FORUMS
Remove All Ads from XDA

Zuk Z2 (standard) Malware Problem

5 posts
Thanks Meter: 2
 
By DutchZukZ2, Junior Member on 15th July 2016, 02:27 PM
Post Reply Email Thread
Hi everyone! I'm new to this forum.

I bought the Zuk Z2 (standard) from Oppomart and everything is fine, except for one thing. I installed the Malwarebytes app, which found 1 malware/trojan named: "Android/Trojan.Spy.Smforw.l". It can be found in /system/priv-app/Liulangbao/Liulangbao.apk.
I'm pretty new to Chinese phones, and with help from the ZUI OS 1.9.044 ROM posted on this forum (along with an explanation of how to flash it) I managed to flash the original ROM (which turned out identical to the ROM from Oppomart). Sadly, it still contained the aforementioned malware.
Then I tried removing this app/malware with several apps from the Google Play Store, which didn't work (they need root access).
I found an explanation of how to root my Zuk Z2 via http://androiding.how/root-zuk-z2-an...twrp-recovery/. That website mentioned XDA as well: http://forum.xda-developers.com/zuk-...2#post67680272.
Do you reckon this is a trusted method? I have never rooted a phone before (it was quite an achievement for me to even flash a "new" ROM). Will I be at risk of bricking the phone?
My questions to you are: is this app/malware very hazardous? What does it do? Is my phone safe to use? What is the easiest way to delete it? Or should I try a completely different approach to this problem?

Thanks in advance for your help and please let me know if you need additional information!
The Following User Says Thank You to DutchZukZ2 For This Useful Post: [ View ] Gift DutchZukZ2 Ad-Free
 
 
15th July 2016, 07:45 PM |#2  
KronozFX's Avatar
Member
Flag DAMN.
Thanks Meter: 23
 
More
Quote:
Originally Posted by DutchZukZ2

Hi everyone! I'm new to this forum.

I bought the Zuk Z2 (standard) from Oppomart and everything is fine, except for one thing. I installed the Malwarebytes app, which found 1 malware/trojan named: "Android/Trojan.Spy.Smforw.l". It can be found in /system/priv-app/Liulangbao/Liulangbao.apk.
I'm pretty new to Chinese phones, and with help from the ZUI OS 1.9.044 ROM posted on this forum (along with an explanation of how to flash it) I managed to flash the original ROM (which turned out identical to the ROM from Oppomart). Sadly, it still contained the aforementioned malware.
Then I tried removing this app/malware with several apps from the Google Play Store, which didn't work (they need root access).
I found an explanation of how to root my Zuk Z2 via http://androiding.how/root-zuk-z2-an...twrp-recovery/. That website mentioned XDA as well: http://forum.xda-developers.com/zuk-...2#post67680272.
Do you reckon this is a trusted method? I have never rooted a phone before (it was quite an achievement for me to even flash a "new" ROM). Will I be at risk of bricking the phone?
My questions to you are: is this app/malware very hazardous? What does it do? Is my phone safe to use? What is the easiest way to delete it? Or should I try a completely different approach to this problem?

Thanks in advance for your help and please let me know if you need additional information!

Google tells me that liulangbao is a traffic exchange bot, similar to Jingling(this is for PC), people use it to exchange "visits" on others website(most of them are ad to make cash) with their own visit to others in background, it will for so use resources, internet data, and maybe install other viruses through malware-sites. I think you can delete that app just rooting your device, installing lucky patcher and if it finds that app in system you can directly uninstall it. Otherwise use root, and an root explorer to find that .apk and delete it.
However you'll need to root your device in any way.

That web-site seems legit, it publics various root methods for multiple devices, and it's well organized.
Give it a shot, being rooted is better than botted
16th July 2016, 12:21 PM |#3  
OP Junior Member
Thanks Meter: 2
 
More
Quote:
Originally Posted by KronozFX

Google tells me that liulangbao is a traffic exchange bot, similar to Jingling(this is for PC), people use it to exchange "visits" on others website(most of them are ad to make cash) with their own visit to others in background, it will for so use resources, internet data, and maybe install other viruses through malware-sites. I think you can delete that app just rooting your device, installing lucky patcher and if it finds that app in system you can directly uninstall it. Otherwise use root, and an root explorer to find that .apk and delete it.
However you'll need to root your device in any way.

That web-site seems legit, it publics various root methods for multiple devices, and it's well organized.
Give it a shot, being rooted is better than botted

Thank you very much KronozFX for your advice! I may give that a shot. Do you think the risk of bricking the phone is high using this rooting method?

Does anyone else have advice?
16th July 2016, 02:46 PM |#4  
KronozFX's Avatar
Member
Flag DAMN.
Thanks Meter: 23
 
More
Quote:
Originally Posted by DutchZukZ2

Thank you very much KronozFX for your advice! I may give that a shot. Do you think the risk of bricking the phone is high using this rooting method?

