So I was looking for an app to make the top radius match the bottom radius on the corners while using the option of hiding the notch (I already have one different working app for that now). Someone suggested a very shady link to download an apk but since I'm desperate and dumb I just downloaded and installed it. However, after installation there was only a "done" button but "open" button was greyed out, there was no new app on app drawer and there was no new app in application list in settings. I started getting worried that I had just installed some bitcoin mining software or another kind of malware.
I got even more worried because if I tapped on the apk again it was asking me if I wanted to UPDATE the app instead of if I wanted to install it so it was already installed and it had permissions to access gps, phone history, and read, modify and delete USB storage.
After a while during the day, my phone started doing random noises from the speakers like audio from ads but without opening any app, then later it started opening random chit on google chrome and that is not even my default browser (my default is samsung browser), it opened those very intrusive ads that tell you you have a virus and you cannot go back you have to close the whole tab or app it also opened some ads with sexual content a few times.
I always thought all free anti-virus app on the play store were completely useless and just bloating apps but I started installing a bunch, most didn't detect absolutely anything after the option "scan all apps" I tried kaspersky, avast, AVG, Norton, etc. then I installed this (it's called "hi security" so not known brand and I thought it was going to be the worse but after opening it was powered by "McAfee" so at least McAfee is known):
https://play.google.com/store/apps/details?id=com.ehawk.antivirus.applock.wifi
And it actually detected some malware after scanning all apps, there was an app with completely blank name on device administrators that I never gave permission to become device administrator as far as I remember, so I unchecked that app from admin and then the antivirus app was able to uninstall it.
After the virus cleaner uninstalled the app I haven't had any more issues with audios or ads opening on chrome. Do you think I'm safe now or could I still have some spyware?
I posted some screenshots showing everything.
I doubt that anyone wants the apk but if a developer wants it for reverse engineering or whatever reason I can post it the the name "MALWARE_do_NOT_install.apk" or something like that
If you are afraid of malware then flashing stock room is the best bet to get rid of it
vwite said:
So I was looking for an app to make the top radius match the bottom radius on the corners while using the option of hiding the notch.
Click to expand...
Click to collapse
Well, that all sucks!
Back to your top radius matching the bottom problem, here is what your're looking for!
I saw it on some guys youtube channel
https://play.google.com/store/apps/details?id=com.thsoft.rounded.corner&hl=en_US
Bro if security is top priority dont unlock bootloader and root because if you root your device you need to be careful i use af wall and also in settings i will control the permissons of all the apps you need to be conscious because in today's world internet devloped along with it many hackers many trojan rats are devloped so first study some blogs how to use android mobile safely finally if you root and use right apps you can secure device tonhigh level .apps like x privacy lua afwall will secure your device and super user authentication should be set to promt not allow by default
surface13 said:
Well, that all sucks!
Back to your top radius matching the bottom problem, here is what your're looking for!
I saw it on some guys youtube channel
https://play.google.com/store/apps/details?id=com.thsoft.rounded.corner&hl=en_US
Click to expand...
Click to collapse
good app, that's the one I've been using for a while It has a few issues but overall good
Manivannan9444 said:
Bro if security is top priority dont unlock bootloader and root because if you root your device you need to be careful i use af wall and also in settings i will control the permissons of all the apps you need to be conscious because in today's world internet devloped along with it many hackers many trojan rats are devloped so first study some blogs how to use android mobile safely finally if you root and use right apps you can secure device tonhigh level .apps like x privacy lua afwall will secure your device and super user authentication should be set to promt not allow by default
Click to expand...
Click to collapse
I'm not rooted at the moment, phone has been doing everything I want except HBM but I don't think I'll root just because of that because I also use samsung pay plugin for my gear s3 and don't want to risk it
First of all dont trust any antivirus app except major companies like AVG, Avira etc. Always download from playstore. Don't give permission to browser to install app (unknown sources) in 8.1.0 u can do that.
Now scan all apps.. And remove them. Malwarebytes is best to remove hidden malware on any platform.
Good luck.
If u r ready to format and clean ur internal memory then, format ur handset from settings, download whole stock rom and flash it from recovery..
Regards.
herecomesmaggi said:
First of all dont trust any antivirus app except major companies like AVG, Avira etc. Always download from playstore. Don't give permission to browser to install app (unknown sources) in 8.1.0 u can do that.
Now scan all apps.. And remove them. Malwarebytes is best to remove hidden malware on any platform.
Good luck.
If u r ready to format and clean ur internal memory then, format ur handset from settings, download whole stock rom and flash it from recovery..
Regards.
Click to expand...
Click to collapse
Thanks, as I said on first post AVG and Avira were useless for this infection but both "Hi Security" and Malwarebytes premium were able to do the job
vwite said:
Thanks, as I said on first post AVG and Avira were useless for this infection but both "Hi Security" and Malwarebytes premium were able to do the job
Click to expand...
Click to collapse
I mentioned Avira nd AVG as antivirus. Malwarebytes is best bro for malware infection. I m using it since 2009 for pc. Every time it does the job.
Also for ur round corner.. I suggest u search for "round R" a app found on xda in 2011 or 12, since then It does it job beautifully.
Regards
Related
Hi,
I've installed AndroidLost on my phone, so I can track it if it gets stolen. The app is hidden from the main app drawer and can't be directly uninstalled.
However, if I go to Device Administrators in the settings, I can deselect the item (which is named Personal Notes in there). Once deselected, it obviously becomes completely useless, and can't administer the phone.
Obviously,doing all of this requires a degree of knowledge, but not all thieves are completely stupid, so would be able to do it.
Is there a way of password protecting the device administrators, so that the app can't be disabled without a pass code? If not, is there an alternative app that can control the phone from a website that can be 100% hidden from view?
Thanks for any suggestions!
MetalOllie said:
Hi,
I've installed AndroidLost on my phone, so I can track it if it gets stolen. The app is hidden from the main app drawer and can't be directly uninstalled.
However, if I go to Device Administrators in the settings, I can deselect the item (which is named Personal Notes in there). Once deselected, it obviously becomes completely useless, and can't administer the phone.
Obviously,doing all of this requires a degree of knowledge, but not all thieves are completely stupid, so would be able to do it.
Is there a way of password protecting the device administrators, so that the app can't be disabled without a pass code? If not, is there an alternative app that can control the phone from a website that can be 100% hidden from view?
Thanks for any suggestions!
Click to expand...
Click to collapse
You can use some 3rd party apps like audio manager or Avast anti virus to lock down the settings....
Android sometimes proves to be frustrating when it comes to security concerns......
eatsleep said:
You can use some 3rd party apps like audio manager or Avast anti virus to lock down the settings....
Android sometimes proves to be frustrating when it comes to security concerns......
Click to expand...
Click to collapse
Thanks.. I've tried Audio Manager, but that seems to be only capable of hiding the actual app, which the app does by itself. It's preventing someone from unchecking it under Security>Device Administrators that I'm trying to achieve, and unless I'm not using AM properly, I can't find any way of using that to hide it.
MetalOllie said:
Thanks.. I've tried Audio Manager, but that seems to be only capable of hiding the actual app, which the app does by itself. It's preventing someone from unchecking it under Security>Device Administrators that I'm trying to achieve, and unless I'm not using AM properly, I can't find any way of using that to hide it.
Click to expand...
Click to collapse
You didn't got the point...
Hide or lock the settings..... My friends use this technique.....
eatsleep said:
You didn't got the point...
Hide or lock the settings..... My friends use this technique.....
Click to expand...
Click to collapse
Thanks.. Audio Manager didn't really suit my needs, although it was more or less able to do what I wanted.. In the end I went with an app called AppLock, which puts a passcode on any app, including settings, but also has root capability, preventing it from being uninstalled, closed, etc. it also seems a little slicker.
Hello
im facing an ad-ware issues on my htc desire 610
out of no where my phone's screen dims and an add appear (while im on my home screen and all the apps are closed)
You can see the adds in the attachment
please tell me how to locate and remove it
You could try running Malwarebytes, I've normally had quite good results with it.
It's one of the apps you're using. Go through the permissions your apps have
genius911 said:
Hello
im facing an ad-ware issues on my htc desire 610
out of no where my phone's screen dims and an add appear (while im on my home screen and all the apps are closed)
You can see the adds in the attachment
please tell me how to locate and remove it
Click to expand...
Click to collapse
i also have this problem... i guess "Clean Master" is doing it in my Z3 Compact.
I have solved this issue on canvas a116 and core duos (gt i8262)
firstly, to check the severity of the virus do this : go to settings>security>device administrators
try to remove all apps under device administrators. If u are unable to remove them implies the virus is now embedded to ur fone's firmware.
solution : 1. backup ur contacts and media only, (do not backup apps and app data)
2. now u need to do a factory reset either from recovery menu or using adb (factory reset from 'settings' wont work)
3. if u again see any app under device administrators then the only solution is to reflash ur firmware
About the virus: This virus come packed in several apps on playstore in april 2015, those apps were immediately removed from playstore. however before its removal from playstore the virus had infected around 5000 smartphones. some websites refer to it as ghosthost virus. Still some non playstore apps carry this virus with them. once you install such apps, the virus will first root ur fone, and then grant itself superuser permissions without u even knowing it. Then it will install itself into system folder so dat it appears to be a system app. Whenever u r connected to internet it will download adware and install them in system folder. Its a very powerful virus, it also hides itself by running a script. Once it is in system folder u wont be able to delete it because it imitates the file names of the system files.
There's a huge list of infected apps hosted by Google playstore. So I think it's not easy to keep our devices secure from virus infection.
AVG can be as correct the problem
Hi guys! i have a serious adware problem on my elephone p7000 and i hope you can help me out.
So it's been a few days and i haven't been able to uninstall this mofo.
Here's what the adware is doing:
-Used to open ads on homescreen. it did that disguising itself as a dancing matrioska doll (which you could move around). since i installed CM security it stopped showing this kinds of ads.
-It opens pop up windows with du batery saver or other related apps (from appstore and from non-official stores). Mostly when i browse the internet.
-it places vertical ad banners (like the normal ones on almost every app on the store) on some apps, it seems to be random, cause it doesn't always happen on the same app, but it's always placed on the lower side of the phone.
