Related
Hi,
I am already rooted. I wanted to remove my user id from gmail account so that my wife can put hers. I also deleted some of the AT&T apps after following the rooting guide.
When I tried to delete my gmail account its saying that I have to reset my phone to factory settings. My question is that can I do that knowing that I am rooted. Also what would happen to my paid and downloaded apps? Please guide.
Also I heard that new upgrade is coming will there be an issue upgrading to the new OS?
Please help..
ask_j said:
Hi,
I am already rooted. I wanted to remove my user id from gmail account so that my wife can put hers. I also deleted some of the AT&T apps after following the rooting guide.
When I tried to delete my gmail account its saying that I have to reset my phone to factory settings. My question is that can I do that knowing that I am rooted. Also what would happen to my paid and downloaded apps? Please guide.
Also I heard that new upgrade is coming will there be an issue upgrading to the new OS?
Please help..
Click to expand...
Click to collapse
You can do a factory reset and it will still be rooted, as for your paid apps they are tied to your Google ID so you will not be able to reinstall them if you set it up under your wife's account. You will still be able to get the upgrade but you should check the forum before you upgrade as you may lose your root with an upgrade.
Thanks/One more question
jhernand1102 said:
You can do a factory reset and it will still be rooted, as for your paid apps they are tied to your Google ID so you will not be able to reinstall them if you set it up under your wife's account. You will still be able to get the upgrade but you should check the forum before you upgrade as you may lose your root with an upgrade.
Click to expand...
Click to collapse
Thanks for the quick reply. Have one more question. I see that this phone is attached with my gmail id as you mentioned. I also realized that as soon as I go and buy any app it just goes through the google checkout. Is there any security I can add?
Can anyone pls help?
ask_j said:
Thanks for the quick reply. Have one more question. I see that this phone is attached with my gmail id as you mentioned. I also realized that as soon as I go and buy any app it just goes through the google checkout. Is there any security I can add?
Click to expand...
Click to collapse
Hi,
Can anyone please help?
Thanks
ask_j said:
Thanks for the quick reply. Have one more question. I see that this phone is attached with my gmail id as you mentioned. I also realized that as soon as I go and buy any app it just goes through the google checkout. Is there any security I can add?
Click to expand...
Click to collapse
Well if you look in the market for antivirus it will pull up quite a few apps that say it protects you from ID theft and such...some are free and some you have to pay for. I personally do not use any but I don't do a lot of sensitive stuff on my phone..
Do you consider buying apps sensitive?
I also do not do any sensitive stuff only buy apps. The problem is that it does not reconfirm the password when you buy any app.
ask_j said:
Thanks for the quick reply. Have one more question. I see that this phone is attached with my gmail id as you mentioned. I also realized that as soon as I go and buy any app it just goes through the google checkout. Is there any security I can add?
Click to expand...
Click to collapse
jhernand1102 said:
Well if you look in the market for antivirus it will pull up quite a few apps that say it protects you from ID theft and such...some are free and some you have to pay for. I personally do not use any but I don't do a lot of sensitive stuff on my phone..
Click to expand...
Click to collapse
@jhernand1102 I too was going to do a hard reset, will i have to re due the settings.db file or will that stick along with root? thanks
Greetings.
as you know, even if we disable "android device manager" from settings->security->device administrators, it still can be enabled from https://www.google.com/android/devicemanager "enable lock & erase"
from one side it is good, but from other side it is bad - i don't want that my phone can be remotely erased by google
this functionality definitely resides in gmscore.apk
of course, we can just kill all google services, but we loose too much.
so : probably someone from devs here already know answer what to patch in gmscore to disable this behavior ?
with latest gmscore update ( 6.1.74 (1511752-038) ) the only message i can see, when pushing "enable lock and erase" :
GCM message com.google.android.gms 0:1414056810224892%136ddda63e77bab2
Click to expand...
Click to collapse
of course, hex payload different each time.
disabling service
Code:
com.google.android.gms.mdm.services.GcmReceiverService
did job
:good:
Thanks you, I 'm searching since 10 minute.
the_laser said:
disabling service
Code:
com.google.android.gms.mdm.services.GcmReceiverService
did job
Click to expand...
Click to collapse
Thanks! I was wondering how to do that.
thanks, but...
the_laser said:
disabling service
Code:
com.google.android.gms.mdm.services.GcmReceiverService
did job
Click to expand...
