Better Mobile App

[Q] Strange popup ad

I have been using a clock program called wf & clock widget for a few months on my p500h and it has been running fine, no popups. Recently I decided to install tape a talk and I have been getting a lot of full screen popup ads. I uninstalled tape a talk but the popup ads persist when I check the weather with wf & clock widget. I have used some antiviral antimalware programs but it is unable to find anything.
I have a rooted phone with permissions programs and the sort. I just want to know how this weather program may have gotten infected from a dev point of view . As of this moment, I am unable to get rid of the problem.

Download from the market - airpush detector
MoPhoACTV Initiative

I ran airpush detector and it did not find anything. Is it possible that tape a talk installed something into another application? I didn't think android apps could do that.

As long as you got the app from the android market then no. If you got it from a non sucure site then it is possible

Interesting, although I cannot believe it. Many people who have downloaded the tape a talk free version have had the same problem. I hope I do not need to reset my phone in order to change things back to normal.

Ceiltsei said:
Interesting, although I cannot believe it. Many people who have downloaded the tape a talk free version have had the same problem. I hope I do not need to reset my phone in order to change things back to normal.
Click to expand...
Click to collapse
Believe it. Android apps can be used to install apps that you know nothing about. Mai ly if your rooted or got the app from non approved sites. You should never install apps that you are not sure are clean like the ones from trusted markets or here.
And I just checked as u didn't think tapatalk offered a free version. And I couldn't find one. Where did you get it?

Ceiltsei said:
Interesting, although I cannot believe it. Many people who have downloaded the tape a talk free version have had the same problem. I hope I do not need to reset my phone in order to change things back to normal.
Click to expand...
Click to collapse
You could try an alternative like virtual recorder. It has in app ads only and quality is very good. You can get it on market.
If it does what you want you can delete tape a talk then.
Alternatively if your android is rooted you can use lbe privacy guard to deny it permissions such as net access so it might not get ads pushed to it then.
Dave
Sent from my LG P920 using Tapatalk

zelendel said:
Believe it. Android apps can be used to install apps that you know nothing about. Mai ly if your rooted or got the app from non approved sites. You should never install apps that you are not sure are clean like the ones from trusted markets or here.
And I just checked as u didn't think tapatalk offered a free version. And I couldn't find one. Where did you get it?
Click to expand...
Click to collapse
Not tapatalk, but 'tape a talk'. I only get apps from the official android market. Take a look at the feedback regarding the ad problem.
Normally I would not be asking about this kind of problem on this forum, and I thank everybody for the replies. I am mostly just curious about how this sort of problem can occur and how these apps can affect other apps, even ones that are apparently trusted and from trusted sources. You can never really trust a developer fully - I purchased the first Android phone available and have seen countless developers screw over their app users. It's really too bad since there are so many good developers out there too and it's hard to tell the difference.

zelendel said:
I just checked as u didn't think tapatalk offered a free version. And I couldn't find one. Where did you get it?
Click to expand...
Click to collapse
The tapatalk forum app, as opposed to tape a talk recorder, although commercial can be legally used free from getjar.com.
Dave
Sent from my LG P920 using Tapatalk

Try this app
https://market.android.com/details?id=com.denper.addonsdetector
It may find what airpush detector didn't.
MoPhoACTV Initiative

Please use the Q&A Forum for questions &
Read the Forum Rules Ref Posting
Moving to Q&A

Infected with malware?

Hi.
My girlfriend has a Samsung Galaxy S II that has been acting a bit weird recently. Battery life has become extremely short, and she discovered hundreds of files all with names beginning with "tracker-c6446d57267343". Most mysterious of all is that something is somehow using the GPS even though it has been deactivated in the settings.
I'm suspecting her phone is infected with malware, and I'm planning to do a full wipe next time we meet. She's downloading AVG from Google Play right now to run a scan, but I'm going to do a full wipe anyway just to be sure and because she wants to have a clean start anyway.
I'm mostly curious if anyone has encountered this before. Is it malware? If so, how harmful is it? Keylogger, possibly?
Thanks.

CNMOH said:
Hi.
My girlfriend has a Samsung Galaxy S II that has been acting a bit weird recently. Battery life has become extremely short, and she discovered hundreds of files all with names beginning with "tracker-c6446d57267343". Most mysterious of all is that something is somehow using the GPS even though it has been deactivated in the settings.
I'm suspecting her phone is infected with malware, and I'm planning to do a full wipe next time we meet. She's downloading AVG from Google Play right now to run a scan, but I'm going to do a full wipe anyway just to be sure and because she wants to have a clean start anyway.
I'm mostly curious if anyone has encountered this before. Is it malware? If so, how harmful is it? Keylogger, possibly?
Thanks.
Click to expand...
Click to collapse
wow, first post for ya huh? good for you.
dont waste your time with AVG. just wipe the phone. and tell her not to install a bunch of stupid apps.