-it installs push notifications with ads
-i believe it shows app ads on google play store (i haven't installed any app in quite a while so it could be google implementing this).
i have tried a lot of apps:
-Avg
-Avira
-Avast
-Malwarebytes
-CM manager (found a stagefright vulnerability and fixed it)
-Stagefright detector (with vulnerable result)
-addons detector
-airpush detector
-trustgo ad detector
-adware
-ad clean & antivirus security
and not even has been able to remove this damn malware, they don't even spot it!
i've also tried looking for all the apps on the phone,searching for apps with all the permissions and here's the list ( i don't know if these are the problem or not):
-Aging test
-agoldFactory test
-Bluetooth
.Bluetooth Share
-Bluetoooth LE
-Common data service
-e_Compass
-Elephone launcher (apparently it's the same as X launcher mysterious)
-LocationEM2
-MTK THERMAL MANAGER
- at least 3 different phone apps, 2 with 4.4 icons and 1 with android 5.0 icon. all have access to everything (is it normal to have 3 apps with the same name but different icons? )
- settings storage
-trusted face
-ygps
i have also cleared the cache of the phone, because i've read on several places that it helps (settings -> storage -> clear cache data) but with no positive result.
i have also tried looking for admin permissions but the only things in there are CM security and android manager (which i suppose is NOT an app but part of the OS).
I have tried looking for hidden files while checking my phone on my pc but there wasn't any nor did i find any weird app NOT installed by me.
i don't know if you have any other advice on what to do, or if you can help me reduce this list of apps so i can find the culprit app.
i'm afraid this is the ghost virus everyone's talking about, it appeared out of nowhere.
i haven't browsed that much. and when i do i always go to trusted sources. apart from the netflix app which i downloaded a few days ago i haven't downloaded anything in like 1 or 2 months and didn't have this problem until a few days ago. Right after my girlfriend's phone (same model as mine) got the same problem.
We both had the "install from untrusted sources" option on because i was testing an app i am making, but i doubt that's the problem since we only activated it whenever i tried to install the app on the phone (like twice in a week).
she has sent me pictures or files through mail, whatsapp or telegram only and it's the only link between our phones, besides being under the same wifi connection, of course.
thanks in advance for the help!
This is a known issue with these types of devices. They have these ads built into the system apks.
Hi !
Thanks for that solutions !
I have a question : where could I find malwarebytes for android ?
Best regard.
Adware and infected htc desire 526 g plus
Guys I am in a pickle! :silly:
I want to wipe my HTC desire 526 plus clean of malware that is causing it to download unwanted apps without consent. The malware seems capable of modifying the inherent permissions and bypassing all security features.
I am unable to gain root access by kingoroot alone. adware is not letting me update the Superuser app and being nasty on purpose.
It can gain permission to automatically start wifi, gain pemission to install 'Unknown Apps' and sends location and data with impunity. The ads are everywhere.:crying:
I have tried stock backup but it still reinstalls all the malware and the same cycle begins again. What I want is a freash stock rom/nand backup for this menace. Surprisingly I still cant find one link on the world wide web. Please Help me find it.
I am unable to gain root access by kingoroot alone. adware is not letting me update the Superuser app and being nasty on purpose.
alokmey3 said:
Guys I am in a pickle! :silly:
I want to wipe my HTC desire 526 plus clean of malware that is causing it to download unwanted apps without consent. The malware seems capable of modifying the inherent permissions and bypassing all security features.
I am unable to gain root access by kingoroot alone. adware is not letting me update the Superuser app and being nasty on purpose.
It can gain permission to automatically start wifi, gain pemission to install 'Unknown Apps' and sends location and data with impunity. The ads are everywhere.:crying:
I have tried stock backup but it still reinstalls all the malware and the same cycle begins again. What I want is a freash stock rom/nand backup for this menace. Surprisingly I still cant find one link on the world wide web. Please Help me find it.
I am unable to gain root access by kingoroot alone. adware is not letting me update the Superuser app and being nasty on purpose.
Click to expand...
Click to collapse
Kingo root is the reason you are in this jam as it is. I don't think HTC ever released anything for this device so your best bet is to contact HTC.
ENERGYSER400 MTK 6572 virus help android 4.4.2
Bonjour, hy
For me it's exactly the same on my phone.... i have the snowfoxer folder with a lot of malicious apk on it and i don't know how to delete or erase the virus .... without wifi and google play ..... how i can flash the firmwire please
!
philjps said:
Bonjour, hy
For me it's exactly the same on my phone.... i have the snowfoxer folder with a lot of malicious apk on it and i don't know how to delete or erase the virus .... without wifi and google play ..... how i can flash the firmwire please
!
Click to expand...
Click to collapse
Find the forum that supports your device
model/carrier and post there. You'll likely find your answers there. If not someone will help you.
HTC desire 526G+ bricked
zelendel said:
Kingo root is the reason you are in this jam as it is. I don't think HTC ever released anything for this device so your best bet is to contact HTC.
Click to expand...
Click to collapse
I have deleted my priv-app folder and now I am stuck in boot loop, or just the HTC logo.
cant boot into recovery or bootloader (I tried). Tell me if you know something
Hi guys
I recently purchased a Elephone S3 from Everbuying.com. I heard people talking about how notorious these Chinese phones are having malware installed on them, so I decided to give the malware check a go and use about 10+ popular Malware detection apps (Avast, Kaspersky, Avira, Trojan Killer, you name it) currently available on Play Store.
Out of all those, excluding warnings that doesn't really matter in this regards (Malware specific), the below two apps gave me those respective warning results.
I have done some research, but i don't think I found any relevant info in this regards. So, for all the guru out there, the question is obvious, should I be worried about these "non-deletable" apps (if not rooted)? If they ARE malicious, can I be worried free by turning off ALL permissions for the apps and in some case, disable the app (I can disable the Beauty Center, not ELE Launcher).
Thanks to you all for any input!
