Related
Hi,
i don't have a android phone yet. But i'm still a little bit frightened about data security there.
I read this article:
hxxp://w ww.theregister.co.uk/2010/06/28/google_remote_android_application_install/
I think normally you should decide yourself what to uninstall and what not.
So my question is - would it be possible to prevent Google from Accessing your phone, means prevent them from Installing / Uninstalling Applications.
Cause i hate this. My phone is my phone and they aren't allowed to play the "admin"
Regards
eagle
fear not
If you read further into this they are talking about malicious apps and it is done for the malicious app or apps only they are actually protecting your phone from being crippled and it is done systewide for those that use the market
APK's installed from SD can't be touched by Google. Only ones installed from the market can be removed. AFAIK so far they have only removed malicious apps(so far), but Googles definition of malicious is different to mine.
Hi,
thank you for your answers ! I know that they removed only a malicious app...but like mercianary already said: this time they only removed a malicious app ...
They could instead (of remote uninstall) just release a "fix" that you can download over the android market and this fix then cleans your mobile phone...
At least they can't remove stuff that you installed from SD ... this is good ...
But is there a way to modify the rom, so they won't have any access any more ?
Or can u disable this if you got root rights ?
Regards
eagle
P.S.
What else can google do with your phone ? What do they log ?
They take your soul. Piece by piece. Slowly over the years. Just like they do with every other product they give you for "free"
But that's another thread...
Sounds like humor but it's probably right :-/
The fact is ..:
I waited all time for Windows Phone 7. Thought that they would make it a good OS .. but now ... no Multitasking, ugly Menu ... it seems to me worse like the iOS (subjective opinion =) ) .
You don't have enough options/ settings and so on. It looks to me, like they try to copy Apple now, and they don't try to make it better =(
And now Android comes with tethering, Hotspot-Ability, a nice menu ... a "free" market , and so on.
Wouldn't i be afraid of Google i would choose it without hesitation.
You got any Pro Points for Win7 Phone ?
----
Don't get me started on Microsoft...
It's certainly possible to mod Market to disable this feature. Ofc you would need root to do this.
well with custom roms and rom specific apps you shouldn't have to worry because essentially you are loading and update zip so i think you'll be OK there and they would be morons to start randomly messing with peoples phones
Hi,
nice answers =) I like you I already got some
New Questions :
- Are there already such modified ROMS ?
- If not - will there be some ?
- @mercianary why i shouldn't get you started on Microsoft? Start please
What is your Fav OS ? Are you scared of google, too ?
First off, great forum, tons of awesome information.
I apologize in advance as I am sure these questions have been answered a million times but being new to a Rooted device, I'm looking for a little clarity and guidence.
I have the AT&T variant of the LG G3, awesome awesome device.
I rooted the device with Stump Root (doesn't get any simplier then that)
I then installed "Xposed Installer", "Titanium Backup", "SuperSu", and "G3 Tweak Box".
Questions,
Xposed
1) Seems pretty straight forward, is there anything as a newbie I should know, avoid, lookout for?
Titanium Back Up
1) Well, it all looks like chinese to me. First off, I have backed up all my apps, but when I check "Backup/Restore" I still see certain apps as "No Backup Yet". Why?
2) Also, how often should I backup the apps? Is once enough?
3) After backing up bloatware, is it then safe to remove and delete?
4) Schedules, should I be enabling either option?
5) Main Menu, whats the most important actions to take here?
SuperSu
1) Seems fairly straight forward, what are "logs" and do I need to pay attention to them?
2) Settings, is there any options I need to change, take advantage of? Anything I should avoid tampering with?
Misc Questions
1) When system updates come out, will this cause me to lose Root access, if so why and how do I avoid that?
2) Is there any prevenitive measures that I need to take to protect my device against any crashes, bricking, or any other general screw ups a newbie might cause with Root access?
3) Also, how do I not destroy my device while learning to take advantage of Root access?
4) In addition to what I have already installed, is there any other must have apps for the Rooted user?
I appreciate any & all help, thanks alot in advance!
I'll answer what I can, as best I can.
Vic098 said:
Xposed
1) Seems pretty straight forward, is there anything as a newbie I should know, avoid, lookout for?
Click to expand...
Click to collapse
Make sure you have BusyBox installed as well.
It's best to change one setting at a time. It's tedious, especially if you have to reboot after changes, but if something goes awry, it's much easier to track down the conflict or bug, especially if you're using multiple modules.
Titanium Back Up
1) Well, it all looks like chinese to me. First off, I have backed up all my apps, but when I check "Backup/Restore" I still see certain apps as "No Backup Yet". Why?
Click to expand...
Click to collapse
There's a definite learning curve with TB. I'm not sure why some apps might not back up. It could be because they're core components of the OS and are write protected.
2.) Also, how often should I backup the apps? Is once enough?
Click to expand...
Click to collapse
When talking about batch backups, "enough" is at your discretion. No harm in doing them periodically, especially if you install a bunch of new apps. Backing up individual apps is good to do before updating them, in case you decide you preferred the older version. Or a game you don't want lose progress in or revert to an old "save".
3) After backing up bloatware, is it then safe to remove and delete?
Click to expand...
Click to collapse
Depends on the bloat. Some apps by AT&T or LG might seem unnecessary or unwanted, but actually are necessary and can cause crashes or force closes ("unfortunately XXXXX process has stopped"). Always back them up first, and remove them one at a time. It's better to freeze them first, then delete after testing. Personally, I don't delete bloat, just freeze it.
4) Schedules, should I be enabling either option?
Click to expand...
Click to collapse
Both, if you want to schedule period backups rather than just doing them youself. Again, your discretion .
5) Main Menu, whats the most important actions to take here?
