Better Mobile App

Chinese virus?

I have noticed these chinese apps some how self installing on my S2.
Any idea how to get to the source of these unauthorized installs? (Lookout & AVG & NetQin don't detect them as malicious or find any reason for how they are getting on there).
Currently using KH3 + CFRoot.

Why do people give so little information when they post?
What Chinese apps? (Please provide a screen shot if the app name is in Chinese) .
This sounds really really bad.
Has this happened to any one else?
It should not be possible for this to happen.
Does your phone have any connection with China or have you installed any Chinese software?

If this is happening then you must have done something yourself to start the process. Nothing can install itself without your consent, unless there's malicious software that's bypassing the system and installing for you, but you would have had to install that first.
So, as above, a lot more information is needed. Personally, I'd just do a complete wipe and hard reset and never install anything from untrusted sources again, including warez, 3rd party app stores and the Chinese Market, which is known to have had dodgy software before now.

My friend got an S2 from China and it was preloaded with all those Chinese apps. Examples include QQ Security Suite and some other apps. I used Titanium Backup to uninstall but after each restart, the app re-appears!
I was surprised that Titanium couldn't uninstall. It says it uninstalled successfully but it just re-appears. The only thing I could do is to do a re-flash to a Hong Kong firmware without all those pre-loaded Chinese apps.

But before you wipe everything, please help us try and find out how it happened?
Again has this happened to any one else? Because I want to know if this could happen to my phone!

Mine also did this on stock rom i would uninstall samsung apps reboot and it would reappear on my menu. Is it possible the rom comes with an auto install script for the preloaded apps?
Sent from my GT-I9100 using XDA App

otester said:
I have noticed these chinese apps some how self installing on my S2.
Any idea how to get to the source of these unauthorized installs? (Lookout & AVG & NetQin don't detect them as malicious or find any reason for how they are getting on there).
Currently using KH3 + CFRoot.
Click to expand...
Click to collapse
If you have CF-Root, you have super user installed. Review your permissions. You can also install LBE privacy guard and set permissions for all apps as well, including many system apps (you'll need to 'untrust' them first).
Sent from my GT-I9100 using XDA App

Sorry for the little information guys, was 5am and very tired
I deleted the second incarnation of the app as soon as I saw it (worried about personal details being taken etc.) however it if it reappears again then I will screenshot it.
Virus scanners don't detect them as malicious, when the program opened (after stealth install) I went through it, albeit in Chinese it looked like a legit program and the menu worked etc.
I have market 3.1.3 installed (got the apk off the internet) and a few apps that got removed from the market place (torrent clients and certain games I couldn't find etc.) so it could well have been put in them.
I'm thinking about a hard reset, not using titan backup to avoid it coming back and a re-flash.
Also my phone has no connection with China (purchased in the UK), this has only happened recently.
Is there any more info needed before reset etc.?

Looks like the suspect apps removed from the market may have been the cause.
Does anybody know if running as root alows all download apps to run with root permissions?

LouisJB said:
Looks like the suspect apps removed from the market may have been the cause.
Does anybody know if running as root alows all download apps to run with root permissions?
Click to expand...
Click to collapse
Issue is the damage seems to have been done, looks like I have no choice but to reflash etc. Need a virus scanner that has root so it can do a deeper scan.
Superuser is a lot like UAC on Windows Vista/7, it will popup and ask you to allow/deny.
Also is there any way to wipe the device while re flashing to ensure this gets removed?

I found a folder on my Internal Storage "QinqiQuan" (Google Image search pinpoints this as one of the apps) which translates in Chinese to English as "Infringement", however the app itself appears to be a legitimate Chinese social app so I'm not sure of my original concern regarding "Infringement" being copyright related etc.
Another few suspicious folders were "the9GameCenter" & "waze".
In future I'll be sticking the Market and official sites, even if that means doing without certain apps that aren't available on my handset/region

Isnt waze a community based sat nav app?

poults said:
Isnt waze a community based sat nav app?
Click to expand...
Click to collapse
The apps themselves appear legitimate, but I didn't authorize the installs which is what worries me.
I wiped internal storage, wiped data and then re-flashed + CFRooted.
Hopefully what ever it was, won't come back

And how about the security in your computer? As we know, you can install an app in your phone via your market account using your computer. Perhaps someone is playing around with your market account. If this is the case, changing your password would be a good idea.
Sent from my GT-I9100 using XDA App

angelomaldito said:
And how about the security in your computer? As we know, you can install an app in your phone via your market account using your computer. Perhaps someone is playing around with your market account. If this is the case, changing your password would be a good idea.
Sent from my GT-I9100 using XDA App
Click to expand...
Click to collapse
Yeah I have changed my password and turned on all the Google security settings, albeit a bit of pain, does give peace of mind
Sent from my GT-I9100 using xda premium