Does anyone else have advice?

No, i also have a friend who has rooted the device .)
16th July 2016, 03:17 PM |#5  
OP Junior Member
Thanks Meter: 2
 
More
Quote:
Originally Posted by KronozFX

No, i also have a friend who has rooted the device .)

Did he remove Liuliangbao as well? Would he (and you) be willing to supply a detailed description for a noob like me of how to root it and delete Liuliangbao?
23rd July 2016, 06:24 PM |#6  
KronozFX's Avatar
Member
Flag DAMN.
Thanks Meter: 23
 
More
Quote:
Originally Posted by DutchZukZ2

Did he remove Liuliangbao as well? Would he (and you) be willing to supply a detailed description for a noob like me of how to root it and delete Liuliangbao?

He rooted as the guide you linked, and then he used lucky patcher to remove it i think
23rd July 2016, 11:35 PM |#7  
OP Junior Member
Thanks Meter: 2
 
More
Quote:
Originally Posted by KronozFX

He rooted as the guide you linked, and then he used lucky patcher to remove it i think

Thanks I may just have to give it a go!
24th July 2016, 05:14 PM |#8  
Member
Thanks Meter: 7
 
More
Quote:
Originally Posted by DutchZukZ2

Hi everyone! I'm new to this forum.

I bought the Zuk Z2 (standard) from Oppomart and everything is fine, except for one thing. I installed the Malwarebytes app, which found 1 malware/trojan named: "Android/Trojan.Spy.Smforw.l". It can be found in /system/priv-app/Liulangbao/Liulangbao.apk.
I'm pretty new to Chinese phones, and with help from the ZUI OS 1.9.044 ROM posted on this forum (along with an explanation of how to flash it) I managed to flash the original ROM (which turned out identical to the ROM from Oppomart). Sadly, it still contained the aforementioned malware.
Then I tried removing this app/malware with several apps from the Google Play Store, which didn't work (they need root access).
I found an explanation of how to root my Zuk Z2 via http://androiding.how/root-zuk-z2-an...twrp-recovery/. That website mentioned XDA as well: http://forum.xda-developers.com/zuk-...2#post67680272.
Do you reckon this is a trusted method? I have never rooted a phone before (it was quite an achievement for me to even flash a "new" ROM). Will I be at risk of bricking the phone?
My questions to you are: is this app/malware very hazardous? What does it do? Is my phone safe to use? What is the easiest way to delete it? Or should I try a completely different approach to this problem?

Thanks in advance for your help and please let me know if you need additional information!

Can you give a quick review about this phone? I'm interested in it. Any issues? (Except the malware software that you already mentioned) Pros and cons? Thanks
The Following User Says Thank You to langkhack18 For This Useful Post: [ View ] Gift langkhack18 Ad-Free
28th July 2016, 02:37 AM |#9  
OP Junior Member
Thanks Meter: 2
 
More
Quote:
Originally Posted by langkhack18

Can you give a quick review about this phone? I'm interested in it. Any issues? (Except the malware software that you already mentioned) Pros and cons? Thanks

Sure, no worries. It's actually not my phone as I bought it for the missus. She likes the phone a lot (coming from a Huawei Ascend P7), let me break it down in the pros and cons she has encountered.

Pros:
- It's very quick
- It snaps photos right the instance you press the button (no delays)
- Picture quality is good (although we both aren't too critical)
- Good battery life. It lasts a lot longer than her previous phone (on lollipop with a 2500 mAh battery which she often had to connect to a powerbank during the day)
- The fingerprint scanner is a treat. It works every time and quickly as well (you don't have to wake the phone/screen before the scanner works)
- The size of the phone. She would have preferred an even smaller device, but there's no real contender in the sub 5" category.
- Premium look and feel

Cons:
- Still some Chinese although language is set to English (e.g. the weather app which is embedded in the homescreen)
- Some apps won't work (properly). For example Twilight (the app that filters blue light) crashes immediately when opened and the phone won't receive messages in WhatsApp if the app isn't opened (and locked via recent apps). So she had to choose a different blue light filter app and she needs to constantly have WhatsApp opened.
- No Dutch (which isn't too big of an issue for her)

I hope this was of help to you!
The Following User Says Thank You to DutchZukZ2 For This Useful Post: [ View ] Gift DutchZukZ2 Ad-Free
24th October 2016, 09:21 PM |#10  
Junior Member
Thanks Meter: 1
 
More
Hi!

If you don't want root your device then you can install a firewall app and block that Liulangbao app.

Also here is a comprehensive thread about Liulangbao: http://zukfans.eu/community/threads/liulangbao.304/
Post Reply Subscribe to Thread

Tags
lenovo-zuk-z2

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes