Are these real apps? - Android Q&A, Help & Troubleshooting

Hi, apologies for any obvious errors, I've been out of android for a few years
My friend has given me her daughters Samsung J5 to sort out as she was getting pop up ads every 2 or 3 seconds rendering the phone unusable.
I've now realised the following: it's a Chinese phone which is rooted and I have no idea what software it is running but I have factory reset and run Malwarebytes which showed 2 apps as having trojans "com.mediatek.theme.mode" and "MessageData"
I've disabled both apps and the problem seems to have stopped but I'm a bit worried as they call themselves system apps, and I don't want to brick her phone!
Has anybody heard of these two so called system apps, and am I going to ruin her life of Snapchat by disabling them? I've Googled and can't find any specific info on them so I'm wondering if whatever android version it's running has had the malware written into it and they're not actual system apps?
Thanks for being patient with me!!

if the phone is rooted install twrp, make a back-up - especially the EFS one - and start to disable/remove and test
if anything wrong you can restore
and also system aps can be disabled or uninstalled - just be careful
use service disable app for samsung - think is on apkmirror
good luck
the chinese crap phones are constantly sending infos from the phone to the chinese servers

Related

[Help] Wifi and 3G turning on alone...

Hello there! I have been having a bit of a problem lately. I own a BLU Dash 5.0 simunlocked from factory. It's a double sim model, which I have two sims, since the companies are spanish, let's call them Green Sim and Blue Sim (since that's how they are color coded in my status bar). It is also running Android Jelly Bean 4.2. Here is the problem. Ever since of March 20, a Chinese app appeared on my home screen, I don't know how, something called "Mobile Video" but the content was in a foreign Asian language. I suspect of my friend since I lent it to him for 15 minutes and then it appeared. Aside of this, the wifi and the Green Sim 3G was turned on.
I clicked on the app curious of it was something my friend downloaded from me, but then the app prompted me two options, I didn't know what it said since again, it was Asian. Next, I proceeded to uninstall it, going to my apps list, I was surprised to see another mysterious app, "Push_Down", that was the name. I uninstalled both Mobile Video and Push_Down. I thought I fixed the problem. Wrong.
Next day when I woke up, I found two new apps on my homescreen, and again, the Wifi and Green Sim 3G was on.These were Chinese also. I uninstalled them both and found once again "Push_Down" in my apps. After I uninstalled them, I thought the problem was finally fixed. Wrong again. Since this event, about every 2 or 3 hours, my Wifi and Green Sim 3G turn on automatically, but haven't downloaded anything new, one, because I have no credit left, and two, I have no internet at home. Ever since, daily I wake up, the same problem, the Wifi and 3G are on. I checked my SD Card, I checked my Phone Storage, both with 2 Antivirus (Avast!, and Lookout Mobile) and with Addons Detector. Surprisingly, nothing has appeared.
My last option is what hurts me most, to reset my phone, which I don't want to do since I have lots of apps installed, progress made with certain games and etc, etc. Also, I am not a root user, so I haven't rooted and won't root my phone.
Now, can anyone please help me? I am very annoyed at this happening everyday!
same problem...cheinese apps keep reinstalling
I too have had this problem for a few weeks now. Got a Chinese smartphone for Christmas (ok i know thats the first mistake, but it was worth a try for the money). mfaction royale mp720 (mpie comes up on the startup screen). Anyway i realised there where a few Chinese apps that came with it (pinyin and a app with a orange icon with a squirrel logo on it) so i unistalled these without problem. One chinese app i couldn't uninstall so i disabled it in the app settings
Everything had been working fine without problem and had been very happy with the phone until a week or so ago. started getting the apps described above installing. These include 'push_down' 'push_collect' 'filegogo' 'mobile video' and some others with chinese writing on them. I also get my phone setting itself to mute when these apps reappear. Keep uninstalling them but they keep coming back. Have tried AVG and Antimalware but they only flag things up as they install themselves, not the thing thats doing the installing. I thought that google account might be a problem so changed password and reset my phone to factory default. As a test i didn't connect back to google account. No joy. Although some apps have not reappeared some have and this morning a new one so i don't think its google account.
I did read some Chinese phones can have the malware embedded into the firmware but it's been fine for months. Perhaps there is a delay so your not likely to send the phone back then the malware begins. If this is the case then the only way round would be to root the phone then find the app or apps that are doing this. Not sure if it's easy to root one of these phones.
Anyone else had these symptoms after a full factory reset?. Anyone been able to sort it out? Anyone know of a guide to root his phone?
Hmmmmm....
cmillsy said:
I too have had this problem for a few weeks now. Got a Chinese smartphone for Christmas (ok i know thats the first mistake, but it was worth a try for the money). mfaction royale mp720 (mpie comes up on the startup screen). Anyway i realised there where a few Chinese apps that came with it (pinyin and a app with a orange icon with a squirrel logo on it) so i unistalled these without problem. One chinese app i couldn't uninstall so i disabled it in the app settings
Everything had been working fine without problem and had been very happy with the phone until a week or so ago. started getting the apps described above installing. These include 'push_down' 'push_collect' 'filegogo' 'mobile video' and some others with chinese writing on them. I also get my phone setting itself to mute when these apps reappear. Keep uninstalling them but they keep coming back. Have tried AVG and Antimalware but they only flag things up as they install themselves, not the thing thats doing the installing. I thought that google account might be a problem so changed password and reset my phone to factory default. As a test i didn't connect back to google account. No joy. Although some apps have not reappeared some have and this morning a new one so i don't think its google account.
I did read some Chinese phones can have the malware embedded into the firmware but it's been fine for months. Perhaps there is a delay so your not likely to send the phone back then the malware begins. If this is the case then the only way round would be to root the phone then find the app or apps that are doing this. Not sure if it's easy to root one of these phones.
Anyone else had these symptoms after a full factory reset?. Anyone been able to sort it out? Anyone know of a guide to root his phone?
Click to expand...
Click to collapse
Actually, as much as my experience from rooting, I haven't done it once again after a bad event I had, like almost bricking an old phone I had which for my good luck there was a way to restore it Ever since, I won't root anymore unless there exists a ROM backup by the manufacturer. But still, I don't know what's causing this. My phone has been fine since stock, I have more than 2 months with it! The problem started since last Thursday, which is why I suspect it's an app I downloaded or ad I clicked on. Any ideas?
(Also, thanks for your reply )

Storex S'phone DC50G infested. Ideas for treatment?