I need your help fixing the market "My Apps"

So I haven't quit looking into what actually causes the market "My Apps" issue. While I do feel it truly is the database I have a slightly more detailed theory as to why it does it. However in order to test this theory I need to take a general poll.
How many of you discovered this issue after using some sort of Root tool (ie: Rom Toolbox, Root Tools, Titanium Backup)?
How many of you have accidentally or on purpose used the Market Fix that supplement these programs?
The reason I'm asking is semi obvious I suppose. While these programs can do great good it would appear that if not done correctly they can also do bad. Last night I decided to play with it a bit more and I Linked ALL system apps and user apps to the market. After a few minutes or a reboot I would get the error again.So I went ahead and broke all links again, deleted the .dbs file and started all over again. This time only doing system apps and user apps that I knew were updatable. This lead to the market functioning much better. However I'm not finished yet. I want to figure out what apps and programs trigger this. At this point in time most User apps are okay but I have found I have linked considerably less system apps to the market. What I would like to ideally do is narrow the list down to just a few apps that shouldn't be linked.
Also if anybody would be so kind as to copy and share their database file that would help tremendously. This file needs to be completely stock having NEVER used any of these programs to edit the market links. Sharing this could potentially help all Android users having this extremely annoying issue. If you would like to keep the amount of users who this down to just me you can PM me or even send it to me over Skype or some other messenger with a file share tool. Thank you all in advance.
For those of you currently having the issue I have posted a fix here: http://rootzwiki.com...market-my-apps/

What issue?

DirkGently said:
What issue?
Click to expand...
Click to collapse
With the "My Apps" being a blank page and not containing any of the apps from the account.
Sent from my super awesome Kindle Fire running CM7 with Tapatalk

[Q] Nook for Android app does nothing

I have a NT rooted and setup to disable automatic downloads from BN following directions on this forum. Everythings been working pretty good but I would still like to purchase things from BN occasionally.
I then went out to the Android marketplace and downloaded Nook for Android, installed it and I can see it in my list of apps.
When I click on the icon for it though, all it does it take me back to the main page of my launcher.
Has anyone else had these issues?

Sounds like a bad install to me. I am rooted with zergy and have minor debloat, opting to keep all of the B&N stuff as I still buy books often. Which root method did you use? I also have the nook app on my phone with a few books in my dropbox. It works fine on that as well. Perhaps try clearing cache and data from the app and try signing in again?

I know there have been other threads on this, and I don't recall anyone getting it to work. I believe B&N has done something either to the app or to Android to prevent it from running.
Sent from my SCH-I500 using Tapatalk

I had the same outcome after rooting. I suspect and accepted that it was most likely due to opting for a full B&N debloat.

Right, I did do a full debloat also.
If BN would let me just get the ebook, even to my computer, I suppose maybe I could transfer it over to the nook that way but I haven't tried it.
Thanks!

larrynooktb said:
Right, I did do a full debloat also.
If BN would let me just get the ebook, even to my computer, I suppose maybe I could transfer it over to the nook that way but I haven't tried it.
Thanks!
Click to expand...
Click to collapse
Calibre is a resource to assist in that. I find it a great library manager and it will act as a WiFi server to your Nook through the Calibre Library app

I'm unclear whether this post is about the nook software already baked into the device, or the "Nook for Android by B&N" available to download on the Market.
When you say "Nook for Android" I assume you mean the latter.
It's strange that the app will not even launch. I'm not sure how it differs from any other android app. The app works fine on my Droid and Droid charge, but won't download certain magazines saying they're unavailable on the app, when they clearly work just fine on the software baked into the Nook Tablet.
Perhaps after someone gets Cyanogenmod stable on the device we will see whether or not there was something baked in that specifically blocked the "Nook for Android" app in the Market.

I was referring to the B&N Nook app from Android market. MOst of the other B&N preloaded apps also stopped working after debloat too

As ckevinwelch mentioned there have been numerous posts about this - including one by me. What I did instead was find the reader.apk, shop.apk and library.apk apps in an old back-up of Ti-Backup I had and installed those after doing a full debloat using indirect's root. Have had no problems since then.... (I've re-rooted a couple of times to take advantage of updates, etc).
edit... I mispoke, it appears that after I did the freeze OTA block (9.9.9) recently, it now shows as unavailable under owner/account in settings, I don't have access to the B&N shop, but my old books are still on my NT and I can read them. It did work when I was listed under owner/account.
Sorry to get your hopes up.
~ G

If you did the debloat PRIOR to installing and backing up using TI-backup, is there some other place to find and reinstall these apps?

