Related
So verizon forces this update to my phone. Not sure what it was, but it didn't give me an option to cancel, or defer. Now when my phone tries to boot, I get the little android error screen with the triangle and exclamation point, and the phone will not boot. I have already booted into recovery, and wiped everything with no luck at all. Did a full wipe and restore, which had it up and running again, but this morning, same thing. Triangle and exclamation point error screen from where the update was unsuccessful. What do I need to do to block this update so I don't have to do a restore every few hours? Any help would be appreciated.
Thanks,
Anthony
Same crap happened to my wife's phone yesterday, she is running Skyraider and VZW keep trying to forced update and fux0r the rom, had to wiped cache/dalvik, reload the rom on top of it so she can retain her data, as soon as I loaded up the phone I turned off the wifi, 3G, and auto sync then immediately performed the following steps to stop that ****.
otacerts.zip (rename it .bak or whatever)
com.smithmicro.dm (freeze it with titanium backup)
http://forum.xda-developers.com/show...ing+OTA&page=2
I don't have the "donate" version of backup, so I can't freeze the stuff. If I unroot, I assume it will fix the problems.
Here's what I did after accepting the update:
I am rooted (stock rom) and accepted the OTA, after the install the phone will not boot completely it will fail with a white triangle, yellow exclamation point and blue android. To get the phone working again pull the battery, re-insert after a bit and boot into hboot, go to recovery and clear cache partition, this will put the phone back into service. I didn't wipe the davlik.
I got another forced OTA d/l yesterday and had to redo the above. I have renamed the otacerts.zip to .bak and I am anxiously waiting what happens the next time the OTA tries to d/l.
there are 2 otacerts.zip files:
etc/security
system/etc/security
which one needs to be renamed?
thanks.
Glock2005 said:
I don't have the "donate" version of backup, so I can't freeze the stuff. If I unroot, I assume it will fix the problems.
Click to expand...
Click to collapse
I used AntTek App Manager (free in the Market) to freeze it.
tincbtrar said:
You are kidding right? The one app that just about everyone should have (and support the developer so he can continue to provide support to us) and you resort to Warez?
Lame.
And to the OP - once you have secured the donate version of TiBu you can freeze the com.smithmicro.dm file like stated before.
Click to expand...
Click to collapse
I paid for mine and many other apps, and I have donated to devs who gave us root. As you said Titanium Backup is one of those must have apps that we all should buy, but don't be so arrogant to assume everybody has the extra cash to pay for the apps.
ben805 said:
I paid for mine and many other apps, and I have donated to devs who gave us root. As you said Titanium Backup is one of those must have apps that we all should buy, but don't be so arrogant to assume everybody has the extra cash to pay for the apps.
Click to expand...
Click to collapse
If you have paid $100~300 for a smartphone and pays $30 a month, I think you can pay $6. If you can't pay for one time deal, why would you have a smartphone that costs you $30+ a month? Promoting warez site is against the XDA rule and no respect to developers
Sent from my Incredible 2 using xda premium
ben805 said:
I paid for mine and many other apps, and I have donated to devs who gave us root. As you said Titanium Backup is one of those must have apps that we all should buy, but don't be so arrogant to assume everybody has the extra cash to pay for the apps.
Click to expand...
Click to collapse
Maybe I was a bit harsh - and I am sorry for calling you out.
Its just that I would find it hard to believe that the OP couldnt afford a 6 dollar app after paying a couple hundred bucks for the phone and about 70 to 100 a month for service.
Its like buying a luxury car but not being able to pay for the maintainence and upkeep.
anti leach
I proudly pay what little money I can to developers.
If I "Try" an app and plan to use it, then I pay for it.
I try to show some form of dignity to people that follow my lead..
An option would be to unroot and do what vomitrizen wants you to do.
If you can't afford to support the development community you should not be here.
And to crazyfireman, the same file is showing in two paths only because there second folder containing actual file.
Change either one and youwill be good.
Have a nice day...
tincbtrar said:
Maybe I was a bit harsh - and I am sorry for calling you out.
Its just that I would find it hard to believe that the OP couldnt afford a 6 dollar app after paying a couple hundred bucks for the phone and about 70 to 100 a month for service.
Its like buying a luxury car but not being able to pay for the maintainence and upkeep.
Click to expand...
Click to collapse
Don't apologize. Anyone posting or recommending warez here puts the community in jeopardy. It doesn't matter how many "other" apps one has paid for, that entitles you to NOTHING extra; one theft is still theft. Posting advice on how to commit piracy is a potential liability to the site itself. Mod notified.
