HUAWEI Y538: how to upgrade Lollipop to something usable? - Android Q&A, Help & Troubleshooting

I lucked into a sale on a HUAWEI Y538 smartphone at Best Buy the other day, knowing we have no Boost Network around here for the cellphone service. Perfect!
I just wanted it as a nice little media player and access to my LAN, like my KitKat tablet. Nothing terribly fancy. I rooted it with Kingo, hoping to remove that nag cellphone activation every startup. I have to press Accept, then Self Service comes in and I click the no button. In addition as many of you know, Lollipop has a lot of unwanted background apps running . I spent a whole day trying to tame this and the only good news is that I worked out the factory reset.
My real question is if it's possible to remove that startup nag entirely, but either way, to ask if it's possible to downgrade to KitKat or something else? As a WiFi-only media player Lollipop would seem to be quite awful.
I've been on computers for decades but no experience with Android except my happy KitKat tablet. If some kind soul could be persuaded to help me out, well that'd be really cool.

JoeyTablet said:
I lucked into a sale on a HUAWEI Y538 smartphone at Best Buy the other day, knowing we have no Boost Network around here for the cellphone service. Perfect!
I just wanted it as a nice little media player and access to my LAN, like my KitKat tablet. Nothing terribly fancy. I rooted it with Kingo, hoping to remove that nag cellphone activation every startup. I have to press Accept, then Self Service comes in and I click the no button. In addition as many of you know, Lollipop has a lot of unwanted background apps running . I spent a whole day trying to tame this and the only good news is that I worked out the factory reset.
My real question is if it's possible to remove that startup nag entirely, but either way, to ask if it's possible to downgrade to KitKat or something else? As a WiFi-only media player Lollipop would seem to be quite awful.
I've been on computers for decades but no experience with Android except my happy KitKat tablet. If some kind soul could be persuaded to help me out, well that'd be really cool.
Click to expand...
Click to collapse
https://www.techmesto.com/unlock-bootloader-huawei-honor/
http://forum.xda-developers.com/and...how-to-data-off-shell-command-tasker-t3370783

Well I can't thank you enough for trying, but it seems Huawei changed their procedure. I got the 4 informations required and registered with Huawei. Going to the unlock page changes to Chinese and says too much traffic for servers in English. So I emailed Huawei Mobile support and got the following reply:
Dear User,
Huawei Customer Service is pleasure to be at your service,sorry to bring you the trouble,if you want to unlock your phone, you should meet these conditions as follow:
1.Please register your Huawei ID in our official website http://huawei.com/en/ on your phone.
2.Log in your Huawei ID for continuously 14 days.
3.Each Huawei ID should not apply for the unlock code more than twice within half years.If you meet the information,please go to http://emui.huawei.com/en/ and click the 'download'button to login your Huawei ID other than any other third party ID to apply for the unlock code.Please contact us by mail or local service hotline as following if error message appears.
TEL: http://consumer.huawei.com/en/contact-us/index.htm?tag=hotline
Mail: http://consumer.huawei.com/en/contact-us/index.htm?tag=email
Please submit your mobile model, SN, IMEI/MEID and erro message in your e-mail.We also need to know that your phone is rooted, it can be out of the best working state and part of functions may not be able to work normally. In additon, the system is vulnerable to be invaded by viruses once your phone is permitted to unlock. What's more, for the lacking of fully tested, the third party software will not be compatible with your phone. Unlocking will bring unexpected negative impacts and the device will be not normal, and can not be restored, Huawei after-sales service office will not provide warranty service for your rooted phone, and you may bear the cost. So we strongly advise you to think it twice.
If you have any other problems, please send your feedback to us. We will be at your service to help you to solve your problems.
Once again thank you for contacting Huawei device.
Best Regards.
Huawei Device Customer Care Team 3206
Click to expand...
Click to collapse
If I 'm reading that right they want me to log in every day for 14 days, which is kind of nuts.
To be fair the phone may possibly be rooted using Kingo (fast boot showed an "unlocked" message which I don't know if that means rooted but probably not boot unlocked), and for all I know that changes some of the information.
So I'm just replying FYI so you know how it went. Maybe I should do factory reset and try again?
Long day I'll go crash and see how it looks in the morning. Thanks for trying!
Joey

Happy here to report a partial solution, 1/2 way there!
If you take out the SIM card inside the phone it only nags once and saves probably 30 seconds of boot-up time. It's a great improvement!

bg260 said:
https://www.techmesto.com/unlock-bootloader-huawei-honor/
http://forum.xda-developers.com/and...how-to-data-off-shell-command-tasker-t3370783
Click to expand...
Click to collapse
I bought the same phone at BB ($10 on sale) to use like you do (unactivated). What you're trying to do is actually super simple. Merely put the device in Airplane mode, then turn back on the wifi (and GPS if you like). You will not be prompted to activate your device. You actually should be doing this anyway as it saves your battery by not having the cell radio constantly trying to talk to the tower.
In case you missed it, there is a firmware update to the phone that can be downloaded via the Emui app on the phone. I'm not sure what all the update affects, but it doesn't impact your ability to use the procedure I described to avoid the constant activation reminder.

I believe this was in response to your question @JoeyTablet

bg260 said:
I believe this was in response to your question @JoeyTablet
Click to expand...
Click to collapse
Oops, sorry, yes it was meant for @JoeyTablet

zerozed99 said:
I bought the same phone at BB ($10 on sale) to use like you do (unactivated). What you're trying to do is actually super simple. Merely put the device in Airplane mode, then turn back on the wifi (and GPS if you like). You will not be prompted to activate your device. You actually should be doing this anyway as it saves your battery by not having the cell radio constantly trying to talk to the tower.
In case you missed it, there is a firmware update to the phone that can be downloaded via the Emui app on the phone. I'm not sure what all the update affects, but it doesn't impact your ability to use the procedure I described to avoid the constant activation reminder.
Click to expand...
Click to collapse
I believe this was in response to your question @JoeyTablet
Remember, quote or mention the member if you want them to be notified.

zerozed99 said:
I bought the same phone at BB ($10 on sale) to use like you do (unactivated). What you're trying to do is actually super simple. Merely put the device in Airplane mode, then turn back on the wifi (and GPS if you like). You will not be prompted to activate your device. You actually should be doing this anyway as it saves your battery by not having the cell radio constantly trying to talk to the tower.
In case you missed it, there is a firmware update to the phone that can be downloaded via the Emui app on the phone. I'm not sure what all the update affects, but it doesn't impact your ability to use the procedure I described to avoid the constant activation reminder.
Click to expand...
Click to collapse
COOL! Perfect it boots and no need to click anything further - and besides it's less stray microwaves. Also to report Huawei replied and said they accept bootloader code requests at: consumer (at) huawei.com. They say to include IMEI and serial numbers in the email. Both can be found in Settings >> about phone or underneath the back cover.
Where to go from here, I'd also like to disable sneaky RAM-stealing apps like Sprint cellphone and some apps I'll never use, such as most Google Play. Add decent firewall and decent media player, and have a good time!
Recommend root method I'm good to go.

