It can be an interesting read!
Hi everyone! Do you use Avast Anti-Theft? ...
I have a problem and I'd like to check for possible reasons. Please help me!
I hope someone can send me the apk for Motorola Services (com.motorola.blur.service.blur.apk),
in a list of stock Razr i system apks the one for Motorola Services is called CCE.apk. (for stock Razr i ICS)
I think I need that app cause since it's gone Avast Anti Theft commands sent from the Avast site are not working,
the phone doesn't receive the commands. Sms commands sent to the phone do work.
I wanted to freeze these apps but forgot it and uninstalled them :/ These: (com.motorola.)atcmdlauncher.apk,
atcmdplugin.epu.apk, atcmdplugin.apk, atcmd.apk, atCommandService, AtProxy, BrowserMessage,
omadrm.apk, modempanicreporter.apk, meter.wisl.apk, smspush, DeviceStatistics, ModemStats,
OMAclienteprovisioning, OMAdownload, and others different other days.
Do you think this problem can be because of the lack of some of those apps?
If so, although I can't be exact, the last location hour reported in the avast anti theft maps is near the time I was
playing with my device. Which one can be the problem? Although, as of now with 5 days with this problem the location,
batery state and some configuration changes have been updated some times, but the Commands [still] don't work.
Everything else is working fine (wifi, 3G, Play Store, G+, online Gameloft games, maps, browser, etc).
And what is weird is that backups for all those apps are not working. The one for Motorola Services
shows only some kb of size (unusable). And other bad thing is that even if I restore the other missing apps they don't stick
and don't work, they're gone after reboot. :/ How to restore them?
I hope you guys can help me get back those apps so I can see if that's the problem.
Another reason can be: I was annoyed by the several Google Services (Google Play Services app) processes
running all the time. So I used ROM Toolbox's Advanced Freeze feature and unchecked to disable some of them.
It was all good for some days ("got rid" of them) untill I noticed my location in the Anti-theft maps wasn't updating... it all begun.
I had disabled Google Cloud Messaging (GCM.service) without knowing it (+ others) u.u But, I really think everything
else was working fine, though (even with GCM disabled o,o).
I noticed this because Avast site reported something like "GCM service is disabled in your device. Communication is not possible.
You'll be notified when it's back" when I tried to send commands. So I restored all of those processes to normal state.
Like 2 days after that Avast reported GCM was online again. I thought everything was Ok now, but no! Still the problem persists.
What I don't know if it's a problem caused by me or it's a default state is: When I check out Google Play Services in the running
processes view of ROM Toolbox app, then enter the Advanced Freeze view, the receivers "icing.impl.PowerConnectedReceiver"
and "mdm.ConnectivityReceiver" are disabled. I check their boxes to enable them, but after rebooting they are disabled again.
I'd like you guys check what is the state of these receivers in your Razr i, please. So I can know
To finish up, I, also, recommend Avast antivirus, if wanted it can be uninstalled after its Anti Theft feature is installed. I don't know how
hack proof it can be, but it can be very, very useful, specially because of the several remote commands it has. Try it n.n
I'm going to purchase the premium service after I get this problem solved. I have already sent my help
request to Avast on saturday. I'm waiting working days to get a reply.
Thanks for your kind help!
- L.
Solved!
Problem solved!
The problem was my router's firewall, it was miss-behaving. Ha
I disabled the Firewall and the device started to receive the web commans again n.n
I'm glad to know those System apps I deleted are not needed at all in the end. (But GCM (a.k.a. C2DM) do is needed for several tasks, of course)
Thanks for reading!
- L.
Hello, dear XDA users.
Yesterday morning (08/04/2016) I have tested some applications from the PlayStore.
Now I have the following problem: After some time (usually shortly after unlock) pops up a graph. This can only be removed by clicking and starts (originally) the PlayStore. Meanwhile it tries to launch a browser, which you can then cancel. This one I should install (https://play.google.com/store/apps/details?id=com.quick.clean).
Well I tried to track down the malicious software. But the virus scanner offered can not really help here. Supposedly there is a PUA - a Potentially Unwanted App. (Android Ewind (Adware)
First, the file is: Search Service Version 2:00:51 my Oukitel K6000 be infested per Sophos can not remove and it seems in reality an original app from Oukitel to be..
Trend Micro means, it was up to "Calls Blacklist Pro" which I use without problems for years. Here also comes the Note: PUA - AndroidOS_SMsreg.AXBCB.
Can anyone tell what I've captured me as me?
How do I get rid of the back?
What apps can plant something?
Thank you in advance.