Click to expand...
Click to collapse
Batch actions and Preferences (where to store them) are all you really should be messing with now. At least until you learn more.
SuperSu
1) Seems fairly straight forward, what are "logs" and do I need to pay attention to them?
Click to expand...
Click to collapse
The logs keep track of what was granted SU access and when. Not really necessary.
2) Settings, is there any options I need to change, take advantage of? Anything I should avoid tampering with?
Click to expand...
Click to collapse
PIN code is your choice. If you're the only one that ever uses your phone, it's not really necessary, but if if you let others use it frequently(for games, or to browse or log into Facebook), you might want to use a PIN so they don't simply hit "grant" whenever SuperSU requests rights. I use "prompt" as the default action, so I know what needs to access the system. For example, some apps that don't require root (like Clean Master) have additional functions if you are rooted, and this might not be clear in the description in Play. That way you know, and you won't accidentally screw something up. Also, malicious apps that have no business with root access can be identified and blocked.
Misc Questions
1) When system updates come out, will this cause me to lose Root access, if so why and how do I avoid that?
Click to expand...
Click to collapse
You can sometimes (usually?) lose root access after an update, but it's usually possibly simply to re-root with the same method. If not, it's best to wait to do the update until others can confirm/deny. SuperSU has a "survival mode" that can try to keep root during an update, but again, it's best to wait for confirmation by others.
2) Is there any prevenitive measures that I need to take to protect my device against any crashes, bricking, or any other general screw ups a newbie might cause with Root access?
3) Also, how do I not destroy my device while learning to take advantage of Root access?
Click to expand...
Click to collapse
Read, ask, and learn. It's easy to grow confident and think you're more clever than you really are and really screw something up (I know from experience). If you look at the first couple pages of general Q&A/Help forums, you'll see lots of people who did stupid stuff and now have bootloops and crashes and bricks. Do lots of searches, here, on google, and youtube. You can often find guides for what you're wanting to do.
4) In addition to what I have already installed, is there any other must have apps for the Rooted user?
Click to expand...
Click to collapse
AdAway or other ad blocker. Not only does it block ads in your browsers, it blocks Google ads in free apps. Apart from being cleaner and more convenient, since ads don't get loaded, pages load faster and you consume less data.
BetterBatteryStats gives you much more info on what's draining your battery than the stock Android function.
Some sort of root browser/explorer is essential. You can use it to completely delete folders/data that got left behind even after an app is deleted (which can sometimes cure Google Play Store errors), among other things.
I personally like ROM Toolbox Pro. It doesn't really do anything special, just packs a ton of utilities that you can get elsewhere into a single app.
SQLite editor is necessary to do some things, but you'd better make sure you know what you're doing before doing anything with it.
WiFi Tether Router might be able to bypass AT&T's tether app. Changing some settings with SQLite might be necessary. You'd have to research this for your device.
Those are the root apps I use, as well as Xposed and assorted modules to do theming or other functionality tweaks. Xposed is quite powerful, and you should familiarize yourself with what the multitude of different modules can do. The possibilities are seemingly endless, as developers come up with no mods every day to do new things that nobody else has done yet (or ported other mods to work with other devices).
I appreciate any & all help, thanks alot in advance!
Click to expand...
Click to collapse
Good luck and have fun!
Planterz said:
I'll answer what I can, as best I can.
Make sure you have BusyBox installed as well.
It's best to change one setting at a time. It's tedious, especially if you have to reboot after changes, but if something goes awry, it's much easier to track down the conflict or bug, especially if you're using multiple modules.
There's a definite learning curve with TB. I'm not sure why some apps might not back up. It could be because they're core components of the OS and are write protected.
When talking about batch backups, "enough" is at your discretion. No harm in doing them periodically, especially if you install a bunch of new apps. Backing up individual apps is good to do before updating them, in case you decide you preferred the older version. Or a game you don't want lose progress in or revert to an old "save".
Depends on the bloat. Some apps by AT&T or LG might seem unnecessary or unwanted, but actually are necessary and can cause crashes or force closes ("unfortunately XXXXX process has stopped"). Always back them up first, and remove them one at a time. It's better to freeze them first, then delete after testing. Personally, I don't delete bloat, just freeze it.
Both, if you want to schedule period backups rather than just doing them youself. Again, your discretion .
Batch actions and Preferences (where to store them) are all you really should be messing with now. At least until you learn more.
The logs keep track of what was granted SU access and when. Not really necessary.
PIN code is your choice. If you're the only one that ever uses your phone, it's not really necessary, but if if you let others use it frequently(for games, or to browse or log into Facebook), you might want to use a PIN so they don't simply hit "grant" whenever SuperSU requests rights. I use "prompt" as the default action, so I know what needs to access the system. For example, some apps that don't require root (like Clean Master) have additional functions if you are rooted, and this might not be clear in the description in Play. That way you know, and you won't accidentally screw something up. Also, malicious apps that have no business with root access can be identified and blocked.
You can sometimes (usually?) lose root access after an update, but it's usually possibly simply to re-root with the same method. If not, it's best to wait to do the update until others can confirm/deny. SuperSU has a "survival mode" that can try to keep root during an update, but again, it's best to wait for confirmation by others.
Read, ask, and learn. It's easy to grow confident and think you're more clever than you really are and really screw something up (I know from experience). If you look at the first couple pages of general Q&A/Help forums, you'll see lots of people who did stupid stuff and now have bootloops and crashes and bricks. Do lots of searches, here, on google, and youtube. You can often find guides for what you're wanting to do.
AdAway or other ad blocker. Not only does it block ads in your browsers, it blocks Google ads in free apps. Apart from being cleaner and more convenient, since ads don't get loaded, pages load faster and you consume less data.
