Hi all, when I bought the Lenovo A916 phone from www.lightinthebox.com it came with spyware included in the Stock Rom(which had been modified by 3rd party), impossible to get rid of unless you root the phone, because its located in system files.
Beware, if you do a factory reset the spyware will be back! Also, do NOT use your phone for banking or anything else with passwords, before you have removed the spyware since it contains a keylogger!
You can flash it with new Rom(also known as Firmware) or a clean Stock(original) Rom - that will remove the spyware. You have to be rooted for this to work.
Right now my phone has A916_S1205_141013 rom - below there is a link to this Rom - its multilingual - I have not yet had the time to try it myself and don't know if its clean.
http://firmwarefile.com/lenovo-a916
I have removed all the spyware, after I rooted my phone, and its working as it should - But as I said earlier, the spyware will return if I do factory reset.
If you bought this phone on the net like most of us, then I suggest that you install the following and scan for spyware. Take note, that the spyware is not from Lenovo!
Avast, Avira, ESET, 360 security, Malwarebytes - use all of them, since there are always something one don't find but the other one will.
Be aware that something can go wrong, and I'm not responsible for you trying this out.
The best way to root is Kingo root. But first, attach your phone to your PC/laptop(make its connected to the internet) and on the phone choose MTP, now the phone will install drivere for its first use - this is important!
Then you click the icon in the notification area in windows, to dissconnect usb devices and dissconnect your phone. Wait a few min, - then re-connect and this time (on he phone) choose the last option which say something like "Virtual CD". If autorun is enabled on your pc, you will then get an option to browse this virtual CD - do so!
Copy the content of the virtual CD to a new folder on your pc, then run and install LenovoUsbDriver_autorun_1.0.12.exe - this is important. Don't bother with the other things there since its in chinese.
Then get Kingo root from here:
http://www.kingoapp.com/android-root.htm
Click to download it from CNET, be aware that it might get caught by your antivirus - not that it contains virus, but because its used to root phones. If it got to you pc safely, then run it and it will download the real rooting software - make sure to say NO/Decline/uncheck to any offer that comes up(like install Yahoo). Stupid and annoying way CNET try to impose their stuff onto people.
Now, the real software has been downloaded(android_root.exe) - run it and follow the guide. There are also a guide on Kingo root's webpage.
After you have rooted your phone, run the antivirus Apps again, this time you will be able to remove some but not all of the spyware. Make a list of those you can't remove - then go to the superuser app you can remove the software that contains spyware and cannot be cleaned otherwise. Be careful what you remove.
I found spyware in these and removed with the supeuser app
Trojan.Agent.mq in /system/app/CallerID.apk
PUP.Adware.ShinyMob.a in /mnt/sdcard/funweather.apk
Backdoor.Ginmaster in /system/app/Weatherservice_K517_u002_20140910.apk
Trojan.Fadeb.a in /system/app/Twitter_qd_3025.apk
Do NOT remove the ThemeCenter app!! Its used its used by the system to set wallpaper. If it has spyware then you can remove it and replace it with the one in this post:
http://forum.xda-developers.com/showpost.php?p=63651753&postcount=42
Good luck!
JBJ
Moderator, please don't remove any of this - Its super important!
If someone has suggestion or tips to this thread then please PM me an I can insert it with credit in the 1st post!
I don't have any direct experience with this device, being in the USA, but this seems like it might work http://www.needrom.com/download/lenovo-a916-multilang-root-gapps/ .
I don't have any direct experience with this device, being in the USA, but this seems like it might work http://www.needrom.com/download/leno...ng-root-gapps/ .
Click to expand...
Click to collapse
Hi and thank you for the answer, I have looked at these already, but the authors seem not to want to answer questions on if this is clean.
EDIT: this is obsolete now - please read at 1st post!
EDIT: this is obsolete now - please read at 1st post!
Moderator: Is there a way to delete ones own post?
insomniacno1 said:
EDIT: this is obsolete now - please read at 1st post!
Moderator: Is there a way to delete ones own post?
Click to expand...
Click to collapse
Hello I have a Lenovo A916 and im planing on rooting it and installing a vanilla version of android on it to get rid of the bloatware it contains
I was thinking of using the rom you just shared but after seeing your comment about "this is obsolete now" I have now to ask you what do you mean by obsolete? the rom link didnt turn out to be safe or something?
