I apologize for my English, I'm Brazilian, and they told me to go to XDA to solve my problem.
In this case, I'm using Google Translate.
Hello, I have an S4 Mini, which is behaving in a very strange way and I already tried to make the two solutions that I found, that would be to put the Stock Rom, and the Hard Reset but that did not solve.
The symptoms I have noticed in him so far are:
1 - Battery behaves strangely (Sometimes I turn on and off the battery comes back with another charge). And it gets very fast when I'm using it. But the battery is new.
Android takes actions alone, for example, it is 0% I connect it, it unlocks the screen alone, and opens the native browser the "Internet", and goes to a page that is like a map, and starts to Write random things, like, McFWjham; KAMV.
3- The use of data has remained high when it is active.
4- Sometimes when it is working normally, it opens native programs for no reason, the most common is the "Internet".
So I do not know what else to do, the cell phone is very well preserved, no visible problems, no crumple of drops, the problem is just in time to use kkk. Help me pls.
#Edit :The screen when active uses 40% to 50% of the battery according to Android.
The "Android System" occasionally gets to spend 60% of the battery.
When the battery is locked it tends to remain, but when I use the smartphone, the battery tends to decrease with the second ones very fast.
The battery is new.
Please help me T.T
Luan532 said:
I apologize for my English, I'm Brazilian, and they told me to go to XDA to solve my problem.
In this case, I'm using Google Translate.
Hello, I have an S4 Mini, which is behaving in a very strange way and I already tried to make the two solutions that I found, that would be to put the Stock Rom, and the Hard Reset but that did not solve.
The symptoms I have noticed in him so far are:
1 - Battery behaves strangely (Sometimes I turn on and off the battery comes back with another charge). And it gets very fast when I'm using it. But the battery is new.
Android takes actions alone, for example, it is 0% I connect it, it unlocks the screen alone, and opens the native browser the "Internet", and goes to a page that is like a map, and starts to Write random things, like, McFWjham; KAMV.
3- The use of data has remained high when it is active.
4- Sometimes when it is working normally, it opens native programs for no reason, the most common is the "Internet".
So I do not know what else to do, the cell phone is very well preserved, no visible problems, no crumple of drops, the problem is just in time to use kkk. Help me pls.
#Edit :The screen when active uses 40% to 50% of the battery according to Android.
The "Android System" occasionally gets to spend 60% of the battery.
When the battery is locked it tends to remain, but when I use the smartphone, the battery tends to decrease with the second ones very fast.
The battery is new.
Please help me T.T
Click to expand...
Click to collapse
Sounds like you have a malware infection (though can't be 100% sure) maybe adware, I would guess. Factory reset should have fixed it and reinstall stock rom would definitely fix it even if malware rooted your phone. So that means there is an easy way for reinfect to happen.
Reinfection can happen many ways eg via bad app, through your google account, cloud storage, wifi, other network you have joined etc. Unfortunately it can be very hard to stop if you don't know how it's happening.
1st lets assume it's a bad app you installed, try run a good antivirus like Avast, does it show malware? Clean anything it finds. If you are lucky it will only be adware app that you reinstalled yourself after the new rom, once removed you will be OK and phone clean. But if it comes back by itself then it will take more work to find how it happens.
[Note: You can also boot phone into safe mode which will only allow system apps to run, it is a way to test if it is a bad 3rd party app, is the problem stopped now 3rd party apps can't run?. (though if your phone has been rooted by malware and bad app installed as system app, then bad app will still run). If you think it might have been rooted, download a root checker app to test]
Change the software.
IronRoo said:
Sounds like you have a malware infection (though can't be 100% sure) maybe adware, I would guess. Factory reset should have fixed it and reinstall stock rom would definitely fix it even if malware rooted your phone. So that means there is an easy way for reinfect to happen.
Reinfection can happen many ways eg via bad app, through your google account, cloud storage, wifi, other network you have joined etc. Unfortunately it can be very hard to stop if you don't know how it's happening.