Hi everyone, I'm new to Android, not very knowledgeable, have got into a pickle and wonder if anyone can help me.
The Phone - I bought my first Android phone just over a year ago, a Storex DC50G. It's a dual SIM phone running Android 4.2.2, made (or at least marketed) by a French office equipment company. Not very popular, sold mostly in southern Europe (I'm in Britain). Most of the discussion online is in French or Spanish. I understand a bit of both languages but can't find any discussion of rooting, hacks or ROMs. Some software reports the manufacturer as Alps (but they deny it). Until recently it did what I needed and I was happy with it.
The Problem - Unfortunately, I got complacent because of what I'd read about Android's good security and Google's vetting of apps on Play Store. I only installed respectable apps from Play Store, but at some point I must have installed something bad which installed more bad things. I suppose it's possible that this was one of the Chinese phones that had a trojan as it left the factory. At one stage as soon as I connected to WiFi or cellular data I'd get a blizzard of animated advertisements and new installations that made the phone unusable.
What I've Done - Booted to safe mode, with no data connection. I tried 'Factory Data Reset' via settings and via the recovery menu. That wiped all my data but the malware survived. I uninstalled all downloaded apps and removed the SD card. I found several apps that looked obviously suspicious but were installed as 'Factory Apps' so could not be uninstalled. I've disabled them. Malwarebytes detects 16 pieces of malware but can't delete them ('Do you want to delete the selected items?' -> 'Name of application Do you want to uninstall this app?' -> 'Name of application Uninstall unsuccessful'. The listed malware is:
PUP.Riskpay.Xinyin.wch
Android/Trojan.Ztorg.b
Android/Trojan.Agent.OT
Android/Trojan.Downloader.Agent.ex
Android/Trojan.lop.rp
Android/Trojan.lop.rp
Android/Trojan.lop.j
Android/Trojan.Dropper.Agent.gg
Android/PUP.Adware.Sprovider.E
Android/Trojan.Ztorg.tw
Android/Trojan.Spy.Qcarec
Android/Trojan.Ztorg.b
Android/Trojan.downloader.Guerilla.m
Android/Trojan.Ztorg.a
Android/Trojan.Dropper.Agent.FH
Android/Trojan.Ztorg.b
I've tried deleting them one by one, getting the name of the app from the error message and disabling them individually. The phone is much better now - usable for making calls, but I'm not happy to trust it with passwords, banking applications etc. and every time I unlock it I'm greeted by a naked Chinese lady who I didn't invite.
Lessons Learned - next time I'll buy a popular big name phone so I have a chance of getting support, from the community if not from the manufacturer. Android's security turned out to be just enough to prevent me from making a proper back-up and now to stop me uninstalling the malware, but not enough to keep out the nasties. I'd be tempted to root a new phone straight away so I can back up the operating system - even at the risk of invalidating the warranty.
What next? - I'm being cautious, but haven't got much to loose. I'm thinking of trying some of the general purpose rooting tools like Kingoroot, then if I get root successfully trying again to uninstall the malware (but don't know how to be sure I've spotted it all). Ideally, I'd flash a fresh, clean ROM, but since it's not a popular phone there's no such ROM and no-one seems able to give me a clean manufacturer's ROM.
Is this a sensible way forward? Is there a better way forward? Should I chuck it in the bin and go shopping for a new phone?
Install update of ROM with SP flash tool
Install ROM of storex.
xda does not let me put link ROM

S2 GT-i9100 Google Play Services randomly causes *unimaginable* battery drain

Disclaimer: I have already posted this in the S2 specific forum, unfortunately a lack of response is why I am also posting this here.
Hello Everyone
Start off by saying I have little to no Android knowledge (rooting, custom ROMs, modding or programs for such things), however I have basic knowledge of linux and the command line.
My S2 GT-i9100 rapidly heats up and its battery is *unimaginably* and randomly depleted by Google Play Services and quickly renders it useless as a device. I want to fix it and not turn it into a brick.
I got the phone from a family member from Europe (I live in Australia), who had used it for about 6 months. When I got it, it was already unlocked and rooted by some phone place over there. I didn't have any problems.
Recently however Google Play Services (size 127 MB) (version 9.2.56) has randomly started doing *something*, this despite no mobile broadband and almost no internet usage from wifi either to invoke it. Considering it is on ICS (no idea how to upgrade, or whether i should upgrade, or what to upgrade to) it has to be either a bug or a virus considering all those Android exploits in the news recently.
To fix it whenever it occurs, I clear the RAM twice then go into the list of Applications and Force Stop Google Play Services (more than once if the button isn't greyed out).
I tried to disable the components of Google Play Services(listed below) but the problem continued AND it erased the names of my contacts meaning I was left with a bunch of numbers with no name.
Google Bookmarks Sync
Google Play services
Google Services Framework
Google Account Manager
Network Location
Google Contacts Sync
Some details:
Wi-Fi use only (and nonexistent nowadays), no mobile broadband
GT-i9100 running Android 4.0.3 (ICS)
ROM, unknown if original / custom, has a T-Mobile animation screen on bootup and shutdown
It also has a yellow triangle at the bottom when I turn it on (don't care about cosmetics)
Rooted with CWW (no idea about how that works or what it means) and SuperSU (i do know how root user works in linux)
Root Browser + Terminal Emulator installed (my doing)
Google Authenticator + Microsoft Account Authenticator (i don't wanna screw up anything with these, got codes for google authenticator, need to research microsoft)
Call history and text messages (I would like to keep these and would like to know how to backup the phone first of all)
So I'm looking to figure out what would be the best course of action to fix this without screwing up anything. I know the standard solution would be a factory reset but I don't have any backups (also don't know how to), don't want to brick the phone and don't know what it would actually do, and even if it worked, how to root the phone again.
Any help would be greatly appreciated.

