Worried about possible malware

rstew · Jan 25, 2021

Good evening,

I hope this finds everyone well. A few hours ago I was browsing online for some info for an essay, and I was dumb enough to click a website that redirected me. I can't really remember to where, but I didn't let it load. I clicked back immediately. Nothing was downloaded. I was using Google chrome.

I used virustotal and the website came up as malware. I cleared Google chrome cache, history etc etc, I have malware bytes on my phone so I scanned it nothing came up, scanned with Avast nothing came up, no downloads at all.

I downloaded sophos, which identified a .com.google.chrome file as PUA, which i immediately deleted. My phone isn't acting strange or anything, I don't do banking on it as I have a separate device to do so. But sophos also identified another app as PUA, but it's a safe app.

Also typed in the website on hybrid analysis, it states the same as VT.

Should I be worried? What else can I do? I'm paranoid. I'm on Xiaomi redmi note 7

mustang7757 · Jan 25, 2021

Can go over this guide

https://forums.androidcentral.com/showthread.php?t=1015048

I'll leave a Link to register so you can communicate here as a guest account you can only post questions but can't reply

https://forums.androidcentral.com/showthread.php?t=409154

rstew · Jan 25, 2021

mustang7757 said:
Can go over this guide

https://forums.androidcentral.com/showthread.php?t=1015048

I'll leave a Link to register so you can communicate here as a guest account you can only post questions but can't reply

https://forums.androidcentral.com/showthread.php?t=409154

Sorry just registered. I already read the guide. Kind of lost on what to do here. My phone is acting crazy but it was after I installed miui12.

@mustang7757 sorry just registered. I read the guide. What can I do now?

mustang7757 · Jan 25, 2021

rstew said:
@mustang7757 sorry just registered. I read the guide. What can I do now?

Hi, welcome to AC!

On the guide what don't you understand?

rstew · Jan 25, 2021

I understood everything

i need to know if my device is infected by visiting that website. I'm on Xiaomi redmi note 7. When I checked the Website on Hybrid analysis it showed "hooking". No downloads were made, i ran malware bytes and Avast, clean. Ran sophos, got a PUA - com.google.chrome file. Then again it also gave me a false positive. Is there anything I can do just to make sure I'm safe ? I didn't install anything, I'm just paranoid. @mustang7757

mustang7757 · Jan 25, 2021

rstew said:
I understood everything i need to know if my device is infected by visiting that website. I'm on Xiaomi redmi note 7. When I checked the Website on Hybrid analysis it showed "hooking". No downloads were made, i ran malware bytes and Avast, clean. Ran sophos, got a PUA - com.google.chrome file. Then again it also gave me a false positive. Is there anything I can do just to make sure I'm safe ? I didn't install anything, I'm just paranoid. @mustang7757

Yeah you should be fine , just try avoid shady website.

rstew · Jan 25, 2021

I'm not so sure... But i might be wrong. After I updated to miui12. My phone has gone crazy. This only happened after I downloaded the new update. Dual apps creating by themselves and then vanishing, phone crashing... Maybe it's the update. Any suggestions on what I should do? Could i possibly get malware just by visiting the website?

mustang7757 · Jan 25, 2021

rstew said:
I'm not so sure... But i might be wrong. After I updated to miui12. My phone has gone crazy. This only happened after I downloaded the new update. Dual apps creating by themselves and then vanishing, phone crashing... Maybe it's the update. Any suggestions on what I should do? Could i possibly get malware just by visiting the website?

It could be related to a update , sometimes factory reset is needed after one , but can try safe mode if it still happening.

B. Diddy · Jan 25, 2021

Android Central Question said:
I downloaded sophos, which identified a .com.google.chrome file as PUA

Welcome to Android Central! Antivirus apps on Android often give false positives. Was the file just called com.google.chrome, or was there additional text after that?

Just clicking on a link that redirects you to a website isn't in itself dangerous. The thing you want to avoid is to agree to download and install anything.

rstew · Jan 25, 2021

It has some letters after it. I did not install or agree to anything at all! But I was researching online and I see tons of people saying that you can get infected just by visiting a website. Am I safe?

belodion · Jan 25, 2021

rstew said:
It has some letters after it. I did not install or agree to anything at all! But I was researching online and I see tons of people saying that you can get infected just by visiting a website. Am I safe?

You will find people online saying almost anything. The latest fashion among them is to assert that COVID 19 does not exist.
Assertions are worthless unless supported by evidence or valid argument.

rstew · Jan 25, 2021

Yeah...valid point. I'm an anxious mess. Had a picture of my debit card and now I'm terrified someone might have it... But I'm guessing I'm being dumb since I didn't download anything. Am I safe? I turned off allow unknown sources since I test apks as a part time (for utest). I hope nothing happens.

B. Diddy · Jan 25, 2021

I think you're fine. It sounds like this other thread: https://forums.androidcentral.com/ask-question/1019093-does-anyone-know-what.html

See also this:

https://android.stackexchange.com/questions/180412/can-i-delete-com-google-chrome-files

Rukbat · Jan 26, 2021

The one thing you did wrong was deleting com.google.chrome. That's part of your Chrome web browser. If you want to use it, you'll have to get it from Google Play again.

B. Diddy · Jan 28, 2021

Rukbat said:
The one thing you did wrong was deleting com.google.chrome. That's part of your Chrome web browser. If you want to use it, you'll have to get it from Google Play again.

I think they're referring to a downloaded file that starts with "com.google.chrome" followed by some random-seeming text, so it doesn't seem to be an actual system app file. See the thread links I previously posted about it.

Rukbat · Jan 28, 2021

B. Diddy said:
I think they're referring to a downloaded file that starts with "com.google.chrome" followed by some random-seeming text, so it doesn't seem to be an actual system app file. See the thread links I previously posted about it.

Could be, I guess.

Kizzy Catwoman · Jan 28, 2021

I think a cache partition wipe or a factory reset should help with the crazy behaviour. I tend to do a full reset after a major upgrade. Especially as I run the betas. To clean out any unwanted files or conflicts.

Worried about possible malware

Member

Super Moderator

Member

Super Moderator

Member

Super Moderator

Member

Super Moderator

Senior Ambassador

Member

Co-Ambassador Team Lead

Member

Senior Ambassador

Retired Moderator

Senior Ambassador

Retired Moderator

Similar threads

Forum statistics

Share this page