Related
Is there any site or source on the web that provides downloads of old versions of Android Market apps? This would be for apps that are now updated or no longer available on the Market? I am looking for a site similar to "OldVersion.com" which has some old/classic PC software (but this would be something for android apps instead)?
Thanks if anyone knows of a source or sites.
CustomShortcut gone?
The app that I am looking for in the above post was a free one called CustomShortcut APK. I now have it on one of my two phones (the other phone had it but was lost and replaced). I have tried looking for a developer page for this app but no luck as everything seems to point back to android market as the source link for download.
Does anyone know of a way or source for me to get this APK back on my other phone? Is there a way to copy it from one phone to the other? I am assuming that it was removed from the market because it may not be compatible with ICS but I am not running ICS. The application was made by appli.club.
Are you rooted? If so use root explorer to look for the .apk in the /system/app folder and copy or email it to the other phone and install it.
85gallon said:
Are you rooted? If so use root explorer to look for the .apk in the /system/app folder and copy or email it to the other phone and install it.
Click to expand...
Click to collapse
No sadly I am not rooted. Is that how this could be done? I have an HTC phone (Sensation) and I like my "sense" gui. Don't want to wipe it out by rooting (that is what would happen, right?) If access to the apk is possible with rooting, then I guess my question would be, does anyone else here have CustomCut on their rooted phone? (Or possibly know of any website that would have those apk's available for download). I would be willing to pay if someone would take the time to send me a replacement copy.
just google for any app you want like this:
"title" "versionnumber" "apk" "download"
for example:
android market 2.9 apk download
mojosingle said:
No sadly I am not rooted. Is that how this could be done? I have an HTC phone (Sensation) and I like my "sense" gui. Don't want to wipe it out by rooting (that is what would happen, right?) If access to the apk is possible with rooting, then I guess my question would be, does anyone else here have CustomCut on their rooted phone? (Or possibly know of any website that would have those apk's available for download). I would be willing to pay if someone would take the time to send me a replacement copy.
Click to expand...
Click to collapse
Rooting will not wipe out your phone or change it other than giving you super user privileges. That way you will have access to get to the system apps folder.
I notice apktop keeps old versions around. But part of the reason I like Titanium backup is because I have a fail safe if a new update to an app is bad, as I can just restore from the last backup the older version.
85gallon said:
Rooting will not wipe out your phone or change it other than giving you super user privileges. That way you will have access to get to the system apps folder.
Click to expand...
Click to collapse
Well I am not really too concerned about it wiping out my phone, but I thought I had read many posts here talking about once you root your phone the native skin from the manufacturer is eliminated (for HTC that would be the "Sense" user interface). Can you please confirm? Is this not true? HTC Sense will remain exactly the same after rooting my phone?
The other thing that has made me cautious is that my phone runs perfectly now and I see so many threads on the xda boards here and over at various android forums that start off with "My ____ app is not working right since I rooted...." Just a little daunting for a newbie like myself.
spunker88 said:
I notice apktop keeps old versions around. But part of the reason I like Titanium backup is because I have a fail safe if a new update to an app is bad, as I can just restore from the last backup the older version.
Click to expand...
Click to collapse
Thanks very much for the site suggestion. I have been trying to search for the CustomShortcut APK over there but no luck ...so far (the site search is not that easy to use). I have even tried to seach the site externally using google but, unfortunately, still no luck.
Wait for someone else to confirm on the htc, but nothing changed on my droidx. I just had superuser privs. All of the "this app quit working" is when people flash custom roms. You don't do that when you just root. But you have to be rooted in order to do things like that. Lol.
Rooting gives you the power to do that if you want to.
When I rooted my droidx, I did it just so I could have the power to do other things if I wanted. I am still on factory rom. But I am able to get to parts of the phone that are off limits if I wasnt rooted. I made it where I could tether, later I got rid of bloatware, etc.
85gallon said:
Wait for someone else to confirm on the htc, but nothing changed on my droidx. I just had superuser privs. All of the "this app quit working" is when people flash custom roms. You don't do that when you just root. But you have to be rooted in order to do things like that. Lol.
Rooting gives you the power to do that if you want to.