Remove System Apps

Hi Guys
I have a quick question - How do i remove system apps on the Tab S3.
Everytime i go to remove and app thru Tit Backup - It restores it after reboot.
Rooted with SuperSU - Id like to uninstall Knox etc but cant?
I had this on the S8 - Is this to do with the Kernel needing to be permissive? Any help would be welcome.
fkofilee said:
Hi Guys
I have a quick question - How do i remove system apps on the Tab S3.
Everytime i go to remove and app thru Tit Backup - It restores it after reboot.
Rooted with SuperSU - Id like to uninstall Knox etc but cant?
I had this on the S8 - Is this to do with the Kernel needing to be permissive? Any help would be welcome.
Click to expand...
Click to collapse
I think you have no R/W access to the system. Did you flash the no-verity-opt-encrypt patch when rooting? Download root essentials from the play store. There you have the option to mount system R/W. After enabling that removing the system apps should work.
Verstuurd vanaf mijn SM-T825 met Tapatalk
Thanks... Completely slipped my mind about the RW access
I'll give it a go
Nope didnt work - Trying to delete anything of the system partition doesnt go anywhere
Solution I found for my Galaxy S7 was to use /system/app mover available from F-Droid.Org
Move apps first to be User apps, reboot and you can uninstall them.
Judging by the number of Thanks on this thread, I can see that problems with apps have been an issue with rooted Tab S3s for quite some time.
The problems I am having are actually the reverse, however; whenever I delete system apps my device becomes all but soft-bricked (Android strips me of many user privileges).
Makes me sick for a device I paid $500 for and own.
Now this is for a recent root "professionally" performed just the other day by OneClickRoot using Magisk.
Having said that, I would suggest that anyone having difficulty removing apps really doesn't want to experience the consequences of what happens when you do.
So far OneClickRoot has been MIA as far as providing assistance for an improperly performed root that voided my warranty and which I cannot use.
But what they do not know (yet) is that I screen recorded the sessions while they had remote access to my PC and were rooting my device. I haven't yet investigated whether there are newer files they could have used, but I do know that I was prompted to update Magisk on my device almost immediately afterward.
It does seem clear that Android came out with some kind of a patch that thwarted the plan. And it was seriously harrowing.
Anyway, with the guidance of the screen recordings I was able to do some experimenting with app removal and unroot/reroot at my leisure.
It didn't take much in the way of app removal to throw the system into a state of angst like I've never seen (I rooted my Galaxy S3 phone a long time ago on my own and it went peacefully and without incident). I never once touched [removed] a single core system file on this S3 tablet (of course, that may be understating it; apps like Chrome could be considered to contain core system files - after all, it is an Android). I also did not remove Google Play Services or Google Play because I kinda had a hunch.
Incidentally, I used ES File Explorer to remove the apps. A decent reputation with Google. Downloaded with Yalp Store. (After removing the apps, some time later I went back to the root section of ES and got a notification that said "Sorry. That feature is not available on this device.")
At the moment I am back in re-rooted state and experimenting with an app disabler/freezer. So far so good. It's interesting to see what I haven't been able to disable - Chrome being one of them. The others (Music, Movies, Maps, Hangouts, OneDrive, etc. were disabled without incident). I'm wondering if this experiment is demonstrating which apps I can safely remove with the root.
Oh, I disabled Google Text-to-Speech and once in a while I get a feeble notification alerting me that it has stopped which is fine by me. I'm sick of them stalking me all over the Internet let alone logging my every keystroke.
Anyway, that's my story and the current forecast where uprooting is concerned.
I looked at oneClickRoot. It wants access to all your accounts. Why does it need that? That scares me. I also don't see how it would root your device without tripping Knox. Maybe it doesn't, I don't know.
Sent from my [device_name] using XDA-Developers Legacy app
jd1639 said:
I looked at oneClickRoot. It wants access to all your accounts. Why does it need that? That scares me. I also don't see how it would root your device without tripping Knox. Maybe it doesn't, I don't know.
Click to expand...
Click to collapse
JD, sometimes roots trip Knox and sometimes they don't. They didn't advise me of that either way.
I'm not sure why they want access to all your accounts. Maybe it's just because a root requires total access to your device.
There's nothing you don't see while they are performing the root so I don't think it's much to be concerned about.
Picking up where I left off with my original post, I soon discovered Terminal Debloater developed by Magisk (a means of removing apps systemless-ly!).
OneClickRoot didn't advise me of that method (and still hasn't gotten back with me, incidentally). Of course, they do make money selling extended support packages (and it's worth noting that they didn't flash TWRP to my device either).
I thought if Terminal Debloater didn't do it nothing would. And it didn't work, even though I didn't uninstall Google, Google Play Services or Google Play.
I mean, it got rid of the apps just like ES File Explorer did, but my device once again became nearly unusable (unable to open Google Play Store or Amazon Appstore among other features of my device). But systemless-ly? Not so sure about that.
Resetting the device remedied the problem(s) and reinstalled everything without requiring a re-root (minus 3rd party apps that I already had installed, of course). I had forgotten about the previous backup that I had performed with Titanium Backup but it was like 4am and I was getting foggy, you know - there have been a lot of late nights lately. My device was still rooted after the reset and I was able to reinstall Magisk Manager with an .apk (Google Play Store banished it). Maybe that's what they meant by systemless uninstall - the relative ease of reinstall.
