1. Download our Official Android App: Forums for Android!

Support Possible trojan? Android.troj.hideicon.ao

Discussion in 'Android Lounge' started by gomamon, Jan 10, 2019.

  1. gomamon

    gomamon Lurker
    Thread Starter
    Rank:
    None
    Points:
    5
    Posts:
    4
    Joined:
    Mar 8, 2014

    Mar 8, 2014
    4
    1
    5
    Mom's phone had some popups to meet Asian girls (lol). I thought she probably clicked on some malicious ads so I installed couple of AV apps to see if anything is infected.

    Mbam, Avast, AVG, Clean Master didn't find anything, but CM Security found that Network Check (the icon of the app is the same as other system apps) is infected with android.troj.hideicon.ao.

    I can't uninstall Network Check, only disable it.
    I tried to boot it in safe mode, still can't uninstall. I checked if that app is listen in Phone Administrator list, it's not, only Find My Phone has Admin privileges.
    Did a Factory Reset, Network Check app is still present. Now, the weird thing is, when I did Factory Reset the Network Check app shows on the desktop among other installed apps. I mean, if it's a system app, why it's there? When I click on it, nothing happens, then it disappears.

    Is this a virus or what?
    How do I delete it if it is?

    The phone is Lenovo Vibe C2.
     

    Advertisement

  2. SPEEDEVS

    SPEEDEVS Android Enthusiast
    Rank:
     #171
    Points:
    73
    Posts:
    253
    Joined:
    Dec 23, 2018

    Dec 23, 2018
    253
    53
    73
    Male
    DOWNLOAD THE stock rom and flash the error will fix or use miui securityto fix or just delete the file :p
     
  3. Hadron

    Hadron  
    VIP Member
    Rank:
     #7
    Points:
    2,468
    Posts:
    23,023
    Joined:
    Aug 9, 2010

    Aug 9, 2010
    23,023
    16,541
    2,468
    Spacecorp Test Pilot
    Dimension Jumping
    I don't think "delete the file" is an option unless the OP is rooted (and I doubt that "Mom's phone" is).

    Do you know whether there should be a system app called "Network Check"? I've never heard of it, and have never seen such a thing on any of my devices, so I'm sure it's not a standard Android system app but cannot say whether it might be a Lenovo one. There is a possibility that CM Security is flagging a false positive here: all security apps do this at some point, and CM are not the most trustworthy company in the first place (I would never allow anything from CM on any of my devices). I'd ask whether you've seen the popups since doing the factory reset, but of course it's possible that that was just an ad script (so called "AV" apps tend to not pick these up) but there is a real trojan installed that was unrelated to these ads, so don't want to dismiss it just because the ads have stopped.

    If this is a rootkit trojan infection then I agree with @SPEEDEVS: the way to clear those is to reflash the phone with a fresh set of stock firmware. And if it is gone after that, tell your Mom to be careful where she installs apps from in future ;).

    (If it is not gone after that that would mean that it was pre-installed by Lenovo. In which case either it's a false positive from CM or else Lenovo are bundling malware with their phones: there have been some Chinese manufacturers who have done that, but they were lower-tier ones and I'd not expect Lenovo to be in that game).
     
  4. gomamon

    gomamon Lurker
    Thread Starter
    Rank:
    None
    Points:
    5
    Posts:
    4
    Joined:
    Mar 8, 2014

    Mar 8, 2014
    4
    1
    5
    There are no popups after factory reset.
    A neighbor has the same phone, I checked and she also have Network Check installed. So I guess that app is legit, or she also have the same trojan :D
     
    #4 gomamon, Jan 11, 2019 at 5:06 AM
    Last edited: Jan 11, 2019 at 5:11 AM
    Hadron likes this.

Share This Page

Loading...