Hello. First post here. TIA for any help.
Device: Brand new (2 weeks old) Samsung Galaxy Note 7, Android version 6.0.1, unrooted
tl;dr -- twice strange apps have been installed on my phone without my active involvement; scans show no virus/malware; both times happened after I installed an app from Play Store to try; don't know how/why it happened or how to make sure my phone isn't compromised even after removing apps
Detailed version: since getting my Note 7 (which I love after upgrading from my Note 3 which was the best phone up to now I've ever had), a couple of times I was looking through the Play Store for apps to try (and I've forgotten the actual apps involved the first time, so I'll just relate what happened today, but the cases are exactly the same insofar as what happened).
I was looking for a camera app to hopefully expand upon/improve the capabilities of the stock camera app (and I don't know if it's a Samsung-specific app on this phone or a generic Google/Android camera app). So I downloaded Open Camera from the Play Store based on the description, ratings, etc.
Similarly, just to try to test the gaming capabilities of the new phone's processor (I don't game a lot on my phone generally, aside from Solitaire, but just wanted to see what graphics would look like, etc. So, I'm just browsing through games on the Play Store, and decide to download a free racing game called simply "Racing In Car".
I played the racing game about 10 minutes, got bored with it, and uninstalled it.
A while later (like 2 or 3 hours -- not immediately), I get a notification that an app was scanned after install by the antivirus on the phone (it's a McAfee product that is part of the insurance I bought from Verizon for the phone's replacement, and it's set to automatically scan apps upon install). The app was also scanned by the AntiMalwarebytes app I have on the phone. Both reported no problems.
However, the app in question was not one I'd even heard of (it was called AppLock), and appears to be some kind of security app (and there is a version available in the Play Store). I immediately uninstalled it. When I went to the Play Store for info on this strange app that suddenly downloaded and installed without my knowledge or desire, the Play Store offered me to Update the app and said it wasn't installed through the Play Store.
In my settings, I confirmed that I had the default setting checked to not allow apps to be installed from "untrusted sources" (or it may say "unknown sources").
I had already uninstalled the racing game, as I mentioned, and I went ahead and uninstalled Open Camera as well, since I'm not sure which app (if either) was the actual culprit here, though I suspect the racing game more likely since it does have ads (which I don't remember interacting with at all, other than maybe closing a pop-up or something).
So, from that rather book-length explanation (for which I apologize profusely if it wasn't clear enough), I have these concerns:
(1) How would an app that I got from the Google Play Store (and whose description and reviews I looked at pretty closely before installing) download and install an app without any active participation on my part (I imagine, given the nature of the Android OS as I understand it, it would have to do with permissions I granted the app upon install)?
(2) How can I be certain (aside from a factory reset nuke-it-and-let's-start-from-scratch-baby scenario) that there is nothing amiss when two apps I reasonably trust (McAfee virus scanner and the AntiMalwarebytes app) are reporting nothing suspicious even though this occurred?
(3) Apart from rooting my phone (which I don't care to do), is there any log file or other information I can look at to try to diagnose exactly what app did what in this process? (Of course, that brings up my own limitations with regard to not even knowing what to look for or look at even if it were accessible to me, so perhaps the point is moot in any case -- but I am still curious if it could be done.)
Thank you for any insights or suggestions. If you have read to the end, you are obviously (whatever your other characteristics, good or bad) a person of grand endurance -- so congrats on that.
Allan
P.S. Oh yes, I might also say that I never had this issue or anything similar on any other phone or device, and I do consider myself reasonably well-educated about proper safety and security issues (e.g., Ubuntu is my OS of choice on my laptop). But I do feel rather clumsy after this go-round (but nothing a cold beer can't resolve on that front).
Device: Brand new (2 weeks old) Samsung Galaxy Note 7, Android version 6.0.1, unrooted
tl;dr -- twice strange apps have been installed on my phone without my active involvement; scans show no virus/malware; both times happened after I installed an app from Play Store to try; don't know how/why it happened or how to make sure my phone isn't compromised even after removing apps
Detailed version: since getting my Note 7 (which I love after upgrading from my Note 3 which was the best phone up to now I've ever had), a couple of times I was looking through the Play Store for apps to try (and I've forgotten the actual apps involved the first time, so I'll just relate what happened today, but the cases are exactly the same insofar as what happened).
I was looking for a camera app to hopefully expand upon/improve the capabilities of the stock camera app (and I don't know if it's a Samsung-specific app on this phone or a generic Google/Android camera app). So I downloaded Open Camera from the Play Store based on the description, ratings, etc.
Similarly, just to try to test the gaming capabilities of the new phone's processor (I don't game a lot on my phone generally, aside from Solitaire, but just wanted to see what graphics would look like, etc. So, I'm just browsing through games on the Play Store, and decide to download a free racing game called simply "Racing In Car".
I played the racing game about 10 minutes, got bored with it, and uninstalled it.
A while later (like 2 or 3 hours -- not immediately), I get a notification that an app was scanned after install by the antivirus on the phone (it's a McAfee product that is part of the insurance I bought from Verizon for the phone's replacement, and it's set to automatically scan apps upon install). The app was also scanned by the AntiMalwarebytes app I have on the phone. Both reported no problems.
However, the app in question was not one I'd even heard of (it was called AppLock), and appears to be some kind of security app (and there is a version available in the Play Store). I immediately uninstalled it. When I went to the Play Store for info on this strange app that suddenly downloaded and installed without my knowledge or desire, the Play Store offered me to Update the app and said it wasn't installed through the Play Store.
In my settings, I confirmed that I had the default setting checked to not allow apps to be installed from "untrusted sources" (or it may say "unknown sources").
I had already uninstalled the racing game, as I mentioned, and I went ahead and uninstalled Open Camera as well, since I'm not sure which app (if either) was the actual culprit here, though I suspect the racing game more likely since it does have ads (which I don't remember interacting with at all, other than maybe closing a pop-up or something).
So, from that rather book-length explanation (for which I apologize profusely if it wasn't clear enough), I have these concerns:
(1) How would an app that I got from the Google Play Store (and whose description and reviews I looked at pretty closely before installing) download and install an app without any active participation on my part (I imagine, given the nature of the Android OS as I understand it, it would have to do with permissions I granted the app upon install)?
(2) How can I be certain (aside from a factory reset nuke-it-and-let's-start-from-scratch-baby scenario) that there is nothing amiss when two apps I reasonably trust (McAfee virus scanner and the AntiMalwarebytes app) are reporting nothing suspicious even though this occurred?
(3) Apart from rooting my phone (which I don't care to do), is there any log file or other information I can look at to try to diagnose exactly what app did what in this process? (Of course, that brings up my own limitations with regard to not even knowing what to look for or look at even if it were accessible to me, so perhaps the point is moot in any case -- but I am still curious if it could be done.)
Thank you for any insights or suggestions. If you have read to the end, you are obviously (whatever your other characteristics, good or bad) a person of grand endurance -- so congrats on that.
Allan
P.S. Oh yes, I might also say that I never had this issue or anything similar on any other phone or device, and I do consider myself reasonably well-educated about proper safety and security issues (e.g., Ubuntu is my OS of choice on my laptop). But I do feel rather clumsy after this go-round (but nothing a cold beer can't resolve on that front).
?