So I think that after all of this experimentation it is fair to say that unless you have goals other than uninstalling meaningless stuff like that withTV app it isn't going to work out. And for an app freezer/disabler to work properly you need a root. And an app/freezer disabler won't disable them all. I still have a lot of Google apps it won't disable like Gmail, Chrome, Photos, Movies & TV and Google Play Music (although I realize most people aren't interested in disabling Google apps). I could probably safely remove YouTube, Maps and Drive (I was only able to partially able freeze the former but I was able to fully freeze the latter). There are others I could probably uninstall too - OneDrive, other Microsoft apps, Weather, etc. - it would just seem pointless though since they are already frozen. So maybe freezing is a good enough reason to root for those who only want minimal removal of apps and still want Google where the sun doesn't shine.
Anything that can be frozen can probably be safely removed with the root but I haven't experimented with that. It might require a 4th reset and/or reroot. But you will never have total freedom to do what you want.
As far as OneClickRoot, it is fortunate that I paid with PayPal because I am going to file a claim based on many factors. They asked me why I was rooting my device and I told them I was going to remove apps. They didn't advise me on that either way. They didn't tell me that the root would trip Knox. It says on their Galaxy Tab S3 page, "After the rooting process is completed and done, you may start installing carrier-blocked applications" "you may positively eliminate preinstalled crapware" and "Remember that after rooting, you are the administrator of your own phone so have the freedom to do anything you want with your phone." If they made the mistake of referring to a phone on their tablet page then that's their bad. I do not yet qualify to post links on this forum, but you can find the page by using DuckDuckGo to search "Galaxy S3 Tab OneClickRoot" and it's the first search result).
I paid them $60 total to root my device; the first time I thought I removed too many apps and that it was my fault so I paid them an additional $20 to re-root it. Turns out it really wasn't my fault at all because with the 2nd root I uninstalled even fewer apps than the first time (and like I said before, never any core system apps or even any major android apps like Google Play Services). I figured out how to unroot it on my own (with firmware files from SamMobile and flashed with Odin) and then screen recorded the 2nd root.
At the end of the day I'm not sure it's really worth it to root just to remove a few apps and void your warranty if you're still covered (I have only owned my device for just over a week).
But then, not everyone has the same objectives I do. I am completely crazy serious when it comes to my privacy. One might ask why I even purchased this device and it's because it affords customizations that Apple doesn't (or so I thought). But I can still run Linux. And, of course, I have no intent of setting up a Samsung account or a real Google account. I bought a cheap sim card from TracFone to use with my old S3 phone to set up a fake Google account (because of course you have to have a phone to register a Google account). My TracFone account is under a fake name, my phone number has a Chicago area code (I live across the country), my Google account will be under a fake name and I use a paid VPN on my device(s) using a Chicago IP address. They deserve it.
All just so I can get a few paid - but important - apps. If it weren't for that, Google account be damned. I sold my black little soul to Amazon a long time ago but their selections are limited.
---------- Post added at 09:31 PM ---------- Previous post was at 08:48 PM ----------
Oh, and for those who aren't rooted and simply want to uninstall system apps for more space, you can force 3rd party apps to SD by enabling that feature in Developer Options.
Go to Settings > About tablet > Model number > Software information
Click on Build number 7 times. That will activate Developer Options which you will then find at the bottom of the column on the left side.
Click on Developer Options and scroll way down to Force Allow Apps on External.
Then scroll up to Running Services and observe what's going on behind the scenes. Especially if you have denied (and even frozen) location permissions, deactivated bluetooth, limited background processes to "none" and deactivated automatic updates. They will grab at ANYTHING - your bluetooth, phone, etc. You can stop the processes but they still keep coming back. It's fun to give them an occasional punt anyway.
I did manage to finally disable blutooth but that *had* to be frozen. Disabling in settings wasn't good enough. Google Location Service cannot be stopped ever.
I should set up the fake Google account on my S3 phone with the Chicago IP address and then play Ingress in my real neighborhood just to taunt them.
Blue team!!!!
You do know there is a root method by ashyx in the development section, right. Also, I'd just freeze apps with tibu. That way if your system starts to freeze you can just unfreeze them.
Sent from my [device_name] using XDA-Developers Legacy app
jd1639 said:
You do know there is a root method by ashyx in the development section, right. Also, I'd just freeze apps with tibu. That way if your system starts to freeze you can just unfreeze them.
Click to expand...
Click to collapse
Hi JD.
No, I didn't know about ashyx. Thanks for that though. I might end up looking into it. I'm wondering if a root is just a root, though? There are a couple of apps that have given me errors that said "Your SU binary is functional but might not work reliably on some Android 4.3+ ROMs. If you encounter any issues in TB, please try SuperSU instead." I got that error from Titanium Backup today and I think also from Malwarebytes the other day.
So I'm wondering if uninstalling Magisk and installing SuperSU instead might make a difference.
I reallly have no clue. I'm going to try it though. As a last resort I will probably try re-rooting. Have you used ashyx? If so, were you able to remove apps without a hassle?
Also, is that your Porsche? Nice . . . . . if you're in Minnesota, bet you can't wait until June lol.
I'm from the Midwest orignally - I guess it was kind of a rough winter, no? I know last winter was.
You'll get the same message with supersu as magisk in TB. It's not an issue. And, yes, I use @ashyx method for root. It's worked for all firmwares so far, but I'm almost sure it won't (twrp) if Samsung ever gives us Oreo. But I have confidence in ashyx that he'll modify it so it will, he's the man!
jd1639 said:
You'll get the same message with supersu as magisk in TB. It's not an issue. And, yes, I use @ashyx method for root. It's worked for all firmwares so far, but I'm almost sure it won't (twrp) if Samsung ever gives us Oreo. But I have confidence in ashyx that he'll modify it so it will, he's the man!
Click to expand...
Click to collapse
Hi JD. Long time no see. Or so it seems.
