20 November 2015 at 11:59 #1579
I’m using an xperia z3 phone with lollipop.
My use of the phone is very soft.I never install games or suspicious apps and I have a few apps installed.
I’ve used xmtv from 3 months with a list of streaming Italian televisions.
I never got problems until I’ve done the first update via website because the app was removed from the store.after installed i’ve used the app only four times.
After a week the phones started act strangely.
Even if was locked or when I go in Firefox browsing,randomly the browser started opening tons of malware pages.
The most actives were admin.appnext.com that were redirecting to the play store claiming to install games or trash apps.
The problem in those days was terrible and was bringing me to tons of malware Web pages.
I’ve gone mad trying to solve the problem,installing every class of cleaner or antivirus for finding what is the bringer of that infection.
Every scan i’ve done brought me to nothing.
Finally I tried another way installing network connections app from the store.
After I’ve started the app and started to record and log every internet connection from my phone to the Web.
Finally I discovered tons and tons of Web connections from xmtv app to
various Web malicious sites!!!
Were like 20 connections to various sites.to remove the app to understand if it was the cause.
After removed the app the problem was magically disappeared.
I trusted xmtv for long time but after I saw that I have decided
At this point my guess is if the author knows that the app brings those malware code or if the program brings malware links after connecting to a specific streaming channel.
In every way I decided to not install the app anymore until the author check this problem.
Also the fact that removed from the store is making me to suspect so.to20 November 2015 at 16:12 #1580
To be more accurate with the issues description, I want to specify that :
– With “Network Connections” app, I saw like 20 connections from the Xmtv app (I never loaded Xmtv app,it loads at startup background process for himself). Those connection where traced and ip resolved to every kind of strange websites (ad websites or malware websites).The app was taking also a great amount of ram loading all those connections.
– Xmtv player was starting at every phone boot and resides hidden as a process (as stated from Clean Master).
So it loads in background process even if I didn’t open the app.
If I load the app and then I close that, sometimes I see in system processes that the app restarts himself as background service.
– I have also a Minix Android Box that I use sometimes with xmtv to watch live tv streams (the channels list are the same inserted in the Z3 app).
The Minix Box is rooted (the Z3 is not) and with Clean Master I’ve disabled all the futile booting apps, included Xmtv.
So with the Minix, Xmtv player loads only when I open the app,instead loading at boot as process.
In the Minix for the moment I didn’t get the malware Z3 problems (but I use that ocasionally) and I think it didn’t happened because the app don’t loads at startup as process.
– I want to think that the author didn’t put this malware codes for himself….I think that the problem is the Monetizing part o f the code that lets external playlists or links (ads or similar) to be opened in background directly in system web browser.
If that is the case, I think that the app must be checked for limiting the opening of external apps (in html protocol) or web browsers,and also the app must be blocked to start at every machine boot.
The app must load only when the user open it,without residing in memory processes for himself.
For the moment I didn’t trust anymore this app and I don’t think to reinstall…also the fact that Xmtv is disappeared from the Play store,gives me some bad sensation about that,because the more frequent cause of that removal is about bad feedbacks from users or malware content.
I loved this app,and I hope the author reads this post and give some opinion about that.
Finally I want to guarantee that was Xmtv (downloaded from this site) giving the malware issues because after the removal the problem is gone (I’ve removed ONLY Xmtv so I can’t give the guilty to other apps).
Hope for some response!21 November 2015 at 09:47 #1581
Every one can disable boot up loadong from settings just check [disable events], but we do not make any connection to this mentioned site “admin.appnext.com” and do not hide any of our proccess under other names like this [Clean Master] as you mention. Its will be very helpfull if you can send email with some more info, we will try to simulate same and if this is some app issue will fix it asap.
Regards.21 November 2015 at 10:15 #1583
When I have a bit of time I will send a mail with the same channel list that I used with my phone so u can try it.
Clean Master is an app to clean trash files that can let u see active processes and disable with root active the boot up processes.I mentioned that because I used the app to disable xmtv at boot in my rooted minix.
I mentioned also the appnext malware site but it was one of most that have opened for themselves.there were other malware sites but this one was the most frequent.
I can assure that the problem is caused by xmtv because after a week that the app was removed the malware was gone forever.
My opinion is that some channels list have random video ads (for example some channels from my list randomly starts 30 seconds of video ads) and those ads probably link to some websites in background.