Sent from my SCH-I500 using xda premium
cac2us said:
And to crazyfireman, the same file is showing in two paths only because there second folder containing actual file.
Change either one and youwill be good.
Have a nice day...
Click to expand...
Click to collapse
Thank you!
Sent from the computer in my pocket.
edster00 said:
To get the phone working again pull the battery, re-insert after a bit and boot into hboot, go to recovery and clear cache partition, this will put the phone back into service.
Click to expand...
Click to collapse
Having the same problem, but HBOOT is behaving strangely: it is not allowing me to use up or down arrows to go through the menu. It immediately asks "Do you want to start update?" and then allows me to select yes or no with volume up or down. It then prompts me to reboot, at which time I'm back to the same routine: Phone shuts off after about 20 seconds, ends up with exclamation point inside white triangle with green android guy.
Phone is not recognized by windows despite updating drivers so no luck with adb.
Any ideas?
You have a file in your SD card names PG32IMG.zip. so it sees it, and needs to "update"
Sent from my rooted MIUI Dinc2
I am having this same issue. From what I gather in reading this thread, I first need to clear my phone’s cache, then rename 1 file, and freeze another. I have a few questions about that I hope someone is willing to answer for me.
First, to the best of your knowledge are the steps I described above correct?
Second, before I clear my cache I want to verify that I’m doing it properly:
What I think I should do it boot in Revolutionary Clockwork Mod and then select “wipe cache partition”. Is that correct?
Lastly, I don’t have Titanium backup or AntTek App Manager installed on my phone. I can probably track down the apk on the net somewhere but how do I install it without being able to get past CWM? Can I just move the apk into the system/app directory?
Thanks in advance for anyone who can help shed some light on these questions for me.
vne147 said:
I am having this same issue. From what I gather in reading this thread, I first need to clear my phone’s cache, then rename 1 file, and freeze another. I have a few questions about that I hope someone is willing to answer for me.
First, to the best of your knowledge are the steps I described above correct?
Second, before I clear my cache I want to verify that I’m doing it properly:
What I think I should do it boot in Revolutionary Clockwork Mod and then select “wipe cache partition”. Is that correct?
Lastly, I don’t have Titanium backup or AntTek App Manager installed on my phone. I can probably track down the apk on the net somewhere but how do I install it without being able to get past CWM? Can I just move the apk into the system/app directory?
Thanks in advance for anyone who can help shed some light on these questions for me.
Click to expand...
Click to collapse
What same issue....the pbimg showing up? Delete it off of your sdcard.
And you can buy titanium backup on the market. Best 6 bucks you will ever spend if you plan on flashing roms.
Sent from my ADR6350 using xda premium
I'm having the same issue as the OP. He stated:
So Verizon forces this update to my phone. Not sure what it was, but it didn't give me an option to cancel, or defer. Now when my phone tries to boot, I get the little android error screen with the triangle and exclamation point, and the phone will not boot.
Click to expand...
Click to collapse
That's my problem. HBOOT and Clockwork Mod seem to be working fine for me.
Also, I have no problem paying $6 for the app but right now I cannot use my phone so I cannot install anything from the market. If I can track down the apk (which I have been unsuccessful at doing so far) I can move it onto my phone and into the system/app directory through the adb shell.
So, do you have any thoughts on my original questions? Thanks!
Last night it tried to push this update when I was sleeping, but I didn't have enough battery life for it to do it (thankfully). Anyways, I deferred the update for 5 days, and have frozen the file someone mentioned to freeze; however, I cannot find this otacerts.zip on my phone anywhere. Any ideas?
BoostinBen said:
Last night it tried to push this update when I was sleeping, but I didn't have enough battery life for it to do it (thankfully). Anyways, I deferred the update for 5 days, and have frozen the file someone mentioned to freeze; however, I cannot find this otacerts.zip on my phone anywhere. Any ideas?
Click to expand...
Click to collapse
Ben,
Do you have Titanium Backup or the AntTek App Manager?
vne147 said:
Ben,
Do you have Titanium Backup or the AntTek App Manager?
Click to expand...
Click to collapse
I have the premium version/donate copy of Titanium Backup, which I used to freeze that com. file, but I cannot find that .zip file anywhere.
Here is a list of all the apps that come on stock roms. It's main use will be determining which apps are safe to remove.
Although this is a solid starting point, a lot more information still needs to be added. I am going to need help from other members of the community to complete this.
Please PM me regarding any additions/changes. If anyone wants to become a regular contributor I will happily give them editing rights as well.