When I rooted my droidx, I did it just so I could have the power to do other things if I wanted. I am still on factory rom. But I am able to get to parts of the phone that are off limits if I wasnt rooted. I made it where I could tether, later I got rid of bloatware, etc.
Click to expand...
Click to collapse
Thanks once again for the reply. Now that you mention it, I remember reading the terminology "flashed" rom and thought they were similar or the same thing as rooting. One other question, once a phone is in a rooted state, if I was to go in and copy the APK for my replacement phone and put it on there could I then "unroot" lol ...sorry if this is not a word... so that my phone was no longer open? I had read somewhere (perhaps I heard it on a TWIT or Android podcast) that when your phone is in root state that anyone (ie: potentially bad software) has easier access to your phone's vunerable areas.
mojosingle said:
Thanks once again for the reply. Now that you mention it, I remember reading the terminology "flashed" rom and thought they were similar or the same thing as rooting. One other question, once a phone is in a rooted state, if I was to go in and copy the APK for my replacement phone and put it on there could I then "unroot" lol ...sorry if this is not a word... so that my phone was no longer open? I had read somewhere (perhaps I heard it on a TWIT or Android podcast) that when your phone is in root state that anyone (ie: potentially bad software) has easier access to your phone's vunerable areas.
Click to expand...
Click to collapse
yes you can unroot. As for easy access after you are rooted to vulnerable areas, they can only get access if you let them. If an app wants super user privileges, you will get a pop up from su(the super user apk) telling you that some app is wanting privileges. You can grant or deny access. The only things on my phone that have ever given me a pop up are things that i downloaded and know need su access. Wifi tether, root explorer, adfree, etc.
I have found a site that keeps older version of an android app. It's called Android Drawer.
Hope it helps
ok so i bought the infocus m560 (m808/v5) from ebay. uk warehouse chinese seller.
When it arrived the box was unsealed however the excuse for this could be the seller removed the eu plug and put in a uk one.
as soon as i booted it up I ran malware bytes which came back clean but on browsing through settings - apps I notice something called pandoras box & pandoras box services. the second one has permissions to everything. I cannot uninstall or disable either. These seem to serve no relevance to the phone. I believe it is disguised malware.
someone on another forum reccomended netguard which i dowloaded and tried but as soon as I disable internet access for PB &PBS it AUTOMATICALLY disables web access for a lot of other things, I cannot have only PB & PBS selected.
I've been told that it seems that PB/PBS is running as a system process therefore any unrooted app won't affect it.
I read you can uninstall malware by booting into safe mode but i'm not sure if that will work in this instance?
I can find original stock rom for the m560 which doesnt seem to require root to flash - i could try flashing this which would solve the problem IF it was the 3rd party seller that added the malware, but wont if it was the manufacturer and I don't think there is any way to tell? - i can put a link to the page with the stock rom if anyone wants to check its ok
aside from the above my only other option is to root. I have never rooted before. I am a total noob. I've read the process but parts of it i dont fully understand. I do not want to brick the device. I would possibly be willing to give it a go if someone can provide step by step almost fool proof instructions/a clear guide. I've had a look for rooting on m560 and I think there are a few options available - if someone could be as kind to tell me which would be easiest
any other suggestions/solutions welcomed.
I can submit any screen shots if nescessary.
thanks for reading
Hello everyone!
I got a tablet from a big chain company of my country called Turbo-x Twister IV and few days ago I got a virus that can't be deleted. I did factory reset but nothing, so it got permission to install on the system and the virus is the tablet probably.
I did research and it probably is one of these three:
Shedun, Shuanet, ShiftyBug
Also the antivirus finds the SDK client is the virus and asks every hour to uninstall, I uninstall but then it reappears always. Here is some info I found about the virus:
Package name: com.xbkpnotification
Certificate info: /C=cn/ST=guangdong/L=shenzhen/O=xiaobukuaipao/CN=yu
PERMISSIONS:
Install applications, Delete Applications, Close background processes, mount unmount file system, receive boot broadcasting, get info of the current/recent running tasks, read WIFI state.
Does anyone know what to do? Someone told me to install custom ROM but this brand name is from the company and I don't really know which ROM to add so I won't destroy my device. I have Android version 5.1.1 and I always update it so it is the latest.
I would really appreciate some help because now my tablet is useless, it doesn't even allow me to go on the google play store and download games and I definitely am not going to add my phone number to steal my information.