Your Dr-Kimble
Ok this can sound nooby but have you checked under settings>apps (all, running and downloaded section) for some apps that you downloaded on that day. Try uninstalling them if they are present. Many apps ask you to make them device administrator and refuse to uninstall. Check under Settings>security>device administrators for apps that shouldn't be given this much privilege (android device manager, greenify etc. are fine but a live wallpaper or a game is not). Check Settings>accessibility. Under services section, uncheck any suspicious apps (you can disable all of them, then enable them one by one to detect which is causing it).
And for the last, if you have developer settings turned on you can check process stats too.
Broadcasted from Zeta Reticuli
I have found and delete: http://forum.xda-developers.com/showpost.php?p=68056047&postcount=105
Idol 4 6055u hidden update last week and File Manager is now like a 'Clean Master' clone with all the clean-your-phone and boost-your-phone notifications spam. And since there's no way to root it the app is not removable.
Anyone had any luck stabbing this one to death?
Sucks right? Mentioned it in a thread I made a few weeks back:
https://forum.xda-developers.com/idol-4s/help/alcatel-phone-t3634870
If possible, uninstalling updates or disabling the app should revert the app to its pre-spam state. If not, disabling the apps and using a less invasive file manager app is an option.
Alternatively a factory reset will return all system apps to their pre-spammy state if I recall correctly. From there, you can just avoid updating that individual app.
macallik said:
Sucks right? Mentioned it in a thread I made a few weeks back:
https://forum.xda-developers.com/idol-4s/help/alcatel-phone-t3634870
If possible, uninstalling updates or disabling the app should revert the app to its pre-spam state. If not, disabling the apps and using a less invasive file manager app is an option.
Alternatively a factory reset will return all system apps to their pre-spammy state if I recall correctly. From there, you can just avoid updating that individual app.
Click to expand...
Click to collapse
Unfortunately you can't disable the app, even though it appears you can under dev options (tried that, it just updates itself in the background again). Have tried uninstalling (updates) but it updates itself again and the spam reappears. It also places a perma-notification (can't slide off) at the top of the notifications.
BUT: The latest update to File Manager allows you to turn off notifications. Problem solved.
NOTE: You do have to give permissions for storage before you can get into the settings that allow turning off notifications/shortcuts.
This is well-known problem, ads presents in all latest preinstalled Acatel's apps updates: File Manager, Sound Recorder, Weather, Launcher and others. All of them puts notifications with spam-news and in some cases tries to change default homepage of Google Chrome browser. To prevent this need to do the following things:
1. Uninstall all updates of these apps to revert it to stock-state.
2. Deny auto update of these apps in Google Play.
3. Deny auto update of system apps in standart Update application.
DeckerSU said:
This is well-known problem, ads presents in all latest preinstalled Acatel's apps updates: File Manager, Sound Recorder, Weather, Launcher and others. All of them puts notifications with spam-news and in some cases tries to change default homepage of Google Chrome browser. To prevent this need to do the following things:
1. Uninstall all updates of these apps to revert it to stock-state.
2. Deny auto update of these apps in Google Play.
3. Deny auto update of system apps in standart Update application.
Click to expand...
Click to collapse
Thanks, following these steps I think I got them tamed. Not all the apps show up in Google Play but disabling auto-update in 'Updates' (Alcatel's version) should take care of those...
yosemite610 said:
Thanks, following these steps I think I got them tamed. Not all the apps show up in Google Play but disabling auto-update in 'Updates' (Alcatel's version) should take care of those...
Click to expand...
Click to collapse
Several of Alcatel's Apps updates throught Google Play and other via Updates app. For example, sound recorder updates via Google Play. If it's already updated - just remove updates and Google Play app for Sound Recorder and forbid / deny future updates. In 'Updates' need to forbid updates of system apps too. I already done all of this steps for each preinstalled app which tries to update - all fine. There is no any unwanted push notifications.
Rip ._. I hate this phone so much.
They are pathetic. Updating all apps and adding ads to them.
DeckerSU said:
Several of Alcatel's Apps updates throught Google Play and other via Updates app. For example, sound recorder updates via Google Play. If it's already updated - just remove updates and Google Play app for Sound Recorder and forbid / deny future updates. In 'Updates' need to forbid updates of system apps too. I already done all of this steps for each preinstalled app which tries to update - all fine. There is no any unwanted push notifications.
Click to expand...
Click to collapse
Thanks for the tips and detailed info @DeckerSU. I had begun to prepare to unlock, root, and flash a custom ROM due to this adware and push notification nonsense. Up until the recent app updates, I had truly enjoyed the clean, stock android UI experience on my idol3 ... now I can relax again, the aggravation of those push notifications is gone!