BetterBatteryStats gives you much more info on what's draining your battery than the stock Android function.
Some sort of root browser/explorer is essential. You can use it to completely delete folders/data that got left behind even after an app is deleted (which can sometimes cure Google Play Store errors), among other things.
I personally like ROM Toolbox Pro. It doesn't really do anything special, just packs a ton of utilities that you can get elsewhere into a single app.
SQLite editor is necessary to do some things, but you'd better make sure you know what you're doing before doing anything with it.
WiFi Tether Router might be able to bypass AT&T's tether app. Changing some settings with SQLite might be necessary. You'd have to research this for your device.
Those are the root apps I use, as well as Xposed and assorted modules to do theming or other functionality tweaks. Xposed is quite powerful, and you should familiarize yourself with what the multitude of different modules can do. The possibilities are seemingly endless, as developers come up with no mods every day to do new things that nobody else has done yet (or ported other mods to work with other devices).
Good luck and have fun!
Click to expand...
Click to collapse
Thanks for the detailed response. Just a follow up, when googling AdAway, I see some long threads and what I think are different versions, is there a link, or a place that I can find the latest (and safe??) version to download?
Again, appreciate the feedback.
Vic098 said:
Thanks for the detailed response. Just a follow up, when googling AdAway, I see some long threads and what I think are different versions, is there a link, or a place that I can find the latest (and safe??) version to download?
Click to expand...
Click to collapse
http://d-h.st/BZs
If you haven't done so already, you'll have to go into your settings and check the box to allow app installation from unknown sources. Then just go to that link on your device, download the .apk, then install. Go to a site with a heavy amount of ads like phonearena.com (Verizon ads up the wazoo) and see how long it takes to load. Then reboot, and load the app. It'll update sources, and it'll be good to go. Go back to that website and marvel at how quickly it loads without the ads.
Vic098 said:
Thanks for the detailed response. Just a follow up, when googling AdAway, I see some long threads and what I think are different versions, is there a link, or a place that I can find the latest (and safe??) version to download?
Again, appreciate the feedback.
Click to expand...
Click to collapse
Is this a Xposed Module or some APK off the google market? Because if it's an Xposed Mod then links are direct.
Radigen said:
Is this a Xposed Module or some APK off the google market? Because if it's an Xposed Mod then links are direct.
Click to expand...
Click to collapse
Gotchya.
Planterz said:
If you haven't done so already, you'll have to go into your settings and check the box to allow app installation from unknown sources. Then just go to that link on your device, download the .apk, then install.
Click to expand...
Click to collapse
The link downloads a file called mobogenie. Is that correct?
Vic098 said:
The link downloads a file called mobogenie. Is that correct?
Click to expand...
Click to collapse
No. I don't know what that is, and I can't recreate whatever you did to get that. Whatever it is, don't install it.The file to download will match the name in the description. Make sure you're not clicking an ad (oh, the irony).
Try this link instead. https://f-droid.org/repository/browse/?fdid=org.adaway or try downloading on your computer to Dropbox or Drive or whatever cloud storage you use, or just download it to your computer, plug in your phone, copy it to your phone's storage, and run it from there.
Radigen said:
Is this a Xposed Module or some APK off the google market? Because if it's an Xposed Mod then links are direct.
Click to expand...
Click to collapse
Neither. It's not an Xposed module, just a regular app, but it's not available from the Google Play Store because they don't want you blocking your ads, so you have to side load it.
Planterz said:
No. I don't know what that is, and I can't recreate whatever you did to get that. Whatever it is, don't install it.The file to download will match the name in the description. Make sure you're not clicking an ad (oh, the irony).
Try this link instead. https://f-droid.org/repository/browse/?fdid=org.adaway or try downloading on your computer to Dropbox or Drive or whatever cloud storage you use, or just download it to your computer, plug in your phone, copy it to your phone's storage, and run it from there.
Neither. It's not an Xposed module, just a regular app, but it's not available from the Google Play Store because they don't want you blocking your ads, so you have to side load it.
Click to expand...
Click to collapse
Oh alright, thanks then, good thing we're all developers here.
Thank you in advance. First of all I am still a beginner in knowledge here. My Alcatel fierce 4 TCL 5056N seems to have been hacked and is now being remotely accessed and controlled by an unauthorized 3rd party. I may be way off base but I think my phone may have been exposed to a R.A.T.. Temporarily rooted long enough for someone to modify the kernel and other system coding, which I cannot access myself with an unrooted phone, installing some sort of sub-OS with limited user setting options and a completely different named storage platform,( I.e. emulated, bdef55, self), and not even factory resetting my device helps because it reboots into the sub-OS they installed. They are screen overlaying buttons, and toggles are being reversed in real time before my eyes, settings and options are disappearing from one minute to the next and I've somehow found myself poking around in some windows software on a PC that is used to develop Android software, maybe sdk, not sure but was Linux coding and looked like it was meant for me. I was on the other end of this hack for a few minutes tho but my lack of knowledge made this useless to me. I have downloaded many an app trying to combat this issue but to no avail. Although unsuccessful I have seen a few thing I don't understand but could possibly be helpful for you to identify exactly what my issue is. One thing is an app I downloaded said that a trust cert has enabled a malicious trust agent and my system is being remotely accessed by a third party. The rest is beyond my understanding but I'm going to list a few tidbits you may recognize. LIB, Kinguser, kingroot, persist, unremovable/???/xxx, code Aurora, bootstrap something, libnfc, system/framework/Apache/xml, bin, user value=0 or 1/2, managed provisioning, also a .base ext. on a bunch of sytem apps below the same app without and a few of others. I don't know if that's helpful but it's all I can remember. Symptoms are apps closing on their own, microphone and camera being remotely enabled, unable to update Google play services or store and being forced to use an obviously older and modified version with possible replica apps with restrictions, unexpected reboots, in settings/apps/permissions apps like gallery, when you click battery and then the little i button for info, it says it's a system app and all of the sudden the disable and force close buttons become un-highlighted and unusable and so on and so forth. Lastly, my home wifi is infected I think as well because my roommate is having the same issues. I've tried(unsuccessfully) to root my phone so I could manually remove some of these apps and extra coding and such but it seems impossible because of a locked bootloader. Tried about 10 different ways without success so I've just about given up and smashed the damn thing but then you geniuses popped into my head so I beg of you, please help me or if nothing else, tell me to proceed with the smashing...lol! Thank you very much for your time. P. s. I'm new to XDA dev website so maybe drop me a line at [email protected] with directions back to this thread. Had a bit if trouble navigating here. Thanks again and have a great day! -Spencer
Okay so ive been battling this for sometime. I'm starting to get a little more knowledgeable but still don't know what to do with all this.I experienced this first back in 2015 then I completely made a switch. Well now I'm back to same issues.
