Tarlar

New Member
Joined
Jun 28, 2018
Messages
1
Operating System
Android
Antivirus
AVG
#1
Is Mlhiw a virus? I'd never noticed it before until my android device started downloading loads of things. Games, adds, screen changing, pop ups Turn off WI-FI, uninstall all apps, factory reset. Turn WI-FI back on, all starts again. Screen goes black, Mlhiw shows in top left hand corner for about 5 seconds, screen goes back to normal.
 

BoraMurdar

Super Moderator
MalwareTips Team
Verified
Joined
Aug 30, 2012
Messages
6,068
Operating System
Windows 10
Antivirus
Emsisoft
#2
Is Mlhiw a virus? I'd never noticed it before until my android device started downloading loads of things. Games, adds, screen changing, pop ups Turn off WI-FI, uninstall all apps, factory reset. Turn WI-FI back on, all starts again. Screen goes black, Mlhiw shows in top left hand corner for about 5 seconds, screen goes back to normal.
Hello,
Please open a new thread here
Malware Removal Assistance For Mobile
 

lowdetection

Level 7
Verified
Joined
Jul 1, 2017
Messages
338
Operating System
Linux
Antivirus
#3
Some Chinese Manufacturers, are known for preload software inside the ROM of some devices that revelead to be "shady", personally I will try to look at the traffic generated by such apps to see what they send/receive, or run something like funnycat virustotal on your device.

Some samples, given the complexity of their design, require malware analysts, anyway if you can isolate the suspect android package and submit it to hybrid-analysis will surely give you more information doing an android static/dynamic analysis.
 

lowdetection

Level 7
Verified
Joined
Jul 1, 2017
Messages
338
Operating System
Linux
Antivirus
#4
From your description, this maybe helpful for you:

How do I fix malware installed automatically in the /system directory?.

https://www.reddit.com/r/AndroidQuestions/comments/5jmkz6
Factory reset, will be useless for you, the culprit/culprits are still there, and they start act probably as soon as they have some wifi/data connection for doing their "job".

One way is the one told in the first link, will require root permissions, personally in this case I will do all offline on a factory reset phone, then after root you will need to analyze those packages, maybe one by one, if the intention is keeping that phone as holder of your info, maybe not the only one having your info right now.

Sadly, the "advertised economic price" is compensated by such behaviors, developers of custom rom usually stay away from such devices, but if there is a custom rom use that.
 
Last edited:

RoboMan

Level 25
Content Creator
Verified
Joined
Jun 24, 2016
Messages
1,462
Operating System
Windows 10
Antivirus
Kaspersky
#5
My dad got a chinese phone with the same issue, not even factory reset would solve. This is what I did to "solve it":
  1. Install NoRoot Firewall
  2. Install Sophos Antivirus for Mobile
Denied internet access to every single app that demanded it, except WhatsApp, Chrome, Sophos, and apps that you strictly need and know what they are. I then scanned the device with Sophos and deleted every existing malicious app.

Of course, since it was factory based, some malicious apps couldn't be deleted. But I did delete everything these apps downloaded and I denied access to such factory apps, so they couldn't download anything. Problem solved.