I am aware that there is a similar list here. Originally I started adding to that list but sadly I lost interest when some of my entries were deleted. As the OP didn't respond to comments about limiting editing rights I thought I would start fresh.
Always perform nandroid and app backups before deleting any apps. Although I have done this to the best of my ability I cannot guarantee that all the information is 100% accurate.
I personally do a nandroid backup straight after installing a new rom and before I flash anything. I also backup all my user apps and system apps with TB. When I decide to remove an app I first delete it's data, then freeze it. I carry on using the phone for a day or so to test the effects. If everything's good I finally uninstall it.
If you are going to ruthlessly uninstall system apps it is also a good idea to copy the System/App folder to your SD card first. This way, if you need to restore an app you can copy it back from your SD card to the System/App folder with Root Explorer. Remember you will need to first mount as r/w, then copy the app, long press the app to set it's permissions as Owner Read, Owner Write, Group Read, and Others Read, and finally restart.
Click to expand...
Click to collapse
Edit: I am not personally maintaining this list anymore. I have made it so that anyone can edit it. If it gets messed up I am sorry, but it won't be my doing as I don't even own an S3 anymore.
Dead Link?
SteveTilsed said:
Dead Link?
Click to expand...
Click to collapse
Nope it works for me .
jje
Dead here.
Dead here also....Although work browser may be blocking link will try at home later
Whats the situation with backing/restoring up system apps with TB? I know the process is the same but is there anything I need to be aware of? other than NOT deleteing required apps of course....
Weird that the link is being temperamental. I have changed it slightly in the OP, hopefully it will behave for everyone now. The same new link is here.
rtorbs said:
Whats the situation with backing/restoring up system apps with TB? I know the process is the same but is there anything I need to be aware of? other than NOT deleteing required apps of course....
Click to expand...
Click to collapse
I personally do a nandroid before I flash anything. That means I get a fresh nandroid backup every 2 days or so. With regards to TB, I backup all apps (system and user). When I decide to remove an app I first delete it's data, then freeze it. I carry on using the phone for a day or so, and then if everything's good I uninstall it. This is the method I have used in working out whether a lot of apps are safe to remove. Just because I came across no issues in my day or two of testing does not mean no issues exist though.
1234568 said:
I personally do a nandroid before I flash anything. That means I get a fresh nandroid backup every 2 days or so. With regards to TB, I backup all apps (system and user). When I decide to remove an app I first freeze it, carry on using the phone for a day, and then if everything's good I uninstall it.
Click to expand...
Click to collapse
Good man, wasnt 100% sure as never normally stick with stock roms in order to have to uninstall, didnt fancy borking up the phone in the first day however.
Ive frozen apps previously but am still always wary about deleting even if no FCs occur cos never totally sure that it wont be required later....
Cheers though for the heads up
1234568 said:
Here is a list of all the apps that come on stock roms. It's main use will be determining which apps are safe to remove.
Although this is a solid starting point, a lot more information still needs to be added. I am going to need help from other members of the community to complete this.
Please PM me regarding any additions/changes. If anyone wants to become a regular contributor I will happily give them editing rights as well.
I am aware that there is a similar list here. Originally I started adding to that list but sadly I lost interest when some of my entries were deleted. As the OP didn't respond to comments about limiting editing rights I thought I would start fresh.
Click to expand...
Click to collapse
post already exists buddy and has been made into a sticky
http://forum.xda-developers.com/showthread.php?t=1634624
Ill copy your list into the sticky spreadsheet - thanks for your efforts
L
winwiz said:
post already exists buddy and has been made into a sticky
http://forum.xda-developers.com/showthread.php?t=1634624
Ill copy your list into the sticky spreadsheet - thanks for your efforts
Click to expand...
Click to collapse
Did you read the first post?
1234568 said:
I am aware that there is a similar list here. Originally I started adding to that list but sadly I lost interest when some of my entries were deleted. As the OP didn't respond to comments about limiting editing rights I thought I would start fresh.
Click to expand...
Click to collapse
As I clearly explained, I realise a thread already exists. I created a new thread as you didn't respond to users concerns about its open nature. I didn't want to put time into a project just to see it accidentally deleted. Instead it was copied without me even being given credit in your first post. Sigh. At least the community can benefit from it, one way or another.
Pls delete
1234568 said:
L
Did you read the first post?
As I clearly explained, I realise a thread already exists. I created a new thread as you didn't respond to users concerns about its open nature. I didn't want to put time into a project just to see it accidentally deleted. Instead it was copied without me even being given credit in your first post. Sigh. At least the community can benefit from it, one way or another.