BluePoint Antivirus is my personal fave
Sent from my Samsung Galaxy SII
CM9 Stable/Siyah 4.1

topiratiko said:
BluePoint Antivirus is my personal fave
Sent from my Samsung Galaxy SII
CM9 Stable/Siyah 4.1
Click to expand...
Click to collapse
Lmao. anti virus on android. you guys are funny!
U know its pointless right?

MotoMudder77 said:
Lmao. anti virus on android. you guys are funny!
U know its pointless right?
Click to expand...
Click to collapse
Exactly. It is. Odds are someone installed an app on yer girlfriends phone to be able to track her, tape pictures with the camera remotely, steal her credit card info, use the mic to record what's going on , etc. All of this can be achieved with ONE app and allows the person who installed it to remotely access the device. Also the app hides itself from detection in the app drawer and in the app manager . The legal reasons to install it are for if u lose your phone. But if someone got a hold of her phone they could easily have put this on and set it up within minutes. In other words. Someone can hear and see everything she's been doing.
Sent from my SGH-I777 using Tapatalk 2

Phalanx7621 said:
Exactly. It is. Odds are someone installed an app on yer girlfriends phone to be able to track her, tape pictures with the camera remotely, steal her credit card info, use the mic to record what's going on , etc. All of this can be achieved with ONE app and allows the person who installed it to remotely access the device. Also the app hides itself from detection in the app drawer and in the app manager . The legal reasons to install it are for if u lose your phone. But if someone got a hold of her phone they could easily have put this on and set it up within minutes. In other words. Someone can hear and see everything she's been doing.
Sent from my SGH-I777 using Tapatalk 2
Click to expand...
Click to collapse
I'm finding it highly unlikely that any of her friends would do something like that, not to mention that none of them have the technical know-how (yes, I know it's not hard, but none of her friends are even technologically adept to pull something like this off) to do it. If such malware has been installed on her phone, it most likely came bundled with some app she downloaded. She doesn't get all her app downloads from Google Play.

MotoMudder77 said:
Lmao. anti virus on android. you guys are funny!
U know its pointless right?
Click to expand...
Click to collapse
I like the way it looks on my status bar.
Sent from my Samsung Galaxy SII
CM9 Stable/Siyah 4.1

CNMOH said:
I'm finding it highly unlikely that any of her friends would do something like that, not to mention that none of them have the technical know-how (yes, I know it's not hard, but none of her friends are even technologically adept to pull something like this off) to do it. If such malware has been installed on her phone, it most likely came bundled with some app she downloaded. She doesn't get all her app downloads from Google Play.
Click to expand...
Click to collapse
There is no such thing as malware on android. everything you install tells you what it has access to.
The only thing like malware, would be an application that records stuff and sends it out, which would be listed when she installed the app, Tho im sure most rarely pay attention to that screen other than hitting install.
There are no viruses, no malware, or anything "hidden" that can attack stuff without your permission.
Wipe the phone. Dont install pirated apps or stupid pointless apps.

MotoMudder77 said:
There is no such thing as malware on android. everything you install tells you what it has access to.
The only thing like malware, would be an application that records stuff and sends it out, which would be listed when she installed the app, Tho im sure most rarely pay attention to that screen other than hitting install.
There are no viruses, no malware, or anything "hidden" that can attack stuff without your permission.
Wipe the phone. Dont install pirated apps or stupid pointless apps.
Click to expand...
Click to collapse
Malware can definitely affect android. Sure there are safeguards built in to reduce the chances of it happening, but they rely on the user to enforce them. I can almost guarantee that a majority of android users don't look at what permissions an app is asking for prior to installation. I know for a fact that out of the 5 android users in my house I am the only one that checks permissions before I install anything. In addition, even if one is checking the permissions, a malicious app can easily disguise itself as an everyday app that requires the permissions the Malware needs but would be overlooked because the host app has a valid reason for needing those permissions.
A dialer, email, sms, social networking app will all ask for access to your contacts. And it's necessary for that app to do its job. Well if that same app has unlimited access to your network then it can now take your contacts and upload them.
Now a virus is another thing all together. While it's possible on a rooted phone with rw permissions in the system directory, it's unlikely since most apps exist in a "sandbox" so to speak. It wouldn't be that difficult for a root explorer app to gain access to your /system directory and wreak havoc and then target your sdcard and wipe out your data. But not before uploading whatever it wants (a lot of explorers require network permissions for cloud service, etc). But then I guess that would be classified as malware and not a virus
And lets not leave out all the apps that use social networks to login..
But the last two Lines of your post say it all. Stay away from pirated apps and watch what 3rd party apps you're trusting these permissions with.