My head has actually been far removed from the Tab this past week. I actually had my S7 rooted just a couple of days before the Tab and so I have been juggling both devices. I think I'm about to pop a blood vessel. I honestly would have rooted them myself but there was just too much scattered information and since I was dealing with two devices I had OCR do it.
But anyway, I haven't been much invested in the Tab over the past several days. I broke a few too many green antennae again and bricked my S7 for the third time. Whenever I have fresh firmware flashed to my device I get those uninstall apps and become possessed. At least I can reinstall the firmware and re-root on my own now.
Things sure have changed since the S3 (phone) and the Galaxy Tab Pro (which was introduced before app permissions became an option). I never did root that device. I guess that's about 4 years old now.
I do believe my S7 was rooted with the ashyx method. I saw a file or something somewhere. It is easier to remove system files on that device but more complicated as there are so many more of them being a phone and all.
As far as Oreo . . . . .ugh. Something about the potential for crush injuries doesn't seem really appealing. I can imagine the "system" is only going to become more oppressive and Google more invasive. Right now I'm still trying to figure out wtf Nougat is.
Besides, Nougat will be a good OS for a long, long time. The OS on my S3 phone [Lollipop?] is still adequate. And developers are still trying to perfect apps for rooted Nougat OS's. A lot of stuff is still buggy.
I'm not *quite* as fanatical about privacy on my S7 since my phone number was tied to my Google account long before I decided to stop being lazy about privacy issues. But once I get the paid apps I need I immediately freeze Google Play Services and Google Play Store. And before I use the store I remove my SD card before they can rape my app settings and data. And, of course, I pay for a Google Play gift card with cash. It's extremely difficult going to these extremes but I am still new at it on my devices so it will just take time to adjust. I went through the same grief with my PCs but it's all good now. My banks and creditors no longer hassle me when I use private browsing and a VPN when I log in. Google will never give in though. Ever. And that really is something scary.
I actually did acquire Windows 10 Enterprise for both of my PCs after many fruitless and failed attempts at tweaking my registry. Now I have full access to Group Policy Editor and live in relative privacy [and peace] where Microsoft is concerned. Wish android had a Group Policy Editor.
Anyway, as far as where I left off with app uninstalls on my Tab, I had only just flashed the stock firmware on that before I bricked my S7 so there are still what I call "secondary" Google apps like Maps, Gmail, Movies & TV, etc. Those are frozen, however. It still might be a couple of days before I get to uninstalling those but I will update. I have no life. I need to come up for air lol. It is important to me to post about this experience; I guess I feel somewhat like an activist in a sense. Google just runs roughshod over everything and everyone like they OWN, you know? And they don't. They don't own me, or you, or our devices. And so this is for people - not "advertising IDs" - who feel similarly and don't want Google invading their devices and private information.
Umm . . . . I know there are a lot of individuals who want to root their Tab S3s and I may at some point post instructions on how to do that using Magisk (it really is simple) but right now I just feel that it would be unethical to do so until I can figure out which apps are truly safe to remove without bricking. And, of course, I can post instructions on how to flash the stock firmware as well.
Thanks for the info about the messages, btw. Still trying to figure out how to disable those. There has to be an .obb tweak somewhere for that. As I recall, the primary reason I rooted my S3 (phone) to begin with was to disable the shutter sound on my camera! And that required an .obb tweak. For the life of me I can't remember what app I used to accomplish that.
---------- Post added at 05:36 AM ---------- Previous post was at 05:16 AM ----------
When I get a message telling me that something I don't want has stopped working, it would at least be nice to see a bow on top of that bubble with some streamers and balloons in the background.
:laugh:
The Battle Of Jorte.
The night before last I was making some tweaks to my S7. I had just finished up purchasing some apps I needed from the Play Store and had refrozen that app and Google Play Services. Some time before I had previously installed a day-planning type app called Jorte.
All of a sudden I started getting notifications in my notification area that said "Jorte will not run unless you enable Google Play Services." I tolerated this for a while and then finally thought, "Ok, well, I'll just uninstall Jorte and that will put an end to that." (I didn't really want Jorte anymore - I had installed it along with a couple of other day-planning apps I was making comparisons with and had decided on a different one - one that wasn't "dependent" on Google Play Services.)
So I uninstalled Jorte and realized that there was another app that I forgot to purchase. When I went back into Application Manager to reactivate Google Play Services and Google Play Store they were gone! Well! I wasn't sure if that was a good or a bad thing. I opened my App disabler app and sure enough - they were still installed on my phone, just hidden. How trite! How petty! I was furious.
I decided at that point that I had all the paid apps I needed.
One would THINK that an ETHICAL company without nefarious intentions would take the position that if an individual isn't using their services that they would be more than HAPPY that they be disabled especially if they are "FREE". After all, why waste resources?? To whose benefit is it to leave Google Play Services running in the background when it isn't needed?
I did something then that hadn't yet dawned on me. I have an app disabler that allows one to disable all of the services associated with that app (specifically Google Play Services). Uninstalling "GPS" bricked my device before so that wasn't an option. So I went offline and disabled my mobile data (also something I hadn't done before) and went into the app disabler (which I will not name [yet]) and started disabling everything with the word "sync", "collection", forwarding", "uploading", "geolocation", "account", "transfer", "advertiser", "notification", "analytics", "indexing", "listener", "secret", "logger", "metadata", "reporter", "credentials", "metrics", "watcher", "sharing", "monitor", "phenotype?!", "detection", "stats", "supervision", "VACUUM". . . .amongst several others. (Are you guys getting alarmed yet?.) Out of 276 services I disabled 105. I had to disable them one by one because the app would stop each and every time.