JoeyTablet said:
COOL! Perfect it boots and no need to click anything further - and besides it's less stray microwaves. Also to report Huawei replied and said they accept bootloader code requests at: consumer (at) huawei.com. They say to include IMEI and serial numbers in the email. Both can be found in Settings >> about phone or underneath the back cover.
Where to go from here, I'd also like to disable sneaky RAM-stealing apps like Sprint cellphone and some apps I'll never use, such as most Google Play. Add decent firewall and decent media player, and have a good time!
Recommend root method I'm good to go.
Click to expand...
Click to collapse
I've read elsewhere (here on XDA) that folks have gotten root using Kingo root (mostly tethered to a Windows PC and not the app version). Note that this root method often requires you to run the rooting program multiple times before it is successful. I'm not a fan of Kingo after being forced to use it to re-root another device (it took well over a dozen times before root took). Also, Kingo doesn't use SuperSu, it installs a Kingo version of SuperSu which CAN be removed (not exactly easily) but users of the Huawei Y538 Union have gotten bootloops trying to remove Kingo's proprietary SuperSu, so not advisable at this time. Even after rooted you are not able to remove the pre-installed bloatware because of the locked bootloader (which is different than the carrier unlock). To be honest, I've pretty much decided to just not root this device and just install an SD card if I need the space...I'd rather do that than risk bricking the device when (for me) there's really no need. I'm going to wait it out and see if anybody can figure a reliable way to deal with the device without bricking before I do anything else.
If you do root using Kingo, you might be able to "freeze" the background apps you don't want using Titanium Backup. I've read that folks haven't had any luck using TB to uninstall the bloatware, but if you're just trying to free ram it *might* work. I believe the risk would be the device expecting certain apps to run, and if unable it might bootloop/brick. Without a custom recovery allowing a nand backup bricking seems like a real possibility.
Please post your results if you unlock your bootloader. It surprises me that they're offering this, as I thought they only supported carrier unlocking. If you're able to figure out how to trim down the bloat please share.
I'm currently using Google's Play Music app for music/podcasts since I've already got 20,000 song's uploaded and since I can't delete that app anyway. Otherwise I'd just use Doubletwist for offline listening.
In case you, or anyone else with this phone is interested, I ended up purchasing a cheap ($5 delivered) case for this thing. Overall I like the case, but if you have any questions about that, let me know.

Yeah that case is perfect. I might have found the same on eBay searching " Huawei Union Y538 Case Innovaa".
As for Kingo ROOT, I have one hit and one miss to report. The KitKAt tablet it worked and I un-rooted after I got my business done. But the Lollipop phone is another story. I run a really tight ship on the Windows end, and Kingo rooted Lollipop, I got some functions involving root accomplished, but it ended at some point (completely offline except for USB tether to PC).
I factory reset the phone and tried again. Kingo downloaded more stuff and my firewall asked for access to PCAccelerator and acdsee.. The former is considered a virus and the second an image viewing app, which I don't use (maybe it's payloaded who knows).
I don't wish to scare anyone nor besmirch Kingo ROOT's reputation if it's a wholesome rooting app, but advise great caution and use a firewall that notifies things like this (I use NetLimiter on PC).
So I await the boot-unlock code and hope I live to tell about it Thanks a million zerozed99! That case is icing on the cake.

For what it's worth, no reply from Hauwei, and yesterday I sent another SOS asking, if not for boot unlock code, even just a stock KitKat ROM for the Y538. We know that model ran KitKat as well as Lollipop.
It just kills me to see this cute little quadcore wasted with all the bloatware taking up valuable RAM and battery power as well.

Ladies & Gentlemen, distinguished colleagues at xda-developers... Please bear with me.
I started coding on Macs in 1981(1981!). I later went on to 5 years formal education in Computer Science at a decent University, and spent the better part of 2 decades volunteering for low and no income people- those were the best years of my life!
Now I'm on the old side, with some heart disease that has four stents in my heart and the no-fun life expectancy that goes with it.
Now, being a reasonably informed geek, I'm seeing some disturbing things I want to air out in "public" if you'll so allow me.
The idea Hauwei will send you a boot unlock code, I don't think it's true. They make it easy to fill out a form with at least four identifying informations, but I have YET to see anyone receive their code! In my case the form advances to a page written in Chinese! I believe this is a spy device and priced to spy on a certain demographic. The almost perfect unlockability and easy bootlock application with no one reporting being sent a code.... there's a reason.
Granted one thing: I've never owned a cellphone nor did I even want cell access from this. Maybe you've noticed the same thing(s) years ago. I just wanted a little quadcore computer to play around with, to access my LAN and play media, and this has me worried the kind of entities that design such forced options.

Oh well, no luck. anyone else going to wait a bit or should I trash this?
Can't tell you how much I'd like Marshmallow and the evil bootloader out of there for something else.

Lollipop is not so bad IMHO except for the lack of privs to access our own SD cards.
If you hold down the volume-down button and press the power button until the phone starts up you can boot into fastboot mode. I've read here in XDA someplace that there are 2 available builds of TWRP custom recovery for the y6, both work on our phone, tho only one of the builds works fully. I have not tried to install either on my y538 yet, but I will, and I'll let you know what I find out.
If you can get the bootloader unlocked, you should be able to flash SuperSU from TWRP.
I suggest you google the xda guide to fastboot. It is not very complicated.
I doubt we can locate any custom ROM for this device. However, if we can get rooted we can backup stock and then remove all the bloatware. ES File Explorer is great in root mode for managing the SD card.
More useful info: I pulled my SIM out before I fired up the phone for the first time, and when I turned on the phone it didn't download any of the extra crapware from Sprint! I have the Virgin version, and I expected all that stuff to download, but it did not. Also, if you look in the App Manager settings, you will see a few apps which shipped on your phone in the Disabled state!! You may wish to enable Lookout or others of the stock disabled apps. Also, without root, you can remove the Sprint ID app here, and disable any of the Google spots you don't want, like Play News or Play Movies.
This is my first Huawei device, though it's my twenty-somethingh Android, and so far I am very pleased with the layout of the settings and of the notifications tray. This is way liveable, and they allow us to disable most of the bloat.
Good luck!

Related

[Q] So I'm finally about to root my phone, a few questions!