Click to collapse
I can't seem to find that service, heck I can't even find gmscore.apk
When I use find / -name gmscore.apk in terminal nothing came up.
Running 4.4.2 on galaxy S5, google framework 4.4.2-940549
Any ideas?
I would really not want my device wiped If my google account was compromised (really only have it for android)
as i remember, this service because build into gmscore from 4.4.4 and enabling downloading some external application.
can be wrong, though.
damn it google!
This is really frustrating. I can't find a way to disable it and I can't find 'com.google.android.gms.mdm.services.GcmReceiverService'.
This a serious security flaw, let me explain why.... I have a company account on my phone, just for the purpose of receiving gmail, and that's very important to me. This also means this account can access my phone through android device manager. So, anyone that can log in to firm's gmail can lock and erase my phone and there's no way to disable it. Best I could do was turn off location reporting and hide my phone from showing in device list. However, anyone that can log in to this account, can also change this in settings and unhide it, enable lock and erase, make it ring and.... well, lock and erase it.
This is very worrying when you have a lot of people with access to gmail account that you also have on your phone. ATM only solution I see is to remove account on my phone and search for other email app.
Anyone knows how one could deal with this and still use gmail app?
gimche said:
This is really frustrating. I can't find a way to disable it and I can't find 'com.google.android.gms.mdm.services.GcmReceiverService'.
This a serious security flaw, let me explain why.... I have a company account on my phone, just for the purpose of receiving gmail, and that's very important to me. This also means this account can access my phone through android device manager. So, anyone that can log in to firm's gmail can lock and erase my phone and there's no way to disable it. Best I could do was turn off location reporting and hide my phone from showing in device list. However, anyone that can log in to this account, can also change this in settings and unhide it, enable lock and erase, make it ring and.... well, lock and erase it.
This is very worrying when you have a lot of people with access to gmail account that you also have on your phone. ATM only solution I see is to remove account on my phone and search for other email app.
Anyone knows how one could deal with this and still use gmail app?
Click to expand...
Click to collapse
Instead of a problem with ADM, this sounds like a massive security issue on your company's side. I don't know why your company need to share the same email account, but the more people who have access, the more likely someone will spill the beans. If I am you, getting my phone wiped will the least of my worries.
Sent from my iPhone using Tapatalk
Thank you, that is what I want. Great!
Ok so Im facing the same problem is there any way to disable this process ?
gimche said:
This is really frustrating. I can't find a way to disable it and I can't find 'com.google.android.gms.mdm.services.GcmReceiverService'.
This a serious security flaw, let me explain why.... I have a company account on my phone, just for the purpose of receiving gmail, and that's very important to me. This also means this account can access my phone through android device manager. So, anyone that can log in to firm's gmail can lock and erase my phone and there's no way to disable it. Best I could do was turn off location reporting and hide my phone from showing in device list. However, anyone that can log in to this account, can also change this in settings and unhide it, enable lock and erase, make it ring and.... well, lock and erase it.
This is very worrying when you have a lot of people with access to gmail account that you also have on your phone. ATM only solution I see is to remove account on my phone and search for other email app.
Anyone knows how one could deal with this and still use gmail app?
Click to expand...
Click to collapse
deadwolf666 said:
Ok so Im facing the same problem is there any way to disable this process ?
Click to expand...
Click to collapse
tamuin said:
I can't seem to find that service, heck I can't even find gmscore.apk
When I use find / -name gmscore.apk in terminal nothing came up.
Running 4.4.2 on galaxy S5, google framework 4.4.2-940549
Any ideas?
I would really not want my device wiped If my google account was compromised (really only have it for android)
Click to expand...
Click to collapse
Install My Android Tools then go to Service>Google Play Service then disable the corresponding service.
https://play.google.com/store/apps/details?id=cn.wq.myandroidtools&en
How about using a ROM without gapps?
Cyclu said:
Install My Android Tools then go to Service>Google Play Service then disable the corresponding service.
https://play.google.com/store/apps/details?id=cn.wq.myandroidtools&en
Click to expand...
Click to collapse
This dosent appear to be working, as after I disable all the above services, clicked on "enable lock and erase" from my google account it reactivated said services. So which service is activating and overriding the services I disabled?
Im running Android 4.4.2(goldeneye rom, Googymax kernal) on a Samsung i9505, I use Xprivacy, Android firewall, and Appmaster(app uninstaller & autostart manager)
Trying to secure an oem samsung Rom from google and its services while still using all the factory apps is going to be like herding cats...