The problems I'm experiencing is it's happening on all the devices I have. The phone I'm on now bought brand new from metropcs. and not even a day 30minutes later I get an update for the phone. I new not to install or download. But it inventively did. Now it's sitting on my storage wanting me to move files to root.
LET ME MAKE THIS CLEAR. NON OF MY DEVICES ARE ROOTED.
to make this short. My devices seem to have a Bluetooth admin. And connects to any Bluetooth device without me knowing.
So far from what I see chromium and stage fright is a big part of what I'm seeing.
I'm attaching some pictures to give more detail look. And it's not just my Android devices it's my Xbox one S as well.
looking to completely remove. I'm not trying to waste money on switching networks or completly going Mia.
Fast responses please.
Sincerly,
-Desperate androidian
BLEEDCOLORYOU said:
Okay so ive been battling this for sometime. I'm starting to get a little more knowledgeable but still don't know what to do with all this.I experienced this first back in 2015 then I completely made a switch. Well now I'm back to same issues.
The problems I'm experiencing is it's happening on all the devices I have. The phone I'm on now bought brand new from metropcs. and not even a day 30minutes later I get an update for the phone. I new not to install or download. But it inventively did. Now it's sitting on my storage wanting me to move files to root.
LET ME MAKE THIS CLEAR. NON OF MY DEVICES ARE ROOTED.
to make this short. My devices seem to have a Bluetooth admin. And connects to any Bluetooth device without me knowing.
So far from what I see chromium and stage fright is a big part of what I'm seeing.
I'm attaching some pictures to give more detail look. And it's not just my Android devices it's my Xbox one S as well.
looking to completely remove. I'm not trying to waste money on switching networks or completly going Mia.
Fast responses please.
Sincerly,
-Desperate androidian
Click to expand...
Click to collapse
The Android community isn't what it used to be that's for sure. No help, no suggestions. Just nothing.
BLEEDCOLORYOU said:
Okay so ive been battling this for sometime. I'm starting to get a little more knowledgeable but still don't know what to do with all this.I experienced this first back in 2015 then I completely made a switch. Well now I'm back to same issues.
The problems I'm experiencing is it's happening on all the devices I have. The phone I'm on now bought brand new from metropcs. and not even a day 30minutes later I get an update for the phone. I new not to install or download. But it inventively did. Now it's sitting on my storage wanting me to move files to root.
LET ME MAKE THIS CLEAR. NON OF MY DEVICES ARE ROOTED.
to make this short. My devices seem to have a Bluetooth admin. And connects to any Bluetooth device without me knowing.
So far from what I see chromium and stage fright is a big part of what I'm seeing.
I'm attaching some pictures to give more detail look. And it's not just my Android devices it's my Xbox one S as well.
looking to completely remove. I'm not trying to waste money on switching networks or completly going Mia.
Fast responses please.
Sincerly,
-Desperate androidian
Click to expand...
Click to collapse
I'm no expert but I'm struggling to see your exact issue you seem to think you have, is it just t your Bluetooth is switching on. All those licences, security certs, file locations etc look normal to me (without checking numbers or being able to compare to same phone os etc) though I have disabled many of those certs eg the Turkish ones etc & my Bluetooth files are different but I can find ref hill those locations online eg Xieomi phones
You appear to have a ZTE, please give model number and current OS & rev (must be stock I suppose). ZTE was found with a backdoor in older phones, sending data to China, so it's possible, & some Chinese phones also update their apps without notification. But as you say your whole network appears compromised so the source may be something else, like your router/modem, or Bluetooth as you think (though some apps require Bluetooth admin permission legitimately, you can disable it as an Admin). Tell us what behaviors you are seeing that you believe are malicious. New phone update soon after you turn on is quite common, as I'm sure you know.
When I had a quick look at your log it did have a lot of activity going to the US DOD, would you expect this, as well as the usual google & Facebook connections. Though (perhaps) strangely also to a server from a small marketing company here in Australia, but I'm no expert even if I looked at your log line by line I wouldn't understand it all.
Ref his other post
https://forum.xda-developers.com/general/security/security-global-family-credientals-t3665851
Things to try. Run a reputable antivirus. Boot into safe mode, so only system apps run, is it still happening? Can you turn off anything that is listed as a device admin? Try run a root checker app. Even if it all comes back negative you may still have a problem as a port may already have been opened and malicious app self deleted or something. Use an app like Fing to see if any device you don't recognise are connected to your network.
You may be able to block some activity if it's not going through root with a firewall eg NetGuard no root firewall, start with everything blocked.
