Re: why cant i uninstall com.android.google.settings app where it is saying its a high threat risk
It's evil.
Note the report here ( w w w . a v g t h r e a t l a b s . c o m / g b - e n / a n d r o i d - a p p - r e p o r t s / a p p / c o m . a n d r o i d . g o o g l e . s e t t i n g s / ) which from preliminary investigation, appears to match what I've found too (one of the tables is called credit-cards -numbers(!))
Visibly, it randomly throws a combination of banner ads, full screen ads and 'news' popups on the device - no matter what app is foregrounded.
Note the name. Google uses the convention "com.android.*" for android "internal" apps, and "com.google.android.*" for their "add-on" apps.
I've never seen com.android.google.* used anywhere officially.
If anyone wants a copy I can upload it, along with typical runtime data (as soon as I've determined none of my top secrets are within!)
As for it's origins, it arrived *preinstalled* on a Q8H A23 tablet ordered from China (a rather nice cheap tablet otherwise)
It is installed as /system/app/com.android.google.settings.apk, and looking at the file date, appears to be self updating.
The com.android.browser also arrived hobbled - the homepage is forced to some google-referring landing page. And for some reason, history is disabled.
The other 2 are suspect also. Note that all 4 have an update date well after I obtained the tablet.
total 7316
-rw-r--r-- 1 0 0 210461 Jun 19 14:44 CloudsService.apk
-rw-r--r-- 1 0 0 2063264 Apr 11 16:30 com.android.browser.apk
-rw-r--r-- 1 0 0 2612471 Jul 9 05:54 com.android.google.settings.apk
-rw-r--r-- 1 0 0 2600073 May 30 02:45 com.yiranhan.globalweather.apk
As for removal, you need to root the device, as it's installed as a system-app.
I did mine using adb (which connects with a root shell)
The apps *appear* to have not mangled the Linux system - removing the app, it's dex, and it's data directory seem to kill it.
I'd be interested to know where you purchased yours, and whether you have the other 3 offending apps.