Not what you are looking for? Ask the experts!
Norton Halt exploit > hidden device administrator > phone info app
I have an Android 4.3, Samsung Galaxy S3 SPH-L710. I was sitting at my desk having a cup of coffee and and happened to glance over at my phone, which I had not touched since waking up and watched the camera flash activate / turn on by itself. I picked up the phone and the flash light quickly turned off. I checked Settings> my device > Accessibility > Flash notification and this is already set to off.
I ran Norton Halt and it detected a hidden device administrator called "Phone Info" - ("halt" grab attached).
Operations it can perform according to Halt are attached in "halt2".
Clicking on Deactivate doesn't appear to do anything; returns me to the initial detection screen ("halt.pdf"). It also doesn't appear as an option to disable under settings > security > device administrators.
Going into settings > application manager > running, I saw 2 instances of this app running. I was able to stop them. Going into application manager > all, I clicked to clear the cache and data stored but am not able to remove the app. ("phone info.pdf")
The app has permissions to do just about everything it could want (see grabs "perms1-5"). I know I didn't actively install this.
I installed and ran several security apps: lookout, norton mobile, avast, hidden device admin detector, trend micro mobile, SeCore. None of them are detecting an issue and none of them can remove it.
My questions are 1. This appears to be malware, as Halt is suggesting, correct? 2. If so, how do I get it off my phone manually, asap?
Thanks for your help.