Andr/Xgen-OB malware persists on my Android phone (Leagoo M5).

I have the same issue. Sophos reports Andr/Xgen-OB within a fake Settings app and Andr/Generis-S within a "Magic" app. Uninstalling them does not help. They just come back again. I've the deleted the .jm folder which contained two .xde.apk files, associated with the virus located at the root of the internal Storage folder. They come back as well. I've deleted he "APPMarket" folder which contains more jazz associated with the virus. Evertything just keeps coming back.

Use a Tecno W2, Android 6.0 Smartphone. 

Virus seem to have came in when I connected the phone via MTP to a system that was infected with Win32:Dorder or Gamarue in an attempt to copy an antivirus program to that system. I was under the impression that Windows OS viruses had nothing on Android OS. I have seemingly been proven wrong. I hadn't done any downloads, visit questionable sites, downloaded suspicious email attachments or what have you.

And what's worse is that the infection seems to be evolving, closing the doors I use to grant myself temporary reprieve. For example: I browse through the phone's internal storage and locate the .jm and APPMarket folders to delete them. I do this using Windows Explorer via MTP USB cable connection. Now those folders don't show up anymore on Windows Explorer. I had to download a more capable file manager directly to the phone to locate and delete the folders.

Help anyone!

Help!

Please send the logs to Sophos so they can investigate. To do this go to Settings, Tracing, Send trace. This will attach the log file to an email in your email app. The email address of Sophos Support is inserted by default. Please also add a short description in this email (like your text from here).