The fact that I have this problem only in my non rooted phone makes me think that if xmtv starts at boot ,the channels list try to link to video ads and it opens ads websites consecutively.21 November 2015 at 11:51 #1584
Hi thanks for fast answer, Its will be great when you have time to send us more data. During my tests before with some app that uses XMTV Player I saw following things, but can not block this kind of activity, cos I can control other apps: Most of apps using webviev on some list to show their content and using handler or directly call XMTV Player with intent, after few seconds other apps start some requests for Interstitial/Video Ads or open web page with some ad which cause issue and open Ad overlapping XMTV Player app. Our video ads are integrated in player and we never open it in separate window. You can try to check disable events in stettings, this will stop app to be started at boot time.21 November 2015 at 20:35 #1587
please check version 22.214.171.124 issue must be fixed. To turn off event system service just check “check events [x] disable”, after that when you exit from app with back button service will be turned off.
Thanks a lot for your report of this issue!
XMTV Player team22 November 2015 at 06:45 #1592
(update : I’ve tried to send this post yesterday before your .28 version but the forum didn’t allowed me to do that. Can u make those test anyway?? thanks)
I’ve decided to continue writing in forum for me is much faster….
So…I’ve uploaded my tv channels list at this link =
…u can download it,then copy and paste the channels in your app.
I’ll reccomend you to those steps =
1- download the Network Connections app in the store at this link : network connections
2- Then open some channels in my list until a video ads of 30 secs will appear (if u want u can skip this test but in my opinion if the video ads opens the probability of spread of malicious links can raise).
3- Don’t activate the “disable events” check in Xmtv and reboot your terminal.
4- When your android restarts, open up Network Connections and start a LIVE CAPTURE,then let the system run….if the infection has spreaded, u see that because your web browser starts to open himself with malicious sites.
However if it don’t happens,after some minutes reopen Network Connections,stop the live capture and see how many connections Xmtv has established.U see like 20 connections to various ip (u can resolve them inside Network Connections app himself) and see the the most are strange malicious sites.
So this is the best way I can help u.
I think that the problem must be solved even if checking “disable events” prevent the infection.
I think the infection will spread in this way =
Xmtv starts videos ads > the links to ads were activated > the links will start to open up html connections to malicious sites even in background
So I think u need to correct the app code to prevent Xmtv to send those html request to the android web browser.In this way even if ads links want to start,there were no way they can do that. Leaving open the html requests from video channels or lists,will put the app open to spread html ads infection.
Also I want to ask if it possible to add an import/export command to import and export channels list,to avoid every time to copy/paste links.
For the moment I will wait your tests. I wait the next app release to be posted with those modifications.
I don’t wanna risk anymore to harm my phone until I know for sure that the ads starting from video feeds will be blocked from starting html traffic.
Thanks for your help!24 November 2015 at 11:34 #1598
I will update the situation with .28 version.
For making this test I’ve installed the app on the Minix Box (the rooted one with the Xmtv app disabled at system boot).
Today I’ve downloaded from your site the .28 version (when installed in the app “about us” it says .29 version anyway).
After I’ve installed the app,and gone to options and disabled events, after 3 seconds my web browser started from himself to open malicious websites!!
I closed all,then opened Xmtv and loaded one channel in my list “http://www.time4droid.com/Apps/mc-tivu/mc-tivuXMTV.m3u”.
Xmtv started buffering then after 3 seconds the web browser opened for himself with malicious sites.
So finally my thinking is that some channels lists,opens web ads for themselves and even with “disable events” checked,Xmtv sends those requests to Android system.
The only way to prevent Xmtv to give access to malicious content,is to modify the code so when those channels list are requesting http traffic for ads websites,Xmtv stops them from sending those requests to Android system.
If the app will be not modified in this way,Xmtv will leave opened doors to malicius content!!
I hope the author reads my post!
Thanks24 November 2015 at 11:36 #1599
I’ll repost the channel list because link is broken http://www.time4droid.com/Apps/mc-tivu/mc-tivuXMTV.m3u copy and paste to test27 November 2015 at 12:33 #1601
I’ve done another test with last version on another android phone non rooted with disable events checked. Same problem ,malware pages opens for themselves.
I will uninstall the app until it’s safe against http webpages requests.
You must be logged in to reply to this topic.