Above are just some general hints, without knowing specifics I can only suggest you backup any stuff you want to keep then factory reset everything & change ALL passwords to strong ones (no good just adding a number on the end of your old ones!), better still reflash all firmware (updates if available) to overwrite everything. This incl your internet access points eg router, and only reconnect to the net/networks after you have done them all (one at a time preferably then you may be able to identify source of problems)
That turned out a lot longer than I intended!
IronRoo said:
I'm no expert but I'm struggling to see your exact issue you seem to think you have, is it just t your Bluetooth is switching on. All those licences, security certs, file locations etc look normal to me (without checking numbers or being able to compare to same phone os etc) though I have disabled many of those certs eg the Turkish ones etc & my Bluetooth files are different but I can find ref hill those locations online eg Xieomi phones
You appear to have a ZTE, please give model number and current OS & rev (must be stock I suppose). ZTE was found with a backdoor in older phones, sending data to China, so it's possible, & some Chinese phones also update their apps without notification. But as you say your whole network appears compromised so the source may be something else, like your router/modem, or Bluetooth as you think (though some apps require Bluetooth admin permission legitimately, you can disable it as an Admin). Tell us what behaviors you are seeing that you believe are malicious. New phone update soon after you turn on is quite common, as I'm sure you know.
When I had a quick look at your log it did have a lot of activity going to the US DOD, would you expect this, as well as the usual google & Facebook connections. Though (perhaps) strangely also to a server from a small marketing company here in Australia, but I'm no expert even if I looked at your log line by line I wouldn't understand it all.
Things to try. Run a reputable antivirus. Boot into safe mode, so only system apps run, is it still happening? Can you turn off anything that is listed as a device admin? Try run a root checker app. Even if it all comes back negative you may still have a problem as a port may already have been opened and malicious app self deleted or something. Use an app like Fing to see if any device you don't recognise are connected to your network.
You may be able to block some activity if it's not going through root with a firewall eg NetGuard no root firewall, start with everything blocked.
Above are just some general hints, without knowing specifics I can only suggest you backup any stuff you want to keep then factory reset everything & change ALL passwords to strong ones (no good just adding a number on the end of your old ones!), better still reflash all firmware (updates if available) to overwrite everything. This incl your internet access points eg router, and only reconnect to the net/networks after you have done them all (one at a time preferably then you may be able to identify source of problems)
That turned out a lot longer than I intended!
Click to expand...
Click to collapse
Thank-you. Now for a better visual. There's to many apps.
And if u can give me links to apps that will help.
And on my oneplus one the Bluetooth thing says :1002 sharing or midi or something.
BLEEDCOLORYOU said:
Thank-you. Now for a better visual. There's to many apps.
And if u can give me links to apps that will help.
And on my oneplus one the Bluetooth thing says :1002 sharing or midi or something.
Click to expand...
Click to collapse
And code.auroa? What is this
BLEEDCOLORYOU said:
Thank-you. Now for a better visual. There's to many apps.
And if u can give me links to apps that will help.
And on my oneplus one the Bluetooth thing says :1002 sharing or midi or something.
Click to expand...
Click to collapse
I don't have that phone so can't really tell what is a suspect app or not, especially just from screen shots.
Here use this app to run on demand scans against the virustotal database (this is not an "antivirus app" like Avast so offers no protection, it only scans apps on demand, so you should run a good antivirus also)
https://play.google.com/store/apps/details?id=com.funnycat.virustotal
it should flag any suspect apps and you can submit any unknown ones you are worried about.
---------- Post added at 05:12 AM ---------- Previous post was at 05:02 AM ----------
BLEEDCOLORYOU said:
And code.auroa? What is this
Click to expand...
Click to collapse
edit: not Firefox then.
org.codeaurora.bluetooth is a legit part of Bluetooth .... Well unless it's flagged by virustotal then it probably is a malicious app just given a common name to try and hide
IronRoo said:
I don't have that phone so can't really tell what is a suspect app or not, especially just from screen shots.
Here use this app to run on demand scans against the virustotal database (this is not an "antivirus app" like Avast so offers no protection)
https://play.google.com/store/apps/details?id=com.funnycat.virustotal
it should flag any suspect apps and you can submit any unknown ones you are worried about.
Click to expand...
Click to collapse
Okay but what is provisioning? Code auroa smartcard services googleplay for instance apps and
And IV never encrypted this phone.
BLEEDCOLORYOU said:
Okay but what is provisioning? Code auroa smartcard services googleplay for instance apps and
And IV never encrypted this phone.
Click to expand...
Click to collapse
And alot of the overlay apps n simtoolkit are all questionmarked
BLEEDCOLORYOU said:
And alot of the overlay apps n simtoolkit are all questionmarked
Click to expand...
Click to collapse
ser my edit above re aurora
sometimes virustotal will have 2 or 3 antiivirus companies flag a file, these are probably false positives so probably nothing to worry about (though could just be a new submission, other companies should soon update if real malicious code, check back in a day or two). If lots of companies flag an apk then you haven a problem.
It looks like you have a problem whit overlays (unless it's an app your phone company installs for that function, not sure what you mean). You should install a proper antivirus app like Avast, malwarebytes etc as a first step, hopefully it can remove malicious apk
---------- Post added at 05:51 AM ---------- Previous post was at 05:37 AM ----------
BLEEDCOLORYOU said:
And IV never encrypted this phone.
Click to expand...
Click to collapse
Doesn't matter, encrypting phone only protects unauthorised access to your data. Once it is unlocked anyone can view your stuff. And once a malicious app is on your system it can shall read all your data even if you had encrypted it as it's unencrypted when you use it
IronRoo said:
ser my edit above re aurora
sometimes virustotal will have 2 or 3 antiivirus companies flag a file, these are probably false positives so probably nothing to worry about (though could just be a new submission, other companies should soon update if real malicious code, check back in a day or two). If lots of companies flag an apk then you haven a problem.