Thank you for reading and I am looking forward for any help!
boopity said:
Hello everyone!
I got a tablet from a big chain company of my country called Turbo-x Twister IV and few days ago I got a virus that can't be deleted. I did factory reset but nothing, so it got permission to install on the system and the virus is the tablet probably.
I did research and it probably is one of these three:
Shedun, Shuanet, ShiftyBug
Also the antivirus finds the SDK client is the virus and asks every hour to uninstall, I uninstall but then it reappears always. Here is some info I found about the virus:
Package name: com.xbkpnotification
Certificate info: /C=cn/ST=guangdong/L=shenzhen/O=xiaobukuaipao/CN=yu
PERMISSIONS:
Install applications, Delete Applications, Close background processes, mount unmount file system, receive boot broadcasting, get info of the current/recent running tasks, read WIFI state.
Does anyone know what to do? Someone told me to install custom ROM but this brand name is from the company and I don't really know which ROM to add so I won't destroy my device. I have Android version 5.1.1 and I always update it so it is the latest.
I would really appreciate some help because now my tablet is useless, it doesn't even allow me to go on the google play store and download games and I definitely am not going to add my phone number to steal my information.
Thank you for reading and I am looking forward for any help!
Click to expand...
Click to collapse
Turbo-x... I dont want to make jokes for this brand (Greek here),
Well, you tried to remove it via adb? also please, post screenshots bere.
I can make the jokes for you haha
Well I don't know anything about the tablet technology, I just owned one and added things from app store, so no I didn't try Android Debug Bridge,. It has some tutorials on youtube should I just watch one and do it? Is for all the brands the same program and procedure or needs any specifics?
GreekDragon said:
Turbo-x... I dont want to make jokes for this brand (Greek here),
Well, you tried to remove it via adb? also please, post screenshots bere.
Click to expand...
Click to collapse
boopity said:
I can make the jokes for you haha
Well I don't know anything about the tablet technology, I just owned one and added things from app store, so no I didn't try Android Debug Bridge,. It has some tutorials on youtube should I just watch one and do it? Is for all the brands the same program and procedure or needs any specifics?
Click to expand...
Click to collapse
Is same. You can search on XDA.
GreekDragon said:
Is same. You can search on XDA.
Click to expand...
Click to collapse
Thank you!
I installed all the three adb drivers on my device and I can put files from my pc now. How do I know which custom ROM is for my Turbo-x Twister IV to install with adb? Or am I supposed to do anything else? I just want to delete all the files from my tablet to remove the virus and then put new system (custom ROM or anything else equivalent) without the virus.
I would love some more guidance if you can provide. Sorry for the trouble I am new to this and I am a little confused
Hello ,its an old thread but i want to ask ,i have the same tab but adb doesn't recognise it ,pc ca see it but not adb .
Of course usb debugging is on but nothing also cant found any usb drivers for this device ,any solution ?
Thanks .
So... I have an Archos 55 and well, root is dangerous, particularly when you're being annoyed with pop up adverts and want to get them gone.
TL;DR:
So basically this all started when I found that web pages and adverts were just opening. Whether I was using the device or not, they'd just magically appear, sometimes ten at a time, accessing the internet at will. I was not best pleased as I have not long purchased the phone, but true to form, Archos have no idea what customer service means, so I was left to attempt to remedy the situation myself. Ordinarily, I would have just formatted and reinstalled the O.S, I do that with linux all the time alas I knew that was difficult.
Instead I sought to find out what exactly was causing the adverts. I deleted all the apps I had installed, but still the adverts kept coming. I did a factory wipe. Still with the adverts. At this point I was a bit stuck, so I grabbed an anti-virus app. It showed a few things that were causing problems including one trojan, under com.android.settings (or something to that name). I made a few enquiries and needless to say, this wasn't a false positive, but it had meant that I had a trojan...and I really don't like trojans. Cue the rage and the not thinking properly as I deleted com.android.settings without making a backup thinking... "shouldn't be too hard to put back"...oh how wrong I was...
I of course tried to make amends by grabbing a "copy" of settings from another site (and possibly a different phone) but I was told that it was ROM and no amount of permission changing was going to change that (I tried and I apparently failed, I may have possibly been doing something wrong, but I don't think my chown/chmod skills are `that` shabby).
