Malware? UpgradeDroid.apk - EVO 4G Q&A, Help & Troubleshooting

So my wife was on her Evo when suddenly the browser opened and started downloading something called DroidSpeedUpgrade.apk. The website I traced and it gave me a forbidden 403 from my PC, but did allow me a DL of the apk from phone. I did not install, look at the crazy permissions! Any idea what this is, or how it opened on my wifes Evo (cm7)?
Thanks
Below is the APK, I wouldnt install it, screen shot is the permissions...

I would backup all apps [except that], then do a fresh re-install of CM7.

teh roxxorz said:
I would backup all apps [except that], then do a fresh re-install of CM7.
Click to expand...
Click to collapse
I would question if there's already a malware app on the phone if the browser automatically opened to that page.
Check through unfamiliar apps and the permissions associated with them.
Sent from my PC36100 using XDA Premium App

jackslim said:
I would question if there's already a malware app on the phone if the browser automatically opened to that page.
Check through unfamiliar apps and the permissions associated with them.
Sent from my PC36100 using XDA Premium App
Click to expand...
Click to collapse
That too is true, but hoping he did that already. Though either way, I firmly believe she should do a clean install again; at least go through the last 10 apps she installed, and like said, check the permissions.

If I were to wipe fully with a clean install of a rom, and not log in to Google or restore anything, what damage do you think this could do if I installed it out of curiosity?
I know it could get my phone number, info and whatnot. That alone would probably keep me from doing it... but what's the worst that you think it could do?
If I had an unactivated Android phone then I might do it.
Sent from my PC36100 using Tapatalk

plainjane said:
If I were to wipe fully with a clean install of a rom, and not log in to Google or restore anything, what damage do you think this could do if I installed it out of curiosity?
I know it could get my phone number, info and whatnot. That alone would probably keep me from doing it... but what's the worst that you think it could do?
If I had an unactivated Android phone then I might do it.
Sent from my PC36100 using Tapatalk
Click to expand...
Click to collapse
Your curiosity is like mine, I am tempted to just install it, lol. See if the app can be found in app drawer or what, if I can do anything with it, and so on. My wife doesnt have any credit card junk stored on phone, but has a bank app, so that is all bad by itself! Wait, Amazon Market has credit card linked to it, so in theory they can get password and get credit card info from Amazon. On top of bank passwords, all bad! Maybe I am being paranoid, but this rouge apk seems to have to many permissions for it to just install like that.
I have a unactivated LG Optimus S here, I will install it on that and report my findings
edit...INSTALLED!!!
OK, it is just a Task Manager, on the outside that is. What it does is mask itself as a battery saver/task killer. Meanwhile it sends and recieves text messages that cost YOU $9.99 each! Says a minimum of one per week will be sent and or received. If works with either Sprint or Tmobile, according with terms and conditions, which are carefully hidden. For the average user its gonna fool them, the app by itself would not be so bad so one would think they got a awesome app. Meanwhile your Sprint bill is racking up $9.99 texts, I guess you can get them reversed by sprint. But if you have autopay set up it may take a bit to realize you bill payment was a couple hunderd over normal cost Just be on the lookout, the app may do more than what I found, I only scratched the surface of it.

Just create a nandroid backup, turn off your mobile network, install see what it is, then flash back
Sent from my PC36100 using Tapatalk

Khilbron said:
Just create a nandroid backup, turn off your mobile network, install see what it is, then flash back
Sent from my PC36100 using Tapatalk
Click to expand...
Click to collapse
see post above yours, i installed it. its all bad for anyone who does get fooled into installing this on a activated phone

cordell12 said:
see post above yours, i installed it. its all bad for anyone who does get fooled into installing this on a activated phone
Click to expand...
Click to collapse
That blows, good catch

Will it do that to my phone if I turn off all data and place it on airplane mode then install, Check it out then uninstall it then turn airplane mode off.
Sent from my PC36100 using XDA App

sharkboy0901 said:
Will it do that to my phone if I turn off all data and place it on airplane mode then install, Check it out then uninstall it then turn airplane mode off.
Sent from my PC36100 using XDA App
Click to expand...
Click to collapse
it's best not to find out with something like this
Sent from my PC36100 using Tapatalk

sharkboy0901 said:
Will it do that to my phone if I turn off all data and place it on airplane mode then install, Check it out then uninstall it then turn airplane mode off.
Sent from my PC36100 using XDA App
Click to expand...
Click to collapse
It has permission to change your settings, so it could turn data back on. It can also read your phone information - phone number and such - so if it can send this information out then it can definitely do damage.
I wouldn't try it.
Sent from my PC36100 using Tapatalk