It looks like you have a problem whit overlays (unless it's an app your phone company installs for that function). You should install a proper antivirus app like Avast, malwarebytes etc as a first step, hopefully it can remove malicious apk
---------- Post added at 05:51 AM ---------- Previous post was at 05:37 AM ----------
Doesn't matter, encrypting phone only protects unauthorised access to your data. Once it is unlocked anyone can view your stuff. And once a malicious app is on your system it can shall read all your data even if you had encrypted it as it's unencrypted when you use it
Click to expand...
Click to collapse
Okay so now I'm trying to post screenshots of when I'm connected to wifi and it's not letting me
Pairwise cyphers and
Group cyphers
Sim_num
?
BLEEDCOLORYOU said:
And alot of the overlay apps n simtoolkit are all questionmarked
Click to expand...
Click to collapse
Tap those with question marks to submit to virustotal for analysis
IronRoo said:
Tap those with question marks to submit to virustotal for analysis
Click to expand...
Click to collapse
/sys/fs/selinux/class/appletalk_socket/perms
Not suspious?
BLEEDCOLORYOU said:
/sys/fs/selinux/class/appletalk_socket/perms
Not suspious?
Click to expand...
Click to collapse
Now I'm not stupid, this is facts. I just need defined and solution!!!
No these are normal library files. Stagefright "the malicious exploits" were called this as it was the stagefright framework it exploited. Everyone has these files, here are mine below.
You need to use tools like antivirus to identify bad files but even that is no guarantee as there is the possibility the original malicious file could have self deleted and, for example, just left open ports which would not be found as a "virus" but still allow remote access to your device.
If you cannot identify the actual exploit on your phone then the best solution is probably to just reflash the stock rom as this will wipe & overwrite everything. But if a malicious file is left on your SD card or another networked device you could soon be infected/compromised again. That is why I said before if you can't identify the source of your infection you really need to factory reset or reinstall all OS on all devices affected including your home router etc (or maybe it's your work or public network) and change all passwords.
IronRoo said:
No these are normal library files. Stagefright "the malicious exploits" were called this as it was the stagefright framework it exploited. Everyone has these files, here are mine below.
You need to use tools like antivirus to identify bad files but even that is no guarantee as there is the possibility the original malicious file could have self deleted and, for example, just left open ports which would not be found as a "virus" but still allow remote access to your device.
If you cannot identify the actual exploit on your phone then the best solution is probably to just reflash the stock rom as this will wipe & overwrite everything. But if a malicious file is left on your SD card or another networked device you could soon be infected/compromised again. That is why I said before if you can't identify the source of your infection you really need to factory reset or reinstall all OS on all devices affected including your home router etc (or maybe it's your work or public network) and change all passwords.
Click to expand...
Click to collapse
I'm on a video bridge network I got the direct TV setup with 2 wireless setups. Both secure from what I know.
BLEEDCOLORYOU said:
Pairwise cyphers and
Group cyphers
Sim_num
?
Click to expand...
Click to collapse
These are for encryption of your connection, not your phone
BLEEDCOLORYOU said:
I'm on a video bridge network I got the direct TV setup with 2 wireless setups. Both secure from what I know.
Click to expand...
Click to collapse
I'm no coding/security guru, but I have worked on telecoms, military electronics, etc but my coding & network security knowledge is limited.
I would run this app Fing to check your local network, are there any unknown devices connected?
https://play.google.com/store/apps/details?id=com.overlook.android.fing
note: this only finds currently connected devices, so you'd want to do this several times & especially when you see suspect behavior.
Also check for open ports, easiest way is probably this site, it will scan the first 1000 ports or so (select all)
https://www.grc.com/
go to shields up
but you really need to scan ALL possible ports with a tool like Zenmap (for PC) if you think you are compromised
https://nmap.org/zenmap/
However it's not clear to me if you ever installed a proper antivirus and whether it found and deleted anything? Virustotal seemed to find some suspect apks, I had a quick look at Trendmicro database but it didn't list details of the one it found in your screenshot, but the fact some of those antivirus companies called the suspect apk names with "joke" in it may suggest it's just a joke app your mate has installed, though probably not a joke app if your other devices are really also compromised, from memory there is also real malware with that name which may be able to infect other devices. Running a proper antivirus should easily find and clean any "joke" app on your phone & hopefully any real malware. If you've done this and still seeing indications you are compromised then do what I suggested above. (Also repeat malware checks on other devices and removable storage media)
You should also log into your router as admin and check settings, are you using a secure router password? Is firmware up to date. Is firewall set up correctly? Also close any open ports that you don't use. Turn off remote admin, if router has it. Etc etc what do your router logs show (turn on more detailed logging if necessary) Factory reset or reinstall firmware if you think changes have been made to your router by someone else.
Hi I am having same issues. Exact same behaviors regardless of new phones new carrier and all accounts being unconnected in name. Google etc. This is extreme. Its via bluetooth I agree something with esims or virtual sims for use of wifi access and or signal piracy for media. The DOD files are also something I am familier with seeing. Code Aurora was also a govt project way back. Its Interesting thst I have Verizon files loading on at & t phones and sprint loading on Verizon. Whatever this is has managed to infiltrate my computers as well. Its relentless. Its impressive and sophisticated. Please please help.
Spidder77 said:
Hi I am having same issues. Exact same behaviors regardless of new phones new carrier and all accounts being unconnected in name. Google etc. This is extreme. Its via bluetooth I agree something with esims or virtual sims for use of wifi access and or signal piracy for media. The DOD files are also something I am familier with seeing. Code Aurora was also a govt project way back. Its Interesting thst I have Verizon files loading on at & t phones and sprint loading on Verizon. Whatever this is has managed to infiltrate my computers as well. Its relentless. Its impressive and sophisticated. Please please help.