It's similar to going to the pool and expecting to swim but not getting wet.
If you use Google apps and use the accounts feature of Android then you are going to have Google play services and other Google services running, and sadly you can stop them all you want they update and restart themselves regularly.
You just can't get away from Google, if you still use Google play, the Google mail app, Google voice search, Google account verifier, Google download manager, Google hangouts, Google plus or the host of other Google services and apps that a baked into your rom.
All you will do in find yourself with a lot of force closes from apps, and less hair more cats.
What @Cyclu said was the right way. there are several services and receivers that have "mdm" , probably what you could do is use the search function in the app while viewing the services for GooglePlayServices. at the top of the screen, click menu, toggle full, (full/short option) then tap the magnifying glass, then the search box and type "mdm" , then do the same thing under the receivers section
This is so annoying. Can you imagine disabling admin on the phone, knowing that after reading the description in that area of the settings that it cannot be used to wipe the phone? Then someone testing it to prove it and they click "Enable" and wipe the phone? Know how dangerous that is? My phone is an S5 mini, stock firmware and rooted with SuperSU. What can I do to just prevent admin mode being enabled? I want to be able to track my phone's location but I do NOT want my phone able to be remotely wiped by anyone including myself, remotely.
I tried all. Looks like there is no way to disable ADM. Even if u disable corresponding service for ADM still when u restart that service gets re-enables it self again. Had any got a solution to disable this crappy android device manager fully?? thx in advance.
Forgive me, but this thread is just pathetic. If you have Gapps, your device is not yours. It is Google's. Period. If you can't live without hangouts and similar garbage, then enjoy them, but stop *****ing about remote wipe. You can't be half-pregnant. By the way, remote wipe is not the worse thing that could happen to you. Anything could be silently installed on "your" phone, even if you somehow disable ADM. It could be done through Google play and google services framework. Not to mention thar google analytics record everything about your activities and gsf regularly reports the same "home" i.e Google.
To gmail at work guy: if you can't use another client to access your work gmail, get a separate feature phone.
even "android = google" ? much less gapps , eh ?
"all i can really do is stay out of my own way and let the will of heaven be done"
mrrocketdog said:
even "android = google" ? much less gapps , eh ?
"all i can really do is stay out of my own way and let the will of heaven be done"
Click to expand...
Click to collapse
Android, unlike Gapps, is open source. So, you can get under the hood and clean lots of things.
Hi guys, I believe my galaxy tab s4 is contaminated with a virus . I already did many factorys resets and didnt installed no apps but from time to time , even when Im at the home screen with Avast only or with the antivirus that comes with the tablet activated, google play store opens without my request showing a program called IQ Option broker. What should I do?
malandrex said:
Hi guys, I believe my galaxy tab s4 is contaminated with a virus . I already did many factorys resets and didnt installed no apps but from time to time , even when Im at the home screen with Avast only or with the antivirus that comes with the tablet activated, google play store opens without my request showing a program called IQ Option broker. What should I do?
Click to expand...
Click to collapse
Could be a fake Play store app reinstalling itself somehow eg from SD card. Is your antivirus scanning your external storage also? Check if you have more than one play store app shown in settings>apps (not your normal apps screen as they can be hidden there). Or it could be an overlay made to look like Playstore screen ... you did get official Avast app right?
else something has installed itself in system folder which is why factory reset not working and you will need to reinstall your FULL Samsung factory ROM suggest you use Samsung SmartSwitch like RootJunky here (use high quality cable eg samsung usb cable, else danger of bricking)
https://m.youtube.com/watch?v=9QhJngOuLQ4
malandrex said:
Hi guys, I believe my galaxy tab s4 is contaminated with a virus . I already did many factorys resets and didnt installed no apps but from time to time , even when Im at the home screen with Avast only or with the antivirus that comes with the tablet activated, google play store opens without my request showing a program called IQ Option broker. What should I do?
Click to expand...
Click to collapse
Download Odin 3.xx (current version)
Browse SamMobile for firmware for your device, download factory ROM. Pay close attention to the region code for your ROM, CSC code. Use one compatible with your device and regional settings. It can be found on the IMEI sticker on the back of the device
Follow the flashing instructions to the letter that you will find on SamMobile website.
Once completed the device is fully refreshed and has latest available software at the time of the build. Do device setup and download app updates.