Warning!!! Suspision, Firefox is sold out to Facebook.!!

Hello friends,
I wanted to alert everyone regarding what I discovered.
After latest firefox update I found out that-
Whenever I run Firefox app, it also runs Facebook app and facebook messenger.
Here is how I tested-
1) Kill the Facebook & Messenger totally by using the Force Stop option. For better, also Force Stop the Firefox .
2) Run Firefox again, and then check both the Facebook apps. You will see both the Poop-bags run back from the grave.
How? Why? I guess Firefox is sold out to Facebook too.
Now they are tampering the core too.
Yes I tried these steps, 3 times while writing this topic, to make sure whether my suspicion is valid or not. Yes it does exactly what I said.
Any one knows, how to stop this? (I know the solution some of you might give- Uninstall the Facebook apps.) . But before doing that
lets alert everyone and find out the solution, because this time Firefox is involved(sold out).
Which app permission should I disable to prevent this? (I am using Xprivacy, permission pro, app settings).
android 4.4 , Samsung 10.1 .
Thank you.

Anyone, noticed this? and know any solution?

You're accusing the Mozilla Foundation of possible illegal behavior. You'll need more than the odd behavior of one device to convince me.

Wakamatsu said:
You're accusing the Mozilla Foundation of possible illegal behavior. You'll need more than the odd behavior of one device to convince me.
Click to expand...
Click to collapse
Hello,
I am not here to accuse, I am here to get solution.
I use firefox since years, because of trust. But what I noticed after recent update is evident.
I have checked this several times. I mean everyday, before I run Firefox on my android tablet, I check which apps are running in the background. I kill them if they are there. Then I run firefox and check the running apps immediately. There you see Facebook+messenger, sitting in the background like thieves.
Did you try what I am saying? You will notice its not the "odd behavior of the device". but its the "obvious behavior of Mozilla Firefox".
You will see the same with Spider Solitare. Facebook is Targeting popular apps, or rather possibly Commissioning them.
What more should I test to check or prove that, or prevent that? is there any log or something that I should show here?
Thank you for reply, see you soon.

A lot of apps does that...
Even system apps..
Ex. In Samsung device's when you receive sms, Viber will also run..
When you use Camera, Gallery will run..
I think Firefox is using Facebook services, so if you use Firefox to log in facebook it will also sync.. not sure.
Separate note
Though im wondering that why its banned in XDA

radz_ said:
A lot of apps does that...
Even system apps..
Ex. In Samsung device's when you receive sms, Viber will also run..
When you use Camera, Gallery will run..
I think Firefox is using Facebook services, so if you use Firefox to log in facebook it will also sync.. not sure.
Separate note
Though im wondering that why its banned in XDA
Click to expand...
Click to collapse
As being banned means that it doesn't get mentioned. As for why. Because it's used to rip off devs, making it warez which xda is against.
As for the OP. Run a log cat and see what it is calling. This user maybe right. With everything so connected these days it is not odd for one app to start a service of another app.

zelendel said:
As being banned means that it doesn't get mentioned. As for why. Because it's used to rip off devs, making it warez which xda is against.
As for the OP. Run a log cat and see what it is calling. This user maybe right. With everything so connected these days it is not odd for one app to start a service of another app.
Click to expand...
Click to collapse
It is being mentioned all over the place...
I mentioned it because it is Suspicious, I'm not suggesting it.
OP, if it sounds suspicious for you, send an email to Firefox... its a big company not just a regular devs out there..
They have a email in Playstore..

radz_ said:
It is being mentioned all over the place...
I mentioned it because it is Suspicious, I'm not suggesting it.
OP, if it sounds suspicious for you, send an email to Firefox... its a big company not just a regular devs out there..
They have a email in Playstore..
Click to expand...
Click to collapse
If you see it then by all means report it.
Agreed. I figured the OP would have already asked lol.

zelendel said:
If you see it then by all means report it.
Agreed. I figured the OP would have already asked lol.
Click to expand...
Click to collapse
Nah.. I'm not reporting this kind of issue..
I never tried using Firefox on the phone.
I like UC Browser..lol
I'm not convinced at all.. [emoji6]

Ketansa said:
this time Firefox is involved(sold out).
Click to expand...
Click to collapse
This is the accusation. The Mozilla Foundation is registered as a tax-exempt organization under US law and as a charitable trust under California law. Selling out to Facebook jeopardizes that standing.