It also gives the user magic powers and allows the user to live forever. THIS is a must install. LMAO! However, I WOULD PERSONALLY *that is if I had time to do this* DECOMPILE THIS CRAP AND SEE WHO THE HELL MADE IT AND WHERE IT IS SENDING OUR INFORMATION TO. then, I would track the person down. and put a bullet in their head or heads. I don't play games with identity theft. oh and we all know the two places they are likely from. either china or Africa. Well, in Africa... I firmly believe most of them should all be put into a grave. :-D
Does this make me a bad person? nope... it sure doesn't. I'm protecting americans. Actually. the government does this on a daily basis. They murder hundreds of people over seas for oil. :-D We gotta have our oil. :-D lmao If they come over here, they are terrorists. If we go over there, we are terrorists. :-D as I just went way off subject...
okay okay. don't install it. final. and why would you install something that you know for a fact is a phone virus? How stupid is that? We need a platform that can tests apks OUT OF A REAL phone environment. like a virtual mobile computer like vmware.
okay, I'm done. bedtime!

runcool said:
the government does this on a daily basis. They murder hundreds of people over seas for oil. :-D We gotta have our oil. :-D lmao If they come over here, they are terrorists. If we go over there, we are terrorists.
Click to expand...
Click to collapse
wow really?

good lord... i haven been uninstalling this on my customers phones for 2 weeks now... anyone, get a full decompile on it?

Related

My phone was stolen. Rooted with Fresh 3.4, Please help me!

Hey guys,
My Evo was stolen a little bit ago. Homeless guy (who knew my dad, so I had no reason not to trust him) came into the house, and I'm sure that he stole it.
Is there anything I can do to find it?
I've heard about the family locator and whatnot, but I know you have to have activated it before the fact.
Please help!
Borrow a phone.
Find the guy.
Call your own phone number.
Listen.
Pete
dsgn09 said:
Hey guys,
My Evo was stolen a little bit ago. Homeless guy (who knew my dad, so I had no reason not to trust him) came into the house, and I'm sure that he stole it.
Is there anything I can do to find it?
I've heard about the family locator and whatnot, but I know you have to have activated it before the fact.
Please help!
Click to expand...
Click to collapse
Use Sprint family locator to find it link attached. Create an account it will show you on a map when you find him whip the $hit out of him.... twice
https://sfl.sprintpcs.com/finder-sprint-family/welcome.htm
Mobiledefense is a great app. If you get your phone back is suggest installing it
Sent from my PC36100 using XDA App
I use look out.... Google it, it tracks your phone, makes it scream if its on silent or vibrate and you can remote wipe it or remote lock it...
Sent from the MATRIX... while plugged into my EVO... using the XDA app... from a galaxy far-far away.......
That sucks. What was he doing in the house?
Sent from my PC36100 using XDA App
rejectedkid said:
Mobiledefense is a great app. If you get your phone back is suggest installing it
Sent from my PC36100 using XDA App
Click to expand...
Click to collapse
Is it out of beta and accepting new apps I know I have it and and a account I love the app let someone steal it unless there really smart they wont ever know its there and they cant (really unless your smart/into android) uninstall it even you can turn your phone on if its off turn gps on if its off tell you if its on a floor or waist high everything make sure you get it if you dont it helped me find my lost phone
chumba8 said:
Is it out of beta and accepting new apps I know I have it and and a account I love the app let someone steal it unless there really smart they wont ever know its there and they cant (really unless your smart/into android) uninstall it even you can turn your phone on if its off turn gps on if its off tell you if its on a floor or waist high everything make sure you get it if you dont it helped me find my lost phone
Click to expand...
Click to collapse
I think it is still in beta nvm.. I have it installed on my wifes Evo and mine.
Sent from my PC36100 using XDA App
rejectedkid said:
I think it is still in beta nvm.. I have it installed on my wifes Evo and mine.
Sent from my PC36100 using XDA App
Click to expand...
Click to collapse
I installed MD as a system app so even if someone factory rests the app does not uninstall.
bender1077 said:
I installed MD as a system app so even if someone factory rests the app does not uninstall.
Click to expand...
Click to collapse
How do you do that?
jdh10475 said:
How do you do that?
Click to expand...
Click to collapse
If you have root, move the apk to the system/app folder (or /system/data, I can't remember right now)
if rooted just go to mobile defense site and download the system flashable zip. boot into recovery and flash. this will allow you to turn on gps remotely if it's off.
Im going to give this mobile defense a try. Unfortunately they have the beta closed right now so I had to go to the site to sign up for the waiting list. This sounds like an very useful app.
Sucks.. Mobile Defense you cannot get anymore
Where's my droid is a free app on the market which I use. If you misplace your phone somewhere and it is on silent all you have to do is text it from another phone with the phrase where's my droid and it will ring on the loudest setting until you find it.
If someone steals it all you have to do it text the phrase gps my droid and it will text you back the longitude and latitude coordinates and also a google maps link of where it is at. pretty cool app.
markushi said:
Where's my droid is a free app on the market which I use. If you misplace your phone somewhere and it is on silent all you have to do is text it from another phone with the phrase where's my droid and it will ring on the loudest setting until you find it.
If someone steals it all you have to do it text the phrase gps my droid and it will text you back the longitude and latitude coordinates and also a google maps link of where it is at. pretty cool app.
Click to expand...
Click to collapse
It says GPS via email doesn't work with sprint in the app market description.
Sent from the void...
elapshtc said:
if rooted just go to mobile defense site and download the system flashable zip. boot into recovery and flash. this will allow you to turn on gps remotely if it's off.
Click to expand...
Click to collapse
Are there any other apps that can turn on gps remotely?
Arent all these apps battery killers?? They run all the time and destroy battery faster than anyother program
Battery killing apps < Losing your Evo
afma_afma said:
Battery killing apps < Losing your Evo
Click to expand...
Click to collapse
+1 i could care less about sacrificing 2 hours of my battery life to find my phone that i paid 300.00 for...