I'm finally rooting my phone after months of messing about waiting for an unlock
My phone is international model i9300 and I've been reading this guide: http://forum.xda-developers.com/showthread.php?t=1695238
Looks really good, well detailed should be very easy with the help of chainfire!
But I've still got a few questions
1) I think I can't back up my phone until it's rooted to get access to the system files, am I right in thinking when I'm rooted I can use CWM to make a full back up of the phone?
2) Once it's rooted what is a thing that you must not do? The phone was expensive and as these threads may be annoying to all of you I just need to know before I do anything silly so apologies for all the topics
3) I'm going to wait until JB is released for official ROMs, when it comes to flashing a new ROM do I need to unroot the device?
4) Can I remove bloatware with just the standard root? The amount is ridiculous, it fills up 2 whole pages of apps and 95% of them I haven't used and don't plan on using, ever. I'm sure if I ever needed to there will be an app for it
5) any other advice on keeping my phone safe would be great, I am just really really cautious with this kind of stuff lol. Technology is really fussy I don't want to brick my phone
Thanks to everybody who posts, you guys have helped me so much since I joined and I really appreciate it
UrbanDesigns said:
I'm finally rooting my phone after months of messing about waiting for an unlock
My phone is international model i9300 and I've been reading this guide: http://forum.xda-developers.com/showthread.php?t=1695238
Looks really good, well detailed should be very easy with the help of chainfire!
But I've still got a few questions
1) I think I can't back up my phone until it's rooted to get access to the system files, am I right in thinking when I'm rooted I can use CWM to make a full back up of the phone?
2) Once it's rooted what is a thing that you must not do? The phone was expensive and as these threads may be annoying to all of you I just need to know before I do anything silly so apologies for all the topics
3) I'm going to wait until JB is released for official ROMs, when it comes to flashing a new ROM do I need to unroot the device?
4) any other advice on keeping my phone safe would be great, I am just really really cautious with this kind of stuff lol. Technology is really fussy I don't want to brick my phone
Thanks to everybody who posts, you guys have helped me so much since I joined and I really appreciate it
Click to expand...
Click to collapse
Answer 1: Check the link in my description (Win 8 -help) and download the adb executables. Then (Using Windows 7/8) Press and hold shift + Right mouse button in the folder and open cmd.
Once in cmd type:
Code:
adb start-server
adb devices (To check if your phone is connected properly)
adb backup -f %Userprofile%\Desktop\ADBackup\backup.ab -apk -nosystem -noshared -all
That will backup your user apps, incase you do do something wrong
Answer 2: Yes, there are a few things you shouldn't do;
Flash a ROM without making a backup
Deleting partitons in the phones' root.
Deleting system apps (APKs), when you don't know what they do, or even what they are.
Flashing a ROM/kernel, that wasn't made for your phone.
Overclocking/undervolting your phone too much.
And there are a couple more, but I don't want to waist your time ^^
Answer 3: JB is already released. No, you don't have to unroot your phone, before flashing. In fact, you probably can't, because you need the recovery program, to flash the ROM.
Answer 4: Don't flash bad stuff, don't install apps, that are reported (i.e. viruses) don't flash ROMs and kernels, that aren't for your device. And last but not least: Only use Odin, if you really have to!
Hope I could help!
UrbanDesigns said:
I'm finally rooting my phone after months of messing about waiting for an unlock
My phone is international model i9300 and I've been reading this guide: http://forum.xda-developers.com/showthread.php?t=1695238
Looks really good, well detailed should be very easy with the help of chainfire!
But I've still got a few questions
1) I think I can't back up my phone until it's rooted to get access to the system files, am I right in thinking when I'm rooted I can use CWM to make a full back up of the phone?
2) Once it's rooted what is a thing that you must not do? The phone was expensive and as these threads may be annoying to all of you I just need to know before I do anything silly so apologies for all the topics
3) I'm going to wait until JB is released for official ROMs, when it comes to flashing a new ROM do I need to unroot the device?
4) any other advice on keeping my phone safe would be great, I am just really really cautious with this kind of stuff lol. Technology is really fussy I don't want to brick my phone
Thanks to everybody who posts, you guys have helped me so much since I joined and I really appreciate it
Click to expand...
Click to collapse
1) You are right
2) Do not unroot
3) Official JB is already available. Flashing using odin doesn't required unroot. Update via OTA or kies required unroot.
4) Read, read and read is the best way to prevent bricking your device.
Sent from my GT-I9300 using xda app-developers app
Thank you guys!
I did not know JB was released, I saw it come out for Poland but I received no notification on my S3.
Now I'm not quite sure in which order I should do things, shall I update to JB and then root?
Can anyone link me to a guide to update for the official JB, al my search results come up with old results with leaked firmware
so I use odin for the first flash and then use CWM from there on out
UrbanDesigns said:
Thank you guys!
I did not know JB was released, I saw it come out for Poland but I received no notification on my S3.
Its only the Poland release so far .
All the rest are the old leaks .
jje
Click to expand...
Click to collapse
UrbanDesigns said:
Thank you guys!
I did not know JB was released, I saw it come out for Poland but I received no notification on my S3.
Now I'm not quite sure in which order I should do things, shall I update to JB and then root?
Can anyone link me to a guide to update for the official JB, al my search results come up with old results with leaked firmware
so I use odin for the first flash and then use CWM from there on out
Click to expand...
Click to collapse
If you want a Jellybean rom with bloat removed, then download Checkrom http://forum.xda-developers.com/showthread.php?t=1738527 . It's a stock samsung rom, bloat taken out, rooted, and is ready for if you wanted themeing etc..
In his kitchen app (that comes with the rom) you can find a package with ALL the removed bloat for you to download and install (ota) but he's also separated them so you can download just the ones you want. Also in the kitchen you will find tweaks for changing the notification drawer toggles, changing the theme, different modems, kernels etc... And check in the kitchen now and again for any updates to the rom (as and when samsung release them)
It's all there and very noob friendly. It's the smoothest most stable stock rom I've tried.
So root your phone using odin (easiest method by far), pay for titanium backup and back up your apps, boot into recovery and make a nandroid, move them onto you exSd or computer, wipe your phone, install checkrom, download titanium again and restore your apps from it.
That's a good start for you, EVERYTHING you need to know has been asked and answered before, so just google or search XDA, it's all still relevant, and you won't go wrong.
I'm going to root it now, seems pretty straight-forward but I'll let you know!
Now I will be shortly rooted what's the best anti-theft to use?
edit: wow... that was possible the easiest thing I have ever done lol, i was expecting it to be hard but it's literally selecting a file and pressing start. it's so much easier then jailbreaking (easy as hell but this tops it for sure)
Just done a CWM back up I didnt expect it to take so long haha
In my opinion, Cerberus is the best anti-theft app out there. You can use for a week as a free trial, I'll bet you're gonna buy it after 15 minutes.
Note that no anti-theft protection will prevent a thief from actually using your phone. Within like 2 minutes of Googling, the thief knows that he can use Download mode to overwrite the firmware (including the "anti theft" app) and 5 minutes later he has done it.
I use one such app (Watchdroid) to find my phone when I have misplaced it and for family members to be able to locate my position through an sms in case of personal distress.
Sent from my GT-I9300 using xda premium
d4fseeker said:
Note that no anti-theft protection will prevent a thief from actually using your phone. Within like 2 minutes of Googling, the thief knows that he can use Download mode to overwrite the firmware (including the "anti theft" app) and 5 minutes later he has done it.
I use one such app (Watchdroid) to find my phone when I have misplaced it and for family members to be able to locate my position through an sms in case of personal distress.
Sent from my GT-I9300 using xda premium
Click to expand...
Click to collapse
I guess it just depends on who finds it, there should be a password for download mode that can't be overwritten
I'm going to have it on either way, it can't hurt
d4fseeker said:
Note that no anti-theft protection will prevent a thief from actually using your phone. Within like 2 minutes of Googling, the thief knows that he can use Download mode to overwrite the firmware (including the "anti theft" app) and 5 minutes later he has done it.
I use one such app (Watchdroid) to find my phone when I have misplaced it and for family members to be able to locate my position through an sms in case of personal distress.
Sent from my GT-I9300 using xda premium
Click to expand...
Click to collapse
Only a thief, who knows what he's doing will use Google. Idiots are more likely to throw the phone away, or give it back..
And Avast! Anti Virus has a lockdown feature, which forces GPS, WiFi/Data and number forwarding (Root), so my phone is pretty safe
I've just installed avast - cheers!
What happens if the SIM is replaced?
and how do I track the phone if it gets lost/stolen?
also in my notification bar it says "avast mobile security is protecting you" i renamed the app for obvious reasons like it suggested. it's pretty stupid if the app renames its self if only reported lost/stolen
UrbanDesigns said:
I've just installed avast - cheers!
What happens if the SIM is replaced?
and how do I track the phone if it gets lost/stolen?
also in my notification bar it says "avast mobile security is protecting you" i renamed the app for obvious reasons like it suggested. it's pretty stupid if the app renames its self if only reported lost/stolen
Click to expand...
Click to collapse
Check the anti-theft settings in the app. It lets you set up trusted numbers, so you can control your phone remotely, and you can set things up, like force GPS and Data on, that way the phone can tell you it's position..
familyguy59 said:
Check the anti-theft settings in the app. It lets you set up trusted numbers, so you can control your phone remotely, and you can set things up, like force GPS and Data on, that way the phone can tell you it's position..
Click to expand...
Click to collapse
I've done all that, I've enabled anti-theft stealth mode where it states it will remain hidden after my next reboot.
I rebooted the phone but to no avail. It keeps showing in the notification bar and anti-theft seems useless, I've set up a pin but anybody who saw my phone would see the app straight away and would just use google on "how to remove avast samsung galaxy s3"
i don't think a thief could do it themselves but any idiot can search keywords into google to find a solid result
UrbanDesigns said:
I've done all that, I've enabled anti-theft stealth mode where it states it will remain hidden after my next reboot.
I rebooted the phone but to no avail. It keeps showing in the notification bar and anti-theft seems useless, I've set up a pin but anybody who saw my phone would see the app straight away and would just use google on "how to remove avast samsung galaxy s3"
i don't think a thief could do it themselves but any idiot can search keywords into google to find a solid result
Click to expand...
Click to collapse
Yes, but not everyone knows what the avast! symbol look like, do they? I doubt you're going to find an XDA-Member would have stolen your phone, it will probably be an Asi, or someone really retarded.
And anyways, they'll get frightened enough, when the phone rights junk to the SD, locks itself up and sounds the siren, with a personal "greeting"..
Give it a go, if your phone gets stolen, there's always the police, they'll (hopefully) help you But that's worst-case-scenario..
familyguy59 said:
Yes, but not everyone knows what the avast! symbol look like, do they? I doubt you're going to find an XDA-Member would have stolen your phone, it will probably be an Asi, or someone really retarded.
And anyways, they'll get frightened enough, when the phone rights junk to the SD, locks itself up and sounds the siren, with a personal "greeting"..
Give it a go, if your phone gets stolen, there's always the police, they'll (hopefully) help you But that's worst-case-scenario..
Click to expand...
Click to collapse
No but I'd still like it hidden
Anyone with google and the least bit of experience or interest will just reflash the stock Samsungrom anyway, rendering all and any (including Samsung's own) anti-theft utterly useless.
(In many cases thiefs steal to buy drugs, the dealer will certainly know someone to "freshen" up the phone.
It's very useful for finding the phone though if you have misplaced it =)
Sent from my GT-I9300 using xda premium
UrbanDesigns said:
No but I'd still like it hidden
Click to expand...
Click to collapse
You could remove the icon by going into avast > Settings > Notification Icon > None
Hope this helps
Sent from my GT-I9300 using Tapatalk 2
d4fseeker said:
Anyone with google and the least bit of experience or interest will just reflash the stock Samsungrom anyway, rendering all and any (including Samsung's own) anti-theft utterly useless.
(In many cases thiefs steal to buy drugs, the dealer will certainly know someone to "freshen" up the phone.
It's very useful for finding the phone though if you have misplaced it =)
Sent from my GT-I9300 using xda premium
Click to expand...
Click to collapse
So you're saying if I left my phone on the bus or something and somebody picked it up and decided to be a thief they automatically are casual drug users who know dodgy people, all because they found my phone?
I don't see how it could be useful for finding a "misplaced" phone, what would you class as misplaced? If I left the phone under my bed or something and "misplaced" it surely avast! isn't going to show a picture of inside my house?