Malwarebytes Anti-Malware
App - Beauty Center
Message - Android/PUP.Riskware.Cooee.a
App - ELE Launcher
Message - Android/PUP.Riskware.Cooee.H
Stubborn Trojan Killer
App - Beauty Center
Message - General Trojan
App - ELE Launcher
Message - General Trojan
bagachin said:
Hi guys
I recently purchased a Elephone S3 from Everbuying.com. I heard people talking about how notorious these Chinese phones are having malware installed on them, so I decided to give the malware check a go and use about 10+ popular Malware detection apps (Avast, Kaspersky, Avira, Trojan Killer, you name it) currently available on Play Store.
Out of all those, excluding warnings that doesn't really matter in this regards (Malware specific), the below two apps gave me those respective warning results.
I have done some research, but i don't think I found any relevant info in this regards. So, for all the guru out there, the question is obvious, should I be worried about these "non-deletable" apps (if not rooted)? If they ARE malicious, can I be worried free by turning off ALL permissions for the apps and in some case, disable the app (I can disable the Beauty Center, not ELE Launcher).
Thanks to you all for any input!
Malwarebytes Anti-Malware
App - Beauty Center
Message - Android/PUP.Riskware.Cooee.a
App - ELE Launcher
Message - Android/PUP.Riskware.Cooee.H
Stubborn Trojan Killer
App - Beauty Center
Message - General Trojan
App - ELE Launcher
Message - General Trojan
Click to expand...
Click to collapse
go ahead and disable Beauty Center, as far as ELE Launcher, that seems legit. But if you don't like it, just replace it with something like Nova Launcher.
mattzeller said:
go ahead and disable Beauty Center, as far as ELE Launcher, that seems legit. But if you don't like it, just replace it with something like Nova Launcher.
Click to expand...
Click to collapse
Hi mattzeller, thanks heaps for the info! This might not be a good question, but just for my information, generally speaking, is there a way to distinguish between a real harmful malware (actively stealing personal info) and an app that has more access and integration to the phone's OS than others by looking at the information provided? In other words, is there any obvious give away sign?
Thanks again for the help!
bagachin said:
Hi mattzeller, thanks heaps for the info! This might not be a good question, but just for my information, generally speaking, is there a way to distinguish between a real harmful malware (actively stealing personal info) and an app that has more access and integration to the phone's OS than others by looking at the information provided? In other words, is there any obvious give away sign?
Thanks again for the help!
Click to expand...
Click to collapse
Well look at reviews of the app, see if it is installing other apps without your consent, or constantly nagging you to download other apps. Generally 99.99% of apps on Google play are safe. Occasionally some crapware gets on there, but if you take a look at its rating and reviews (not just the highlights) you should be good.
Sent from my SCH-R220
bagachin said:
Hi mattzeller, thanks heaps for the info! This might not be a good question, but just for my information, generally speaking, is there a way to distinguish between a real harmful malware (actively stealing personal info) and an app that has more access and integration to the phone's OS than others by looking at the information provided? In other words, is there any obvious give away sign?
Thanks again for the help!
Click to expand...
Click to collapse
Always check the apps permissions. I absolutely refuse to install an app that has permissions that it shouldn't be using. However, if the app you're about to download needs permissions related to the app features, that's OK with me.
I see so many Play Store apps that are just total spyware in my book. Flashlight apps are a good example of this. There is zero reasons a flashlight app needs to read my contacts or a data connection. Just be mindful of reviews and permissions and you'll be OK.
KernelCorn said:
Always check the apps permissions. I absolutely refuse to install an app that has permissions that it shouldn't be using. However, if the app you're about to download needs permissions related to the app features, that's OK with me.
I see so many Play Store apps that are just total spyware in my book. Flashlight apps are a good example of this. There is zero reasons a flashlight app needs to read my contacts or a data connection. Just be mindful of reviews and permissions and you'll be OK.
Click to expand...
Click to collapse
I don't worry about apps with excessive permissions, I just revoke the permissions I don't like.
Sent from my SCH-R220
mattzeller said:
I don't worry about apps with excessive permissions, I just revoke the permissions I don't like.
Click to expand...
Click to collapse
That's the best way to do it.
I do the same thing, but I see lots of people posting here that aren't too tech savvy. For them be mindful of what you download.
mattzeller said:
Well look at reviews of the app, see if it is installing other apps without your consent, or constantly nagging you to download other apps. Generally 99.99% of apps on Google play are safe. Occasionally some crapware gets on there, but if you take a look at its rating and reviews (not just the highlights) you should be good.
Sent from my SCH-R220
Click to expand...
Click to collapse
Thanks for the advice. Yes, I am aware that common source/cause of malwares are side load apps and rooted device. So I am always fairly cautious about any apps i installed via non-play store source. However, these two caught apk are installed right out of box. That kinda annoys me. I don't jump on the bandwagon and say Chinese phones are infested with malwares and I believe a lot of the time people just over exaggerate and blow some minority out of proportion.
However, the truth is, this is the first Chinese phone I got and it came with two identified malwares. To be fair, it might not be particularly malicious, but it's enough to make me have second thought about my purchase....
KernelCorn said:
Always check the apps permissions. I absolutely refuse to install an app that has permissions that it shouldn't be using. However, if the app you're about to download needs permissions related to the app features, that's OK with me.
I see so many Play Store apps that are just total spyware in my book. Flashlight apps are a good example of this. There is zero reasons a flashlight app needs to read my contacts or a data connection. Just be mindful of reviews and permissions and you'll be OK.
Click to expand...