[Q] Looking for .apk of new sprint security App

Does anyone have the new sprint security app as a .apk? I am currently running Myn's z port and sprint will not recognize my phone as an Evo. I do know I could just flash back to a different Evo rom and download it, back it up, and nandroid back to where I was at but that is a pain in the ***! I am sure if some one where to post it, there would be many appreciative people!
I do not believe this to be a repeat post for I did search before posting but you never know.....you know!
Thanks!
EsotericSage said:
Does anyone have the new sprint security app as a .apk? I am currently running Myn's z port and sprint will not recognize my phone as an Evo. I do know I could just flash back to a different Evo rom and download it, back it up, and nandroid back to where I was at but that is a pain in the ***! I am sure if some one where to post it, there would be many appreciative people!
I do not believe this to be a repeat post for I did search before posting but you never know.....you know!
Thanks!
Click to expand...
Click to collapse
Here you go man. My Evo recently died a slow and horrible death, but I pulled this off of my SD card. You should be good to go.
gomorrah said:
Here you go man. My Evo recently died a slow and horrible death, but I pulled this off of my SD card. You should be good to go.
Click to expand...
Click to collapse
Thanks So much. It is really appreciated!
Will this work for people without the Total Equipment Protection service? I doubt it, but I have Where's My Droid to help me find my phone and it lets you set a pass code on it.
According to the web site it will not. But i believe they give you a month free trial if you want to give it a shot!
For those who came into this thread that don't have TEP, be sure to check out Plan B. It's an easy way to locate your phone without ever installing any software before you lose your phone. It essentially pushes the app to your phone and upon install it notifies you of its location.
Sounds like a good alternative.....is this available on the market?
gomorrah said:
Here you go man. My Evo recently died a slow and horrible death, but I pulled this off of my SD card. You should be good to go.
Click to expand...
Click to collapse
What does this app do?
It has some basic security features such as remote wipe, find phone, and force alarm on full volume. It also had a contact backup feature and web service to find closest repair center. You can also start tep claim...
Which doesn't make sense....if you are trying to start a claim your phone is probably already boned
Remember it free if you have tep. If not, be aware.
Sent from my PC36100 using XDA App
EsotericSage said:
It has some basic security features such as remote wipe, find phone, and force alarm on full volume.
Click to expand...
Click to collapse
same stuff lookout has