How do we TRULY protect our phone against theft...

I was wondering if anyone has found a way to develop any kind of protection for our phone that does more than apps that are installed once booted up? Let me explain. There are quite a few different apps that protect and find your phone and they can be protected from being uninstalled or turned off so that a thief cannot disable the protection. But there is one glaring weakness. I have yet to find any kind of protection that keeps a person from getting around all of these current apps by simply removing the battery and rebooting into Recovery and flashing to a different ROM or firmware. By doing this they are able to delete everything on the phone and they basically have a brand new phone in hand. We need a way to protect against a person being able to simply take out the battery and reboot and flash a new firmware. The protection needs to be built into the Recovery and Download modes or protect the phone before they reach Recovery or Download modes. If we can't find a way to protect prior to reaching these modes then a thief who knows anything about changing firmwares or recoveries can simply replace what is on the phone and successfully have bypassed all the protection that we invested in with these apps that are on the Play Store or at other places.
So does anyone know of any way that we can get this kind of protection? I have never seen anything that can do this. Is it even possible to build this kind of protection? If anyone knows anything, I would love to hear it. Thanks.
I heard there are apps that can be flashed to the phone and are running in the background that notify you with an sms if the sim card is changed, but they can be easily removed by wiping the cache/factory reset and/or installing a new rom.
However every GSM device as a unique IMEI code so that if your phone gets stolen you can go to your service provider or the police they can search for the code and have a basic idea of where it is. Even if you don't know the code i'm sure your service provider keeps logs of it.
gaka01 said:
I heard there are apps that can be flashed to the phone and are running in the background that notify you with an sms if the sim card is changed, but they can be easily removed by wiping the cache/factory reset and/or installing a new rom.
However every GSM device as a unique IMEI code so that if your phone gets stolen you can go to your service provider or the police they can search for the code and have a basic idea of where it is. Even if you don't know the code i'm sure your service provider keeps logs of it.
Click to expand...
Click to collapse
Yeah, I was aware of using the IMEI. But judging from the success that people have of stealing phones and never getting caught, I just assumed that for one reason or another this method just wasn't a very reliable way of getting your phone back.
Well a friend of mine found an old nokia phone in a park near where i live. She needed a 2nd phone and decided to use it. However after 2 or 3 weeks a police officer went to her home and they accused her of theft.
Anyway if you don't trust the authorities your my best guess is flashing one of those background running apps. Do a research i'm not realy familiar with them.
gaka01 said:
Well a friend of mine found an old nokia phone in a park near where i live. She needed a 2nd phone and decided to use it. However after 2 or 3 weeks a police officer went to her home and they accused her of theft.
Anyway if you don't trust the authorities your my best guess is flashing one of those background running apps. Do a research i'm not realy familiar with them.
Click to expand...
Click to collapse
It appears that relying on the IMEI is going to be the only way for true protection. The background running apps don't work if you note in my OP. All you have to do to get around them is to remove the battery and boot straight into Recovery and flash a different ROM or firmware. That will erase everything on the phone including any apps installed, even if they do run in the background. They can't run in the background if they aren't there.

Whatsapp Virus spreading?

