Welcome to the Android Central Forums Create Your Account or Ask a Question Answers in 5 minutes - no registration required!
Results 1 to 21 of 21
Like Tree3Likes
  • 1 Post By Golfdriver97
  • 1 Post By Scott Kenyon
  • 1 Post By Scott Kenyon
  1. Thread Author  Thread Author    #1  

    Default How to remove keyloggers and other malicious spyware from an Android device?

    I have downloaded and ran the programme Rootkit Hunter on my Macbook Pro 10.8.3 and got the following results:


    For "Checking LD_LIBRARY_PATH variable", it says in yellow "skipped".

    For "Checking for hidden processes", it also says in yellow "skipped".

    I also have red warning notices in relation to system configuration file checks and filesystem checks alerting me to the following:

    "Checking if SSH protocol v1 in allowed The SSH configuration option 'Protocol' has not been set";

    "Checking if syslog remote logging is allowed Syslog configuration file allows remote logging: install.* .0.1:32376"

    "Checking /dev for suspicious file types Suspicious file types found in /dev: /dev/fd/6: MS Windows icon resource"

    "Checking for hidden files and directories Hidden file found: /usr/share/man/man5/. rhosts.5: troff or preprocessor input text".


    I am working on getting rid of this nasty stuff, but I also have a Galaxy Tab 10.1 and a Samsung S4 phone as well which I believe are also infected.

    The individual who has been infecting me with malware via malicious email targeted an iPhone 4 which I owned (which I have now gotten rid of and replaced with a Samsung S4); and from there broke into my house Wifi network and quickly wormed their way into my Macbook and Galaxy Tab too (I know this for sure: the individual has been taunting me with information stolen from the devices), and most likely my brand new Samsung S4 too now (although this has yet to be confirmed; I'd appreciate it if someone could tell me how I can do check for sure) as well as the other devices in my house belonging to family members.

    I have posted on other forums and been told to "nuke" the Macbook drive. However I do not know how to get rid of this stuff from my Android devices. Doing a restore to factory settings does not work.

    Any advice on how to do this would be much appreciated. As would any advice on how to prevent reinfection, as it seems very easy for someone to use one machine to infect another on a network - mine is WAP2, protected with a strong password, and this posed no problem for an amateur hacker.
  2. #2  
    Golfdriver97's Avatar

    Posts
    18,647 Posts
    Global Posts
    19,022 Global Posts
    ROM
    Liquidsmooth ROM

    Default Re: How to remove keyloggers and other malicious spyware from an Android device?

    Quote Originally Posted by Daniel223 View Post
    I have downloaded and ran the programme Rootkit Hunter on my Macbook Pro 10.8.3 and got the following results:


    For "Checking LD_LIBRARY_PATH variable", it says in yellow "skipped".

    For "Checking for hidden processes", it also says in yellow "skipped".

    I also have red warning notices in relation to system configuration file checks and filesystem checks alerting me to the following:

    "Checking if SSH protocol v1 in allowed The SSH configuration option 'Protocol' has not been set";

    "Checking if syslog remote logging is allowed Syslog configuration file allows remote logging: install.* .0.1:32376"

    "Checking /dev for suspicious file types Suspicious file types found in /dev: /dev/fd/6: MS Windows icon resource"

    "Checking for hidden files and directories Hidden file found: /usr/share/man/man5/. rhosts.5: troff or preprocessor input text".


    I am working on getting rid of this nasty stuff, but I also have a Galaxy Tab 10.1 and a Samsung S4 phone as well which I believe are also infected.

    The individual who has been infecting me with malware via malicious email targeted an iPhone 4 which I owned (which I have now gotten rid of and replaced with a Samsung S4); and from there broke into my house Wifi network and quickly wormed their way into my Macbook and Galaxy Tab too (I know this for sure: the individual has been taunting me with information stolen from the devices), and most likely my brand new Samsung S4 too now (although this has yet to be confirmed; I'd appreciate it if someone could tell me how I can do check for sure) as well as the other devices in my house belonging to family members.

    I have posted on other forums and been told to "nuke" the Macbook drive. However I do not know how to get rid of this stuff from my Android devices. Doing a restore to factory settings does not work.

    Any advice on how to do this would be much appreciated. As would any advice on how to prevent reinfection, as it seems very easy for someone to use one machine to infect another on a network - mine is WAP2, protected with a strong password, and this posed no problem for an amateur hacker.