Click to collapse
Thanks for the comment! Yes, I am quite careful about the app I get to choose to install, but I have little control over these apps that come pre-installed on these chinese phone and got detected as "malwares"
mattzeller said:
I don't worry about apps with excessive permissions, I just revoke the permissions I don't like.
Sent from my SCH-R220
Click to expand...
Click to collapse
Yap, what I did for those two apps I mentioned are turning off all permissions access to them, disable app for the one I can and turn off background data access. Hopefully it will freeze them for good and stop them from playing naughty.
Just a question though, say I do all those above (e.g. switching off permission, force stopped etc), technically speaking, can a malware still be "active and do what they "meant" to do"? I meant after all, they are meant to do something "out of control" right?
bagachin said:
Yap, what I did for those two apps I mentioned are turning off all permissions access to them, disable app for the one I can and turn off background data access. Hopefully it will freeze them for good and stop them from playing naughty.
Just a question though, say I do all those above (e.g. switching off permission, force stopped etc), technically speaking, can a malware still be "active and do what they "meant" to do"? I meant after all, they are meant to do something "out of control" right?
Click to expand...
Click to collapse
No, if you revoke the permission to view your contacts, it is the system that is blocking the apps ability to view your contacts.
Though I think you are being a little paranoid.
Everyone freaks out out all the permissions apps require, when the app actually never uses most of the permissions it asks for, at least not in the way you think. You wouldn't think the launcher needs permissions to access your contacts, but it does. How else is it going to allow you to make a call, or display an incoming all, or missed call/text badges.
I mean take a look at the litany of permissions Nova Launcher and TeslaUnread require, yet we all know the app is not malware. As long as you install from legitimate sources, you will be fine. Like I said in my first post, disable the Beauty app, the other is the Launcher. If you don't like it, install a different one.
Sent from my SCH-R220
Who would you rather have snoop in on your calls? China, or USA.. Because it is one or the other.. me personally, I will take the country in which I do not reside...
mattzeller said:
No, if you revoke the permission to view your contacts, it is the system that is blocking the apps ability to view your contacts.
Though I think you are being a little paranoid.
Everyone freaks out out all the permissions apps require, when the app actually never uses most of the permissions it asks for, at least not in the way you think. You wouldn't think the launcher needs permissions to access your contacts, but it does. How else is it going to allow you to make a call, or display an incoming all, or missed call/text badges.
I mean take a look at the litany of permissions Nova Launcher and TeslaUnread require, yet we all know the app is not malware. As long as you install from legitimate sources, you will be fine. Like I said in my first post, disable the Beauty app, the other is the Launcher. If you don't like it, install a different one.
Sent from my SCH-R220
Click to expand...
Click to collapse
Unfortunately the way things are with the permissive Android system, we have to be a little paranoid. The built in system apps like launchers and permissions can't be disabled easily unless the user is technical enough to know about rooting using apps like xposed/xprivacy.
I have a virus on my phone device mentioned at the title. I have heard about it in some websites and 1 in xda too but it didn't help. I hard resetted it alot from the power and volume buttons. It still comes. My device was rooted using king root. The virus installs many apps . I do not know the exact file names. it was like asd.htj.zcx , zgf.iok.lkj etc. I get it every time i connect to the internet. It creates shortcut to porn sites (sex club, hot videos). I do not own the device its of my mom and she will be mad if she saw it. I couldn't suspect any apps that could do it i would have removed it if i could suspect it. It gives another type of ad about juggernaut champions, uc browser(which i already had). It displays full screen ads excluding the status bar stating launcher loading. It just draws its content over other apps as i noticed it while i hold down the home button i noticed the recent apps thing. And I discovered that if i turn off wifi its gone. Until the time i turn off wifi.
I couldn't install a custom rom as my phone is not detected in spreadtrum driver update tool.
The official update from lavamobiles.com fails halfway while verification.
I have a good experience on samsung devices. But i don't know about others
Plz help!! Fast!!!
sashinm said:
I have a virus on my phone device mentioned at the title. I have heard about it in some websites and 1 in xda too but it didn't help. I hard resetted it alot from the power and volume buttons. It still comes. My device was rooted using king root. The virus installs many apps . I do not know the exact file names. it was like asd.htj.zcx , zgf.iok.lkj etc. I get it every time i connect to the internet. It creates shortcut to porn sites (sex club, hot videos). I do not own the device its of my mom and she will be mad if she saw it. I couldn't suspect any apps that could do it i would have removed it if i could suspect it. It gives another type of ad about juggernaut champions, uc browser(which i already had). It displays full screen ads excluding the status bar stating launcher loading. It just draws its content over other apps as i noticed it while i hold down the home button i noticed the recent apps thing. And I discovered that if i turn off wifi its gone. Until the time i turn off wifi.
I couldn't install a custom rom as my phone is not detected in spreadtrum driver update tool.
The official update from lavamobiles.com fails halfway while verification.
I have a good experience on samsung devices. But i don't know about others
Plz help!! Fast!!!
Click to expand...
Click to collapse
If your mom hasn't killed you yet, follow these steps.
1. Download ES File Explorer from Google Play
2. Run app and navigate to the "Apps Page"
3. Sort installed apps by Date. Making the most recently installed apps appear first
3. Using Es File Explorer, unistall the suspicious looking apps. Or navigate to data/app or system/app and delete the apps manually. You can sort the files (apks) in the system/app folder by date. That should make it easier to locate the newly installed malware.