Click to expand...
Click to collapse
I'm having the same issmy ues. Did anyone ever resolve or figure out what is happening? I think I'm under investigation by the DOD and they own my devices. My uploads/downloads are blocked, internet searches filtered, pics/screenshots of evidence deleted off my phone, etc.
its a pretty fresh install, ota 015,twrp/magisk --SN fine.
i could install the typical things like openvpn,titanium,etc
but apk make problems,the usual tools wincomm/total,google drive...have access.
still the files get dl'ed, and i hit install,it goes up to about 90%.. then "app not installed"(11differend apk,from all kind of sources,and quite clean)
-the system is quite fresh, all 11 programs/tools would be a firsttimer on the phone
-i even cleared via twrp the delvic/art ,just in case.
i mean,i managed to hardbrick the phone in less then 6 hours after getting it(youtube link wrong boot img,and it could only get worse), unbricked it in 30 minutes via chinatool(needed that darn driver).
of course the 2nd day of install wont get smooth...
maybe someone has a idea,or maybe i have to get chinatool again...
I use Fx file explorer with root plugin them just install apk with root installer usually gets part that problem.
But would also check make sure you don't already have newer version of apk installed.
Other reason for this problem not having necessary dependencies installed like Google framework etc.
If root installer doesn't get desired results you will med to provide more detailed info. ( ie what apk, etc) and someone might be able to provide assistance.
apps2sd clean broken apps then reinstall might help
nujackk said:
I use Fx file explorer with root plugin them just install apk with root installer usually gets part that problem.
But would also check make sure you don't already have newer version of apk installed.
Other reason for this problem not having necessary dependencies installed like Google framework etc.
If root installer doesn't get desired results you will med to provide more detailed info. ( ie what apk, etc) and someone might be able to provide assistance.
Click to expand...
Click to collapse
thanks, fx f.e. iam going to try it, about the already installed,..no,its a fresh system,and most of the things arnt on it.
the apps are from tools ,system mangement ,etc up to mods,hacks, about 11 things from 8 differend kind of things, not downloaded from shaddy sides,only larger sides,with hundreds of reviews
BrianKuo1853 said:
apps2sd clean broken apps then reinstall might help
Click to expand...
Click to collapse
that worked for some things,for others i found a workaround,i like that tool,but this ads are annoying, luckypatcher couldnt remove them.
about the apk's, some are clearly not to speak of here,others are just systemmanagement,like a most simple app to change and block speaker,i cant stand,and never accept the speakerfunction,if i phone then at my ear,or via bluetooth, and to avoid any probs ,duo missclicking and loadspeak in a area where you should not,i block them by force. finding such a app on playstore....good luck
howerver all files are clean,that much i know,even kaspersky yells if a dirty apk gets downloaded,all other..i can only base on reviews etc, (they can be fake,but not 100+)
NoalFey said:
thanks, fx f.e. iam going to try it, about the already installed,..no,its a fresh system,and most of the things arnt on it.
the apps are from tools ,system mangement ,etc up to mods,hacks, about 11 things from 8 differend kind of things, not downloaded from shaddy sides,only larger sides,with hundreds of reviews
that worked for some things,for others i found a workaround,i like that tool,but this ads are annoying, luckypatcher couldnt remove them.
about the apk's, some are clearly not to speak of here,others are just systemmanagement,like a most simple app to change and block speaker,i cant stand,and never accept the speakerfunction,if i phone then at my ear,or via bluetooth, and to avoid any probs ,duo missclicking and loadspeak in a area where you should not,i block them by force. finding such a app on playstore....good luck
howerver all files are clean,that much i know,even kaspersky yells if a dirty apk gets downloaded,all other..i can only base on reviews etc, (they can be fake,but not 100+)
Click to expand...
Click to collapse
I think you should just clean install the ROM again, seems like a bit of issue u got here.
true,
which method would be the most simple and best to avoid the issue
-reset to factory-sys (unsure if it fixes a broken sys,instead of just deleting all userbased stuff)
-twrp clearing and the whole rom again (this method might work,if wiping everything is included)
-taking chinatool and start with h2o then back to the realdeal ota15 (thats what i did before,so iam not sure)
its not that i dont know the methods,its more like..i want your opinion what would be the best solution to avoid it.
NoalFey said:
thanks, fx f.e. iam going to try it, about the already installed,..no,its a fresh system,and most of the things arnt on it.
the apps are from tools ,system mangement ,etc up to mods,hacks, about 11 things from 8 differend kind of things, not downloaded from shaddy sides,only larger sides,with hundreds of reviews
that worked for some things,for others i found a workaround,i like that tool,but this ads are annoying, luckypatcher couldnt remove them.
about the apk's, some are clearly not to speak of here,others are just systemmanagement,like a most simple app to change and block speaker,i cant stand,and never accept the speakerfunction,if i phone then at my ear,or via bluetooth, and to avoid any probs ,duo missclicking and loadspeak in a area where you should not,i block them by force. finding such a app on playstore....good luck
howerver all files are clean,that much i know,even kaspersky yells if a dirty apk gets downloaded,all other..i can only base on reviews etc, (they can be fake,but not 100+)
Click to expand...
Click to collapse
Well first off I wouldn't mention lucky patcher again. It is a warez app and banned on XDA as are all mentions of the app. Also something to think about. App developers have been adding code that looks for lucky patcher and will not install if it is installed on the device. Some even cause the device to have random issues if it is installed. Heck I know one rom that removes it every time the user reboots their device.
