This is my first post on XDA and I hope that I'm posting in the right place!
I have a Nexus 4, 4.4.2 which has never been rooted. For what it's worth, I've always run AV software (Lookout from day 1, subsequently Kaspersky) and only downloaded from the Play Store. (I have always had 'Unknown Sources' unticked). I'm pretty careful with permissions.
In hindsight (a wonderful thing) things started shortly after one of the Kitkat OTA updates. Not absolutely sure which…
One evening, my lock screen clock suddenly showed my time as 3 hours ahead (i.e. Moscow: I'm in the UK) along with a rectangle giving my home time zone time. I googled the symptoms and it seemed widely reported so I just put it down to an update bug and carried on.
However, I've recently been having large, unexplained, data spikes in seemingly innocuous programs. Specifically, I had a 6GB spike attributed to Opensignal. I uninstalled Opensignal, but the data use continued, albeit on a smaller scale, reported in Data Usage as 'Removed Apps'. This was definitely data use *after* the program was removed: I altered the sliders to focus on the time after uninstall.
To be on the safe side, I gritted my teeth and performed a factory reset and altered my important passwords.
However, this is happening again.
'Removed App' data use has started increasing once more and have just had another large data spike attributed to, of all things, Kaspersky. Over 600MB in a day. All data is now turned off, but possibly too late?
Do I have to assume that the phone is well and truly hacked? If so, am I going to have to unlock and root the phone and side load a factory image from Google, or is there an easier route?
Many thanks in advance for any help.