Hello everyone,
I might have a big problem.
This morning I booted my HTC One M7 as usual, and when it finished booting it opened a browser tap with a fake whatsapp update. I closed the browser immediately, and five minutes after this, the exact same thing happened. I started thinking how this could happend, and honestly I have no clue. All my apps are from the play store, and I only download documents for school. I haven't even downloaded a new app in the last week, however 15+ of my apps aren't up to date.
I scanned my phone with malwarebytes and it couldn't find anything. I rebooted my phone after the scan, and the problem seems to be gone. I was telling this story to a friend of mine this afternoon, and my mother said that she experienced the same thing, just a couple hours before I experienced it. After further investigation, it wasn't exactly the same. When she opened whatsapp, it asked her to do a weekly back-up of her chats. At first, she closed whatsapp, but when it appeared again, she clicked yes. She wasn't very clear about this, so I don't know if it was a fake menu, or the real deal. I have also scanned her Moto g (2013), and it found no malware.
I don't know if this could be harmfull. Especially because my parents use their phones for mobile banking.
This is a screenshot of my HTC
It could easily have been done through whatsapp. Part of the reason most people have stopped using it. Viruses run rampant I'm just about all of Facebook apps. And no anti virus will find them as they are vastly different then normal viruses.
zelendel said:
It could easily have been done through whatsapp. Part of the reason most people have stopped using it. Viruses run rampant I'm just about all of Facebook apps. And no anti virus will find them as they are vastly different then normal viruses.
Click to expand...
Click to collapse
In the Netherlands literally everybody uses it, but it's good to know that this could indeed happen! Should I be worried about this, and what should I do when it returns?
Dark-shot said:
In the Netherlands literally everybody uses it, but it's good to know that this could indeed happen! Should I be worried about this, and what should I do when it returns?
Click to expand...
Click to collapse
Yeah I heard alot of people in Europe use it alot, here in the states almost no one uses it really except for kids. Most have moved to hangouts.
If I was you I would completely back up the device and then wipe everything and reflash the device.
Things like this will not be picked up by so called virus scanners.
I'am afraid that it is something like ShiftyBug (https://blog.lookout.com/blog/2015/11/04/trojanized-adware/). In the article it says that you have to install apps from third parties, but I have almost never done that. I have downloaded popcorntime in the past, but I have deletet it almost 6 months ago.
I'm afraid that if I reflash my device, that it will come back fairly soon. Is it possible that it has spread over my wifi network? Because of the fact that my mother got something similar on the same day.
But how do I know for sure that it is a virus? After I restarted my phone (12 hours ago), it hasn't shown up yet. Am I worried for nothing, or is there a big chances that I'm infected?
Thank you for all your replies!
Dark-shot said:
I'am afraid that it is something like ShiftyBug (https://blog.lookout.com/blog/2015/11/04/trojanized-adware/). In the article it says that you have to install apps from third parties, but I have almost never done that. I have downloaded popcorntime in the past, but I have deletet it almost 6 months ago.
I'm afraid that if I reflash my device, that it will come back fairly soon. Is it possible that it has spread over my wifi network? Because of the fact that my mother got something similar on the same day.
But how do I know for sure that it is a virus? After I restarted my phone (12 hours ago), it hasn't shown up yet. Am I worried for nothing, or is there a big chances that I'm infected?
Thank you for all your replies!
Click to expand...
Click to collapse
The key word there is almost. If you reflash the device and it comes back then it maybe something that someopne else downloaded and was shared through your network. As you said your mother also saw it so I would go through her phone as well.
There are many apps out there that do this that are in the play store. So it is all a matter of being careful.
There is a chance. If it is big or not depends on how you use your device. It could also have come from a website someone visited. Im not saying you did but many porn sites are set to infect devices when they visit them.
If it was me. I would just start from scratch with each device and make sure that all the things installed are legit.
You could also run a logcat and try to reproduce it. That would tell you what is causing it.
Doesn't seem dangerous.
JohnColston said:
Doesn't seem dangerous.
Click to expand...
Click to collapse
Then you have not been paying attention. Any browser pop that tells you to update an app is 99% an infected apk. It is a common practice for those that take apks and re-package them with malware
After reading more i must admit you are right.... My bad:good:
So I have to flash my phone, aren't there any other options? And if not, how do I reflash The HTC firmware to my phone?
Should I make a back-up before doing this, won't the malware spread again if I instal the back-up on my phone?
Thanks again!
EDIT:
Unfortunately, I still haven't been able to reproduce the problem.
I still haven't been able to reproduce the pop-up.
I do propably know where the problem came from, a friend of mine sent me a older version of soundcloud (the new one can't cache music). I installed that app, decided that it was to old for me and deleted it. The malware must have spread right after the first use. I'm planning on flashing my phone inthe weekend.
EDIT: I can reprodce the pop-up! It's linked to opening the app 'night mode', this app was downloaded in the official play store 2 years ago. Since then it hasn't got a lot of updates though.
Hey,
Time for a little update.
Last weekend, I contacted HTC's customer support due to the fact that I couldn't find my software version. They told me that I should execute a RUU, but they couldn't find the right version, so I had to contact the Dutch customer support (I didn't do this in the first place because the Dutch customer support wasn't open in the weekend).
The next monday (23-11) I contacted the Dutch customer support and asked them for the ROM, and unfortunately due to the regulations they don't publish the ROM's. However, they told me to do a factory reset and that should solve the issue. Unfortunately, it didn't. After the reset, I now get a different Whatsapp pop-up once or twice a day. The pop-up isn't connected to opening an app, like it was before the reset.
A friend of mine experienced the same problem this week on his new Moto X. All the other phones in my home network don't have this problem.
I hope someone will be able to help me!
Thanks in advance!
Dark-shot said:
Hey,
Time for a little update.
Last weekend, I contacted HTC's customer support due to the fact that I couldn't find my software version. They told me that I should execute a RUU, but they couldn't find the right version, so I had to contact the Dutch customer support (I didn't do this in the first place because the Dutch customer support wasn't open in the weekend).
The next monday (23-11) I contacted the Dutch customer support and asked them for the ROM, and unfortunately due to the regulations they don't publish the ROM's. However, they told me to do a factory reset and that should solve the issue. Unfortunately, it didn't. After the reset, I now get a different Whatsapp pop-up once or twice a day. The pop-up isn't connected to opening an app, like it was before the reset.
A friend of mine experienced the same problem this week on his new Moto X. All the other phones in my home network don't have this problem.
I hope someone will be able to help me!
Thanks in advance!
Click to expand...
Click to collapse
There's a chance that it might've spread over a certain network.... Is you and your moto x friend uses the same network ?
sdeepb said:
There's a chance that it might've spread over a certain network.... Is you and your moto x friend uses the same network ?
Click to expand...
Click to collapse
Yes, we both use the wifi network at our high school. But I did the factory reset friday evening, and since then I haven't connected to that network.
It might have spread through that network though.
Dark-shot said:
Yes, we both use the wifi network at our high school. But I did the factory reset friday evening, and since then I haven't connected to that network.
It might have spread through that network though.
Click to expand...
Click to collapse
Depending on the malware a factory reset will not remove it. In fact most malware cant be removed that way. You have to flash the whole device to get rid of it.
Dark-shot said:
Yes, we both use the wifi network at our high school. But I did the factory reset friday evening, and since then I haven't connected to that network.
It might have spread through that network though.
Click to expand...
Click to collapse
In my opinion after starting all over again as you've already been told, you should do all that you did before and monitor each step with patience and concentration to actually understand what's behind this... This may help out
sdeepb said:
In my opinion after starting all over again as you've already been told, you should do all that you did before and monitor each step with patience and concentration to actually understand what's behind this... This may help out
Click to expand...
Click to collapse
As he said. Here is what I would do if I was in your place. Anyone got any extra steps to add feel free to chime in. This would kinda suck for a bit.
You will need a custom recovery. And a bit of time to set up
1. Take everything off device.
2. Format full device in recovery. Not factory reset. Format system, data, internal storage and both caches.
3. Flash complete stock firmware.
4. Get root before rebooting
5. Reboot, do not connect to wifi during set up. Do not restore anything.
6. Get Catlog from the play store and run it.
7. Then continue set up. Wifi and ect. Scan backed up files with a pc virus scan but only return what you really need.
8. When restoring from TIBU install apps fresh from the market and restore data only to apps. (sucks I know but only way to be sure) make sure to delete old back and redo.
Then monitor catlog. This will tell you everything going on. You would be able to figure it out.
Lol... Use adaway or adblocker and such pop up will be gone ... These are the new tricks from those freaking advertisement companies. They are now smart buddy. Even they can access the vibration as the pop up will come phone will get vibrate and users understand this as genuine and click on those ads . You got whatsapp pop some got browser pop up. Hope this will help u ...
Even you can flash moaAB ADBLOCKER from recovery.
veer.killerboy said:
Lol... Use adaway or adblocker and such pop up will be gone ... These are the new tricks from those freaking advertisement companies. They are now smart buddy. Even they can access the vibration as the pop up will come phone will get vibrate and users understand this as genuine and click on those ads . You got whatsapp pop some got browser pop up. Hope this will help u ...
Even you can flash moaAB ADBLOCKER from recovery.
Click to expand...
Click to collapse
If you would've read it fully than you'll know that the case is far bigger than what you're thinking it is

Scamware? Tablet locked - should I factory reset?