You can get them from the acclaim update zip file (for the magic restore card).
So did you decide not to sell yours?
Sent from my SCH-I500 using Tapatalk

TX Kevin, and no, didn't change my mind but the buyer flaked on me. So, still trying to make it worthwhile keeping if it ends up that way.
Does acclaim file require me to reroot? hate the idea of that...

Don't restore from the zip, just pull them out, move them to system/app and install.
Sent from my SCH-I500 using Tapatalk

of course none of these will actually do much until I reregister the device under my B&N account, correct? Presently, they run but don't access anything.
Speaking of...is there a way to reregister without rerooting?

of course none of these will actually do much until I reregister the device under my B&N account, correct? Presently, they run but don't access anything.
Click to expand...
Click to collapse
Correct...
Speaking of...is there a way to reregister without rerooting?
Click to expand...
Click to collapse
I don't think so...
~ G

I did not do a full debloat and only removed games but I have the same problem and cannot use some of the originally installed B&N apps. I think it is something I have to accept since I rooted the device. I did not install the Nook for Android app.

OK - Did a test last night w/ the following results:
After backing up all my apps and go launcher settings, and using Indirect's unroot app and Indirect's root method I rooted once each using option 5 debloat and option 1 debloat. Both times I registered my NT when the initial welcome screens started.
- With option 5 debloat and OTA block I did not have access to the B&N Shop/Library and couldn't purchase new books. I could re-install the library & reader apps from my back-up and my old stuff was there but no access to buy/download new stuff. Device Info/About Your Nook showed Unavailable for Owner/Account.
- With option 1 debloat and OTA block I do have access to the B&N Shop/Library and was able to purchase and download a new book. Device Info/About Your Nook showed my name and e-mail for Owner/Account.
I find it takes about 45 - 60 min. to completely unroot, reroot and reinstall my apps from back-up (after installing Ti-Backup from the market). Since your computer has already been set-up w/ the drivers to root when you did your intitial root - just start the reroot process w/ the NookandZergy.bat that you have in your c:\ntroot folder.
HTH ~ G

[Q] How do you keep the contents of your internal SD card private?

I heard that app developers can potentially access all your photos. Is this right and how can you keep them private?

ummm not that I'm aware of. where did you hear this from? :silly:

I don't know if that is true or not, but I suspected something similar reading the permissions before downloading apps as well. I noted modifying the SD card in many of them, a few included WIPING it. Now if they have that kind of power, I would be hesitant. I suppose Google has something in place that prevents that kind of abuse, but seeing how Quickpic can replace the default Gallery app, I do think it is possible. However, transmitting that data back to them may not be allowed or possible. Until I finish learning the SDK thoroughly, I cannot say yea or nay on it. I would suggest asking google about a specific app and see what they say first, and then consult someone who knows how to read the .apk files to see what they can discover.

Wallace_Brownie said:
I heard that app developers can potentially access all your photos. Is this right and how can you keep them private?
Click to expand...
Click to collapse
If you're that worried, don't store them on your device. If the DroidWall app "really" works, it should block all internet communication on apps that you select.....a wall of fire is the purpose.
Sent from my Amazon Gindle Fireoid

Mephisto_VI said:
I don't know if that is true or not, but I suspected something similar reading the permissions before downloading apps as well. I noted modifying the SD card in many of them, a few included WIPING it. Now if they have that kind of power, I would be hesitant. I suppose Google has something in place that prevents that kind of abuse, but seeing how Quickpic can replace the default Gallery app, I do think it is possible. However, transmitting that data back to them may not be allowed or possible. Until I finish learning the SDK thoroughly, I cannot say yea or nay on it. I would suggest asking google about a specific app and see what they say first, and then consult someone who knows how to read the .apk files to see what they can discover.
Click to expand...
Click to collapse
If I rememeber correctly, the android permission to access the sd card gives full read write privileges to the app, there is no partial access. Most apps need this permission to save data, cache etc to your sd card.
If you have a linux OS running computer you can modify file permissions for write and delete as root only, while allowing all users to read. That way if you want to delete or modify the file, you'll have to use superuser permissions. Of course that requires a rooted phone then....
Sent from my HTC Desire HD using xda app-developers app

Mephisto_VI said:
but seeing how Quickpic can replace the default Gallery app, I do think it is possible. .
Click to expand...
Click to collapse
Use hide it pro from play store. It can hide pictures and videos from any gallery app.

