As the title says. I bought a new lg g2 from eBay. After playing around with it for about 2 weeks I noticed that it is rooted and has a Chinese superuser app installed. I heard a while ago that some phones bought from eBay had viruses on it so I am wondering for what other purpose would the phone come rooted other than to install certain programs that I wouldn't notice. Also, is there a way to unroot it and remove all rooted permissions that might have been added without having to delete all data on my phone? Thank you.
Asked
Active
Viewed 1,302 times
4 Answers
2
You didn't write in which area you live, and from which eBay domain/seller location you've bought the device. But assuming you're not living in China, I'd be worried. Not for the device being rooted in general – but a Chinese superuser app sounds pretty suspicious.
Now other answers suggested unrooting and wiping. But I'm afraid that might not be enough: Once rooted, the "rooter" could have installed other malicious apps as system apps (see: system-apps and its tag-wiki for an explanation). Neither unrooting nor wiping (or performing a factory-reset) would remove those. So to really be on the safe side:
- Get yourself a fresh ROM image to flash (see: Where can I find stock or custom ROMs for my Android device?) This can be either a "stock ROM" (the official one from LG in your case), or – as the device is already rooted – any custom ROM (the latter having the advantage of being more up-to-date in most cases).
- If you decided for a custom ROM, this might require a custom recovery (see: recovery-mode and its tag-wiki for details). Check whether that's already installed (boot into recovery, and see if the "title line" reads something with
<3e>(which indicates the stock recovery), or some other name like "ClockworkMod" or "TWRP"/"TeamWin Recovery" – which are the two major custom recoveries). If not, do so. - Flash the new ROM. This should basically overwrite everything except for user-data and cache.
- From the recovery menu, chose to "wipe"
/data,/cache, and (if offered) also Dalvik-Cache. That should remove all remaining stuff from the device. - Optionally: Deal with your SD card, if there was any inserted. Malware could have placed something there, so best is to format this as well.
Now you should have "wiped off" all potential evil from the device – as far as you can do so yourself. The only remaining part is the radio-firmware; but I doubt anyone would have tampered with that. If you want to be "absolutely sure", check above link for a radio image as well, which you optimally should flash before the other parts.
1
You could try supersu from play store to unroot your phone. If you are afraid of viruses after this you can use standard antivirus to scan whole phone(without root there is not much to be afraid of viruses) to be sure you can do factory reset what will delete your files but you can backup them with various programs.
You should always do factory reset/wipe after purchasing used phone (especially if rooted)
Read more info from http://www.xda-developers.com/
Nuuska Muikkunen
- 11
- 2
0
There are some risks of buying rooted phone as it might contain some malware.
Before unrooting please create a backup of your data.
First you can do a factory reset or in case if does not work you can install third party apps from Google play store.
Here are some apps
0
I wouldn't unroot it. I'd just install a custom recovery and from there I'd format system, data, external sd folders. I'd clean all the caches and I'd install a fresh new copy of cyanogenmod. Then, the phone would run nicely and without absolutely any risk at all.
Joaquin Iurchuk
- 348
- 4
- 11
/boot//recoverypartitions, on SD card, or somewhere else. While maybe "unusual", it's not impossible – and was found in the past in all of the mentioned places (yes, including radio – though in that case it was the manufacturer himself placing "evil things"; but who knows who did it here? After all we know, it could be a "China clone" instead of a genuine device.) – Izzy Nov 14 '14 at 14:15