Click to expand...
Click to collapse
buddy i have given you credit in CELL A1 in the spreadsheet. your name is the first thing people see when they open the spreadsheet. I have also added your name to the post.
with regards to editing rights, I have made it uneditable. If you give me your google details, i'll make you an admin on the spreadsheet. thanks buddy
As I said... a reference in your first post to where you got all the information (i.e. here) would be the decent thing to do.
I'm going to continue updating my spreadsheet for personal use. I just don't trust using one that can be edited by anyone. That's nothing personal to you, its the accidental errors by others that I don't trust. Seeing as that's the case I may as well leave a link to it here on XDA.
Edit: I know this post makes no sense now. This is because winwiz edited the previous post, rather than writing another. Sorry for his noobish ways.
I don't know the cause. I have noticed that it has happened on different devices, there have been assumptions if it's because of a specific kernel or rom, although it may be, I beg to differ. I feel it is happening during the Android Upgrading Apps # of # process.
I noticed that this error pops up on most of the apps that I had installed, but are not there after my update. So far with me, it happened only to my paid apps, but not all of them.
When the app disappears, android thinks it's missing, but some files think it is still installed.
Regularly when you install an app over itself, there is a notice telling you that the application info will remain. That's where the problem lies once an app mysteriously disappears. Because part of it is still installed.
Go to
/data/data/
and search for your
com.application-address.whatever-it-may-be
Some of them you can tell what they are just by the names, the others, google-em.
If you wish to keep the information that it contains for the app, I recommend making a copy of it first.:good:
Delete it
Install the application, it'll work, trust me. :fingers-crossed:
Now replace it with your copy.
Done.
Stop factoring resetting if you don't want to. Of course, if you have a lot missing, it might be better. :crying:
If someone can automate this process by making something check the com.address to installed apps, that would be awesome. :highfive:
This totally worked. Thanks bro!
I was setting up my Nexus 4, and this was Tune In Radio Pro was the last app and wouldn't install, I kept getting that stupid -24 error.
Saved me from doing a factory reset!
Works!
Qewbicle said:
I don't know the cause. I have noticed that it has happened on different devices, there have been assumptions if it's because of a specific kernel or rom, although it may be, I beg to differ. I feel it is happening during the Android Upgrading Apps # of # process.
I noticed that this error pops up on most of the apps that I had installed, but are not there after my update. So far with me, it happened only to my paid apps, but not all of them.
When the app disappears, android thinks it's missing, but some files think it is still installed.
Regularly when you install an app over itself, there is a notice telling you that the application info will remain. That's where the problem lies once an app mysteriously disappears. Because part of it is still installed.
Go to
/data/data/
and search for your
com.application-address.whatever-it-may-be
Some of them you can tell what they are just by the names, the others, google-em.
If you wish to keep the information that it contains for the app, I recommend making a copy of it first.:good:
Delete it
Install the application, it'll work, trust me. :fingers-crossed:
Now replace it with your copy.
Done.
Stop factoring resetting if you don't want to. Of course, if you have a lot missing, it might be better. :crying:
If someone can automate this process by making something check the com.address to installed apps, that would be awesome. :highfive:
Click to expand...
Click to collapse
Didn't work for me. I'm using the Skyrocket CM 10 and gapps didn't flash youtube, maps, or gmail. I searched the phone directory and deleted each file. I still get the same error. Should I reflash gapps?
Thanks
maxlax1592 said:
Didn't work for me. I'm using the Skyrocket CM 10 and gapps didn't flash youtube, maps, or gmail. I searched the phone directory and deleted each file. I still get the same error. Should I reflash gapps?
Thanks
Click to expand...
Click to collapse
are you looking in /sdcard/data/data or /sdcard/android/data?
jurassic512 said:
are you looking in /sdcard/data/data or /sdcard/android/data?
Click to expand...
Click to collapse
exactly how do i go about getting to the data/data on my phone? i'm stuck there... thanks
It didn't work for me. =( I'm trying to install an app I used to have before. I don't have it anymore and was trying to reinstall it.
Great!
Thanks
Stuck
jurassic512 said:
are you looking in /sdcard/data/data or /sdcard/android/data?
Click to expand...
Click to collapse
mr-dunbar said:
exactly how do i go about getting to the data/data on my phone? i'm stuck there... thanks
Click to expand...
Click to collapse
I'm also stuck. I was able to go to sdcard/data, but there is no second /data folder.
I have this issue with Swiftkey and there is no 'data/data/' folder, checked both root and sdcard and hidden files are shown ...
