
Chinese tablets it's not only the cheap price, but in uther cases it's not funny surprises. It was the first time I've met the problem, when the stock firmware has a virus/malware. Couple of them.
MediaTek MT8392 processor, it's the twin of МТ6582. First is used in tablets, second in phones. I want Cyanogen to run on this device, but didn't found one. I thought that it would be great to repack cyanogen mode myself. Sources are available across the net. But I keep calm, sit down and start to struggle with virus.
First of all I was surprised, that soft reset didn't help and apps still on deveice. Second time I was surprised, when virus activate himself after flashing the firmware. Stock firmware. I thought Google account saved applications and just reinstall them after login. Creating the new account didn't help. Virus was activated after 24 hours. Third time viruses was activated without google account.
Screenshot of log, which was left by malware.
So all my doubts fly away, and the lamp appear on the top of my head – virus in stock firmware. In the forum's thread support team almost didn't care about messages about the virus. They said that there is no viruses. But after a couple of days they write the decision
http://4pda.ru/forum/index.php?showtopic=640125
The is no protection on the devices with android 4.4.2 on the board, form the commercial services.
How to fix this?
Write the firmware.
Enable “Usb debugging” option and install root access. For example Kingoo root.
Install Dr.web Pro (free 14-day period version)
Install file expolere like Total Commander etc.
After antivir finished it's scan, goto by scanned paths and remove malware.
Run full scan one more time.
Screenshot with detected malware from forum's thread.
Root from PC by King couldn't installed. Install by apk want to connect to the internet. I turned it for a sec to root device and shut down asap.
I delete all malware whick dr.web find. But it doesnt help. Malware was installed again after 2 days. It's badass shit.
My solution of this problem is:
1) Flash device.
2) Don't turn on internet.
3) Enable Developer options → USB debugging.
4) adb install kingo root
5) enable internet only for rooting device. After succes – turn it off.
6) adb install totalcommander – file manager to delete the system files.
7) adb install System app remover (ROOT) – to remove preinstalled shit
8) adb install Malwarebytes anti-malware – app to serach the malware
9) fullscan by Anti-malware
10) all founded files remove with total commander
11) for the protected future – turn on anti-malware security.
Testing this case over 1 month. Still no malware installed.
Besides, anti-malware found 3 viruses, unlike dr.web. And those 1 file was that terrible app which installed chinese malware.
Screenshot displays malware founede by Malwarebyte Anti-malware.
Before install applications from “adb install” you gotta be shure that they are safe. Download apk only from trusted sources.
If you are a developer of one of those apk which a linked in the article and you don't like links in it – write me up.