The problem:
- No access to settings. Settings doesn't exist. (No access to USB Debugging either because that requires tapping the about phone bit and guess what...)
- Can't install apps as something has "Stopped".
- No access to WiFi
- Using Linux (Ubuntu something or other...15 I think).
- Mobile Tinkering Newb (But I'm not totally tech illiterate).
I do have access to fastboot mode apparently.
So what I think I need is a way to reinstall lollipop 5.1 so I can get back to square one, without (at least initially) using ADB (because I've tried and my device just refuses to show). I've also tried a few "needrom" things but, of course, they don't work because linux.
If anyone could possibly help me, I would be greatly appreciative in any way. I just want wifi back really. (I can see that wifi works and a network is available I just can't edit the settings to access it). If I can provide more information, please ask and I shall provide.
[SOLUTION]
Back up your device <- Essential
Grab a rom from NeedRom
Enable Fastboot.
Enable USB Debugging etcetera.
Use custom software (provided by NeedRom) (I know this seems dodgy but you try anything when you're desperate enough and this works so...if you're worried then take precautions and make a backup of your own phone first.) to open up the .pac file. Check where the files have been opened up to.
Copy the files to a more stable area (i.e from Temp to your Data drive), they should be in .img format as .pac basically appears to be some kind of archive that groups them all into one.
Use Fastboot (you might need to enable this so make sure you do it) and flash the .img files to the phone and sparse them to about 250MB.
Restart the phone.
Check phone works properly.
If works properly, consider donating to NeedRom.
Anyone?
Trojan
I have the same problem, but I didn't uninstall the setting, did your Trojan installed random apps too? Like MyApps or something like that?
Seeing the same problem I think the problem is that the device comes with it, but I haven't found anything else to do apart from installing avast to tell me when unknown sources get on to install a random app.
Talasa said:
Anyone?
Click to expand...
Click to collapse
Hey I fixed it, I have Uninstalled settings and successfully installed them again, no pop ups since.
Message me so I can tell you how to do it.
Fantasma198 said:
Hey I fixed it, I have Uninstalled settings and successfully installed them again, no pop ups since.
Message me so I can tell you how to do it.
Click to expand...
Click to collapse
Hi! How did you solve the problem? Please let me know
It appears to involve installing an apk installer from the Google Play stores (any will do it seems). Then by installing a copy of the Settings.apk.
Neither of which I am able to do as, due to getting rid of settings Google Play won't work. So....
Edit. I managed to get Google Play installed and then installed an APK installer. However installing settings is restricted as security won't let me install unofficial apps. >.>
How do u get rid of pop ups
Fantasma198 said:
Hey I fixed it, I have Uninstalled settings and successfully installed them again, no pop ups since.
Message me so I can tell you how to do it.
Click to expand...
Click to collapse
How do u get rid of them my phone is plaqued with them they are so annoying I didn't even root my phone just done a simple software update thanx
R3b3l3k8 said:
How do u get rid of them my phone is plaqued with them they are so annoying I didn't even root my phone just done a simple software update thanx
Click to expand...
Click to collapse
Hi,
What you have here is a virus.... and like me, it's probably embedded in settings. I.e It comes with the device.
There is no way to get rid of those adverts....except...by voiding your warranty. You will need to wipe your device and reinstall a rom, preferably not your original. (That or send it back to Archos). Taking your phone back to the store and demanding a refund is an option before I proceed further and this is the solution I recommend.
Take this moment to back up all your data.
What I did however and what seems to have gotten rid of them is firstly head over to NeedRom (search) and acquire a freely provided Rom of someone else's phone. There are two versions for the Archos Platinum 55 and it will depend on your specific phone.
Now you will need to flash (this will destroy all data on your phone so make sure you get it backed up) your rom. You can use the ADB solution but that couldn't work for me. So I used Fastboot instead, however to use this the rom provided by needrom is in a .pac file format, you need to get the .img file from it. You can do this by loading up the software provided by NeedRom (named FactoryUpload or something like that) load the .pac file and look at the file path locations. The one I checked was for System. I then went to where it said it was, in my case a Temp folder, copied and pasted all the data to somewhere not temp (all the .img files I needed were there).
