Hello,
I've been noticing this since day 1, but have been too lazy to do anything about it.
Adfree doesn't seem to work in the browser. All my hosts files get updated properly /data/data/hosts, /etc/hosts, /system/etc/hosts, and if I try to ping a domain that is on the list, it resolves to 127.0.0.1.
When I am in the browser, I see all sorts of ads while browsing. I check the domain of the ad images and sure enough when I ping it, it resolves to 127.0.0.1. What is going on?
John5788 said:
Hello,
I've been noticing this since day 1, but have been too lazy to do anything about it.
Adfree doesn't seem to work in the browser. All my hosts files get updated properly /data/data/hosts, /etc/hosts, /system/etc/hosts, and if I try to ping a domain that is on the list, it resolves to 127.0.0.1.
When I am in the browser, I see all sorts of ads while browsing. I check the domain of the ad images and sure enough when I ping it, it resolves to 127.0.0.1. What is going on?
Click to expand...
Click to collapse
I haven't seen this (mine simply shows a web page not available). And it definitely should work if your addresses are resolving to localhost properly... Maybe try clearing your browser cache?
Related
hey, for some reason i cant log in to facebook using pocket IE. any ideas why? is there some other browser i can use that would work? if so, how do i get it? thanks
omar
I assume you mean the mobile version of it. It used to work. No idea why it stopped. I just go to the standard version now. PITA. Maybe the carrier?
-Mc
Nope, its Internet Explorer. Bookmark this link and you should be good to go...
http://www.facebook.com/login.php
If that does not work. Go on your PC and login. Use the sub-link that is placed before facebook.com and replace the www above with it.
JAmerican
U can also clear ur history and temporary internet files. And make sure u get the security warning. Once u get it, ur good to go. At first i thought it was Gmail but it seems its a IE thing.
edit: It is a gmail thing. At least for me. Scroll to bottom and click "view in HTML" and u'll get security warning.
loggin into facebook is the easy part, but can you post on walls? I've had no luck doing that
The mobile version of the site is far better.
http://m.facebook.com
Mobile Facebook is great. I just got on it today because they recently did a redesign which is making it a pain to view in Pocket IE.
I also have problems logging into m.facebook.com but I usually get to the login screen and then use the link at the bottom of the page to do a standard login. The only thing that annoys me is that if I use my P990i instead I stay permanantly logged in on it, whereas my MDA Mail (UK Spec) keeps on logging me out grrr.
If you're having trouble getting the login at m.facebook.com to work, try this link instead:
http://m.facebook.com/login.php?http&next=http://m.facebook.com/home.php
Bookmark that, and you'll be good to go. It basically forces you to the HTML login page instead of the WAP login, but keeps you on the mobile interface to save data.
I just got a Tilt 2 the other day, and this is my first HTC phone. I love it so far, but I am having an issue of not being able to login to any site in the any either opera or IE. It either tells me the login in incorrect (which it is not) or that my session has expired, without ever actually logging in.
I tried to install skyfire, but it will not even run, just returns errors and closes.
Anyone else have/had this issue or know what the problem might be?
I can not login to any site, I have tested 10 or so sites.
I have also tried putting both browers in mobile only mode, with no change.
I actually have two of these phones right now, and the problem is on both phones.
I have the same problem, specificaly with mesh. It states my cookies are expired, even after clearing all cookies, history and browser cache.
I take that back.
Logins for things like cpanel/plesk/billing scripts (whmcs, ect) and web scripts such as WP or Joomla and even Kayako don't work. But I can login to sites like ESPN/Sportsline, ebay, ect.
I take it there is something missing from these mobile browsers that is not passing along the proper info to these scripts that does not allow them to be logged in.
I finally got skyfire to work, but the same logins fail in that browser also.
I even tried to install the beta of mobile firefox (can't remember the code name now), and it was horrid, worst mobile browser I have ever seen.
There has to be a way to change cookie settings or something to allow these type of script logins.