1st lets assume it's a bad app you installed, try run a good antivirus like Avast, does it show malware? Clean anything it finds. If you are lucky it will only be adware app that you reinstalled yourself after the new rom, once removed you will be OK and phone clean. But if it comes back by itself then it will take more work to find how it happens.
[Note: You can also boot phone into safe mode which will only allow system apps to run, it is a way to test if it is a bad 3rd party app, is the problem stopped now 3rd party apps can't run?. (though if your phone has been rooted by malware and bad app installed as system app, then bad app will still run). If you think it might have been rooted, download a root checker app to test]
Click to expand...
Click to collapse
I have avast installed, and cleaned, but not changed at all.
My device was already rooted by me, when I gave the hard reset and soon after the exchange of the rom stock, the root was undone,
I installed Root Checker and it said root was not properly installed.
And as for the security mode, I turned the phone on in safe mode, and when the screen was unlocked, it automatically opened the "internet" browser, on the same page as always.
What should I do?
Luan532 said:
I have avast installed, and cleaned, but not changed at all.
My device was already rooted by me, when I gave the hard reset and soon after the exchange of the rom stock, the root was undone,
I installed Root Checker and it said root was not properly installed.
And as for the security mode, I turned the phone on in safe mode, and when the screen was unlocked, it automatically opened the "internet" browser, on the same page as always.
What should I do?
Click to expand...
Click to collapse
ummm .... I was expecting it was just going to be a bad app serving ads, this is going to be hard
OK, that should rule out 3rd party apps (assuming you have avast set to find all PUP/PUA, etc & nothing white listed) but not finding anything may mean malware is embeded in ROM or malware was able to open port on your system but then uninstall itself or just that there is a line of code that points browser to a server that is serving adware so antivirus is not finding it. Some malware is able to hide from anti virus software in different ways. Try this app, it is not true antivirus, you run it manually, don't worry if one or two antivirus companies like white armour identify malware, they do often even on clean phone.
https://play.google.com/store/apps/details?id=com.funnycat.virustotal
You can also submit any unknown app to virus total white this app for testing. Also you must submit the bad url your browser is connecting to for testing, this will help it spread to all anti virus database.
Good news is you do not appear to be rooted. But the ROM you flashed may still be bad. Where did you get the stock ROM you flashed? I would only use a trusted source like sammobile.com/ but even that is no guarantee. You could try flash another ROM, though as this happened on previous ROM it's probably a good ROM, unless you are getting all your ROM from same site that is not well known as trusted.
So that would suggest they are able to get easy access to your phone either via your google account, cloud service, local network at home/work/public, or through your modem/router.
Check your local network doesn't have a neighbour or other unknown device connected with this app Fing
https://play.google.com/store/apps/details?id=com.overlook.android.fing
Of course even if you recognise all devices that doesn't mean your brothers etc phone is not the source.
Do the same with other networks you have access to.. Talk to work, any one else infected? Change you password. If using public wifi always use a vpn.
Likely source is your modem/router, Log into your modem router check for updates for it, (if old and not supported you may need a new one), update or if latest firmware do a factory reset, now reboot and use a new password (do this at the same time you reset ALL your passwords, or you might just allow them to find new passwords and reinfect you)
Check your goggle account does not have someone else set for account recovery and/or two factor authentication. (set it up if not already on) Change password and ALSO change password on any other recovery account (write them down )
do the same for cloud storage, and scan storage for virus if possible eg dropbox local folder on pc. Unlink cloud storage from mobile until you are clean to block this route of reinfection.
Update any other device software & change passwords eg xbox, printers etc
I think there's something I'm forgetting
Now reflash stock ROM ( I would also suggest then flashing an up to date custom ROM with most recent security patches)
Things you can do that may help temporarily .....
Install a firewall app like netguard and block internet access to browser, through may not work as root etc is open by default. Oh yes, that reminds me of one thing I forgot, check your DNS has not been hijacked, netguard shows dns url in settings, change if you cannot find who dns server your phone is using, use google 8.8.8.8 & 8.8.4.4 if you don't know what to set.
Use an app like Link2SD, Titanium Pro to freeze apps, but you will need root for this.