Enjoy.
Many thanks for both replies , but I have a few more questions:
a) Does this virus have the power to attack my router? If so, what should I inspect at my router? Should I use my brotherĀ“s ios iphone as a router while cleaning my device?
b) If I attach the tablet at my PC to perform the firmwire installation, could the virus be transmitted to it? What should I do to avoid it?
c) Where can I safely download this ODIN?
And answering some questions you made:
a) The avast app was downloaded from the store
b) Ive already tried disconnecting the sd card, perform a factory reset without the card but the problem persists.
c) I logged at my google account and when looking at my registered activity, Google claims I did opened the Google Play Store and searched for the IQ Option Broker app. So the virus acts as if it was me.
malandrex said:
Many thanks for both replies , but I have a few more questions:
a) Does this virus have the power to attack my router? If so, what should I inspect at my router? Should I use my brotherĀ“s ios iphone as a router while cleaning my device?
b) If I attach the tablet at my PC to perform the firmwire installation, could the virus be transmitted to it? What should I do to avoid it?
c) Where can I safely download this ODIN?
And answering some questions you made:
a) The avast app was downloaded from the store
b) Ive already tried disconnecting the sd card, perform a factory reset without the card but the problem persists.
c) I logged at my google account and when looking at my registered activity, Google claims I did opened the Google Play Store and searched for the IQ Option Broker app. So the virus acts as if it was me.
Click to expand...
Click to collapse
b) Possibly access is possible via your modem (or Bluetooth as serious bug was just patched this month if an attacker knows your BT MAC ... though likely take a while to rollout to all Samsung so you moray not be patched). If you suspect modem then you need to therefore also update your modem firmware (assuming its been patched & is not old & still vulnerable to some old bug, or buy new one) AND change both user & admin passwords
There is an XDA article with link to safe Odin download, google to find. But I'd recommend using Samsung SmartSwitch as this is official way & no special knowledge required.
Re item c) then possible it's just someone trying to load an app remotely via your Google account, does it show any unrecognised login from another device? Also I'm not 100% sure if this requires user to tap install on newer phones, so might not be what you are seeing. Change Google password. (your phone not infected in this case as you didn't click install) Always use a different password)(used same password then check your email address on have I been pwnd)
See below
IronRoo said:
b) Possibly access is possible via your modem (or Bluetooth as serious bug was just patched this month if an attacker knows your BT MAC ... though likely take a while to rollout to all Samsung so you moray not be patched). If you suspect modem then you need to therefore also update your modem firmware (assuming its been patched & is not old & still vulnerable to some old bug, or buy new one) AND change both user & admin passwords
There is an XDA article with link to safe Odin download, google to find. But I'd recommend using Samsung SmartSwitch as this is official way & no special knowledge required.
Re item c) then possible it's just someone trying to load an app remotely via your Google account, does it show any unrecognised login from another device? Also I'm not 100% sure if this requires user to tap install on newer phones, so might not be what you are seeing. Change Google password. (your phone not infected in this case as you didn't click install) Always use a different password)(used same password then check your email address on have I been pwnd)
Click to expand...
Click to collapse
b) I have 2 modens here, one from the internet provider , which is at bridge mode and one that spreads the signal. THe last one is modern and updated and the bridged one , there is no way I can acesss the firmwire besides its info. However , when I had to put it at bridge mode, I had to use an ethernet cable with a computer which maybe wasnt the most protected one. Could that process corrupts a firmwire modem?
c) But I have 2 stage factor. Shouldnt my phone receive an SMS alerting someone is logging at my account? And no, I havent seen any unrecognized login when I accessed my google account.
But your reply gave me an idea...: Maybe an access to my google account was made from a "public" computer and since the access wasnt terminated, as I use this computer a lot, a bot may be trying to remotely install this app.
malandrex said:
b) I have 2 modens here, one from the internet provider , which is at bridge mode and one that spreads the signal. THe last one is modern and updated and the bridged one , there is no way I can acesss the firmwire besides its info. However , when I had to put it at bridge mode, I had to use an ethernet cable with a computer which maybe wasnt the most protected one. Could that process corrupts a firmwire modem?
c) But I have 2 stage factor. Shouldnt my phone receive an SMS alerting someone is logging at my account? And no, I havent seen any unrecognized login when I accessed my google account.