    First off, you can change your password on your router. Can you give an example of the password that is similar? How many characters is it? Second, you can download AVG from Play and that should get rid of most malware from your device.
    You can also encrypt your S4. That should also keep people out.

    Phone Timeline
    'If we could change ourselves, the tendencies in the world would also change.' - Mahatma Gandhi
    Community Guidelines and also here
    Scott Kenyon likes this.
  3. Thread Author  Thread Author    #3  

    Default Re: How to remove keyloggers and other malicious spyware from an Android device?

    The password is 10 characters - the first 3 are letters, the other 7 numbers.

    The individual infecting me is hundreds of miles away, so I assume she can't get on the network without getting onto some device near it first - she was able to break into my (when I say 'my' I mean my parents' house, and I am reluctant to cause them any distress by involving them in this headache, which would happen if I were to start tampering with the router) Wifi network via my iPhone 4 (I never used my house Wifi on it but she was able to remotely switch Wifi on on the iPhone and then get onto the network and my other devices that way) which I have very recently replaced with a new Samsung S4.
    Thanked by:
    moosc 
  4. Thread Author  Thread Author    #4  

    Default Re: How to remove keyloggers and other malicious spyware from an Android device?

    I had AVG Antivirus Security before restoring to factory settings and it did not pick up anything.
  5. Thread Author  Thread Author    #5  

    Default Re: How to remove keyloggers and other malicious spyware from an Android device?

    I downloaded AGV Antivirus for Tablets again and ran both the Deep File Scan and the File Scanner and both gave the all clear.

    I am 100% certain that the machine is infected however. The person can even close my browser pages and redirect me to different pages, on top of seeing all activity on the machine, which she lets me know about indirectly by posting just enough information in profiles in chatrooms and dating sites so that I will know.
  6. #6  
    Golfdriver97's Avatar

    Posts
    18,647 Posts
    Global Posts
    19,022 Global Posts
    ROM
    Liquidsmooth ROM

    Default Re: How to remove keyloggers and other malicious spyware from an Android device?

    Quote Originally Posted by Daniel223 View Post
    The password is 10 characters - the first 3 are letters, the other 7 numbers.

    The individual infecting me is hundreds of miles away, so I assume she can't get on the network without getting onto some device near it first - she was able to break into my (when I say 'my' I mean my parents' house, and I am reluctant to cause them any distress by involving them in this headache, which would happen if I were to start tampering with the router) Wifi network via my iPhone 4 (I never used my house Wifi on it but she was able to remotely switch Wifi on on the iPhone and then get onto the network and my other devices that way) which I have very recently replaced with a new Samsung S4.
    10 characters isn't that strong. My password is 26. Including symbols like ( ~ and [
    As for getting rid of the spyware...I am not sure. Changing the router password and encryption type should help.

    Sent from a SlimROM S3.

    Phone Timeline
    'If we could change ourselves, the tendencies in the world would also change.' - Mahatma Gandhi
    Community Guidelines and also here
  7. Thread Author  Thread Author    #7  

    Default Re: How to remove keyloggers and other malicious spyware from an Android device?

    I see an app on Google Play called "Nuke my Tablet". Does anyone know if this would work?

    It wouldn't be a big deal because I store anything of importance on external hard drives. There is no point doing it though unless I know I can secure the machine properly and prevent this nuisance from getting onto it again.

    On other forums I'm reading that installing a brand new operating system is really the only way to get rid of malware of this nature.
  8. #8  
    Scott Kenyon's Avatar

    Posts
    2,164 Posts
    Global Posts
    2,204 Global Posts
    ROM
    MoDaCo Switch Beta 8

    Default Re: How to remove keyloggers and other malicious spyware from an Android device?

    Quote Originally Posted by Daniel223 View Post
    I see an app on Google Play called "Nuke my Tablet". Does anyone know if this would work?

    It wouldn't be a big deal because I store anything of importance on external hard drives. There is no point doing it though unless I know I can secure the machine properly and prevent this nuisance from getting onto it again.