Edit: Configured ES File Explorer to mount partition as writable and gave root access -> files were there now and deleting the one with Swiftkey solved my problem.
Thx
Working!
Thanx, it worked for me too!
I am on X8 with CM10 from NaA!!
goldenninja said:
I'm also stuck. I was able to go to sdcard/data, but there is no second /data folder.
Click to expand...
Click to collapse
Anyone one you know anything about android..!?!?!?!
U need to root first...!!!
Worked for me as well.
You need to use something like ES File Browser with Root access to get to /Data/Data
I'm running into this issue with a bunch of apps that got lost when flashing a newer CM10.1 nightly. I can't access those folders in data/data since ES File Manager is one of the apps that gets this error!
Is there any other way to fix this? I can't install anything, not even Chrome :crying:
It's worked for me, too!
Someone maybe didn't understand the meaning of the thread creater. You must have the root access. Then, open Root Explore and go to "data/data" NOT "sdcard/data/data"
SlimAndwios said:
It's worked for me, too!
Someone maybe didn't understand the meaning of the thread creater. You must have the root access. Then, open Root Explore and go to "data/data" NOT "sdcard/data/data"
Click to expand...
Click to collapse
Yeah, that's awesome, but how do you expect to get to that folder without a file explorer? because you cannot install one.....
Thx mate, perfect!
Qewbicle said:
I don't know the cause. I have noticed that it has happened on different devices, there have been assumptions if it's because of a specific kernel or rom, although it may be, I beg to differ. I feel it is happening during the Android Upgrading Apps # of # process.
I noticed that this error pops up on most of the apps that I had installed, but are not there after my update. So far with me, it happened only to my paid apps, but not all of them.
When the app disappears, android thinks it's missing, but some files think it is still installed.
Regularly when you install an app over itself, there is a notice telling you that the application info will remain. That's where the problem lies once an app mysteriously disappears. Because part of it is still installed.
Go to
/data/data/
and search for your
com.application-address.whatever-it-may-be
:highfive:
Click to expand...
Click to collapse
Figure it out?
gastonw said:
Yeah, that's awesome, but how do you expect to get to that folder without a file explorer? because you cannot install one.....
Click to expand...
Click to collapse
I've got the same problem. Root explorer is one of the apps I didn't get back and ES won't give me access to data/data, and I am rooted BTW
---------- Post added at 06:47 PM ---------- Previous post was at 06:26 PM ----------
tt100b said:
I've got the same problem. Root explorer is one of the apps I didn't get back and ES won't give me access to data/data, and I am rooted BTW
Click to expand...
Click to collapse
In case it might help someone else I thought I'd pass along what I just did to fix the problem. I booted into recovery and found the com.speed.... file for root explorer that way and deleted it and then rebooted. I then was able to load and install root explorer from the play store and now I can sit back and delete all the rest of the apps that won't install correctly...
I guess I could have done it from recovery also but I forgot to write them all down before I rebooted!
Qewbicle said:
I don't know the cause. I have noticed that it has happened on different devices, there have been assumptions if it's because of a specific kernel or rom, although it may be, I beg to differ. I feel it is happening during the Android Upgrading Apps # of # process.
I noticed that this error pops up on most of the apps that I had installed, but are not there after my update. So far with me, it happened only to my paid apps, but not all of them.
When the app disappears, android thinks it's missing, but some files think it is still installed.
Regularly when you install an app over itself, there is a notice telling you that the application info will remain. That's where the problem lies once an app mysteriously disappears. Because part of it is still installed.
Go to
/data/data/
and search for your
com.application-address.whatever-it-may-be
Some of them you can tell what they are just by the names, the others, google-em.
If you wish to keep the information that it contains for the app, I recommend making a copy of it first.:good:
Delete it
Install the application, it'll work, trust me. :fingers-crossed:
Now replace it with your copy.
Done.
Stop factoring resetting if you don't want to. Of course, if you have a lot missing, it might be better. :crying:
If someone can automate this process by making something check the com.address to installed apps, that would be awesome. :highfive:
Click to expand...
Click to collapse
Worked Like a Charm Thank you for you help
can't find data
used es file explorer with root access can't find data/data
Hi all,
I got my LG G4 H815 phone infected with a remote access trojan. I believe it was binded to an image, and came through the Kik app, as I havn't installed any APKs on it (I recently flashed the stock image). It all started by some guy on kik who I met in a hacking group, and he sent me a fully black image, I clicked it, and ever since, I monitored the outbound and inbound connections and found some suspicious connections. The guy admits he can see what I am doing and see through my camera even. Luckily I dont have it rooted, so the trojan can't access administrator privileges. Would flashing the stock firmware clear the malware?