My wife bought an S7+ from Amazon and it's been fine for a couple of months. She had a popup today which warned that the device would be locked because it was part of a trade in scheme and there was some sort of problem. I assumed some sort of malware but I was working so I didn't do much with it but now the device appears to have locked into a sort of "kiosk mode" where we just get 2 screens:
https://imgur.com/a/Z4N9TLy
All the blurb is plastered with "Samsung Electronics UK" but the domain the email is going to is "tradeinresponse.co.uk" which after some Googling seems to have been linked with some scam stuff in the past.
I've tried safe mode with the same locked screen, plugging the tablet into a PC results in it locking to the first screen.
I can get into recovery and I wanted to try a wipe, but the wife has some drawings on there she's done in Sketchbook that she would like to keep.
I'm a software developer by profession but I work with Windows/.NET and SaaS stuff so I've not got much experience with droid devices (a bit of java here and there in the past, but not so much XP with the OS itself)
So my questions are:
Does anyone know if this is any sort of official thing or is this malware/scam stuff as I suspect?
Is a factory reset likely to resolve the issue?
If I want to factory reset, can I pull files off the devices internal SD via ADB or some other tool before I do it?
Do I have any other options?
Kind of a wind up - I'd just have factory reset it by now to find out but like I said, I don't want to lose any of the wife's data if possible. If she gets anything back I'm going to make sure she sticks it in the cloud.
Any help would be appreciated and thanks in advance!
Always backup critical data redundantly to at least 2 hdds that are physically and electronically isolated from each other and the PC.
Or you will lose data eventually.
Factory reset but you will lose all data. If the drive is encrypted, you likely already have.
Sounds like ransomware. Contact Samsung and do some Google searches. See what you got and if there are any work arounds.
You may need to reload the OS completely if it's a rootkit and running on Android 8 or below.
This could be a nasty little bugger...
If it wasn't present on the device when purchased, your wife either downloaded or installed it. She needs to be more careful!!!
Maybe this will impress that onto her...
Thanks for the advice but I've already googled as much as I can. The domain doesn't go anywhere except a holding page though through reverse lookup it seems there are also other domains on the same host including some legitimate businesses that appear to do Samsung second life schemes for devices.
I've googled the actual lock message but no-one on the net seems to have seen it before.
The wife hasn't installed anything, she got the device a few weeks ago (from Amazon, supposedly new) and did a transfer from her old s6 (that has gone to my daughter) to the s7 using Smart Switch. Since then she's not installed any other applications.
It's not "critical data", per se, it's just drawings she'd like to keep, plus copying stuff onto physically disparate hard drives seems a bit overkill given she can just drop the files into a cloud storage account and have way more redundancy than you/I could ever reproduce by doing manual backups.
I'm posting in an s7 forum about an s7 so it's going to be running Android 10 at the minimum (given that's what the device ships with). Not sure why the comments about Android 8.
Anything she could have installed would have been from the Play store (and I don't believe she installed anything other than what automatically installed from what was on her old s6), plus her apps are from a reputable vendors (Autodesk etc). My son has a tablet and he installs all sorts of crap and hasn't had this issue because the OS prevents stuff like this from happening unless you allow side loading.
Is it possible to install a rootkit from the play store? I didn't think so ..?
So, either it was on there when we got it, it's legit or it's a vulnerability that exists in the OS and we are some of the first people to see it...
You can do what you want but any backup database that requires a password can be lost.
I have close to a dozen backup hdds, there's no way to I can lose my entire database.
At least use 2 OTG flashsticks to completely backup the data but hdds are still preferable.
NEVER encrypt data drives... and verify the backups are complete and readable.
As to how it happened you're going to have to sort that out or suffer the same fate possibly again in the future.
A factory reset seems inevitable at this point.
Afterwards change all passwords.
Malware has always existed on Playstore albeit not much or for long. She may have imported from your daughter's phone.
You got some potentially gigantic problems now.
Personally I would have already gone full nuke by now. It's simply not worth the risks.
In the future hawk the download folder daily for files you didn't authorize. Delete any unknowns without opening. Scrutinize all downloads and installs carefully, always. Scan as needed with Malwarebytes. Online Virustotal can be used to scan smaller files and apks.
There are also maliciously scripted jpegs too that can cause damage to any files in the same folder when opened. Be aware of any changes or strange behavior in the download folder. Vet all downloads before moving into your database.
Use a good brower like Brave and be careful what links you click, in the browser, emails and texts.
I can't even begin to estimate how many websites I backed out of, closed that tab or wiped the browser data over in the last year alone. Better safe than sorry. Zero malware infections in over 1.5 years and that's running on outdated Pie.
Almost all malware, rootkits etc are loaded by the user. Some will self install if the device's security isn't configured correctly or if not spotted on a timely basis. Androids, even ones with out of date OSs are generally very secure unless the user does something stupid... learn or get burned.
blackhawk said:
You can do what you want but any backup database that requires a password can be lost.
I have close to a dozen backup hdds, there's no way to I can lose my entire database.
At least use 2 OTG flashsticks to completely backup the data but hdds are still preferable.
NEVER encrypt data drives... and verify the backups are complete and readable.
As to how it happened you're going to have to sort that out or suffer the same fate possibly again in the future.
A factory reset seems inevitable at this point.
Afterwards change all passwords.
Malware has always existed on Playstore albeit not much or for long. She may have imported from your daughter's phone.
You got some potentially gigantic problems now.
Personally I would have already gone full nuke by now. It's simply not worth the risks.
In the future hawk the download folder daily for files you didn't authorize. Delete any unknowns without opening. Scrutinize all downloads and installs carefully, always. Scan as needed with Malwarebytes. Online Virustotal can be used to scan smaller files and apks.
There are also maliciously scripted jpegs too that can cause damage to any files in the same folder when opened. Be aware of any changes or strange behavior in the download folder. Vet all downloads before moving into your database.
Use a good brower like Brave and be careful what links you click, in the browser, emails and texts.
I can't even begin to estimate how many websites I backed out of, closed that tab or wiped the browser data over in the last year alone. Better safe than sorry. Zero malware infections in over 1.5 years and that's running on outdated Pie.
Almost all malware, rootkits etc are loaded by the user. Some will self install if the device's security isn't configured correctly or if not spotted on a timely basis. Androids, even ones with out of date OSs are generally very secure unless the user does something stupid... learn or get burned.
Click to expand...
Click to collapse
With all due respect we aren't getting anywhere here, I don't want backup advice or malware advice, I want to know the answers to the few small questions I asked about whether this is legit and if I can access the device files or not.
You seem to be convinced it's malware, you also seem to be skim reading my posts which is fine - but I don't think your input is helping me.
I'm not going to use a different "paranoid" browser - chrome is fine, the tablet doesn't have a "security configuration" that is any different from the hundreds of thousands of other S7+ devices out there since it's a tablet and out the box it's ready to go. I'm not checking the downloads folder daily just in case some random malware has somehow "installed itself" onto my device, I'm also not keeping random flash sticks and hard drives lying about - I'll just use that geo redundant pretty solid cloud storage like most of the populace.
Yes you can put malicious content in a JPEG or a JPEG header, but it requires that there's an exploit in the OS or the app opening it (for example hiding a javascript eval in the file metadata); I don't think that's an attack vector on a tablet as far as I know given that she only browses, watches Netflix and draws using her S-pen on the device.
She's not imported "malware" from someone else's phone because if you read my post properly you'd understand that it was HER device that she transferred her data from - one that she's since given to the daughter (who has no issues). If you know how Smart Switch works you'd know that it's an unlikely vector (it just transfers data from application storage and then reinstalls the apps from the play store), plus the fact the original device doesn't have the issue...
Stop telling me to "learn or get burned". This is not a "misuse" problem. The wife is on Android 10, it's a relatively new and secure O/S and she didn't install anything she shouldn't have (she didn't actually install anything at all - it was the stock samsung application and the play store that installed the apps she ALREADY HAD on her previous device). It's not a "learn" scenario. Nothing she did should have caused this - if it is/was an OS exploit or some sort of security issue what could she have done to prevent it? Nothing.
What I have done is:
* Contacted the vendor of the device (we can still send it back if they've sent us a refurbed device instead of new as advertised)
* Sent an email to the address advertised to see what response I get (if they demand money then clearly a scam)
I've checked and the domain in the above shares a host with a company called MTR which happens to be a DCC Group company (one of the groups of companies I actually consult for) so worst case I'll speak to someone from DCC Group and see if they can shed any light.
Seems like it might be legit and quite possibly a mix up.
Do what you will... if you understand the origin of that phrase.
Anything that can't be IDed is considered malware until proven innocent
The fact that you're now completely locked out speaks volumes.
Good practices and backup are your only defenses. They apply to the future not the past... so much for flavors
Personally I think it's already too late for that device's OS load and data.
Of course I could be mistaken.