    On other forums I'm reading that installing a brand new operating system is really the only way to get rid of malware of this nature.
    Software of that nature would do less than a factory reset. Rooting and romming would do more. My two cents. Welcome to AC Daniel, I wish it were for a better reason!
    Golfdriver97 likes this.
  9. Thread Author  Thread Author    #9  

    Default Re: How to remove keyloggers and other malicious spyware from an Android device?

    Okay, thanks, and thanks.
  10. Thread Author  Thread Author    #10  

    Default Re: How to remove keyloggers and other malicious spyware from an Android device?

    What about prevention, so it doesn't happen again after doing the rooting and romming?

    And is there a way I can check to see if malware is discreetly buried deep in the system in the future other than through my stalker confirming to me that it is herself? I don't like to feed this person, as she seems to enjoy any attention, regardless whether it be positive or negative. Her sick little game of dropping little pieces of information on chatrooms and dating sites that I was briefly describing above - knowing that I am on the lookout for them and will be annoyed when I see them - is what she derives her entertainment from. And the only reason why I check for them in the first place is because I want to know whether she has infected a certain device or not. If I had another way of confirming her insidious presence on my machines she would have no access to them and get zero attention from myself, and would have to just go and find someone else to cyberstalk.
  11. #11  
    Golfdriver97's Avatar

    Posts
    18,647 Posts
    Global Posts
    19,022 Global Posts
    ROM
    Liquidsmooth ROM

    Default Re: How to remove keyloggers and other malicious spyware from an Android device?

    Quote Originally Posted by Daniel223 View Post
    What about prevention, so it doesn't happen again after doing the rooting and romming?

    And is there a way I can check to see if malware is discreetly buried deep in the system in the future other than through my stalker confirming to me that it is herself? I don't like to feed this person, as she seems to enjoy any attention, regardless whether it be positive or negative. Her sick little game of dropping little pieces of information on chatrooms and dating sites that I was briefly describing above - knowing that I am on the lookout for them and will be annoyed when I see them - is what she derives her entertainment from. And the only reason why I check for them in the first place is because I want to know whether she has infected a certain device or not. If I had another way of confirming her insidious presence on my machines she would have no access to them and get zero attention from myself, and would have to just go and find someone else to cyberstalk.
    The downside is, every device, every OS can be cracked. Question is, how long does it take?

    You can encrypt the s4. That should also help, but there are downsides to that too. If you encrypt, then need to factory reset, you nerd to decrypt, then reset the phone.
    I don't know what else to suggest.

    Sent from a SlimROM S3.

    Phone Timeline
    'If we could change ourselves, the tendencies in the world would also change.' - Mahatma Gandhi
    Community Guidelines and also here
  12. #12  
    Scott Kenyon's Avatar

    Posts
    2,164 Posts
    Global Posts
    2,204 Global Posts
    ROM
    MoDaCo Switch Beta 8

    Default Re: How to remove keyloggers and other malicious spyware from an Android device?

    If you're really that paranoid about it you could unzip the rom and look around. Generally, 99% of the ones you can find are legit. Don't download from any untrusted developer or source. Always download directly from the OP.
    Golfdriver97 likes this.
  13. Thread Author  Thread Author    #13  

    Default Re: How to remove keyloggers and other malicious spyware from an Android device?

    Thanks for your advice.

    It's more than a little on the technical side for me to be honest though.

    And I am not just being paranoid - the person has pretty much unfettered access to every electronic device I own the way things stand at the minute. So obviously I am looking to change that.

    I did a DOD defence standard wipe of my Mac drive yesterday (although I didn't wipe out the OXS Base System), and as soon as I got back online I re-installed Rootkit Hunter and every single one of the aforementioned problems are still there.

    Just wiping the stuff out like that is the sort of thing I am looking to do - and Android devices don't even have a hard drive, so I am a bit lost for what to do at the minute. I encrypted my S4, but that doesn't seem to have done anything, save lumbered me with a tedious password which I have to enter every time I go to use my phone now.
  14. #14  
    Golfdriver97's Avatar

    Posts
    18,647 Posts
    Global Posts
    19,022 Global Posts
    ROM
    Liquidsmooth ROM

    Default Re: How to remove keyloggers and other malicious spyware from an Android device?

    Quote Originally Posted by Daniel223 View Post
    Thanks for your advice.

    It's more than a little on the technical side for me to be honest though.

    And I am not just being paranoid - the person has pretty much unfettered access to every electronic device I own the way things stand at the minute. So obviously I am looking to change that.

