My father said that he had allowed the installation of applications from unknown sources when he was asked to do so to go further with something (he said that I do not remember when or what he did).
In Android 8.0 (the version of his smartphone), we can allow a third-party installation in individual applications. So I went to this tab and found that only Google Chrome was capable of this type of installation. So, I navegate via my father's apps and find nothing suspicious.
When I went to the files, I found a folder called Have I got. Inside, a file without extension called psnger_encrypted or something like that. When I went to select the file to see the details, I accidentally clicked on the file. Android has said that no application to open this file has been found.
Could a file have been executed even when Android was saying this message? If this file is malicious, is it possible that the phone was run and infected?
In doing some research, I found that a Chinese app called "DiDi" also had a file called "psnger". In addition, I found a file in my father's phone called .omega.key, and this file is also included in the topics related to the DiDi application. The fact is that I can not find this application on the phone, and I'm looking for ways to indicate that the phone has malicious content. I have run AVG and Malwarebytes, but both have not detected anything. What can I do else?