Wakamatsu said:
This is the accusation. The Mozilla Foundation is registered as a tax-exempt organization under US law and as a charitable trust under California law. Selling out to Facebook jeopardizes that standing.
Click to expand...
Click to collapse
Yes, whatever it sounds like, if you are going to say the same thing without even checking what I am saying ... or you already know it.
Ok sorry if it sounds like accusation, but Firefox is still doing that.... Whats next?
Thank you for replying.

radz_ said:
A lot of apps does that...
Even system apps..
Ex. In Samsung device's when you receive sms, Viber will also run..
When you use Camera, Gallery will run..
I think Firefox is using Facebook services, so if you use Firefox to log in facebook it will also sync.. not sure.
Separate note
Though im wondering that why its banned in XDA
Click to expand...
Click to collapse
zelendel said:
As being banned means that it doesn't get mentioned. As for why. Because it's used to rip off devs, making it warez which xda is against.
As for the OP. Run a log cat and see what it is calling. This user maybe right. With everything so connected these days it is not odd for one app to start a service of another app.
Click to expand...
Click to collapse
Thank you for writing zelendel and radz
Ohh... what is banned/or not being mentioned, on XDA ? The firefox?
What does OP means?
I already sent them email. I also used the option they give "take a moment to tell us ........" thing.
I came here because its obvious activity that I am seeing everyday, and if they are involved, they wont give any solution. You people only can.
And, login using Firefox is totally different than the Facebook apps login. Not related. I am sure this activity is no where near to helping us.
Do you know any Xposed framework module, or something that will prevent this from the root?
See you. thanks again.

Ketansa said:
Yes, whatever it sounds like, if you are going to say the same thing without even checking what I am saying ... or you already know it.
Ok sorry if it sounds like accusation, but Firefox is still doing that.... Whats next?
Thank you for replying.
Click to expand...
Click to collapse
I use neither Facebook nor Firefox on my phone ( i do on my pc) but loaded them up. I followed your instructions. Results: Facebook had to boot from the splash screen each time. I'm deleting the apps not and moving on.

Wakamatsu said:
I use neither Facebook nor Firefox on my phone ( i do on my pc) but loaded them up. I followed your instructions. Results: Facebook had to boot from the splash screen each time. I'm deleting the apps not and moving on.
Click to expand...
Click to collapse
Ok, thank you for trying it for me. :good:
good wishes for you.
Anyone else, please let me know.

SERIOUS now!!
Woww,
this is getting serious. Every popular app Spider solitare, Etsy, ESfile explorer are sold out! Their latest updates are starting services for Facebook. Woww!!
The Greenify and xprivacy mods given by users, isnt working.
Seriously needs a solution for this. Anyone?

I thought it's because Facebook is just set up to run all the time? You kill it and it'll restart on its own, regardless of whether you start up other apps or not.

es0tericcha0s said:
I thought it's because Facebook is just set up to run all the time? You kill it and it'll restart on its own, regardless of whether you start up other apps or not.
Click to expand...
Click to collapse
It is. To be honest there is not much that can be done. Mainly with android M new feature of allowing all apps to check for root and disable features or the app if root is detected.

es0tericcha0s said:
I thought it's because Facebook is just set up to run all the time? You kill it and it'll restart on its own, regardless of whether you start up other apps or not.
Click to expand...
Click to collapse
Hello, hey no. (I guess you are a non-root user). Actually I removed Facebook from the root with the help of Titanium backup and installed it as a user app again. I have also removed its startup. It never starts by itself. Until i updated these popular apps. Now they are rigging even more apps. I know, I keep checking the running apps through ForceStop it or app settings. And I have tried several times, when I run these few mentioned apps I immediately go check the running apps again. There the facebook rise again.

zelendel said:
It is. To be honest there is not much that can be done. Mainly with android M new feature of allowing all apps to check for root and disable features or the app if root is detected.
Click to expand...
Click to collapse
You mean, they are making it even harder for root users? How shameful of this giant advertising slutoogle.
But our patriot developers will definatelt come with a hit fix.