Mephisto_VI said:
I don't know if that is true or not, but I suspected something similar reading the permissions before downloading apps as well. I noted modifying the SD card in many of them, a few included WIPING it. Now if they have that kind of power, I would be hesitant. I suppose Google has something in place that prevents that kind of abuse, but seeing how Quickpic can replace the default Gallery app, I do think it is possible. However, transmitting that data back to them may not be allowed or possible. Until I finish learning the SDK thoroughly, I cannot say yea or nay on it. I would suggest asking google about a specific app and see what they say first, and then consult someone who knows how to read the .apk files to see what they can discover.
Click to expand...
Click to collapse
They said that they can't, and that's why they won't put SD cards in their own line.

Since I first responded, I came across Avast! Anti-virus for Android. It has a built in firewall you can customize per app. I do believe it requires root to utilize it though. Once I nosed around the settings, I was impressed with it. Now to see how well it works before I recommend either way on it. Oh, if you are going to use it, root first then install Avast.
Sent from my (rooted) LG-P870 using xda app-developers app

I know it has been a bit since the last response. I did find a few more programs since then though. Addons Detector examines programs and their permissions and puts several lists together in an easy to read format for you. Its good for when you have forgotten which program had what permissions or didn't catch what they were when installing. It also has an extra option (paid) that I am still evaluating: a live monitor. Notifications of how many addons are added upon installing a new app. Could be beneficial for the security conscious or the, for lack of a better term, paranoid users.
Sent from my LG-P870 using xda premium

Hi - I'm new to Android (and not that well versed with WM5 yet either), but have also been concerned when I saw all these apps that require access to full network, contacts, phone ID and number, etc.
While I understand using the Avast! firewall would prevent apps accessing the internet and sending my data, would those apps then cease to run if they couldn't access what they wanted?
Thanks,
Dylan.

[Q]Is this normal for apps to do this?

Hey all,
Just come across this and wanted to know if it was 'normal' for some apps to do this or some form of encryptiony type thing.
When flashing new roms I use our ROMCleaner to backup and restore apks. Recently Ive noticed some apks not being backed up and needing a redownload from the market.
Notably ADW Ex 1.3.3.8, SickStache and the Natwest Banking app.
After having a look through my system it seems the apks are not actually in /data/app, system/app or even installed on my sdcard.
I noticed a while back that the Natwest app was actually being installed as a .zip and couldnt be installed back as a zip, or renamed as a apk, using ROMcleaner. This I thought was pretty cool seeing as its a banking app and a way of dealing with security.
Now with ADW I managed to get the apk back by using TB. Moving to internal (still not appearing in data/app) and then converting to a system app. The apk was then present in system/app.
Is this a new form of app encryption? If it is its a pretty cool way of dealing with piracy, no apk = no stealing
Or is there something wrong?

Yeah, it is. One of the main features of JellyBean was paid app encryption. Play Store automatically downloads paid apps into an encrypted partition in /data. This is currently disabled, because the implementation of this paid app encryption caused a lot of problems, especially paid app widgets and live wallpapers disappearing after reboot. This happened because the encrypted partition was being loaded AFTER the Android system booted up, so while the system was booting it couldn't see any of these apps and their data and didn't load them. Google hasn't developed a fix for that yet and so they've turned the feature off to avoid frustration among users. Currently the paid apps download like before without going into any encrypted partition.
http://www.android.com/about/jelly-bean/
http://code.google.com/p/android/issues/detail?id=34880
http://blog.gsmarena.com/google-dis...cryption-after-issues-with-several-paid-apps/
http://www.androidpolice.com/2012/0...n-the-play-store-google-disables-drm-for-now/
http://www.talkandroid.com/126461-jelly-bean-encryption-negatively-affects-paid-apps/
http://techie-buzz.com/mobile-news/...eature-breaks-account-sync-for-paid-apps.html
http://www.gadgettweet.com/2012/08/jelly-bean-app-encryption-makes-mess-in.html#.UNw3VG9HLAE

sashank said:
Yeah, it is...
Click to expand...
Click to collapse
Wicked, thanks for the info! Thought something had gone with my phone lol
It seems some apps, free or paid, still do get 'encrypted' in the 4.1.2 ROM im using so dunno, maybe some still do.
Anyway, at least I know whats happening now and can work around it.
Many thanks for the info as well, much appreciated