4. After you've removed all the suspicious apps, Reboot and connect to a WiFi/Mobile Data to make sure all the malicious apps are gone (you shouldn't get the pop ups or the shortcuts anymore)
5. If everything works as intended, uninstall ES File Explorer.
Thanks
Freewander10 said:
If your mom hasn't killed you yet, follow these steps.
1. Download ES File Explorer from Google Play
2. Run app and navigate to the "Apps Page"
3. Sort installed apps by Date. Making the most recently installed apps appear first
3. Using Es File Explorer, unistall the suspicious looking apps. Or navigate to data/app or system/app and delete the apps manually. You can sort the files (apks) in the system/app folder by date. That should make it easier to locate the newly installed malware.
4. After you've removed all the suspicious apps, Reboot and connect to a WiFi/Mobile Data to make sure all the malicious apps are gone (you shouldn't get the pop ups or the shortcuts anymore)
5. If everything works as intended, uninstall ES File Explorer.
Click to expand...
Click to collapse
Thank you!
But I already did that. :good::good::good:
I was inactive to reply if i am late i checked my email and got the reply.
The method was pretty much the same.
The differences from the method are:
I used link2sd to do so
and i found that they weren't in /system/app/ but in /system/priv-app/ .
I tried uninstalling them and it said reboot device. Still they were not uninstalled.
I have just frozen them. And now it works fine.
Good news for non rooted people you can disable the apps if you have the same virus.
If you still have the virus after disabling the apps then you can use link2sd without root and view the system apps and sort them acc to date.
The name of the apps are:
Android Media Service
catstudio
netalpha
org.rain.ball.update
PhoneService
Good news the device is mine now :laugh::laugh::laugh:
I classified the virus and its impacts and removed the explicit one.
And let my mom use facebook for a while i know it sounds cruel but i had to do it.
She had a experience from hell. Then i disabled the sim and said "Now even the sim doesnt work" :cyclops::cyclops::cyclops:
sashinm said:
Thank you!
But I already did that. :good::good::good:
I was inactive to reply if i am late i checked my email and got the reply.
The method was pretty much the same.
The differences from the method are:
I used link2sd to do so
and i found that they weren't in /system/app/ but in /system/priv-app/ .
I tried uninstalling them and it said reboot device. Still they were not uninstalled.
I have just frozen them. And now it works fine.
Good news for non rooted people you can disable the apps if you have the same virus.
If you still have the virus after disabling the apps then you can use link2sd without root and view the system apps and sort them acc to date.
The name of the apps are:
Android Media Service
catstudio
netalpha
org.rain.ball.update
PhoneService
Good news the device is mine now :laugh::laugh::laugh:
I classified the virus and its impacts and removed the explicit one.
And let my mom use facebook for a while i know it sounds cruel but i had to do it.
She had a experience from hell. Then i disabled the sim and said "Now even the sim doesnt work" :cyclops::cyclops::cyclops:
Click to expand...
Click to collapse
I'm glad you got them removed.
You're cold bro
But you got a new phone so :good:
Flash the device
using ResearchDownload Spreadtrum
first, install driver spreadtrum in pc
2, firmware firmwarefile*com/lava-iris-atom-2
Freewander10 said:
I'm glad you got them removed.
You're cold bro
But you got a new phone so :good:
Click to expand...
Click to collapse
Thanks
And actually I got an old phone :silly::silly::silly:
But something is better than nothing:good::good:
danmrz said:
using ResearchDownload Spreadtrum
first, install driver spreadtrum in pc
2, firmware firmwarefile*com/lava-iris-atom-2
Click to expand...
Click to collapse
My device isnt detected in flash tool while it is detected in auto driver installer.
Has anybody deleted some of the bloatware apps, more specifically the stock File Manager?
com.jrdcom.filemanager
/data/app/com.jrdcom.filemanager-2/base.apk
Wondering if anybody tried and had any ramifications from it.
This thing just all of a sudden activated itself and runs in memory, and there is no Disable for it. I could install an app to freeze it, but that defeats the purpose.
Moscow Desire said:
Has anybody deleted some of the bloatware apps, more specifically the stock File Manager?
com.jrdcom.filemanager
/data/app/com.jrdcom.filemanager-2/base.apk
Wondering if anybody tried and had any ramifications from it.
This thing just all of a sudden activated itself and runs in memory, and there is no Disable for it. I could install an app to freeze it, but that defeats the purpose.
Click to expand...
Click to collapse
Im runnin lineage on mine and doesnt even have it on there.
I would freeze it. Make sure your downloads and such still work ok.
Give it a few days if good then remove.
TheMadScientist said:
Im runnin lineage on mine and doesnt even have it on there.
I would freeze it. Make sure your downloads and such still work ok.
Give it a few days if good then remove.
Click to expand...
Click to collapse
Thanks, I deleted the culprit. No issues so far.
LOL...after 3 or 4 days the lovely File Manager App magically installed itself. Looks like a more indepth investigation is forthcoming.
Obviously there is another app that re-installs it.
Stinkin thing.
I switched over to the xperia rom on idol 3 And it got rid of a load of crap, Bunch of xposed is working.
I just dont care for the stock rom on this thing at all, Even debloated it runs like crap,
Ive had this device now over a week and cant find any sort of setup I like, I am used to lgs UI.
Even tried t get touchwiz ui and grace to run but nogo.
Did you remove the system update apps too by chance?
TheMadScientist said:
Stinkin thing.
I switched over to the xperia rom on idol 3 And it got rid of a load of crap, Bunch of xposed is working.
