Recently did a complete factory reset on my phone. Now, Verizon Security & Privacy tells me that it found three threats, all of which are Android/Ransom.Svpeng files. Screenshot included here.
My problem is that with all three, Security says it can't remove them.
I've run Malwarebytes and tried some other common virus scanners, but they don't detect anything.
One other really odd thing is that I can't figure out the storage paths, which you can see below, but to type one out is this: /storage/6134-3034/Download/Unconfirmed 98804.crdownload
I'm learning now what a .crdownload is. And I just figured out how to find and delete those files (plugging my phone into laptop, searched for "Unconfirmed" and found them on my SD card).
I was able to delete all three from my Windows Explorer window. Now, my big question: was I infected by Svpeng? How can I tell?
Oh, no! That is not what we want to hear, ssperkin. Let's get that malware taken care of. It looks like that is an actual issue on your device. What we want you to try is Safe Mode. What that does is it only allows first party or preinstalled software, to run on your device. This will help test what that file actually is. Restarting the device in Safe Mode may reset the Home screen to default settings (i.e. wallpaper, theme, widgets, etc.). With the device powered on, press and hold the Power button (located on the right edge) until the Phone options prompt appears then release > Touch and hold Power off until the Reboot to Safe Mode prompt appears then release > Tap Safe Mode. The restart process may take up to 45 seconds to complete. Upon restart, Safe mode appears in the lower-left of the unlock/home screen. Here is a video to help: https://www.verizonwireless.com/support/troubleshooting-using-safe-mode-android-video/