It's a lot of work (& I think there is something I am forgetting), you may get away with just factory resetting your modem or something as it appears to just be adware so they probably don't have access to your accounts etc, but I tried to cover everything.
Hope I'm making sense through goggle translate!
Phone with mind of its own may not be hacked or haunted. It can in fact happen when it's exposed to moisture or water. Try putting the phone in a bag of rice for several hours, this will draw out all moisture. Hairdrayer may damage electronics because overheating.
If hacked, I would do following steps:
- modem update with odin (manuals search XDA)
- update latest TWRP (dito on XDA)
- start phone in Recovery mode and wipe everything, also Format Data on SD and external SD. Simple Factory reset my not delete it (use Advaced wipe)
- Install LOS14.1 from arco (check compatibility first, other version available for double SIM) It comes with latest security patches.
- Install Open GApps nano or pico. Install other Gapps later if you need.
- start phone, skip setting for WLan to see if everything works without Network.
Does it work? ...then an open WLan could be hacked, try a secure first or mobile network.
Good luck
Hello guys!
The battery drop problem is a common failure with this i9195 phone. I did a research but you have to help me as well by providing IMEI S/N (located under the battery) in PM to me!
New battery doesn't helps!
My current research: If your phone made in Vietnam in the 1-line ~2013, then you will have a dead motherboard soon, before that battery issue is occuring.
So please give me your details and I will look after it.
Do anyone know when they stopped producing i9195 and i9195i ? I need to buy the latest version, because my i9195 was made in 2013 and have that battery drain issue even with new batteries...
Thanks.
I have the Verizon version of the Moto Z2 Play, which no one has figured out how to root. About every four months or so, the internal memory gets so low that I have to perform a factory reset, then reinstall all of my apps. Google Backup does not back up everything, so I have to spend five hours or so getting everything reconfigured. I assume that this steady dwindling of storage is due to accumulated log files. Does anyone know a quicker way to clear these logs on an unrooted phone? The cleanup utilities I have tried, such as AVG Cleanup, don't resolve this issue.
Sent from my XT1710-02 using Tapatalk
Well, first of all it's plain impossible to root a Verizon device if you can't figure out a way to guess the unlock code. The times that Android itself could be rooted without something like an unlocked bootloader are long ago and methods through download modes are too difficult.
Second of all, as long as you didn't enable some very Experimental debugging feature in developer settings it's impossible that log files could clogg your memory, at least if you don't use to have your memory up to 99% full to begin with.
So either you have some app that downloads a huge amount of data that you are not aware of or some some app is going crazy in the background (since a full storage would only be something that you will notice when you get according notifications).
So you first of all have to figure out what actually bugs down your devices performance.
Disabled anything you might have enabled on developer options
Monitor apps RAM usage from dev options -> memory and running services. I know people always say unused RAM is wasted RAM, but what that small minded view leaves out of that you can find apps going crazy when they use a huge/unusual amount of RAM
See if you can find out how much memory is used by what data. Even though the systems view is broken on pretty much any Moto ROM, there should be Apps that are able to display that.
Find apps wasting battery with apps like GSam battery monitor, another way to find apps and process going crazy
Keep in mind you might have a hardware issue. If you have faulty memory it's possible you won't be able to fix it. That can only be fixed by formatting partitions to detect and disable faulty flash cells. I'm not sure if factory reset can do that and what you can achieve with stock recovery mode
So, since I've got this over monster I've had a shocking number of issues. From sudden influx of crap followers online, people sending photos of some of those little people some people keep as pets.
But, it was probably a month in kept getting restarts that left my wall paper different, noticed key guard was in the running processes and Samsung wasn't able to give me much info at all.
Frequently my antivirus Would randomly flag some huge archive that would appear in Google vending folder and for some reason my weather app for my gear fit updated EVERYDAY
Today a series of unfortunate events and my phone did a factory reset shortly after a drop. I actually find that interesting because I don't know the drop or one of my...well call them gremlins. (Let's face it most of things i have attributed are probably just me going into PTSD blah blah blah... )
But today Turn process I did streamline to get Nic cards logging up and go and build to set up a good firewall get ad blockers going but I wanted to see what happened. And I go my weather app eventually.