[Q] Remote Deletion Question

Hey folks. My Evo got stolen today, and I have a question. I've already reported it stolen to Sprint, started the Asurion claim, and changed the passwords to all the services my phone had stored passwords for. Unfortunately, there's a fair bit of info on that phone that it would do best not to spread. I have phone numbers for the vast majority of my squadron, along with some passwords for a few secure government systems. Granted, the passwords are in one of the password vault apps behind a different master password and I'll be changing them tomorrow morning anyways, but is there a way I can have google remotely delete that app and de-sync my contacts if my phone ever connects to a wifi network (or gets used on MetroPOS)? Sprint says all they can really do is blacklist the ESN, which they've done.
I don't believe so, unless you had like lookout mobile, where you pay for the premium service that allows it to do that.
There's a sprint app in the market just for future reference its called sprint total protection app(free). It saves your numbers and allows you to remotely lock your phone. It also sends gps coordinates every 2 hours of your phones location so you can find those pesky thieves and give them a piece of your mind. You get a pin code to login the website to view the gps locations and it works like a charm.
Sent from my PC36100 using XDA Premium App
dirkyd3rk said:
There's a sprint app in the market just for future reference its called sprint total protection app(free). It saves your numbers and allows you to remotely lock your phone. It also sends gps coordinates every 2 hours of your phones location so you can find those pesky thieves and give them a piece of your mind. You get a pin code to login the website to view the gps locations and it works like a charm.
Sent from my PC36100 using XDA Premium App
Click to expand...
Click to collapse
That actually works? I have it, but never set it up. May look into it now.
but OP, go for that -pushes you to it-
Thanks for the snappy replies, I'll definitely be using one of those security apps next time. Oh well. At least now the thieving bastard can never use the phone to its full potential. At this point aren't the second rate providers like Metro and cricket the only ones that will activate a phone with a dirty ESN?
teh roxxorz said:
That actually works? I have it, but never set it up. May look into it now.
but OP, go for that -pushes you to it-
Click to expand...
Click to collapse
Yes it actually works, oddly enough it doesn't drain battery since it only uses gps to send location then turns back off. I've been using it. Theres a weird issue with cm7 to where the app ask you to turn on gps even though it's on but it works!
Sent from my PC36100 using XDA Premium App
jdelforge5684 said:
Thanks for the snappy replies, I'll definitely be using one of those security apps next time. Oh well. At least now the thieving bastard can never use the phone to its full potential. At this point aren't the second rate providers like Metro and cricket the only ones that will activate a phone with a dirty ESN?
Click to expand...
Click to collapse
I believe so, but they'd be risky for flashing it. Unless they tried to clone a good esn...but most people aren't skilled enough or would think of it.
dirkyd3rk said:
There's a sprint app in the market just for future reference its called sprint total protection app(free). It saves your numbers and allows you to remotely lock your phone. It also sends gps coordinates every 2 hours of your phones location so you can find those pesky thieves and give them a piece of your mind. You get a pin code to login the website to view the gps locations and it works like a charm.
Sent from my PC36100 using XDA Premium App
Click to expand...
Click to collapse
Should note that this app will not work with phones running non-sprint ROMs.

[Q] To devs or anyone...please help!!!!