Advice about malware

Hi Folks.
I've done something a bit silly and hoping some Android expert on here may be able to help me.
I stupidly installed an app from an external source using a link that was given me for a specific app.
I am now freaking out about malware/spyware and all the rest of it.
At this point, I must point out that there is nothing to immediately suggest the app is bad. I only installed it a few hours ago on my phone but there hasn't been anything suspicious like extra battery use, heat, unknown apps in the list of battery usage or pop ups or anything like that. It could be that it's absolutely fine (and probably is.)
What I'm more concerned about is that there may be some nefarious background process running that means I suddenly wake up and find my bank account has been drained, or I'm being blackmailed by some Russian hacker that has hold of my emails and photos etc.
TWO IMPORTANT DISCLAIMERS (before anybody states the below:
- Yes, I know it was a stupid thing to do and I don't know what came over me. But it is done now.
- I know that a full factory reset is the best way to clear all but I'm desperate to avoid that. It took me two days to setup my new S21 Ultra and hate the thought of going through all of that again!
I know that Google Play Protect helps with apps from the GP Store, but I assume this is not relevant here because it came from an external source. Is there any kind of facility where I can upload the app and it scans it? Or am I screwed?
I also know you can download Norton etc but I read that they may not be effective on things like this. FYI, I am running the January 1st Android security patch (the most recent available.)
Thanks in advance.

Scan the apk file with online Virustotal.
Meh... show us the apk in question.
I have a few side loaded apps, so what?
Playstore is no sure bet either... load what you need, disregard the rest and toss the bad ones.
A badly written app can cause headaches even after it's uninstalled. Not as common with Android as in Windows but it happens.
On a clean load I'm careful what I install ie known good apps.

blackhawk said:
Scan the apk file with online Virustotal.
Meh... show us the apk in question.
I have a few side loaded apps, so what?
Playstore is no sure bet either... load what you need, disregard the rest and toss the bad ones.
A badly written app can cause headaches even after it's uninstalled. Not as common with Android as in Windows but it happens.
On a clean load I'm careful what I install ie known good apps.
Click to expand...
Click to collapse
Thanks. I've attached the apps. Thanks for your help and advice. I've scanned them on VirusTotal and they appear to be clean..

If you are worried about this, then you need to flash the phone. Then install the app to protect your phone from the official source.

philliplavelle said:
Thanks. I've attached the apps. Thanks for your help and advice. I've scanned them on VirusTotal and they appear to be clean..
Click to expand...
Click to collapse
Did the reload go well?

Does anyone recognize this as spyware?

I have a good friend who believes her husband, they are separated and divorcing, has some kind of spyware on her phone. A lot of her claims as far as strange things happening with her phone, seem kind of impossible but her ex was involved in some high level activities in the Military. For one, she says she can factory reset her phone and all the strange things pop back on her phone. The first thing I looked at was what apps on her android were using the most data. I will include a picture of it but I personally have never seen anything like it. Many of the apps that are shown are "restricted".
Now, the app store for example. She claims she never installs new apps or really even looks around on the app store however the data use on it is insane. She also has NO work stuff on here and has no idea what osulogin is. Does anyone have a clue??

osu login is a preinstalled system app.

blackhawk said:
osu login is a preinstalled system app.
Click to expand...
Click to collapse
Thank you for letting me know that. Did you notice or see anything strange on there? Like why is the appstore data so high and all the app restricted? She said he ex was like scary good on cell phones.

sphereplay said:
Thank you for letting me know that. Did you notice or see anything strange on there? Like why is the appstore data so high and all the app restricted? She said he ex was like scary good on cell phones.
Click to expand...
Click to collapse
Have the phone reflashed to its original stock rom. Change Google account password.
Turn off wifi. Get off social media. Never leave anyone use your phone out of your sight... if at all.
I doubt the ex would risk his security clearance and job like this. The DOD has a vast array of spyware tools... I've seen some in use.
You upload and scan any app you want to with online Virustotal.

blackhawk said:
Have the phone reflashed to its original stock rom. Change Google account password.
Turn off wifi. Get off social media. Never leave anyone use your phone out of your sight... if at all.
I doubt the ex would risk his security clearance and job like this. The DOD has a vast array of spyware tools... I've seen some in use.
You upload and scan any app you want to with online Virustotal.
Click to expand...
Click to collapse
Gotcha. I will pass that on. Thank you very much again.