Then I used Fastboot to flash the rom entirely there are much better Fastboot tutorials out there than I can explain myself. This flash included System, Recovery, Cache and basically everything, however it wouldn't let me do it all at once. I had to use a particular "flag" or "switch" so that it would `sparse` all the files over 250MB (that was the number I chose) and it worked after that.
This is the only way without returning the phone to get rid of the adverts *if* the virus is indeed in Settings. There's no way to remove Settings safely. I tried.
Hey guys, how are y'all doing?
Here's a little background on my problem:
A year ago bought a cheap-ass smartphone for my mom, from a big supermarket chain in my country that was selling french phones cheaply, it was only 60€ and my mom needed a phone, so there it is!
Anyway cut to the present, the phone is riddled of what I suspect is malware that installs itself as soon as I remove it such as Free Games, com.google.toolkit, MiniChrome, N62Androidpt, System Component, adservice, and a couple others.
It also keeps switching wi-fi off, and turning on that option that allows apps to be installed from unknown sources, and worst of all it keeps opening the phone in built browser with adds, and even porn sites on occasion, which is really not desirable as my very young aged nieces love stealing the phone and try to use it.
I installed malwarebytes, also did a factory reset to no avail it fixed nothing.
So I decided to flash a stock rom to see if I could get rid of it, searched around and found a repository of stock roms or firmwares or whatever it's called (I'm not too familiar with this side of smartphones), which I'd love to post, but apparently can't because I've last than 10 posts: doc-doapi.com/EM/selecline/smartphone/
It has a lot of roms for different models of my brand.
Used the UpgradeDownload - R2.9.2015 tool that was in that folder and flashed it successfully.
After I turned on the device it opened the new phone setup process, logged in to my google account, and restores my stuff like contacts, and a few trusted google apps from before the flash, but it soon started again to install those malware apps I stated up there on it's own, and it was soon in the same state as before...
Anyway here's some info about my phone that probably should've gone to the top.
It's a Selecline phone
Model S4S5in3g
Android version: 5.1
Kernel version: 3.10.65
Compilation number: S3S5in3g.V1.2_20160307
At the back it has a sticker and another model number 870712 which I used to find the folder on that repository of stock roms.
And that's all in a big nutshell, anyone has any tips?
Thanks.
lil' bump
Do you have login credentials for this Auchan website where you found the ROMs? It is asking for a login ID and password. I need ROM for Model S6S5IN3G.
Quick tip for getting rid of Malware even before they start. Go to Settings and check Data Usage. See which apps are using lots of data (downloading junk into your device). Note if there are any strange sounding apps that are downloading a lot of data, especially if it is not an app that you yourself were directly using.
Next, flash the stock ROM again. Once you flash the new ROM, you have to find a way to root the device. Try KingRoot. Then after the phone is rooted, go to Playstore and download SD Maid. Run SD Maid and give it root access. In the settings for AppControl of SD Maid, allow it to show system apps. Then run app control and freeze any strange-looking user apps (or anyone that was downloading a lot of data) and system app that are not required.
Please, let me know about the website and how to access the ROMs.
As mentioned before, install a clean room again. Copy virustotal app from the attachment of these post (https://forum.xda-developers.com/showpost.php?p=77053739&postcount=11) to SD-card and install it. Turn wifi on and let it run. Control every app and the system-apps. Post a screenshot of the findings. If there are findings, then the room is infected. The only way to deal with this, is to root it, install rootexplorer an kill the infected app. This can be dangerous, if for example, the lauchner is infected, an alternative launcher must first be installed and set as default, before you can kill the infected one (otherwise you will own a useless phone until you flash it again ;o).
Hey guys, thanks for trying to help.
I tried literally everything before, I've even somehow got a kitchen up and running and I removed everything that looked suspicious and all those bran add-ons from the rom, but even then I'd still get infected.
I didn't really try the antivirus route though and to be honest I already shelved that phone, but I'm kinda bored, so I'll try y'all suggestions, an extra working phone can always come in handy.
CVAngelo said:
Do you have login credentials for this Auchan website where you found the ROMs? It is asking for a login ID and password. I need ROM for Model S6S5IN3G.
Click to expand...
Click to collapse
I'd love to help you mate, I found that repository in a forum maybe forum.gsmhosting, and I've tried to access it earlier, and I'm also denied access.