Android Virus Removal? - General Topics

I have a Poco x3 pro with rom MiuiMix 13.0.5.0 with built in magisk.
One day the messenger app name changed to random charachters and it crashed. then a few days later 200 apps partially vanished from the phone.
App data is still in /data/data but 200 apps not appearing in installed apps.
So currently i making a copy of /data/data folder.
I'm not sure which app made that mess currently i guessing lucky patcher or a cracked version of tasker.
My questions:
1.Is there a way to scan for viruses in android?
2.Is there any system settings that i can check which help me point to a malicious app? (for example in windows if i suspect a virus infection i always check for autostarting programs in registry in task scheduler etc)
3.If not how can i make a backup which is safe, virus free?
Any other suggestions you may have thanks.

spaceship said:
I have a Poco x3 pro with rom MiuiMix 13.0.5.0 with built in magisk.
One day the messenger app name changed to random charachters and it crashed. then a few days later 200 apps partially vanished from the phone.
App data is still in /data/data but 200 apps not appearing in installed apps.
So currently i making a copy of /data/data folder.
I'm not sure which app made that mess currently i guessing lucky patcher or a cracked version of tasker.
My questions:
1.Is there a way to scan for viruses in android?
2.Is there any system settings that i can check which help me point to a malicious app? (for example in windows if i suspect a virus infection i always check for autostarting programs in registry in task scheduler etc)
3.If not how can i make a backup which is safe, virus free?
Any other suggestions you may have thanks.
Click to expand...
Click to collapse
Hi there,
In most of the cases in android malware attack, the one causing it is an 'apk' just like 'exe' in windows. So there must be a random apk in your device, may be hidden, or may be those on which you are suspicious. One way to scan the apks is 'Google play protect', but this thing points out those apks too a virus which is not installed through google play itself ( or say from third party sites), so it would not give you a perfect Idea that which of the third party app is doing this.
coming to the last question, you can only backup safely by copying internal storage files ( excluding apk bundles), and copying /data/data files of only those apks which is a trusted app, like chrome, whatsapp, or any other downloaded from play store.

spaceship said:
I have a Poco x3 pro with rom MiuiMix 13.0.5.0 with built in magisk.
One day the messenger app name changed to random charachters and it crashed. then a few days later 200 apps partially vanished from the phone.
App data is still in /data/data but 200 apps not appearing in installed apps.
So currently i making a copy of /data/data folder.
I'm not sure which app made that mess currently i guessing lucky patcher or a cracked version of tasker.
My questions:
1.Is there a way to scan for viruses in android?
2.Is there any system settings that i can check which help me point to a malicious app? (for example in windows if i suspect a virus infection i always check for autostarting programs in registry in task scheduler etc)
3.If not how can i make a backup which is safe, virus free?
Any other suggestions you may have thanks.
Click to expand...
Click to collapse
On F-droid, Hypatia is available:
Hypatia | F-Droid - Free and Open Source Android App Repository
A real-time malware scanner
f-droid.org
It's the only one that I know that's doesn't contain any tracker like all the others out and is also FOSS.

crack/modded apps = malware

Related

IM+ trial, where is the configdata?

Hi,
here (strazzere.com ยป app-private) is described how apps can be manupulate.
In case of some trials, for ex.: "IM+ Trial", i suppose there leave a config file to check when it was installed. This file stay after removing the app (so i cannot use this trial period after reinstalling ). This sux. I dont want to waste my phone with unsusual files.
So, does anyone know where such files are generally leaved? I dont want to believe that this will be stored in an extra DB....
merci alex
Hi nolimits1,
IM+/IM+ Pro does not store any hidden files on your device after app removing, so it does not waste a space. The app retrieves information about previous installs from our servers.
By the way, have you tried the latest version 3.7, which comes with fixed Facebook permission button on small screen devices, disable avatars option for reducing traffic, and French and Italian localizations? Update to the new version for free, and tell us your thoughts about the new version in this thread!
Vitaly,
PR Manager
SHAPE Services

[Q] Are anti-virus apps needed?

I switched to linux on all my computers to "avoid" viruses and have peace of mind. With my complete rom backups, do I need to have another memory hogging app (anti-virus) running in the background of my phone and tablet? I'm just really curious why it would be needed...
There are quite a few Anti Virus apps available, but I haven't heard of any Viruses!
Once there is confirmed news of a Virus attack on Android, I will install an app
No, anti-virus in not needed on Android. It is Linux-based and keeps apps running in their own sandbox. Just be careful about what apps you give superuser permissions (if you have your device rooted).
One possible area of concern may be when you do hook up your device with a Windows PC over USB, your SD card may get infected and in turn infect other PCs. But Windows viruses have no influence on your Android system itself.
You don't need an anti-virus application on Android. There are no viruses for Android (as of yet) that will infect your system without you explicitly giving it permission to do so. If you do not have a rooted device, the potential damage that can be caused by a malicious application is quite limited (but it could still run your phone bill up, for example). There have been some web scripts in the past that allowed access to your phone's SD card, but these security holes have been fixed in the latest builds of Android.
The best course of action is to be smart about what you install. Always look at the permissions that an application requests before you install it. There are also several permission managers available on the market. These applications require root access, and will block other applications in the system from being able to request certain intents (i.e. starting the camera, or phone)
workdowg said:
I switched to linux on all my computers to "avoid" viruses and have peace of mind. With my complete rom backups, do I need to have another memory hogging app (anti-virus) running in the background of my phone and tablet? I'm just really curious why it would be needed...
Click to expand...
Click to collapse
That topic comes up a lot, and is hotly debated. Here's one article that discusses the issue, and gives some advice:
Avoiding Malicious Apps
I have installed one..but never found a virus...so I think we don`t need it
definitely not needed.
yeah there is definitely no need for anti-virus.
but be cautious of some apps that install apps ads in your notification bar. it gets annoying.
Thanks all! I was certain that was going to be the consensus. In my "windows years", about 20, I never got anything more than some adware. Just need to be observant and wary. Some things that are "free" cost more in the end.