I just dont care for the stock rom on this thing at all, Even debloated it runs like crap,
Ive had this device now over a week and cant find any sort of setup I like, I am used to lgs UI.
Even tried t get touchwiz ui and grace to run but nogo.
Did you remove the system update apps too by chance?
Click to expand...
Click to collapse
Haven't really had a chance to look deep into it yet. I've disabled auto updates, so pretty sure it's not getting it from the netz.
Funny thing, I tried running a 100mb system update and i failed to completely install. Havent thot about it much since then, But I suspect it was in that update somewhere, as I had never seen nor had an issue with it before.
Will strip down that update and see when I get a chance.
It comes pre installed as 'files' app, auto updates to "file manager" to then run this 'boost' branded adware. I call it adware because it does not adhere to the android force stop, disable peeking or any other android OS settings and automatically regenerates itself despite the OS not allowing auto updates.
Android should never allow provider apps to have a higher privelage that renders the OS setting useless, bundled apps should also not disable the uninstall and disable functionality of the OS.
I have spent weeks in settings to find out it is allowed to act like a virus and do what ever it wants being rewarded with ad revenue.
Thanks Google for allowing me to purchase hardware pre loaded with junk ads by default with no way of opting out, it's not only a privacy and security concern, it's a consumer complaint.
adware/spyware
Not happy said:
It comes pre installed as 'files' app, auto updates to "file manager" to then run this 'boost' branded adware. I call it adware because it does not adhere to the android force stop, disable peeking or any other android OS settings and automatically regenerates itself despite the OS not allowing auto updates.
Android should never allow provider apps to have a higher privelage that renders the OS setting useless, bundled apps should also not disable the uninstall and disable functionality of the OS.
I have spent weeks in settings to find out it is allowed to act like a virus and do what ever it wants being rewarded with ad revenue.
Thanks Google for allowing me to purchase hardware pre loaded with junk ads by default with no way of opting out, it's not only a privacy and security concern, it's a consumer complaint.
Click to expand...
Click to collapse
Yes , this lovely new addition to the file manager is actually the "Hawk Super Cleaner/ antivirus" seen here: https://play.google.com/store/apps/details?id=com.apps.go.clean.boost.master&hl=en
You can see my complaint(s) here: https://forum.xda-developers.com/idol-3/help/joy-launcher-joy-t3628670
I just installed TWRP and SuperSU on the stock Marshmallow following this guide:https://forum.xda-developers.com/idol-3/general/twrp-custom-recovery-idol3-6045-t3162608 and will be removing this cancer for good!
Cheers, I might have a look at rooting (pain seeing I bought 4 of these for myself and fam). I have reported the appin the playstore for being installed with root permissions bypassing the expected android user settings and will be following up with a complaint to the consumer watchdog.
I never bought hardware with the knowledge an innocent bloatware provider app would turn rouge with root permissions for ad revenue.
My phone will most likely be thrown at the wall so "File Manager" doesn't get another 1000 or so false positive downloads in the playstore from me.
Had 3 myself
Not happy said:
Cheers, I might have a look at rooting (pain seeing I bought 4 of these for myself and fam). I have reported the appin the playstore for being installed with root permissions bypassing the expected android user settings and will be following up with a complaint to the consumer watchdog.
I never bought hardware with the knowledge an innocent bloatware provider app would turn rouge with root permissions for ad revenue.
My phone will most likely be thrown at the wall so "File Manager" doesn't get another 1000 or so false positive downloads in the playstore from me.
Click to expand...
Click to collapse
I hear ya, I bought 3 of these.
I am very careful what I install on my device and read the manifest files on EVERYTHING so you can imagine how angry I was when my own phone manufacturer pushed unwanted adware/possible-probable spyware on to my device with no warnings or asking my permission.
Another odd thing is that after I uninstalled the Facebook app I had 2 apps appear (or were left over?) com.facebook.appmanager.apk and com.facebook.system.apk that were using up data and could not be removed until tonight after rooting.
Interesting article here: https://forum.xda-developers.com/tmobile-lg-v10/help/suspicious-apps-apps-section-facebook-t3415876
I have been studying computer and mobile security as a hobby for some time and have found that these "antivirus" and 'cleaner" apps on Android are the worst offenders of privacy of them all.
Scanning all your files, installed apps, contacts etc etc and sending all that data back to God knows where!
I have found that almost every single app that I have downloaded from the Play Store has some form of data mining and/or analytics.
Unfortunately, it's a catch 22 in Android..rooting your device breaks what little security is built into the system but it's the only way to remove pre-installed crapware.
---------- Post added at 06:02 AM ---------- Previous post was at 05:53 AM ----------
Also, good luck trying to get anything done with Google or Alcatel.
I battled with Google for almost 8 months straight trying to stop an unscrupulous advertiser that was using FAKE virus warnings to trick users into installing an "antivirus" app on the Play store and just got sent around in circles.
Google is complicit!
I was finally successful in stopping the fraudulent activity after I contacted the Federal Trade Commission.
http://smisecurity.altervista.org/DFNDR.html
Data mining is a given these days which is why I have Pi-hole for my home dns and ubuntu for my home box, gotta do what you can. As for this phone I wouldn't do much on it unless I re flash it which is why I am angry with it.
As for Android taking the normal software stance of do nothing unless legally required, this time is interesting to me because they are effectively allowing the bypassing of the playstore agree feature to Install an app, being side loaded from Alcatel like this one would think breaks the playstore terms so knowledge should be enough for action in this case from the android or playstore devs. Doubt it but.