I also disabled 4 out of 6 services belonging to Google Services Framework (which were all that the app disabler were able to freeze).
All of these actions effectively disabled Google from running on my device as observed from Running Services in Developer Options (that, of course, combined with disabling/uninstalling Samsung apps and associated services). Staying offline and disabling mobile data prevented my actions during this process from being reported (and interfered with).
So far over the past couple of days all has been quiet. No more '"________ will not run without Google Play Services" or "________ has stopped" notifications, no more Google running in the background and helping itself to my data like a smorgasbord.
I attempted to apply these same settings to my Tab S3 and it didn't fly. I had to disable ALL of the subservices associated with Google Play Services and I also uninstalled Google Services Framework entirely.
That debacle is for a different post.
I want to add that most any app can be uninstalled on the Tab S3 once the disabling of Samsung, Google Play Services and Google Play is achieved. Prior to this, for whatever reason I had a great deal of difficulty uninstalling Chrome and Google Play Music. If you think really, really hard in advance about all of the paid apps that you want that are critical to your root and whatever other paid apps you want, you can install them and ditch Google Play Services. They got their money and earned what they deserved. There is no reason to keep Google services continuously running in the background. You can get top notch apps that don't depend on them. I have My Backup Pro, Servicely, SD Maid, an APK extractor, a couple of really good disablers/uninstallers, ES File Explorer, Root Explorer, etc. Really consider your privacy - your data is important. Would you let a stranger rifle through drawers at your house? Even if Google has been collecting your data for years, all hope is not lost. You have many years ahead of you. Most of the data they have collected becomes obsolete over time and they don't need to keep collecting it. There are many, many apps that are not dependent on Google Play Services. There's an app called F-Droid that has an .apk installation file that can be directly downloaded from the Internet and which offers LOTS of great apps. They have an app called Yalp Store that shows you which apps Google Play Store offers that don't depend on Google Play Services and you can filter those results. You can even download and install them manually. The developers of F-Droid are privacy-conscious and all of the apps that they offer are geared with that in mind.
I paid a lot of money for my devices - what, $1300 overall? The manufacturers are not entitled to more than that, especially if I have paid for additional apps. I do have a dummy YouTube account - I consider it free cloud storage for my videos in exchange for the the data they have stolen from me over the years (I've got some cool videos, too - I'd link to my channel but it would blow my cover).
To achieve all of this you will need to start fresh - uninstall your apps, remove your SD card, clean your device really well, wipe your device and close your Samsung account. You don't need a Samsung account to run your device. You can decline both Samsung and Google services at setup but all of those choices are meaningless because they take what they want anyway.
There may be a few sacrifices that may be a dealbreaker to some such as Facebook, but there are a few apps that work around that limitation such as Tinfoil for Facebook. You may also be able to log into Facebook using a privacy web browser. I have Firefox on my devices using a VPN, Privacy Browsing and multiple privacy plugins and it works just fine for every website I have visited (I can't speak for Facebook, though, because I don't use it (not for privacy reasons, though - I have unresolved mixed feelings about it). It should be fine to use with a web browser although some websites do badger you to use their app. You can try it though before uninstalling the Facebook app and see how it goes. Granted it won't be as convenient but you can bookmark it and still have access. Twitter is dependent on Google Play. As I was writing this paragraph I just found a highly rated app called Metal for Facebook & Twitter which isn't dependent on Google and which allows you to access both of them. No ads, gets you notifications from Facebook, supports Orbot/Tor, etc. Sounds excellent.
So there's some stuff to consider.
Between both of my devices I had become really mentally/emotionally stressed and exhausted and had a short but intense cry yesterday. I would have benefited from a longer one.
Last night I woke up to discover that Google had added another hundred or so services to the Google Play Services app on my S7 which brought the number up to 300+. (As an aside, the same thing happened on my Tab S3 several days ago.) I'm not sure if I had wi-fi or mobile data turned on when it happened or both - I had been turning them both on and off intermittently throughout the day. All I can think is that Verizon must have been sharing data. It happened on the S3 for a different reason and I caught that while it was happening.
I thought that I was using Verizon simply for a signal. I don't use their cloud and I don't sync any data to their servers in any other manner. Come to discover there were a couple of settings I overlooked.
Google and Verizon are in bed together - I did discover that much. I really did want to maintain a location with Verizon so I could at least locate my device if I were ever to lose it; they charge enough and I can be incredibly absentminded at times, like using the calculator on my phone while shopping, lying it down on a shelf when picking something up and walking away. But when I went to Verizon's website to see if they offered such a service I was redirected straight to Google. They're kidding, right?
Google is so unbelievably insidious. You really don't know until you try to escape.
I'm a quiet, introverted person - all I want is my privacy, my freakin' Kindle app and a few simple others. And I WOULD get a Kindle, but even the best one only records video in 720p! But no - 4k or no 4k, I'm not about to curl up in a hollow log with a Kindle.
The S3 has been turned off for the past couple of days; both devices present challenges of their own. The S7 is worse I think with Verizon in the mix. My S7 has turned out to be the guinea pig it seems.
I know how to re-root the S7 if I brick it again but I'll spare myself the hassle. I paid One Click Root for the 6-month extended support package and I'll make them work for it. They pretty much dissed me on the S3 so they deserve it.