If you really want the data, take it to a data recovery specialist. They may be able to recover it.
When your at the beginning you can determine how potential data lose will end. When at the end, the outcome has already been predetermined by your actions or lack of.
You are now at the end... likely a dead end.
Been there, done that... actions have consequences.
@Charleh: if I were you, I would back up all important data and do a clean firmware flash with Odin. And a factory reset on top of that, just to be sure. Definitely sounds like you got hit by a scammer.
AnonVendetta said:
@Charleh: if I were you, I would back up all important data and do a clean firmware flash with Odin. And a factory reset on top of that, just to be sure. Definitely sounds like you got hit by a scammer.
Click to expand...
Click to collapse
Like I said there's not really any important data on there, just some drawings the wife would like to keep. Also, I can't backup anything since I can't access the device.
I'll probably just speak to DCC group and see if this company is one of theirs.
If the data is lost we are just talking some drawings the wife has done, there's nothing important on there, she just loses the layers (they are stored as multi page tiffs and sketchbook uses those as layers). She has all the images as flat renders on her cloud storage drive and on Instagram.
Think we just need to invest in some extra cloud storage as the free 15gb that Google give you isn't enough to store what she wants at the moment as the images are tens of megabytes each.
Worst case scenario I factory reset and flash it, best case I get someone at DCC telling me what's what.
The bit that gets me is that there are no ransom demands at this point so I can't be sure what's what. Usually by now with crypto ransom malware you are already being given demands...
We will see.
blackhawk said:
Do what you will... if you understand the origin of that phrase.
Anything that can't be IDed is considered malware until proven innocent
The fact that you're now completely locked out speaks volumes.
Good practices and backup are your only defenses. They apply to the future not the past... so much for flavors
Personally I think it's already too late for that device's OS load and data.
Of course I could be mistaken.
If you really want the data, take it to a data recovery specialist. They may be able to recover it.
When your at the beginning you can determine how potential data lose will end. When at the end, the outcome has already been predetermined by your actions or lack of.
You are now at the end... likely a dead end.
Been there, done that... actions have consequences.
Click to expand...
Click to collapse
It's not a big deal mate.
Stop flogging a dead horse, the most annoying thing is just that the device is unusable, regardless of me making backups or signing a pact with the devil or putting candlewax on my nips, it wouldn't have prevented this from happening..
The only reason I haven't tried a factory reset up to now is because if there's a chance I can get the drawings off the device I'd like to try it first before I nuke it.
Stop talking about my lack of actions, it's getting really boring. There's nothing I could do to forsee this happening and not my fault the wife didn't put the drawings on her cloud storage.
Go bother someone else with your multiple flash disk tinfoil hat backup routines (I bet you've got a tape drive in that routine somewhere too), stop trying to be helpful by saying "told you so" after the fact, instead try answering the questions I asked.
@Charleh: The way I see it is this:
The device's data partition/internal storage (where the drawings are stored) are encrypted by default, by Samsung. So, unless you can manage to use a MTP USB connection or ADB to make copies of them, then you're locked out and there's nothing you can do to recover them. Since they're located in an encrypted area, I highly doubt that even a professional data recovery business would be able to get them back. There are certain encryptions out there that even the US govt (NSA/CIA/FBI) can't break.
I'm assuming that you're not a l33t hax0r with uber skills, so unless you can successfully boot into Android again, your recovery chances are almost zero.
Or, maybe this company can help you out. It's worth a shot. But if I were a gambling man, I'd wager a lot of money that you will end up having to clean flash/reset, without being able to recover anything.
In the future, think about making copies of this stuff before bad things occur. As the saying goes, anything that can go wrong, will go wrong, sooner or later. I rarely lose access to my data because I'm frequently backing it up.
Good luck!
AnonVendetta said:
@Charleh: The way I see it is this:
The device's data partition/internal storage (where the drawings are stored) are encrypted by default, by Samsung. So, unless you can manage to use a MTP USB connection or ADB to make copies of them, then you're locked out and there's nothing you can do to recover them. Since they're located in an encrypted area, I highly doubt that even a professional data recovery business would be able to get them back. There are certain encryptions out there that even the US govt (NSA/CIA/FBI) can't break.
I'm assuming that you're not a l33t hax0r with uber skills, so unless you can successfully boot into Android again, your recovery chances are almost zero.
Or, maybe this company can help you out. It's worth a shot. But if I were a gambling man, I'd wager a lot of money that you will end up having to clean flash/reset, without being able to recover anything.
In the future, think about making copies of this stuff before bad things occur. As the saying goes, anything that can go wrong, will go wrong, sooner or later. I rarely lose access to my data because I'm frequently backing it up.
Good luck!
Click to expand...
Click to collapse
Thanks - that was a helpful answer. I suspected that droid encrypted the data - I was looking at making an ADB connection using Android tools. Might as well give it a try before I nuke.
I can't use MTP as the device auto locks when I plug in a USB cable.
Like I've said a few times it's not a massive issue if I lose the data - I work in IT, I know the importance of backing up important data. I've seen a client lose months worth of data to crypto-ransomware (they cancelled their backup solution a few months before saying they were moving to Azure soon so they didn't need it).
I've explained though, it's not my device and it's up to the wife to put her stuff on her cloud storage if she wants to keep it. She uses Google Drive for her docs etc.
Worst case scenario I complain to Amazon, wife is saying she doesn't remember the screen having a protector/film on it when she opened it and we still have time to return/exchange it since I have a Prime account.
@Charleh: AFAIK, Amazon has a 30 day no questions asked return policy for almost everything. If you're still within that return window, then I guess you just have to decide whether the loss of drawings is worth returning it, assuming all recovery efforts fail. I bought my Tab S7+ new direct from Samsung, I haven't encountered like what you describe. And your edge case is the first one I've seen.
I think it's possible that you bought a refurbished device that was preowned but sold as new. The original buyer didn't finish paying it off, returned it, it's sold to you, you get this message. It's either legitimately locked, or someone has remotely locked it and intends to scam you. Contact that company ASAP.
Another option is to find a local techie/shop that can remove this lock for a fee, preferably without data loss. They make want to see proof of purchase, if they're legit. This would at least give you the ability to use the device again. People used to bring me locked phones/tabs all the time, this is pretty much what I did for side cash. As long as they didn't outright admit they were stolen, I didn't care.
Ok speaking to Samsung support and it's legit - what's happened is that someone's returned the device to the supplier after doing a trade in with it and receiving a new device from Samsung Trade In.
Supplier has refunded us and told us to keep the device until the issue is resolved with Samsung.
Now fighting with Samsung themselves about it. Absolute pisstake.
Basically I have a brick and although Samsung have the capability to unlock the device through Knox they won't do it until a resolution is found with the supplier.
Fun-times. Sent a complaint email to Samsung as they are essentially holding the wife's artwork to ransom because of an issue they have created with the rules of their trade-in program.
I've already received the refund too - sounds like the Amazon reseller is trying to wash their hands of it.
@Charleh: So, they refunded you AND they're going to let you keep the tablet? I'd be quite happy with that.
AnonVendetta said:
@Charleh: So, they refunded you AND they're going to let you keep the tablet? I'd be quite happy with that.
Click to expand...
Click to collapse
Depends if the tablet is ever going to be functional again...
Fingers crossed!
Time to reflash, ODIN or do whatever and see if you can and up with his + hers new(sort of) tablets.
Hello, some solution?
Charleh said:
Depends if the tablet is ever going to be functional again...
Fingers crossed!
Click to expand...
Click to collapse
How did this end?
corb06 said:
How did this end?
Click to expand...
Click to collapse
still ongoing - Amazon is trying to get hold of the original supplier but they've gone dark; I complained to Samsung and they are looking into it, just waiting for a reply.
They took almost a month to get back to me - only did so when I started complaining publicly on all social media platforms (Twitter, Instagram etc) - they don't like it when you do that.
Will update when I know more.
Charleh said:
still ongoing - Amazon is trying to get hold of the original supplier but they've gone dark; I complained to Samsung and they are looking into it, just waiting for a reply.
They took almost a month to get back to me - only did so when I started complaining publicly on all social media platforms (Twitter, Instagram etc) - they don't like it when you do that.
Will update when I know more.
Click to expand...
Click to collapse
Sorry to hear it's taking so long. I'd be super pissed. Next time, buy direct from Samsung, you wouldnt have to deal with this ****. Because they wouldnt sell you a used/refurbished device unless it's clearly marked as such, and i'm pretty sure they only sell new devices anyway.
Can you post a link to the seller's Amazon page? They could be a fly-by-night op.
If you cant get your money back or an exchange, just contact your bank/card issuer and do a chargeback. This is a last resort ootion, if nothing else works. Explain the whole situation to them. Chances are, they would force the seller or someone else responsible, to give your money back. The only caveat is that if you wait too long, it might not work. i've inititated chargebacks against sellers who dont respond to support requests, it usually worked in my favor.
Edit: If you go the chargeback route and Amazon is forced to refund your money, they may retaliate by banning your account. it recently happened to a friend. Just so you know.....