[Q] Is there a way to hide apps from each other?

I'm no pro, so forgive anything stupid I may say in advance. I recently learned that any android application has permission to see any application installed on your device. I'm a bit of a privacy nut, and I have concerns with this for a plethora of reasons. I was hoping to learn of a method that would allow me to somehow prevent apps from being able to see what's installed, or at minimum, mask the actual application names so the data an app gets is useless for any purposes they may have for it.
Is there any way to achieve such a thing?
I'm no pro either, but what I do is I use two apps to accomplish this. The first is MyAppSharer (no root required). The second is Advanced Permission Manager (again, no root required). Both can be found on the play store.
First I use MyAppSharer to create an .apk of the app I want to isolate. Place it In the download folder (or any folder of your choosing). Next I install the .apk with Advanced Permission Manager. While installing simply uncheck the 'view other apps permission' or whatever it's called and that might work.
The only concern I have is that apps usually check to see if they have access to all their permissions before startup, and if one is missing it might either not allow you to launch the app or or will crash. Or it'll work perfectly fine and all's well
Good luck
I think you need to hide apps and permission manager. For me, I used to use Greenify, the ForceStop as permission manager, which are available on xposed module repository, but they both require root.
For hiding apps, maybe the "PrivateMe" can help you, it also can hide photos, install apps in hidden mode.
Dresden_ said:
I'm no pro, so forgive anything stupid I may say in advance. I recently learned that any android application has permission to see any application installed on your device. I'm a bit of a privacy nut, and I have concerns with this for a plethora of reasons. I was hoping to learn of a method that would allow me to somehow prevent apps from being able to see what's installed, or at minimum, mask the actual application names so the data an app gets is useless for any purposes they may have for it.
Is there any way to achieve such a thing?
Click to expand...
Click to collapse
The sudo hide xposed module is exactly what you want to figure out
You will get first list of apps where you have to select ''which app to hide"
Then you will get second list of apps where you can select "from which apps to hide that app"
If you want any help regarding xposed,reply me back
Please push the thanks button if it helped
Enjoy:victory::victory:
Regards milkyway3

Apps keep reappearing after deletion with "System App Remover"

Hi,
I was wondering if there was some way of preventing Microsoft and Google apps reinstalling themselves after I delete them? I've just rooted my phone and am new to the world of Android's furry innards but am a long term Linux user.
Sorry if this is a duplicate post, I've searched Google and XDA to no avail.
ps. does anyone know offhand why fdisk doesn't do anything? It's installed in BusyBox.
Thanks :silly:
I don't those apps are being reinstalled. They are probably not even deleted in the first place. Some apps are protected. I mention this because Titanium Backup has a "Chuck Norris" mode that specifically deals with that scenario.
I had a similar problem where Titanium Backup wasn't able to uninstall system apps. The workaround was to delete the apk from /system using a root capable file manager.
This was a root problem though. The root method I used at that time wasn't entirely compatible with Titanium Backup. So that may be another reason why your apps keep showing up.
It is because of adware you've been infected with. Download an antivirus and throughly scan and remove the viruses. Remove recently installed apps that you find suspicious.
I moved and disabled them at the same time using Apps2sd and they stayed dead.

System Input Method app installs & reinstalls by itself without notification

System Input Method's playstore link
[Playstore link: https://play.google.com/store/apps/d...ster&hl=en_GB]
Application Process: System Input Method (Process Name: com.ss.android.secure.cleanmaster)
listed as a system file.
Installed APK: /data/user/0/com.ss.android.secure.cleanmaster-1/base.apk
/data path: /data/user/0/com.ss.android.secure.cleanmaster
Version: 1.05
Target SDK: 22
Permissions:
Have full network access.
View WiFi connections.
View network connections.
Download files without notification.
Read phone status and identity
Modify or delete the contents of your usb storage.
Read contents of your Usb storage
Prevent phone from sleeping
Retrieve running apps
Draw over other apps
MainService: ime.mobile.ime.main
NOTE: This app written for older Android OS. So if installed in newer android versions, all permissions will be allowed even if you blocked it.
Last edited by SniperAlert2046; Today at 09:27 PM.
Malwarebytes classified it as riskware.
But after uninstalling it, the app came back again at random hours. seemingly downloading and installing other apps (like Haike News - communist news; and Ireader)
Drains battery and used data (to download files and maybe mine for crypto)
tried using ADB to remove it but as the base.apk is stored in root folder, the app can reinstalls itself when triggered (by the programmer / hacker or randomly)
Rooted phone and then installed Afwall+ firewall. But the firewall steathily disables internet filtering at odd hours. (or maybe the firewall is bugged).
So decided to deactivate Updater app (linked to redstone) and the OTAupdater... system app since phoine already rooted and that the Leagoo company does not provide regular OS updates. (except pushing Haike News, System Input Method and H5plugins riskwares to phone).
Well, although AFwall+ firewall did not work, thereby exposing my phone to the internet without filtering IP traffic, the riskwares did not return. So uninstalling Updater (the one with the com.redstone.ota.ui pathname) and the System Update (com.sprd.systemupdate) works for me.
Netguard firewall managed to blocks internet access by system apps. The Leagoo's Built-in Weather app created Baidu folder in root folder (collecting many encrypted log files probably for sending back to Baidu servers in China.). Would be better to uninstall Leagoo Weather app and install a 3rd party one.

Categories

Resources