0

So I bought this tablet from a little-known company called iGet. The tablet was brand new and all the apps you see on the following screen came with the tablet or were installed from the Play store (Camera, Clock, FM Radio, and Sound Recorder are built-in).

apps on the tablet

The model of the tablet is Smart W103. It runs Android 9 Pie.

The problem is that ESET finds a trojan as part of the OS. Or could it be a false positive? AVG was not able to detect it.

TrojanDropper.Agent.DHC is the culprit in question. It's in MtkSettings.apk as part of settings.

ESET scan

Some other info: When you press Build number in settings several times, you get developer as usual. However, pressing Custom build version several times reveals the Device info option.

Custom build version

There it's possible to get to several advanced features:

  • pressing ProductName info several times opens MTKLogger
  • pressing LCM info several times opens EngineerMode
  • pressing TP driver opens Hardware Check

Device info MTKLogger EM HC

Also "spam" links open in Chrome randomly on their own from time to time. What's up with that? See attached screenshot for reference.

spam

Andrew T.
  • 15,988
  • 10
  • 74
  • 123
IJK_Principle
  • 1
  • 1
    Extract the APK and upload it to virustotal.com usually you will see that may be one or two will detect it as something generic but not more. Then the chance is that it is a false positive. – Robert Nov 28 '21 at 20:31
  • In order the find the spamming app, you can try the approach in the answer here or in my answer here. – Firelord Nov 28 '21 at 20:46
  • I'm not quite sure how to extract from system folder without rooting. However I'll certainly try that Chrome browser trick. – IJK_Principle Nov 29 '21 at 11:03
  • @IJK_Principle please use @ followed by the name of the person to whom you are trying to address with your comment. Otherwise, nobody would be notified of any of your comments. As concerns extracting APK, you don't need root access for that. Try any famous "backup" app from Play Store and it should be able to do the work for you. You can try this libre software app as a starting point. https://f-droid.org/en/packages/com.smartpack.packagemanager/ – Firelord Nov 29 '21 at 14:58
  • @Robert this is the result https://i.imgur.com/vhbdZDN.png ,I used Package manager from F-Droid as suggested by Firelord. Seems only ESET finds something malicious. I won't worry. Thanks – IJK_Principle Jan 31 '22 at 18:19
  • @Firelord thanks for suggesting the Package manager app. I'll try your tips regarding the spam next, thanks. – IJK_Principle Jan 31 '22 at 18:22

0 Answers0