", downloading and extracting the application in the same folder and launching it from to scan the main hub system on more time. I also recommended a hard reset of the router to flush anything that might be present, and last but not least in these circumstances i recommended some products for checking and prevention.
Traditional antivirus scanners will not detect a virus/malware coming through the network via packets in and out of the devices.
Usually packet sniffers or intrusion detection systems are used to detect these. Many internet security suites have features as such, like Norton, Eset,Kaspersky ect. You can even buy routers with built in security now days to thwart such things.
Packet sniffers like wireshark for example "one of the best" can be used to view/inspect and find the suspected traffic, but will not stop the traffic. Getting an application with IDS/IPS intrusion prevention system is your best bet to stop issues as such. Eset and Norton Security have 2 of the strongest firewalls and IDS/IPS systems on the market. I tested Nortons IDS/IPS frequently back in the day and it flagged attempts of malware even calling out to command and control servers to drop items back onto the system.
With all this information the last thing to add, is checking your accounts, removing as much personal information as possible and control whats divulged past that point.
Last edited by a moderator:
- Jan 8, 2011
- 22,361
If you haven't seen the information firsthand, then you have no evidence. Remember screenshots shared by others can be faked to look legitimate, the rest is hearsay.
Based on what you have said, I am closing this thread as you do not suspect any foul play on your Phone. I can recommend the following advice:
- Change your passwords and logins on a trusted device
- Enable 2FA across all your online accounts
- Factory reset your PCs, Mobiles and Wi-Fi Router
- Avoid installing apps from unknown domains, messaging apps and warez sites.
- If Windows is problematic, buy a cheap Chromebook from a reputable retailer.
- Google - Google Advanced Protection Program
- Status
Similar threads