Hello,
I use FireFox and NoScript, if I allow xda, the page constantly refreshes, I mean, refresh, refresh, no pauses.
Certainly I'm not the only one experiencing this?
Oh, I turned OFF Ghostery as well, same thing.
I use NoScript without problems. I have both xda-developers.com and googleapis.com (used for some JS stuff on the forums) enabled.
Are you sure it's not another addon conflicting? Try starting FF in safe mode, and enable addons one by one.
I have the same issue. I block all scripts on this site by default. However, if I let xda through, it just refreshes... refreshes... refreshes.
Just curious for those on tmobile, can you access shared files on ul.to, and uploaded, on your 4G connection?
On my account they seem to be blocked, I can go to any other website, yet upload, ul.to, are all blocked using dolphin, stock, chrome browsers either set to android or desktop browser type.
It's the weirdest thing. Anyone else have this issue.?
Rapidgator, filepost work fine to date..
I know some do piracy downloads so don't bash me, but I actually have accounts for both and use them for data backups and personal pseudo cloud storage.
My phone was infected with stalkerware, they had access to my files, could view what was on my screen, listen into my mic, view my cameras remotely, everything! It's incredibly creepy! From what I can tell they somehow loaded q hacked version of Google Chrome and or android web viewer. After getting suspicious I downloaded Kaspersky and ran a scan, I found 2 versions of Google Chrome on my phone one of them had the dual messenger app icon on it. The other one said it wasn't a current version from the apps store. I Uninstallerd and downloaded the current version through the app store. I tried to see if a packet sniffer would lead me to them but I think I was too late by that point. I also pulled the Chrome app qnd decompiler it. There was some weird things in there like ignore playstore version but nothing that I could find that would lead me to who was watching me. Is there anything I can still do that will lead me to who did this? I have a strong idea of who it was but need evidence so I can prosecute them. Any help would be appreciated. Im putting up a 500 dollar bounty if anyone can help me get some solid evidence.
dangerruss said:
My phone was infected with stalkerware, they had access to my files, could view what was on my screen, listen into my mic, view my cameras remotely, everything! It's incredibly creepy! From what I can tell they somehow loaded q hacked version of Google Chrome and or android web viewer. After getting suspicious I downloaded Kaspersky and ran a scan, I found 2 versions of Google Chrome on my phone one of them had the dual messenger app icon on it. The other one said it wasn't a current version from the apps store. I Uninstallerd and downloaded the current version through the app store. I tried to see if a packet sniffer would lead me to them but I think I was too late by that point. I also pulled the Chrome app qnd decompiler it. There was some weird things in there like ignore playstore version but nothing that I could find that would lead me to who was watching me. Is there anything I can still do that will lead me to who did this? I have a strong idea of who it was but need evidence so I can prosecute them. Any help would be appreciated. Im putting up a 500 dollar bounty if anyone can help me get some solid evidence.
Click to expand...
Click to collapse
Try logging into your Google account from a computer. Look at what devices have access to your account. I looked at mine a couple of months ago and saw a phone I never owned on AT&T. Funny thing is I have NEVER had AT&T. I've always and still have Verizon. I immediately removed, blocked and reported the device.
HyperChick said:
Try logging into your Google account from a computer. Look at what devices have access to your account. I looked at mine a couple of months ago and saw a phone I never owned on AT&T. Funny thing is I have NEVER had AT&T. I've always and still have Verizon. I immediately removed, blocked and reported the device.
Click to expand...
Click to collapse
That was the first thing I tried. Didn't find anything unfortunately. These a holes are good.
dangerruss said:
That was the first thing I tried. Didn't find anything unfortunately. These a holes are good.
Click to expand...
Click to collapse
Did you run a log of your IP addresses?
HyperChick said:
Did you run a log of your IP addresses?
Click to expand...
Click to collapse
Not until after the connection was severed. My first thought was to run a virus scan. The only thing I found was an application was installed feb 1st and the clean version of chrome stopped uploading on Feb 1st.