And for some reason over in reddit they tend to think permissions like this are normal (I know Samsung's calculator is more than a calculator but mine once had almost every permission with about 800MB storage taken up.
So, This weather app seemed a little abnormal look up the IP address, looked up the company and, I looked furlough their partners for Samsung and Knox (didnt Find the one)
Just a quick assumption;
This module has the Hotspot 2.0 and REALLY likes its certificates. I noticed the option to share Your Wi-Fi with someone is always default toggle on.
If you scroll through the websites what we do you see that they are very proud that they have the edge one of the largest threat assessments for everybody when hop away from 1 of their servers , how many of them there are etc. And I Have this feeling that my device is actually just a nice little go between allowing others access to the internet while gathering their data points.
I can't actually post links but if you do their site plus this thing takes you right to the talk about their platform. Gove the data that goes through phones, that is good for anything from Cambridge analytica code level stealing countries to just figuring out how stable and great 5G is
/us/en/
what-we-do/intelligent-platform
I've seen the Address actually go by in my primary bp and add blocker but that 1 doesn't give me per app metrics so not sure what else goes to them.
Also, suddenly I think I know at least partially why they don't want flashed ROMS(?), at least yet.
I'd actually really like to know if anyone else, specifically related to 5G sees these also. Given the timing of that release device and anal FMRi weather app there. And for some reason even though I use a little cheaper company gives me unlimited data they have swapped my network several times between bigger company the smaller company. Its same towers and stuff usually so no big deal but, doesn't normally do that. (Have noticed that actually from the Galaxy store I see that quite often, but the "same" download from play store different version number less permissions)
(By the way hello this is the 1st device actually looking to rooting, prior the risk of that access to someone else was too much. Thanks for letting me join the community, I do hope I catch on quick ans don't drive any one too crazy)
(I tried to add in pictures of the weather app permissions and everything but can't post pictures either)
A drop shouldn't cause a factory reset... if it was caused by software you have an apk(s) that are trashware.
A 3rd party launcher put mine in a boot loop... twice.
If you did a recent firmware update it may have corrupted that load, reload as you did.
A virus or trojan are suspect as well. Run Malwarebytes and Trojan scanner. Some malware may not always be detected.
If you suspect a virus after a reload be careful what you load and bring into the system including the on SD card and any backups. Start with the base load and add only apps from Playstore at first. Go from there if it runs ok. Be wary of updates, one at a time, look for issues as you progress.
Same with backup data... if it's there you'll need to isolate it or dump all the data.
Use a package disabler like PD MDM to block bloatware from running and to troubleshoot.
blackhawk said:
A 3rd party launcher put mine in a boot loop... twice.
If you did a recent firmware update it may have corrupted that load, reload as you did.
Click to expand...
Click to collapse
I was worried so, as I'd never seen it i just know these things actually include that hardware backed encryption. I had worries that I had knocked that loose and might have issues with it later. (Accelerometer is off bit it seems now)
I can say likely:
1. Third party lock screen with data wipe. Not highly reviewed but was but trashy. May have accidently in the tussle woke the screen with motion and performed a wipe.
2. Package disabled. I play with what I can get away with disabling. Some Knox stuff is bit touchy.
3. I'd managed to start process of adding a second secure folder on a secondary profile. It hadn't like it but stayed working.
Or combo 2 & 3 but lock screen most likely I'd say
HungryRobotics said:
I was worried so, as I'd never seen it i just know these things actually include that hardware backed encryption. I had worries that I had knocked that loose and might have issues with it later. (Accelerometer is off bit it seems now)
I can say likely:
1. Third party lock screen with data wipe. Not highly reviewed but was but trashy. May have accidently in the tussle woke the screen with motion and performed a wipe.
2. Package disabled. I play with what I can get away with disabling. Some Knox stuff is bit touchy.
3. I'd managed to start process of adding a second secure folder on a secondary profile. It hadn't like it but stayed working.
Or combo 2 & 3 but lock screen most likely I'd say
Click to expand...