As for the reviews. Dont put anything in the numbers. I can by 1000 downloads and 5 star reviews for about 50 bucks.
thanks for the reply
well the tool itself cant be made as "warez" since some of its functions are quite handy,like removing adds.
(whats completly legal,atleast in the EU)
about devs who enter code to sneakout other apps..no worries,
since you are in the op6 board,i assume you have one, go under apps,then tap the left border,and pull towards right,there is a secret stash,add all the fancy stuff you wanne hide there,and even google ,pokemon,fortnite run if the stuff is hidden there (of course magisk has to be set right too)
about the reviews true,but if some of those are quite names,that are known in android,linux or Minecraft business,i kinda trust them,and if that review isnt 1 day old,its fine,especially with comments like"7 weeks now,and it still works well,no flaws no hickups.." (example) makes me believe that this apps are worth the 0 bucks paid for.
iam not going to mention warez,but lucky is none of those,especially since several german speaking sides have mentioned it and praised it aswell (the big ones,with printed paper stuff),so i assume, eu rights,should fit in here aswell, (not that iam part of the EU,but swiss)
NoalFey said:
thanks for the reply
well the tool itself cant be made as "warez" since some of its functions are quite handy,like removing adds.
(whats completly legal,atleast in the EU)
about devs who enter code to sneakout other apps..no worries,
since you are in the op6 board,i assume you have one, go under apps,then tap the left border,and pull towards right,there is a secret stash,add all the fancy stuff you wanne hide there,and even google ,pokemon,fortnite run if the stuff is hidden there (of course magisk has to be set right too)
about the reviews true,but if some of those are quite names,that are known in android,linux or Minecraft business,i kinda trust them,and if that review isnt 1 day old,its fine,especially with comments like"7 weeks now,and it still works well,no flaws no hickups.." (example) makes me believe that this apps are worth the 0 bucks paid for.
iam not going to mention warez,but lucky is none of those,especially since several german speaking sides have mentioned it and praised it aswell (the big ones,with printed paper stuff),so i assume, eu rights,should fit in here aswell, (not that iam part of the EU,but swiss)
Click to expand...
Click to collapse
I don't care what other sites do or say. Lucky is banned here as a Warez app. Bottom line.
It is the ai gle most hated app on this site. People have been flamed just for having the icon on their screen.
So I'll tell you what most others will as well. You will find no help here as long as you have it installed. Until you remove it you are on your own.
https://www.google.com/amp/s/forum....lucky-patcher-broke-google-play-t3471231/amp/
Moderator note:
Lucky patcher is considered warez on xda and the discussion about it is prohibited. Yes, it does have legitimate uses, but as long as it also has illegitimate uses that cheat developers, it will remain classified as warez here.
Thanks!
speak about hornets nest,
well thanks for the clearification,there was clearly no ill intent or drama in mind.
but thats the confusion part, one of the most readed pc print magazins in the eu has on their webside guides about how to root,what rooted apps you should have,and has the mentioned one also,how could a normal person think of it as the whorst app arround.
are there more names not to mention? kinda like a list of "dont talk about,it just makes drama"
thanks again for clearing that up
NoalFey said:
speak about hornets nest,
well thanks for the clearification,there was clearly no ill intent or drama in mind.
but thats the confusion part, one of the most readed pc print magazins in the eu has on their webside guides about how to root,what rooted apps you should have,and has the mentioned one also,how could a normal person think of it as the whorst app arround.
are there more names not to mention? kinda like a list of "dont talk about,it just makes drama"
thanks again for clearing that up
Click to expand...
Click to collapse
There is a few. The easiest way is to search before asking. You know filling the rules you agreed to when you joined. Also any app that can bypass paying for an app/service is automatically banned (depending on the app)
As for the mag. Use your head and common sense. You never listen to what a reporter says about something like this. Or really anything for that matter. They just repeat what they hear. They have no real understanding of what is going on or the risks involved. I bet that magazine didn't mention that lucky patcher has a history of privacy violations and wares being installed in the background right?
hmm i think that wrighter knew exactly what he was going for,especially the anti-googlead part,well many europeans hate adds,and are able todo any and everything to get rid of them ,and in many nations are adblocker-blocker forbidden by law,means companies cant do a thing if you block adds and such a tool is fun from that side,noone mentions that is has other functions,until here mentioned,well the problem with such is, if people know tool X can block adds,they use it 100% for that,and dont touch other parts,until someone mention more functions,then it gets interesting..well until you learn the disappointment that the said functions are just for games.
why the hack would i play games on a phone? i have a tr1950 with fancy parts,for my gaminghabbits,that smartphone is a tool,not a nds or such.. i get the nonlegal part,but the sense of it is beyond me, whoever needs that shall buy a pc, *imo*
NoalFey said:
hmm i think that wrighter knew exactly what he was going for,especially the anti-googlead part,well many europeans hate adds,and are able todo any and everything to get rid of them ,and in many nations are adblocker-blocker forbidden by law,means companies cant do a thing if you block adds and such a tool is fun from that side,noone mentions that is has other functions,until here mentioned,well the problem with such is, if people know tool X can block adds,they use it 100% for that,and dont touch other parts,until someone mention more functions,then it gets interesting..well until you learn the disappointment that the said functions are just for games.
why the hack would i play games on a phone? i have a tr1950 with fancy parts,for my gaminghabbits,that smartphone is a tool,not a nds or such.. i get the nonlegal part,but the sense of it is beyond me, whoever needs that shall buy a pc, *imo*
Click to expand...
Click to collapse
Ad blocking has nothing to do with it. XDA has many of them all over the site. Look you will never be able to justify its use here. So we will end this here. If you need help again dont mention the app other wise you might get far worse flamed next time.