    I did a DOD defence standard wipe of my Mac drive yesterday (although I didn't wipe out the OXS Base System), and as soon as I got back online I re-installed Rootkit Hunter and every single one of the aforementioned problems are still there.

    Just wiping the stuff out like that is the sort of thing I am looking to do - and Android devices don't even have a hard drive, so I am a bit lost for what to do at the minute. I encrypted my S4, but that doesn't seem to have done anything, save lumbered me with a tedious password which I have to enter every time I go to use my phone now.
    I am curios if you went, bought a different router, and at a different location, set it up with a password to the router itself and a password for the internet. That should be saved, and then brought it home, and swapped routers.
    This person has to be accessing your files via the net. Once you cut off their entry, they shouldn't be able to harass you anymore.
    For a strong password, search for a hexadecimal generator, and replace some of the characters with rarely used ones. Shoot for a height number of characters to be used, like 26 or 30.

    Sent from a SlimROM S3.

    Phone Timeline
    'If we could change ourselves, the tendencies in the world would also change.' - Mahatma Gandhi
    Community Guidelines and also here
  15. Thread Author  Thread Author    #15  

    Default Re: How to remove keyloggers and other malicious spyware from an Android device?

    Yes, true. but they are hundreds of miles away. So they need access to some device I own first to use to attack the other ones. And I am reluctant to tamper with the router as it is a family one; and this is my problem, and I do not want to cause any other members of my family any distress.

    An iPhone 4, which I have since gotten rid of, served that purpose for them - they first of all sent me a dodgy email and I opened it on my phone (I had previously thought that it was only dangerous to open links or click on attachments, but it seems just opening an email opens the door for them to any given machine). I had a brief look at it and deleted it and set my phone down. About half an hour later I picked the phone up again and it was asking me to enter my Wifi password. This set alarm bells ringing as I never use Wifi on it unless I am on holiday. I checked and it said Wifi was off. But when I actually tapped on Wifi on/off, I discovered that it was actually on, same with Bluetooth. So the person had up to half an hour to attack my other machines which were on but asleep. And they have definitely been able to break into them. Other family members' phones and computers are also compromised and I do not know how to tell them.

    At the minute my plan is to isolate each machine one by one if I can, get rid of the stuff, and fortify them so this does not happen again. I'll be paying a visit to the Apple store with my Macbook - I am having to put black tape over the cameras on my devices at the minute because I can't even be sure that they aren't being used to spy on me sitting in my own house, it's disgusting - but I am not sure what I am going to do with the Samsung devices yet as there are no stores near me and I telephoned them yesterday and the guy on the other end had never even heard of root kits, rooting or roming.
  16. #16  
    Golfdriver97's Avatar

    Posts
    18,647 Posts
    Global Posts
    19,022 Global Posts
    ROM
    Liquidsmooth ROM

    Default Re: How to remove keyloggers and other malicious spyware from an Android device?

    Quote Originally Posted by Daniel223 View Post
    Yes, true. but they are hundreds of miles away. So they need access to some device I own first to use to attack the other ones. And I am reluctant to tamper with the router as it is a family one; and this is my problem, and I do not want to cause any other members of my family any distress.

    An iPhone 4, which I have since gotten rid of, served that purpose for them - they first of all sent me a dodgy email and I opened it on my phone (I had previously thought that it was only dangerous to open links or click on attachments, but it seems just opening an email opens the door for them to any given machine). I had a brief look at it and deleted it and set my phone down. About half an hour later I picked the phone up again and it was asking me to enter my Wifi password. This set alarm bells ringing as I never use Wifi on it unless I am on holiday. I checked and it said Wifi was off. But when I actually tapped on Wifi on/off, I discovered that it was actually on, same with Bluetooth. So the person had up to half an hour to attack my other machines which were on but asleep. And they have definitely been able to break into them. Other family members' phones and computers are also compromised and I do not know how to tell them.

    At the minute my plan is to isolate each machine one by one if I can, get rid of the stuff, and fortify them so this does not happen again. I'll be paying a visit to the Apple store with my Macbook - I am having to put black tape over the cameras on my devices at the minute because I can't even be sure that they aren't being used to spy on me sitting in my own house, it's disgusting - but I am not sure what I am going to do with the Samsung devices yet as there are no stores near me and I telephoned them yesterday and the guy on the other end had never even heard of root kits, rooting or roming.
    At the moment, I am out of suggestions.