And can someone please look into the vulnerability that allows for executable files to be embedded into images, and sent?
Install twrp and formate everything I had same issue but from an app
He can remote root it and make the phone look u rooted from normal means that also I had I would try to use root apps to check but Android pay would detect root
Sent from my Nexus 6P using Tapatalk
gjkrisa said:
Install twrp and formate everything I had same issue but from an app
He can remote root it and make the phone look u rooted from normal means that also I had I would try to use root apps to check but Android pay would detect root
Sent from my Nexus 6P using Tapatalk
Click to expand...
Click to collapse
Thank god this model of the G4 has an unlocked bootloader, and can therefore install TWRP. Now what would be the situation for those with locked bootloaders?
I installed Android Pay, I can login to it, and come to the step where you add a credit/debit card. Is this a good sign?
the best way to have clean phone is using KDZ and refurbished option
raptorddd said:
the best way to have clean phone is using KDZ and refurbished option
Click to expand...
Click to collapse
Will refurbish option format the drive and then reinstall the Android?
BIG_BADASS said:
Will refurbish option format the drive and then reinstall the Android?
Click to expand...
Click to collapse
it clean wipe all partitions like the first time LG factory installed firmware on phone the first time.. all will be wiped.
raptorddd said:
it clean wipe all partitions like the first time LG factory installed firmware on phone the first time.. all will be wiped.
Click to expand...
Click to collapse
Ok thanks.
BIG_BADASS said:
Hi all,
I got my LG G4 H815 phone infected with a remote access trojan. I believe it was binded to an image, and came through the Kik app, as I havn't installed any APKs on it (I recently flashed the stock image). It all started by some guy on kik who I met in a hacking group, and he sent me a fully black image, I clicked it, and ever since, I monitored the outbound and inbound connections and found some suspicious connections. The guy admits he can see what I am doing and see through my camera even. Luckily I dont have it rooted, so the trojan can't access administrator privileges. Would flashing the stock firmware clear the malware?
And can someone please look into the vulnerability that allows for executable files to be embedded into images, and sent?
Click to expand...
Click to collapse
Easier method may be to install Malwarebytes for android available on Play Store. Take note on this information from the Malwarebytes site (https://blog.malwarebytes.com/threats/remote-access-trojan-rat/):
Remediation
Remote Access Trojans are covert by nature and may utilize a randomized filename/path structure to try to prevent identification of the software. Installing and running Malwarebytes Anti-Malware and Malwarebytes Anti-Exploit will help mitigate any potential infection by removing associated files and registry modifications, and/or preventing the initial infection vector from allowing the system to be compromised.
Aftermath
Remote Access Trojans have the potential to collect vast amounts of information against users of an infected machine. If Remote Access Trojan programs are found on a system, it should be assumed that any personal information (which has been accessed on the infected machine) has been compromised. Users should immediately update all usernames and passwords from a clean computer, and notify the appropriate administrator of the system of the potential compromise. Monitor credit reports and bank statements carefully over the following months to spot any suspicious activity to financial accounts.
Basically, you could be seriously screwed ... and have a lot of work to do to overcome this. LOL
sdembiske said:
Easier method may be to install Malwarebytes for android available on Play Store. Take note on this information from the Malwarebytes site (https://blog.malwarebytes.com/threats/remote-access-trojan-rat/):
Remediation
Remote Access Trojans are covert by nature and may utilize a randomized filename/path structure to try to prevent identification of the software. Installing and running Malwarebytes Anti-Malware and Malwarebytes Anti-Exploit will help mitigate any potential infection by removing associated files and registry modifications, and/or preventing the initial infection vector from allowing the system to be compromised.
Aftermath
Remote Access Trojans have the potential to collect vast amounts of information against users of an infected machine. If Remote Access Trojan programs are found on a system, it should be assumed that any personal information (which has been accessed on the infected machine) has been compromised. Users should immediately update all usernames and passwords from a clean computer, and notify the appropriate administrator of the system of the potential compromise. Monitor credit reports and bank statements carefully over the following months to spot any suspicious activity to financial accounts.
Basically, you could be seriously screwed ... and have a lot of work to do to overcome this. LOL
Click to expand...
Click to collapse
That's why in my experience formating all storage is easier to get rid of the trojan or if you have warranty find a reason to send it in and they will send you a different one
Sent from my Nexus 6P using Tapatalk
How does this trojan work ?
As a background process ?