DeckerSU said:
This is well-known problem, ads presents in all latest preinstalled Acatel's apps updates: File Manager, Sound Recorder, Weather, Launcher and others. All of them puts notifications with spam-news and in some cases tries to change default homepage of Google Chrome browser. To prevent this need to do the following things:
1. Uninstall all updates of these apps to revert it to stock-state.
2. Deny auto update of these apps in Google Play.
3. Deny auto update of system apps in standart Update application.
Click to expand...
Click to collapse
thank you, I hadn't thought of step 3
I signed in just to thank you
edit: just realized this thread is for idol 4s, but it applied to my idol 3..
I didn't realize this is a problem on later phones.. so messed up
Very bad, all those spamming programs on a phone we paid for. They beter come out with a recent
Android update. Its a Shame for the alcatel brand.
DeckerSU said:
This is well-known problem, ads presents in all latest preinstalled Acatel's apps updates: File Manager, Sound Recorder, Weather, Launcher and others. All of them puts notifications with spam-news and in some cases tries to change default homepage of Google Chrome browser. To prevent this need to do the following things:
1. Uninstall all updates of these apps to revert it to stock-state.
2. Deny auto update of these apps in Google Play.
3. Deny auto update of system apps in standart Update application.
Click to expand...
Click to collapse
Thanks for the tips! I was starting to think I would have to root the device... Very dissapointing to see this kind of behaviour from Alcatel
Cheers
It may be worse than you think!
It's bad enough for a SYSTEM app to be serving up potentially malicious advertising that could Pwn your device, but it ventures deep into dark waters if that SYSTEM app has the Facebook "Graph" API inside of it that could allow a developer (or in this case your Chinese phone manufacturer) to use your Facebook access token to pillage through your Facebook account and look through your photos, tags, pages visited, URL's, or even create Facebook posts or messages on your behalf!
Sound crazy?
Take a look at the Facebook "Graph" developer site for yourself:
https://developers.facebook.com/docs/graph-api/using-graph-api/
And if someone was familiar with some open source tools that could allow them to look inside an Android app:
https://github.com/iBotPeaches/Apktool
https://github.com/pxb1988/dex2jar
https://github.com/sreenivasmula/JDGUI
http://www.7-zip.org/download.html
That person might look to see if the app has the Facebook Graph API inside of it:
https://play.google.com/store/apps/details?id=com.jrdcom.filemanager&hl=en
Any one have a custom rom? Like Lineage or CM or AOSP any other one except the crapy stock rom?
Not good enough!
I no longer trust ANYTHING that is installed on my Alcatel device after the recent adware/spyware "upgrades"!
I installed TWRP and the (unofficial) Lineage ROM until I get a different phone all together.
https://forum.xda-developers.com/id...ficial-lineageos-14-1-idol36045x-5-5-t3615700
I will NEVER purchase another Alcatel device as long as I live and I will advise all my friends and family and anyone else that will listen to avoid Alcatel as well.
I also suggest that anyone with a stock Alcatel device not to use any "widgets" that create shortcuts that may use your access tokens for Facebook and/or Twitter until we know what is going on.
The Facebook Graph API on a native app has a greater access level than a web application and the token(s) don't expire for 60 days and can be extended.
I advise people to avoid logging in to apps or websites with their social media and/or Google credentials and to change your passwords and set up 2 factor authentication and remove any apps associated with your social media accounts.
Wtf
yosemite610 said:
Idol 4 6055u hidden update last week and File Manager is now like a 'Clean Master' clone with all the clean-your-phone and boost-your-phone notifications spam. And since there's no way to root it the app is not removable.
Anyone had any luck stabbing this one to death?
Click to expand...
Click to collapse
That update is from google play store! Not from alcatel.... Uninstall updates and don't let google play do whatever it wants in your phone!
That update is from google play store! Not from alcatel....
Click to expand...
Click to collapse
The update may have come the Google Play Store but is every bit Alcatel!
The "boost" function comes from TCL (Alcatel) owned Hawk app's "Super Cleaner" and the antivirus function comes from Hawk's Hi Security app that uses McAfee technology.
http://www.ehawk.com/en/
Can you help me to unlock a sharp phone?
DeckerSU said:
This is well-known problem, ads presents in all latest preinstalled Acatel's apps updates: File Manager, Sound Recorder, Weather, Launcher and others. All of them puts notifications with spam-news and in some cases tries to change default homepage of Google Chrome browser. To prevent this need to do the following things:
1. Uninstall all updates of these apps to revert it to stock-state.
2. Deny auto update of these apps in Google Play.
3. Deny auto update of system apps in standart Update application.
Click to expand...