    Sent from a SlimROM S3.

    Phone Timeline
    'If we could change ourselves, the tendencies in the world would also change.' - Mahatma Gandhi
    Community Guidelines and also here
  17. Thread Author  Thread Author    #17  

    Default Re: How to remove keyloggers and other malicious spyware from an Android device?

    The Macbook is actually worse now after doing the DOD standard wipe of the drive. For when I run Rootkit Hunter now the malware cuts it off before I can see the results and also shuts the machine down before it is finished its work.

    The machine will also not let me do another reinstallation now - all the options to do one have vanished. So it's down to the Apple store with it.
  18. #18  

    Default Re: How to remove keyloggers and other malicious spyware from an Android device?

    Having the same problem, 3+ androids affected and 2 laptops, you are not being just paranoid. I confirmed Spyware programs such as SpyGenie, Watchdog ect. will allow this type of access. AVG or Zoner or Norton does not detect. Hard or Soft Factory Reset does not work. It's obviously in the OS and runs at startup. I am actively searching for a site that list ALL Android Factory Apps and their permissions. Basically all my permissions on most apps after factory reset have every possible access and permission to control Bluetooth, GPS, Camera, Audio Record ect. The phone has flashed and taken pics. I stop the processes running and they restart on their own until phone overheats or restarts. It's Ridiculous if you there is a way to remove I need it as well.[/FONT] Even the cell phone "Tech" I took one phone too wasn't up to speed and said phone was fine. I requested him to remove software and reload OS we'll see if he can do that, I don't know yet he didn't sound confident. He suggested rooting the phone so that I can access more and stop apps myself. Need any help I can get as well!
  19. #19  
    moosc's Avatar
    Grand Master Moosc

    Posts
    3,536 Posts
    Global Posts
    5,610 Global Posts
    ROM
    AKOP M4 old geezer theme

    Default Re: How to remove keyloggers and other malicious spyware from an Android device?

    This is so so funny. I seriously doubt any of your Mobil devices are infected. And if when you run a virus type scanner most send out false readings to make u paranoid. And if your stalker is thus good she must be hacker for the nsa.

    Sent from Bad Azz VZW LG G2 Cyan Tapatalk
    Google Nexus Class Devices (Nexus7, Nexus4, Galaxy Nexus lte VZW)...@moosc on twitter ...
  20. #20  
    mimsical's Avatar

    Posts
    1 Posts
    Global Posts
    2 Global Posts

    Default Re: How to remove keyloggers and other malicious spyware from an Android device?

    It's not funny when it happens to you. These 'love' type stalkers are obsessed by nature and some will stop at nothing. Do not go on dating sites - they are rubbish anyway - and definitely do not do social networking - which. let's face it, are also pretty rubbish too.
  21. #21  
    DrawDroid's Avatar

    Posts
    15 Posts
    Global Posts
    16 Global Posts

    Default Re: How to remove keyloggers and other malicious spyware from an Android device?

    Quote Originally Posted by mimsical View Post
    It's not funny when it happens to you. These 'love' type stalkers are obsessed by nature and some will stop at nothing. Do not go on dating sites - they are rubbish anyway - and definitely do not do social networking - which. let's face it, are also pretty rubbish too.
    Sometimes they even get infected with no reason, no dating sites, no adult sites.

Similar Threads

  1. software buttons (back/home/multitasking) to one side?
    By djm7541 in forum Google Nexus 10 Tablet
    Replies: 13
    Last Post: 11-27-2013, 04:10 PM
  2. Replies: 6
    Last Post: 08-24-2013, 09:53 AM
  3. Optimal Configs, Settings and Apps for a New User
    By anonalchemist in forum Google Nexus 4
    Replies: 4
    Last Post: 08-23-2013, 09:47 PM
  4. Hangouts Android first green box
    By Mer2016 in forum Samsung Galaxy Tab 2
    Replies: 0
    Last Post: 08-23-2013, 03:21 PM
  5. Emails disappearing from Gmail accounts on new Galaxy
    By blueman2 in forum Samsung Galaxy S4
    Replies: 0
    Last Post: 08-23-2013, 03:21 PM

Posting Permissions