Right now the S7 is stable (and functional) again - I was up for hours last night after my ghastly, half-conscious discovery disabling another hundred Google Play subservices. Right now I'm backing up to My Backup Pro's cloud and after that I think I'm going to go offline and uninstall The Framework and Google Play Services. Surely Google can't coerce Verizon to cut off data services to a loyal customer.
A few updates and and an apology. . . .but not in that order. Ummm. . . .I realize that this whole Google privacy thing is a touchy subject and I'm really sorry for having brought it up here (kind of, you know?). I mean, in the sense that this is a really helpful place for what it is and I do understand something about getting knocked back in Google search rankings. I'd really hate to see something like that happen.
So this will be my last post on this topic.
This whole endeavor has really been a nightmare - a real war and I have lost tons of sleep. I'm amazed that I haven't hard-bricked my devices. One day I re-rooted my S3 three times. Yesterday I re-rooted my S7 twice. There is no compromising with Google. None. I thought that I could whittle it down to just not using any of their apps, you know? What other business do they have running data collection or location services on my device? I don't have a connected Samsung or Google account, I declined app usage data, location services and diagnostic usage at setup. I disabled all of those plus everything else that could be disabled in settings and everything possible in permissions. Yet settings keep being switched back on which is the whole reason I rooted my devices. THEN after I root, I install these 3rd party freezing apps and watch Google behind the scenes with their 380 hidden services going to town collecting all sorts of data - Bluetooth, radios, geofencing, storage. . . .it's absolutely unreal. They hide and disable apps I paid to 3rd parties on independent websites. . . .I just don't even know where to begin. I started getting screenshots of all of this and they started deleting and disabling those.
Anyway, I don't know how much longer I have now to return my S3 to Amazon but it might be going back in a pine box. It's defective. I mean, seriously. The permissions keep turning themselves off. Inherently defective perhaps, but defective nonetheless. I've had the S7 since November so I don't know what Verizon can do for me but I think California has some laws.
Anyway, I'm in the midst of preparing some killer videos on rooting and flashing stock firmware to both the Tab S3 and S7 and I will come back and post YouTube links to those when they're done. They will no doubt be immediately removed unless Google finds them lucrative enough to keep, and if they are removed I will PAY Vimeo to host (and protect) them.
Oh - heh - before I forget: YES, you CAN remove every single Google app from your S3 EXCEPT for Chrome. It's part of the infrastructure, man. You will brick your device every time you try to remove it. But remember this - and this is CRUCIAL - install an app freezer (better yet, two), then turn off wi-fi making sure to disable auto-reconnect because everything you do is transmitted and they will brick you. You don't want to clue them into anything. Then use your best judgement to freeze and disable every possible permission before you start Also reboot after every app uninstall (or two). It takes a lonnnng time depending on how many you remove but trust me on this. If you intend to maintain a Google account you should be all good.
I acually use TITANIUM BACKUP
for freezing , u freezing & uninstalling system application's:good:
JackieBlue said:
A few updates and and an apology. . . .but not in that order. Ummm. . . .I realize that this whole Google privacy thing is a touchy subject and I'm really sorry for having brought it up here (kind of, you know?). I mean, in the sense that this is a really helpful place for what it is and I do understand something about getting knocked back in Google search rankings. I'd really hate to see something like that happen.
So this will be my last post on this topic.
This whole endeavor has really been a nightmare - a real war and I have lost tons of sleep. I'm amazed that I haven't hard-bricked my devices. One day I re-rooted my S3 three times. Yesterday I re-rooted my S7 twice. There is no compromising with Google. None. I thought that I could whittle it down to just not using any of their apps, you know? What other business do they have running data collection or location services on my device? I don't have a connected Samsung or Google account, I declined app usage data, location services and diagnostic usage at setup. I disabled all of those plus everything else that could be disabled in settings and everything possible in permissions. Yet settings keep being switched back on which is the whole reason I rooted my devices. THEN after I root, I install these 3rd party freezing apps and watch Google behind the scenes with their 380 hidden services going to town collecting all sorts of data - Bluetooth, radios, geofencing, storage. . . .it's absolutely unreal. They hide and disable apps I paid to 3rd parties on independent websites. . . .I just don't even know where to begin. I started getting screenshots of all of this and they started deleting and disabling those.
Anyway, I don't know how much longer I have now to return my S3 to Amazon but it might be going back in a pine box. It's defective. I mean, seriously. The permissions keep turning themselves off. Inherently defective perhaps, but defective nonetheless. I've had the S7 since November so I don't know what Verizon can do for me but I think California has some laws.
Anyway, I'm in the midst of preparing some killer videos on rooting and flashing stock firmware to both the Tab S3 and S7 and I will come back and post YouTube links to those when they're done. They will no doubt be immediately removed unless Google finds them lucrative enough to keep, and if they are removed I will PAY Vimeo to host (and protect) them.
Oh - heh - before I forget: YES, you CAN remove every single Google app from your S3 EXCEPT for Chrome. It's part of the infrastructure, man. You will brick your device every time you try to remove it. But remember this - and this is CRUCIAL - install an app freezer (better yet, two), then turn off wi-fi making sure to disable auto-reconnect because everything you do is transmitted and they will brick you. You don't want to clue them into anything. Then use your best judgement to freeze and disable every possible permission before you start Also reboot after every app uninstall (or two). It takes a lonnnng time depending on how many you remove but trust me on this. If you intend to maintain a Google account you should be all good.
Click to expand...
Click to collapse
Watch out the Russians are coming too.