Why are there two of these? And how did they use dual messenger to install doubles? I've disabled all of them.
dangerruss said:
Not until after the connection was severed. My first thought was to run a virus scan. The only thing I found was an application was installed feb 1st and the clean version of chrome stopped uploading on Feb 1st.
Click to expand...
Click to collapse
Did you delete the corrupt Chrome already? The IP history may be in there...
you wish to find your IP address Internet history, you can easily do so directly from your Internet browser.
Step 1
Open your Internet browser, and click on "Tools" located in the horizontal menu bar at the top of the window.
Step 2
Click on "Internet Options"
Step 3
Click on "Settings" located beneath the "Browsing History" subheading.
Step 4
Click on the "View Files" button to find your IP address Internet history.
If you post the chrome apk that you dumped or anything else that you have that was related to the "infected" files, they might be helpful in looking for clues.
These are the apk files that I suspect could have been infected. Unfortunately I didn't pull them until after they were updated. But I believe there is still a change log kind of manifest if you decompile them.
On mobile? Im not seeing those options
HyperChick said:
Did you delete the corrupt Chrome already? The IP history may be in there...
you wish to find your IP address Internet history, you can easily do so directly from your Internet browser.
Step 1
Open your Internet browser, and click on "Tools" located in the horizontal menu bar at the top of the window.
Step 2
Click on "Internet Options"
Step 3
Click on "Settings" located beneath the "Browsing History" subheading.
Step 4
Click on the "View Files" button to find your IP address Internet history.
Click to expand...
Click to collapse
From what I can see, those apks unfortunately appear to be normal un-tampered files. The manifest I believe you are referring to is a component of the apk that dictates things like permissions and interfaces, but it does not perform any sort of logging or historical record sadly, as the entire apk is replaced when an app is updated or installed over an existing installation.
I am not sure how much cleaning you have done of your device since it happened, but aside from clues or records which might be available from various services you use (finding connected accounts that aren't yours, history of any account activities that weren't initiated by you, etc), your next best bet would probably be to dig through the files on the device in search of anything that shouldn't be there. Hopefully there is still some artifact of the infection which could potentially point towards its origin. I will follow this thread, happy to dig through files in my spare time.
Does anyone know if android keeps a log of installs or qnything in the root folder perhaps?
Isn't there a relation between duplicate app instances and secure folder?
OnnoJ said:
Isn't there a relation between duplicate app instances and secure folder?
Click to expand...
Click to collapse
Yes but I've never set up secure folder. Never felt a need to.
First thing I do is a factory reset (and hope that gets it) and reset the Google password.
Keep that bloody device 100% isolated from your PC and data backup copies including the SD card*. Wipe the SD card in the device before the reload and again after the reload. Do NOT connect the card or phone to your PC before the new load is proven clean. Load data directly to SD card from the PC then to the 10+ just in case.
Try to piece together when and what did it but that is a secondary concern. Consider it a drill.
Better get while the gettings good... that level of being compromised means no time to lose ditching the OS. I most likely wipe the SD card too and use one of the clean data backups I keep for just such an event. Torch all data on the device.
If it gets into your backup data copies you're boned.
OSs are 100% expendable, critical data is not.
*you can scan it with everything on the planet and still miss trojans, tainted jpegs/pngs, etc if no definitions exist yet. Expect multiple hidden infections now and go full nuke.
Isolating the infection to that device is only priority. It's possible the infection(s) are already on one or more backups and/or your PC. That's why it's important to keep multiple time staggered backups on multiple electronically isolated hdds.
I keep a 3 tier backup and my PC is never internet connected.
Keep your head and limit the spread...
dangerruss said:
Why are there two of these? And how did they use dual messenger to install doubles? I've disabled all of them.
Click to expand...
Click to collapse
looks normal to me. Those are typical apps that run when dual account messenger service is used .