Sent from my SM-N930F using Tapatalk
gjkrisa said:
That's why in my experience formating all storage is easier to get rid of the trojan or if you have warranty find a reason to send it in and they will send you a different one
Sent from my Nexus 6P using Tapatalk
Click to expand...
Click to collapse
Easier and a loss less hassle (no data loss), is to use a good anti-malware/anti-virus program to remove the infection and associated entries e.g., Malwarebytes or Norton Security Mobile. However, doing it your way is also a good solution ... BUT ... it does not solve the most important issue in and of itself, namely: any personal information (which has been accessed on the infected machine) has been compromised. Users should immediately update all usernames and passwords from a clean computer, and notify the appropriate administrator of the system of the potential compromise. Monitor credit reports and bank statements carefully over the following months to spot any suspicious activity to financial accounts. Simply formatting the storage does not take care of this, does it. eh ... ?
sdembiske said:
Easier and a loss less hassle (no data loss), is to use a good anti-malware/anti-virus program to remove the infection and associated entries e.g., Malwarebytes or Norton Security Mobile. However, doing it your way is also a good solution ... BUT ... it does not solve the most important issue in and of itself, namely: any personal information (which has been accessed on the infected machine) has been compromised. Users should immediately update all usernames and passwords from a clean computer, and notify the appropriate administrator of the system of the potential compromise. Monitor credit reports and bank statements carefully over the following months to spot any suspicious activity to financial accounts. Simply formatting the storage does not take care of this, does it. eh ... ?
Click to expand...
Click to collapse
You are right that you must use a uninfected pc or device to update/change password
But using a antivirus may catch most viruses but there are still ways to not be detected as issue I had with my last run in I had antivirus installed but probably after infection.
Sent from my Nexus 6P using Tapatalk
BIG_BADASS said:
Thank god this model of the G4 has an unlocked bootloader, and can therefore install TWRP. Now what would be the situation for those with locked bootloaders?
I installed Android Pay, I can login to it, and come to the step where you add a credit/debit card. Is this a good sign?
Click to expand...
Click to collapse
Logging in to Android pay is first and foremost not smart ... and entering your credit/debit information would be even less smart, i.e., Dumb and Dumber. Change your Google account login and password IMMEDIATELY!
Locked bootloaders do not prevent you from removing malware, whatsoever. Give your head a shake.
It looks like you ran into a bigger BADASS than you purport to be ... LOL.
---------- Post added at 01:12 AM ---------- Previous post was at 01:06 AM ----------
gjkrisa said:
You are right that you must use a uninfected pc or device to update/change password
But using a antivirus may catch most viruses but there are still ways to not be detected as issue I had with my last run in I had antivirus installed but probably after infection.
Sent from my Nexus 6P using Tapatalk
Click to expand...
Click to collapse
Depends on what anti-malware/anti-virus program you are using ... I use both that I mentioned (Malwarebytes and Norton Security, premium versions) ... they are top rated and very effective. I also scan ANY download BEFORE I install it - just common sense in today's world!
sdembiske said:
Logging in to Android pay is first and foremost not smart ... and entering your credit/debit information would be even less smart, i.e., Dumb and Dumber. Change your Google account login and password IMMEDIATELY!
Locked bootloaders do not prevent you from removing malware, whatsoever. Give your head a shake.
It looks like you ran into a bigger BADASS than you purport to be ... LOL.
---------- Post added at 01:12 AM ---------- Previous post was at 01:06 AM ----------
Depends on what anti-malware/anti-virus program you are using ... I use both that I mentioned (Malwarebytes and Norton Security, premium versions) ... they are top rated and very effective. I also scan ANY download BEFORE I install it - just common sense in today's world!
Click to expand...
Click to collapse
Thats why I asked before signing into google pay, whether I have come far enough to distinguish. I never EVER put banking details on my phone. Also, I'ts really easy to bypass antivirus if the trojan is crypted. Also even more difficult if its attached to a file as an Alternate Data Stream. I've tried all the possible antivirus software you can think of, nothing caught it...I have come to my last resort.. that is format everything. Also, you can't practically scan everything you download... especially images you get on whatsapp, kik and others. Once they are downloaded, the damage is already done.
Anyway, I learned my lesson, use kik and other apps where you can share media, on a virtual machine, NEVER on the actual phone. You know.. sometimes I wonder.. why arn't these messaging apps sandboxed properly???
Vuska said:
How does this trojan work ?
As a background process ?
Sent from my SM-N930F using Tapatalk
Click to expand...