But your reply gave me an idea...: Maybe an access to my google account was made from a "public" computer and since the access wasnt terminated, as I use this computer a lot, a bot may be trying to remotely install this app.
Click to expand...
Click to collapse
b) would need to be a modem exposed hero their internet with known vulnerability, so not sure.
C) yes, should have got a msg so can role that out, I guess.
Suppose it' possible that public pc could be comprised and doing that ... bit of a long shot ...
IronRoo said:
b) would need to be a modem exposed hero their internet with known vulnerability, so not sure.
C) yes, should have got a msg so can role that out, I guess.
Suppose it' possible that public pc could be comprised and doing that ... bit of a long shot ...
Click to expand...
Click to collapse
I think I found the culprit , when I reviewd the few apps Ive installed on my tablet and googled them . There is Netflix, Omega Wars game, PUBG and COD Mobile, handycalc, Go Read, Hube and... QuickPic gallery!!!!!!!!! I used this app on my ancient galaxy S2 and at my other 2 previous tablets. When I looked for the program at Google Play one hour ago ,QuickPic wasnt available anymore!!!! I googled about it and saw many people complaining about this program when a chinese company bought it a few years ago . Maybe QuickPiC installed some crapware at my device!!!!
malandrex said:
Hi guys, I believe my galaxy tab s4 is contaminated with a virus . I already did many factorys resets and didnt installed no apps but from time to time , even when Im at the home screen with Avast only or with the antivirus that comes with the tablet activated, google play store opens without my request showing a program called IQ Option broker. What should I do?
Click to expand...
Click to collapse
BTW, can you find same app on Google, is it called IQ Forex, is closest I could fined
IronRoo said:
BTW, can you find same app on Google, is it called IQ Forex, is closest I could fined
Click to expand...
Click to collapse
The name of the program is IQ Option , from IQ Option developer
malandrex said:
The name of the program is IQ Option , from IQ Option developer
Click to expand...
Click to collapse
I can't find this one but doesn't mean anything, maybe not available in my country or not compatible with my phone.
PS: Don't rule out a compromised router even top of her range can be affected eg
https://threatpost.com/critical-netgear-bug-impacts-nighthawk-router/153445/
IronRoo said:
I can't find this one but doesn't mean anything, maybe not available in my country or not compatible with my phone.
PS: Don't rule out a compromised router even top of her range can be affected eg
https://threatpost.com/critical-netgear-bug-impacts-nighthawk-router/153445/
Click to expand...
Click to collapse
Dont have much free time , but despite the fact I think the router is still safe, Ill reset it on a weekend and change again its id and password as this is a process that takes too much time ( mostly due to my ignorance at the beginning of the process ).
Im thinking about taking my tablet for a Samsung assistance, but Im worried theyll change one virus for another if the employees are corrupt. Do you think I should take the risk or Im beeing too paranoic?
Hi.
I need to manage several android tv devices with MDM software, and the mdm app installation needs administrator permission. I not found the way to get this permission. On regular tablet I can enroll device after factory reset, but not in Android TV.
Can I get this feature (Enterprise for Android) with some tv box? If not, can I get a custom ROM and modificate some configuration?
Any help about it is very very welcome.
Thanks
I have got a new S22 ultra and my company installed the MS Intune portal, is there a way to remove it?
Will it help if I install clean official firmware?
Factory reset didn't help.
Have you tried Settings< Accounts and Backup<Manage Accounts< and then delete work account?
Yes, it is blocked by the policy that enforced by KNOX.
The account can't be removed.
Then I am afraid that your network administrator will need to delete the device from the company account before you can remove that safety feature.
Is it your own phone? Sounds like it's company's phone or your phone has been "invaded" by your company via intune device management...`
If it is your phone then you can remove it otherwise no
Did you remove Company Portal/Intune from Device Admin Apps before trying to Uninstall?
If Intune is on it that means its a company phone , there is probably a company polisy about this , ask your company IT if it is alowed to remove it.
lokto7 said:
Is it your own phone? Sounds like it's company's phone or your phone has been "invaded" by your company via intune device management...`
Click to expand...
Click to collapse
It is the company's phone
dadmi said:
Did you remove Company Portal/Intune from Device Admin Apps before trying to Uninstall?
Click to expand...
Click to collapse
Tried to, it is impossible
YoramZa said:
Tried to, it is impossible
Click to expand...
Click to collapse
Strange, I never had issues uninstalling company portal after removing as device admin.