Click to collapse
Get a good case like the Bolt. High G impacts can cause internal damage but usually not especially if in a case.
I don't use secure folder, encryption or any screen lock especially 3rd party. Any apk you give administrator rights to lock the phone can effectively trash your OS load in a heartbeat.
Have had passwords get corrupted (rare) before and gotten totally locked out on a laptop bios.
That machine is now useless.
On Androids you can reload to recover if all else fails but a reload takes a lot of work...
My girlfriend can see everything I do on my phone, even listen in to my surroundings and spy on me with my camera. I've looked at all the running processes and I can't find the malware. Any advice besides a system reset? Thanks
She's probably just has your password mate. Change it or factory reset your device. If that doesn't work find a new gf.
tycox93 said:
She's probably just has your password mate. Change it or factory reset your device. If that doesn't work find a new gf.
Click to expand...
Click to collapse
Believe me it's not just the password. She's installed some kind of parental Spyware like MSpy
If you're sure that's what she has done, and not just a bit paranoid, then you should be able to find it if you got into safe mode. At least I believe so.
tycox93 said:
If you're sure that's what she has done, and not just a bit paranoid, then you should be able to find it if you got into safe mode. At least I believe so.
Click to expand...
Click to collapse
I'm 100% convinced that's what she's done but I'm not that tech savvy when it comes to phones so I'm not sure which processes are part of the Android OS and which processes are the spy app.
Ditch gf.
Factory reset, will purge anything she loaded. The bootloader is locked so the only thing she could hack is the user data partition, a factory reset clears this.
Delete Google and Samsung accounts in settings>factory reset from settings not recovery menu>don't set up your Google account initially>change Google and Samsung account passwords on another computer (PC or Mac), write down passwords and make them complicated, setup the Google account on phone then.
It is clean. Be careful what you then load and who you give access to your phone if anyone.
I had a phone bought on eBay which I think it was cloned
It was the Xiaomi mi mix fold 2. I kept sending me messages please close the screen mirroring ect..I tried to reset it but nothing worked. Someone cracked the ROM in my opinion. eBay refunded me in full. I think you shall better buy a new phone
If you're paranoid:
reset your computer without a network connection.
reset your phone and don't connect to wifi yet.
reset your home wifi modem/router
connect your devices and use a strong password.
After this only a specialist can hack you.
simrag said:
I had a phone bought on eBay which I think it was cloned
It was the Xiaomi mi mix fold 2. I kept sending me messages please close the screen mirroring ect..I tried to reset it but nothing worked. Someone cracked the ROM in my opinion. eBay refunded me in full. I think you shall better buy a new phone
Click to expand...
Click to collapse
No reason to replace the phone if it's a stock Samsung and it factory resets. As long as Knox isn't tripped it's still running with a stock rom and bootloader that haven't been altered and are still secure.
Odinsinces3 said:
If you're paranoid:
reset your computer without a network connection.
reset your phone and don't connect to wifi yet.
reset your home wifi modem/router
connect your devices and use a strong password.
After this only a specialist can hack you.
Click to expand...
Click to collapse
After reset it can't be accessed until account info is entered. My solution bypasses that entirely.
If he factory resets from recovery without first deleting Google and maybe Samsung accounts from the phone he may get locked out by FRP!
FPR is more wicked than any bad gf...
In Samsung's it's always best to factory reset from Settings rather than the boot menu. I redundantly make sure FRP won't be invoked by also deleting the accounts before the reset whenever possible*
*a boot loop or total system crash trashes this option, better hope the account password works...
How to stay away from Hackers?, How they simply get the access to hack our devices.
Everett34 said:
How to stay away from Hackers?, How they simply get the access to hack our devices.
Click to expand...
Click to collapse
They don't; most victims inadvertently install the malware themselves. Social media sites like WhatsApp, Tiktok etc are hunting grounds for hackers. Poor settings and app selection, clumsy browsing habits, side loading, unlocked bootloaders, no firewall in use, being careless what's downloaded, not keeping email in the cloud, allowing others physical access to the device, sharing drives, using unsecured wifi hotspots, not using Android 9 or higher... among others.