Here's the problem . My friend has an Stock Epic 4g and it eventually bit the dust. She can still access the download screen via 1+power buttons but other than that her phone won't turn on. Now, thats not the problem. I can fix that. The problem is that she had very important text messages in her phone and we're trying to see if there's a way to retrieve them before I "unbrick" her phone. has anyone found a way to pull info off the phone before undergoing restoration and deleting everything? I apologize in advance if the answer is already on here somewhere. I searched and came up with nothing in our forums except for the text message history viewer on sprints website that is no longer there and besidesm even if it was, these texts are from around christmas. Any suggestions or advice would be greatly appreciated. Thank you
I think you're pretty much stuck. I had the same problem once and never managed to get it working. If you can somehow make a backup of the messed up system that would be great. If the phone is stock, I don't think there's a way to do that.
Tomcat5 said:
I think you're pretty much stuck. I had the same problem once and never managed to get it working. If you can somehow make a backup of the messed up system that would be great. If the phone is stock, I don't think there's a way to do that.
Click to expand...
Click to collapse
no, there's not. I thought of that too. I was wondering if maybe i plug the phone into my computer maybe there's something that can take everything from the phone and copy it to my computer? or even just view the system folders in hopes that I can get the text messages that way but i dunno if that's even possible.
No. She's screwed. Tell her to back up next time.
k0nane said:
No. She's screwed. Tell her to back up next time.
Click to expand...
Click to collapse
OUCH! When I give people bad news I at least hand them a bottle of petroleum jelly first! Yes this is an attempt to make a very dry (or is that wet) joke! Sorry had to.
On topic I don't know if you can mount the system w/adb once it is in that state and k0nane would know more and if he is saying no I doubt it.
I am by no means an expert but... could you odin in the recovery, get into CWM, make a backup, extract the data image, pull the messaging data and then restore after getting the phone functional?
Sent from my SPH-D700 using XDA App
tinslwc said:
I am by no means an expert but... could you odin in the recovery, get into CWM, make a backup, extract the data image, pull the messaging data and then restore after getting the phone functional?
Sent from my SPH-D700 using XDA App
Click to expand...
Click to collapse
at that point you would of over written what the person needs
tazfanatic said:
at that point you would of over written what the person needs
Click to expand...
Click to collapse
Wouldn't that just reflash the recovery partition? OP: Try this if you haven't just reOdin'ed yet. It wouldn't damage the messages any more than they already are.
Tomcat5 said:
Wouldn't that just reflash the recovery partition? OP: Try this if you haven't just reOdin'ed yet. It wouldn't damage the messages any more than they already are.
Click to expand...
Click to collapse
That is what I was going for, just overwriting the recovery partition like you would for rooting GB. You could even try to bring it back to life by flashing a kernel and see if it would boot. Neither of those operations should delete data.
Sent from my SPH-D700 using XDA App
I agree with the above. Don't odin it, try reflashing the recovery partition, nandroid everything to sd, THEN unbrick, restore data.
Sent from my SPH-D700 using xda premium
Try the nandroid restore and see if that works. U should be able to get into cwm
Sent from my SPH-D700 using xda premium
djjoshplacid said:
Here's the problem . My friend has an Stock Epic 4g and it eventually bit the dust. She can still access the download screen via 1+power buttons but other than that her phone won't turn on. Now, thats not the problem. I can fix that. The problem is that she had very important text messages in her phone and we're trying to see if there's a way to retrieve them before I "unbrick" her phone. has anyone found a way to pull info off the phone before undergoing restoration and deleting everything? I apologize in advance if the answer is already on here somewhere. I searched and came up with nothing in our forums except for the text message history viewer on sprints website that is no longer there and besidesm even if it was, these texts are from around christmas. Any suggestions or advice would be greatly appreciated. Thank you
Click to expand...
Click to collapse
Make sure you tell her that her boyfriend still loves her even though the text no longer exists.
Download google voice from the market and you should see your texts there. For whatever reason, all my texts have been saved even though I've wiped my phone many times for different ROMs.
Sent from my SPH-D700 using XDA App
b16flybye said:
Download google voice from the market and you should see your texts there. For whatever reason, all my texts have been saved even though I've wiped my phone many times for different ROMs.
Sent from my SPH-D700 using XDA App
Click to expand...
Click to collapse
That is only if you have voice integration.
Sent from my SPH-D700 using Tapatalk
I suppose I'll keep voice integration as a habit for my device. its a good way to keep those important texts. Just need to be sure the lady doesn't go through the phone and stumble upon old "secret" ones.
Sent from my SPH-D700 using XDA App