Also apon sale did not mention android as being adapted software that over rides expected android and playstore behaviour but did advertise android and use their logo so most likely a trademark vialation also.
The problem is Alcatel are adapting android and side loading apps to bypass security and privacy user settings to double dip on the customer for income despite the final result, android and the playstore can bury their heads in the sand all they want but they have been made aware of the risks.
Went over it again for peace of mind (sorry) but I wish you the best in your education as we need more people shinning the light on privacy simply because we are in the rise of the machines, not long before people worldwide ask what happened to all the jobs and when did the need for conventional ID actually dissapear.
Not happy said:
The problem is Alcatel are adapting android and side loading apps to bypass security and privacy user settings to double dip on the customer for income despite the final result, android and the playstore can bury their heads in the sand all they want but they have been made aware of the risks.
.
Click to expand...
Click to collapse
Very well said!
The supervisor I spoke to at Alcatel tried to say that I/we agreed to the terms by using their devices which allowed them to push this on to our phones but I disagreed with him.
At one point I even thought of ditching my phone and getting an iPhone or an Android device that is compatible with the Replicant OS https://www.replicant.us/
I have a few Raspberry PI's laying around but never used one as an access point. (I'm assuming that's what your doing?)
I just sent a very nasty email to the developer "[email protected]" and referenced this thread.
Keep us updated if you get anywhere and I will be fighting this from my end and posting any updates as well.
Will do, I don't plan on not continuing with this one because my hardware and android do not operate as advertised.
The day I can rely on Linux for a phone OS is the day android gets ditched but will definatly check out your link also.
Pi-hole is basically a collection of hosts files that block ads and known bad domains on the DNS level, point the home router to it and bam the whole household gets an adblocker by default. Runs smooth but added a few commands to auto upgrade the lists with a Cron job.
Not happy said:
Pi-hole is basically a collection of hosts files that block ads and known bad domains on the DNS level, point the home router to it and bam the whole household gets an adblocker by default. Runs smooth but added a few commands to auto upgrade the lists with a Cron job.
Click to expand...
Click to collapse
Very cool!
I'll have to check that out.
I altered the hosts file on both my laptop and my other rooted phone to block ads and apps I used to have.
This is a small sample of IP's I blocked in the hosts file after running NETSTAT scans, there are a TON more that I added from MVP hosts (it is against MVP's EULA to post their blocked IP's)
http://winhelp2002.mvps.org/hosts.htm
127.0.0.1 localhost
127.0.0.1 search.vip.gq1.yahoo.com
127.0.0.1 a96-6-122-162.deploy.akamaitechnologies.com
127.0.0.1 a-0001.a-msedge.net
127.0.0.1 yahoo.com
127.0.0.1 rtr3.l7.search.vip.gq1.yahoo.com
127.0.0.1 c.amazon-adsystem.com
127.0.0.1 yandex.st
127.0.0.1 mc.yandex.ru
127.0.0.1 c1.popads.net
127.0.0.1 c1.popads.net/pop.js
127.0.0.1 google-analytics.com
127.0.0.1 google-analytics.com/analytics.js
::1 localhost #[IPv6]
---------- Post added at 01:40 PM ---------- Previous post was at 12:54 PM ----------
Wow! that PI-hole block list on Git Hub is a LOT larger than the one I was using!
Him guys and thanks again for the thread. Anyone found a solution? This app is wasting 20 percent of my battery, which does not last me a whole day anymore, it's outrageous. I also sent a report to Google and the app developers.
Cheers
Guys, I found someone with a solution, just see this post: https://forum.xda-developers.com/showpost.php?p=73642381&postcount=4
Cheers
That is not much of a solution unfortunately. The REAL solution is to install TWRP recovery on the adware/spyware infested Alcatel phone and flash to a different operating system. There is an (unofficial) ROM of Lineage 14 Nougat that is pretty decent that can be found on the XDA site.
sloshnmosh said:
That is not much of a solution unfortunately. The REAL solution is to install TWRP recovery on the adware/spyware infested Alcatel phone and flash to a different operating system. There is an (unofficial) ROM of Lineage 14 Nougat that is pretty decent that can be found on the XDA site.
Click to expand...
Click to collapse
It solved my problems
It's easy to solve the problem. Just go to applications. Select file manager uninstall upgrades, it will revert it back to factory version, no more spam !
I was getting really annoyed by the app that stealthily installed itself and called itself File Manager for my Alcatel POP 4. It constantly wanted to clean, boost, virus-protect, be a flashlight and camera app with it’s own toolbar and playing an ad whenever you asked any of those actions to be performed. The beauty of it was that it could not be disabled or uninstalled. I was desperately looking for a way to get rid of it without drastic measures, like a full factory reset or rooting my device. I found a suggestion on the net to install AppMgrIII from the Play Store. I did it as I was determined to try anything at that point. It offered me to replace the app with a “factory version”. I accepted that and sure enough, a normal-looking File Manager with no ads or toolbars appeared, all the rockets, boosts, virus-protection, cleaning brushes gone! I hope it won’t reinstall itself magically. In a perfect world I would prefer to have no file manager on my machine at all and a choice of installing one that I prefer but at least the nightmare of this intrusive monster seems to be over. I hope it stays that way.
Update: reverting back to factory version stopped the spam but it all came back with the next update. Now I reverted it back again and stopped automatic updates on Google Play for all apps. I will pick apps to be updated manually.