Question Help me reverse engineer this mod? How do i get my phone back to stock rom, and regain full control over it? Unroot?

I have a A52 5g and a tab S7+ wifi, that are both remotely controled and monitored, and serve as gateway to my home network and basicaly every device connected to it. I noticed it at first and mew NOTHING related to this, didnt even know what open source was. Since then i have come to understand that, somehow, my phone seems to run a custom version of android, my guess is, built from AOSP and designed to disguise itself as oem samsung ui, but in background enables remote access and total takeover of every function. I have discovered, using total commander, that storage has been partitioned in 2 separate locations, and that one folder in there is called root system file, and filled with data/apk/installkits/etc.. this has me asking for help in 2 specific questions:
Am i holding a rooted device or is there another possibility that creates this situation? I was convinced its rooted untill i read here that root prevents from using samsung pass, secure folder etc.. and those seem to work on mine(or is it a version of those apps?) If its indeed rooted, will it wype everything if i flash it with the stock rom? And should i trust a small cell repair store to do that or learn how to do it myself?
2: i have bought 3 brand new phones since august, and made sure not to use my usual accounts, no use backups, not even set it up near my home wifi, and it almost instantly started self installing harmful software in background. I see no other way for it to link itself to be owned by me at initial setup, but for the sim card, new of course, but with my usual phone number and service transfered to it. Is that enough to make a breach and compromise a new device? If so, what would be different after fpashing the stock rom, if everything reinstalls itself? Do i need to change my number? Change cellular service provider even? I know its an unusual request but im a fast learner, i have compiled lots of technical info on specific apps, ip's, servers, build id numbers etc.. that i know would make more sense to anyone more qualified than me, and i am about ready to try and wype/flash the thing myself, i just would feel better with a little help since i have gone this far pretty much alone, since no service provider or manifacturer actualy feels like this is their problem to solve....
Here you can download firmware for your phone and flash with Odin, which you can also download at the bottom of the page, there are instructions on how to do it also.
Make sure to download correct firmware for exact device you have. There are few different A52 5G models.. SM-A526B, SM-A526U, SM-A5260, SM-A526U1, SM-A526W.
You will lose all data after flashing new firmware. After this your phone will be like brand new from Samsung..
If your device is rooted then that means your warranty is void and manufacturers and carriers are under no obligation to help you.
I'm trying to understand your situation but its so conflicting I don't know where to begin.
For example, you say your device runs a custom AOSP with a Samsung UI. Thats exactly how it actually works. Samsung take the AOSP, customise it with their own functionality, then overlay their own skin as the UI. Theres absolutely nothing unusual about that.
I'm conflicted as to whether your rooted or not. If the manufacturer or carrier has physically seen the device and won't repair it then that would suggest your definitely rooted. If you spoke to them virtually and told them your rooted then they will use it as an excuse whether you're truly rooted or not. The partitions you mention could be the internal storage and an sd card which can be seen non-rooted. I dont know what you mean when you mention a "root system file". Is it an actual folder called "root" or is the app you're using just telling you that you've reached the "root" of the filesystem? I can't quite work out what you mean. You also say Knox-powered apps still work which just adds to the confusion.
You stated you have had 3 new devices and they all self-installed harmful software. To get one device compromised is possible. To get three compromised means your either a high profile government target (which I doubt because they wouldn't be so sloppy as this) or your doing something to compromise your own devices such as continuously visiting dodgy websites.
Flashing will fix things but so would having a new device. The only common denominator is you so either you're doing something wrong or you truly are a government target in which case I wish you good luck!
First let me appologise for the long silence, i cut off most online activity for a while and just read your answers. To clarify, i have not solved my prolem yet. But ill try to explain better what you ask about my situation:
About de os version arobase40 got it right. I Asked google play help reps. And a stock samsung version of android would not trigger googles warning about running a custom version of android. So that point to a modified after-the-fact more than to the fact samsung has their propierary version installed.
About beeing rooted or not, ylwhat you are asking is what im not totaly certajn of, also. I know partition can happen without rooting, its seems to have created a "virtual sd card" since its named as such when sd card slot is actualy empty. About the root files folder, i cant say for sure, all i can say is that its holding a large amount of Gigs that dont get taken into account when looking at storage capacity and usage, and accessing that folder gives me a message that root files cant be access from this device. Does it mean my device had root acess privileges revoked to prevent viewing files that hide what is given control of the software remotely, so i dont find out or have the capacity to remove or alter those files?
What is absolutely sure is that if it is rooted, it wasnt done by me. As for the chance the devices were not factory brand new, 1 of them was not, got it opend box from amazon, a saudi arabia version, but my prkblems had started months before getting it, did not keep it more than 2 months, and all others before and since are 100% pure factory new, some directly from my cellular service provider, as financed device came with 2 year agreement of service,(actualy 2 of them i got this way) and the last one is my tab s7+ i got online directly from samsung canada website, on preorder, delivered on release day.
And lastly the fact i cant seem to shake those persistent leeches, is not from having reckless habbits online, but from having careless and uneducated habbits before that all started, usual older lazy dude stuff, like not changing my wifi password after a ruff breakup with bipolar psycho ex gf, or having only a few passwords reused on most my accounts. I have stopped doing those things long ago now that i know better, but i suspect that i could have been unaware something gettnng installed and staying dormant for a while, maybe? The ex had way more opportunities than needed to do something like this and is more than psycho enough to realy do it also. For having the skills to do it, lets say she has "assets" that can easily get her guys willing to help about that. It may also be coming from somwhere else, but as you say im not a super spy or a high ranking gov. Official. Im not even that interesting, and have absolutely no usable id for fraud or anything, my credit history would raise more red flags then there is in all china. So after so long struggling with this still very active, i cant even think of a rational reason to do so much effort into this, theres nothing to gain, i only can imagine that maybe a twisted mind seeking revege, or with a sick way of amusing themselves could see the point to all that, but i dont realy care. I only want to get rid of it.
As for the way it manages to be so much persistent, i can only see one option left i didnt remove from the process, and its through my phone number/account on the sim card, even a new sim on a new phone, still is linked to my cell service. I did initial setup with only that new sim card, accounts freshely created during setup, with no info or anythink linkable to my previous accounts, and even did it sitting outside, far from any building that could get me in range of a wifi network. And it still was no more effective at staying secure.
Thats why i did not yet try to flash a stock rom myself on my device, because it would, at best, become exactly like it was when brand new, and i know that this is not enough to keep it secure, and that means theres still something im missing in the whole picture.

Categories

Resources