Micromax C1 Bloatware, Virus Removal Guide + Rooting, custom Rom TWRP less

Hi i have had this Phone Micromax C1 since august 2017 and while its quite awful even at its current price point of 4000 Rs about 60$ once you root it and remove all the bloat virus and do some customizations it becomes much more bearable to the point that my peers can often be fooled into believing that it would cost 10000 to buy.
the phone has 2 major ROMs that are worth talking about both of them are technically stock ROMs of the device however while one of them is mainstream the other one is an actually a developer one to one port of android 7.0. have had both ROMs and i can tell while the developer build is much more pleasant, familiar it is terribly optimized(probably not optimized at all) and is thus slow. the mainstream stock ROM is actually quite awful in my opinion the initiator launcher is bad and the only way around it is to use a 3rd party launcher like the Google Now Launcher that I prefer to use.
Once I learnt about how magisk worked the processes of rooting was almost as simple as finding the stock boot.img since the bootloader can easily be unlocked from the developer options and then flashing can be unlocked via fastboot.
Now about what i really wanted to talk about.
i have started to "HATE" Micromax, while the phone was a gift to me since i never had a smartphone beside an even worse Micromax a102 on which i learnt about rooting and all that stuff. i still hate the C1. the hate was due to how bad everything software-wise is about the phone, not just the hardware. Since i didn't know about magisk and there is no twrp for this phone i somehow managed to find this leaked Developer ROM from a website called needrom.com (they used to give ROMs for free back then now they charge a subscription) i really liked the developer ROM because it was essentially stock android though since it was unoptimized and slow i did later switched back to the mainstream version which had virus in it. however, after finding out about magisk i had my phone rooted i was able to uninstall all the bloat that i could see on the surface level like the many Micromax and qiku apks that are either bloat or likey virus package deliverers. because of that, my experience was not that bad.
my experience was not that bad up until September of this year 2019. around this time i noticed an app that i never installed called xhelper i did some investigating about it and found out that it was a virus i tried to remove it since it was installed as a user app however it would install itself again later. around this time i learnt that cam scanner a popular document scanning app had Malicious code inside while i don't use such apps due to an emergency i had to use it and left it in my system, once i found out about the virus news i immediately uninstalled it i had uninstalled it prior to finding the xhelper app while using Greenify. this led me to believe that the virus was installed by Cam Scanner. Later on, while i did freeze it, it probably somehow manage to install another app called firewey which began to slow down my phone and show ads to me, and while i did freeze both of these apps and restrict their permissions it didn't help (there was also a 3rd virus app that i forgot its name). after this factory reset my phone a couple of times but it seemed that the virus and sunken too deep into the android system. i even used SP Flash tools to flash a fresh stock ROM but it didn't help (because Micromax had embedded the virus into the stock ROM i wast sure then but i am now), i actually reverted to the developer ROM i had mentioned earlier. which as i expected was free of virus.
however, it couldn't keep up with the load that apps in 2019 given even though i have no social media apps to speak off except whats app and Reddit (if you could even call them social media apps like Instagram, facebooks, tweeter etc). so i gave up on the developer ROM was walked back into the mainstream ROM while the first day was a breeze is nothing of note happened it was only at night that all the virus embedded into the ROM began to emerge, now i was sure that it was the ROM that was at fault since the developer and mainstream rom have different partition configurations they cannot be upgraded to and fro it requires flashing at bootloader level. this time when the virus emerged i was prepared to deal with them i had many apps that would help me quartine and locate these malicious apps like Greenify, Island, App Ops, Icebox, Link2SD, ES Explorer( and Malware bytes help find the last source of the malicious apps). Each of these apps while not mandatory with many alternatives available were a big help in the process of Quarantine and Removal.
As of now, i have my phone rooted with magisk cleaned up, in my opinion, all the malware, bloatware and malicious apps and is working well enough that it is still usable.
Apps that i think are Harmfull, have Malicious code in them or are bloatware
xhelper - com.mufc.firechi - confirmed virus
firewey - com.mufc.firewey - confirmed virus
initiator launcher - com.android.launcher3 - requires unreasonable permissions
File Browser - com.qiku.filebrowser - likely entry point of all virus since it requires too many permissions unreasonably
System Clean - com.android.sc - confirmed virus
Instruction - com.sprd.instruction.MainActivity - suspicious package name and app name, permissions
Patch System - com.android.core.patchsystem - likely entry point serves no real purpose
all Micromax and QIKU apps none of the Micromax Apps are required for the proper functioning of the device and while many of QIKU apps have suspiciously large permission requirement(because they likely spread the virus) they have better alternatives available
a note to all people who may have this device,
this had been a good device hardware-wise from its current price point of 4000 Rs. however most of its software is terrible and even harmfull to the user in case someone wants a cleaned ROM of this phone ( the one that i am using) please write bellow about your concerns and experience with this phone. while there is no way for me to extract the ROM in my Phone i can create a system partition flash image that can be flashed using the fastboot functions to allow a clean android experience.
Hi,.. I am feeling bad and worse about this phone when I realized ,... the users of Micromax mobile are having the same problem. I am trying to uninstall and many things many times. all are helpless. I many times get angry and wanted to throw this mobile away. 3 weeks of time,.. I wasted my times to solve the problem ... to kill Xhelper and Firewey. It seems dangerous and insecure device to me. I should never buy this mobile from India.
thanapon.thailand said:
Hi,.. I am feeling bad and worse about this phone when I realized ,... the users of Micromax mobile are having the same problem. I am trying to uninstall and many things many times. all are helpless. I many times get angry and wanted to throw this mobile away. 3 weeks of time,.. I wasted my times to solve the problem ... to kill Xhelper and Firewey. It seems dangerous and insecure device to me. I should never buy this mobile from India.
Click to expand...
Click to collapse
I understand how hard can it be to get stuck with such a phone and not be able to do anything about it. it's even worse when its the only phone you have and then you get into a boot loop trying to fix the problems of the said device. one of my worst experiences with this phone is of soft bricking it while i was trying to get rid of the virus, having to wipe all user data then realizing that the 4.12 gb backup of user data is corrupted as well as my google drive backup of whats app. it turns out that my 4.12gb of user data backup that i directly made on phone got corrupted since fat32 systems cant handle more than 4gb file sizes. i concluded this was the issue since the backup was supposed to be of 4.12 GB but it was exact 4.00 GB
mx
jumbofreak said:
Do you know if the mainstream with xhelp/firewey on it still available somewhere for me to download, i have another brand with similar problem i want to check. Could you please provide link . Also, if you know could you tell me where this phone was bought and did you see ad pop ups after installing something or started on its own ?
Click to expand...
Click to collapse
I still have the xhelper or firewey titanium apps backups if that is what you were asking for. This phone was bought in Maharastra, India from an authorised dealer. the ad pop-ups started appearing on its own and even after wiping the ROM and installing the stock ROM fresh the help and firewey apks were installed automatically within half a day as long as there was an internet connection available and once the firewey app is installed the pop-ups start as well. though i should also mention that in this particular model there is also a system app called software update that also shows notification ads but is easily uninstallable with no repercussions
manav907 said:
I still have the xhelper or firewey titanium apps backups if that is what you were asking for. This phone was bought in Maharastra, India from an authorised dealer. the ad pop-ups started appearing on its own and even after wiping the ROM and installing the stock ROM fresh the help and firewey apks were installed automatically within half a day as long as there was an internet connection available and once the firewey app is installed the pop-ups start as well. though i should also mention that in this particular model there is also a system app called software update that also shows notification ads but is easily uninstallable with no repercussions
Click to expand...
Click to collapse
zz

Categories

Resources