Weird things after official 4.3 update

Hi guys,
Few days ago my S3 received official 4.3 android update, and weird things happening after that.
When I connect to internet, via wi-fi or data, phone automatically download a small file named "files.zip". And it happening every time I turn on wi-fi or data... I can`t find this file in downloads or anywhere else. When I try to open, it says "cannot open".
Second weird thing - browser often redirect me to a advertising or span webs. For instance, I try to open youtube.com, it opens different web with advertisement.
Anyone have an ideas how can I fix this?
We need proof screen shots video something
Sent from my SPH-L710 using XDA Premium 4 mobile app
Yup, could you go to about phone, take a screen of the software info and post? Thanks
He stated he can't find the file, BUT when he tries to open, it say cannot open file???? How weird is that.
Sent from my SPH-L710 using XDA Premium 4 mobile app
topnoch said:
Hi guys,
Few days ago my S3 received official 4.3 android update, and weird things happening after that.
When I connect to internet, via wi-fi or data, phone automatically download a small file named "files.zip". And it happening every time I turn on wi-fi or data... I can`t find this file in downloads or anywhere else. When I try to open, it says "cannot open".
Second weird thing - browser often redirect me to a advertising or span webs. For instance, I try to open youtube.com, it opens different web with advertisement.
Anyone have an ideas how can I fix this?
Click to expand...
Click to collapse
post a screen shot or go back under the bridge troll.love to know how a sprint phone works in Lithuania
this post says you have a international s3.
http://forum.xda-developers.com/showthread.php?p=35395057#post35395057
if that is the case. your in the wrong forum. no way its a sprint phone. if you claim it is a sprint phone. we need proof as in it would never work there.
topnoch said:
Hi guys,
Few days ago my S3 received official 4.3 android update, and weird things happening after that.
When I connect to internet, via wi-fi or data, phone automatically download a small file named "files.zip". And it happening every time I turn on wi-fi or data... I can`t find this file in downloads or anywhere else. When I try to open, it says "cannot open".
Second weird thing - browser often redirect me to a advertising or span webs. For instance, I try to open youtube.com, it opens different web with advertisement.
Anyone have an ideas how can I fix this?
Click to expand...
Click to collapse
You might be in the wrong forum. Your profile says you're in Lithuania, using a GSM provider there. Is that still the case?
Sent from my SPH-L710 using Tapatalk
kaos420 said:
post a screen shot or go back under the bridge troll.love to know how a sprint phone works in Lithuania
this post says you have a international s3.
http://forum.xda-developers.com/showthread.php?p=35395057#post35395057
if that is the case. your in the wrong forum. no way its a sprint phone. if you claim it is a sprint phone. we need proof as in it would never work there.
Click to expand...
Click to collapse
Calm down...lol he is probably just in the wrong forum.
Sent from my SPH-L710 using xda app-developers app
bigpappags3 said:
Calm down...lol he is probably just in the wrong forum.
Sent from my SPH-L710 using xda app-developers app
Click to expand...
Click to collapse
learn to read you quoted me saying that.
kaos420 said:
learn to read you quoted me saying that.
Click to expand...
Click to collapse
I'll try to learn. Who knows it might not stick...
Sent from my SPH-L710 using xda app-developers app
kaos420 said:
post a screen shot or go back under the bridge troll.love to know how a sprint phone works in Lithuania
this post says you have a international s3.
http://forum.xda-developers.com/showthread.php?p=35395057#post35395057
if that is the case. your in the wrong forum. no way its a sprint phone. if you claim it is a sprint phone. we need proof as in it would never work there.
Click to expand...
Click to collapse
So sorry, I definitely went to wrong forum
I`ve attached few screens. Maybe I can found the true in this forum.
topnoch said:
So sorry, I definitely went to wrong forum
I`ve attached few screens. Maybe I can found the true in this forum.
Click to expand...
Click to collapse
damn your luck were still stuck on 4.1.2 if your having the issues you say you are with what sounds like maleware. have you installed anything to check phone. over here we have apps like lookout security. i kno nod makes a phone app. you could always do a factory reset back to out the box state. reinstall apps one by one to check it out. sound like you have a app with crap in it.
kaos420 said:
damn your luck were still stuck on 4.1.2 if your having the issues you say you are with what sounds like maleware. have you installed anything to check phone. over here we have apps like lookout security. i kno nod makes a phone app. you could always do a factory reset back to out the box state. reinstall apps one by one to check it out. sound like you have a app with crap in it.
Click to expand...
Click to collapse
Factory reset helped to solve "files.zip" autodownload problem, but phone is still laggy. It takes 3-5 seconds to turn on screen when I press power button in sleep mode. Applications become laggy. I will try to reflash 4.3 via KIES, if the problem remain, back to 4.1.2 will be optimal decision.
Thanks for help guys, and sorry again for getting lost in galaxy s3 forums

Categories

Resources