Click to collapse
Can you help me to unlock a sharp phone?
I have the modem.elf file.
Following the advice on this thread, I was able to revert to the old versions of these apps back in October, and my phone stayed usable from then until about 2 weeks ago. Suddenly, the "updates" installed themselves (as part of a "critical system update" that I was notified my phone needed, and now, I don't have the option to uninstall the updates (or rather, it uninstalls to another spammy, bloatware version, not to the factory original).
Any ideas on what I can do now? Or is it time to throw this phone in the trash, and get one from a company that doesn't do this?
critical system update
Following the advice on this thread, I was able to revert to the old versions of these apps back in October, and my phone stayed usable from then until about 2 weeks ago. Suddenly, the "updates" installed themselves (as part of a "critical system update" that I was notified my phone needed, and now, I don't have the option to uninstall the updates (or rather, it uninstalls to another spammy, bloatware version, not to the factory original).
Click to expand...
Click to collapse
You have got to be kidding me!
Now Alcatel and McAfee are tricking users into installing their adware/spyware through the use of fake "critical update" patches?
I think it is high time to do a complete breakdown/inspection of the app and do a full public disclosure.
It isn't surprising that Alcatel would infect a users phone with adware/spyware but for a so-called "security" company like McAfee to be involved is both frightening and disturbing.
hello with the new way of these phones andriod and others plus spyware .im wondering how do i know what apps samsung etc are spying on my phone maybe uploading my numbers and other infor without me knowing any of you guys got any idea whats the best way to stop it. tbh i hate even google assist even turning on by itself even when i diable it
Hello, first of all, please write in easily readable sentences, that way more people are going to help you.
Second, it is important to be and stay suspicious of the software you use, especially with android. But you shouldn't be worried too much as most of the data that is sent from your phone isn't sent with "evil intentions" or anything like that, it is often rather aggressive diagnostics.
Warning! The following paragraphs are filled with very radical means of removing suspected spyware! Almost all of these require root and knowledge in modding your Android! Beware!
As to how you can spot "spyware" or suspected spyware, there isn't one easy way.
First of all, you could use a custom ROM, so that your system is more open source and there isn't any suspected spyware (or any "ware" at all) from Samsung.
To go one step further, you could try to live without Google services:
Use a different search engine, for example DuckDuckGo or any other really
Use Firefox or any non-Chromium browser
Instead of using opengapps to install Google Play Services (when you install a custom ROM) you could use the replacement project "microG" (microg.org).
Get as many apps as you can from Open source app stores (F-Droid)
Don't use the official Play Store unless you really have to - it is a power hungry data collecting app (that can theoretically install any app without asking, just like the Google Play Services or any other /system/priv-app app with proper permissions) - Alternative for installing Play Store apps: Aurora Store
Replace Google Maps with OpenStreetMap (OSMand)
Use a anonymous YouTube client, for example NewPipe
etc.
These are of course only suggestions, I don't recommend doing them all at once, but if you really don't want any unnecessary data sent from your phone, these are the first steps.
For actually seeing which apps send what data you could either analyze the app bytecode with App Warden or look at all detailed permissions with AppOpsX.
Methods to neutralize spyware are rejecting the permission for the app to use internet access or even run in the background, disabling the suspected app or removing it with system app removers.
Be very careful with actually disabling or removing system apps! Many system apps are needed for the system to work and one can easily misjudge an app by its description and diagnostics! Before disabling an app you should research whether anyone else knows anything about the app and only remove it if you are really sure about it. You have been warned.
The Google Play Store (and F-Droid) used to have a possibility to review the app permissions before an installation of an app. I used this regularly to check whether the permissions were reasonable for the task the app was designed for, e.g. a weather app which requests permissions for camera and contacts is quite suspicious.
However, when I look now in the Google Play Store, I do not see anymore the possibility to check the app permissions. I also didn't find any useful information in the internet why this has changed.
Does anybody know how I can check the required permissions before installation now?
Yeah, this is a Google nightmare that no one is talking about. I downloaded Aurora Store and use that to check permissions before downloading now. No login needed and it has a tab that lists apps with updates. But, it does not indicate which permissions are New, they are all listed though.
This is so frustrating. I used this feature to review my kids apps before letting them install. Now I have to see which permissions it asks for after installing it. After it has the opportunity to download unprotected data, which is a lot.
Google's anticonsumer behavior is getting worse and worse.