Click to collapse
Yes I believe so.
sdembiske said:
Easier and a loss less hassle (no data loss), is to use a good anti-malware/anti-virus program to remove the infection and associated entries e.g., Malwarebytes or Norton Security Mobile. However, doing it your way is also a good solution ... BUT ... it does not solve the most important issue in and of itself, namely: any personal information (which has been accessed on the infected machine) has been compromised. Users should immediately update all usernames and passwords from a clean computer, and notify the appropriate administrator of the system of the potential compromise. Monitor credit reports and bank statements carefully over the following months to spot any suspicious activity to financial accounts. Simply formatting the storage does not take care of this, does it. eh ... ?
Click to expand...
Click to collapse
Malwarebytes caught NOTHING.
sdembiske said:
Locked bootloaders do not prevent you from removing malware, whatsoever. Give your head a shake.
Click to expand...
Click to collapse
Yes but you cannot install TWRP and format the disk if you have a locked bootloader, right? All you can do is flash the stock firmware.
BIG_BADASS said:
Yes but you cannot install TWRP and format the disk if you have a locked bootloader, right? All you can do is flash the stock firmware.
Click to expand...
Click to collapse
Of course you can install TWRP on locked bootloader.
Check TWRP-in-FIsH!
Just a note regarding Anti-Malware and your situation:
believe it or not but installing or using an antivirus program on an already infected system is completely useless !
the only chance to scan an infected system would be to do this offline (live system or within TWRP)... BUT the problem is this will not work or may not work for all malware because some of them can only be detected when the full system is running !
so the only chance to get a free and clean system is to completely format and wipe everything and to ensure that you are using a backup which is 100% clean when you want to restore something!
17 years in it security can tell you: No anti malware software can protect you 100%.
Even when you have it active and up2date all the time.
Even when you scan everything before extract/use/install software.
Even when you have multiple scanners (totally useless on the same machine but I talk about different anti malware vendors on gateway plus desktop)
Scan and clean an infected system with an Anti Malware software (even when done offline) will not necessarily mean that you are 100% clean.
The best anti malware protection was / is / and will always be: ....YOU (your brain)
Do not install dubious software.
Do not click on every link.
Do not open attachments which you do not expect to get (even when the sender is your friends address! keep in mind that he can be infected!).
.. or just simply: Use your brain before clicking
Anti malware software is only a LAST RESORT and NOT your main protection!
That's what the most humans forget or just do not (WANT TO) know.
This is the same for smartphones or desktop PCs and just to keep you scared there is a chance that even when you wipe everything that you are still infected.
on desktop PCs there is for example BIOS malware available which cannot be removed by just formatting your system. the same is possible on Android but well I haven't seen it yet... (that doesn't mean anything though).
.
Sent from my LG-H815 using XDA Labs
steadfasterX said:
Of course you can install TWRP on locked bootloader.
Check TWRP-in-FIsH!
Just a note regarding Anti-Malware and your situation:
believe it or not but installing or using an antivirus program on an already infected system is completely useless !
the only chance to scan an infected system would be to do this offline (live system or within TWRP)... BUT the problem is this will not work or may not work for all malware because some of them can only be detected when the full system is running !
so the only chance to get a free and clean system is to completely format and wipe everything and to ensure that you are using a backup which is 100% clean when you want to restore something!
17 years in it security can tell you:
No anti malware software can protect you 100%.
Even when you have it active and up2date all the time.
Even when you scan everything before extract/use/install software. Even when you have multiple scanners (totally useless on the same machine but I talk about different anti malware vendors on gateway plus desktop)
The best anti malware protection was/ is / and will always be: YOU (your brain).
Do not install dubious software. Do not click on every link. Do not open attachments which you do not expect to get (even when the sender is your friends address! keep in mind that he can be infected!).
Anti malware software is only a LAST RESORT not your main protection!
That's what the most humans forget or just do not (WANT TO) know.
This is the same for smartphones or desktop PCs and just to keep you scared there is a chance that even when you wipe everything that you are still infected.
on desktop PCs there is for example BIOS malware available which cannot be removed by just formatting your system. the same is possible on Android but well I haven't seen it yet... (that doesn't mean anything though).
.
Sent from my LG-H815 using XDA Labs
Click to expand...
Click to collapse
I unlocked my bootloader on my H815 but I'm too scared to install TWRP.... if I just flash the stock kdz file, will it clear the malware?
BIG_BADASS said:
Yes but you cannot install TWRP and format the disk if you have a locked bootloader, right? All you can do is flash the stock firmware.
Click to expand...
Click to collapse
You were more than once made aware of TWRP-in-FiSH, a customized TWRP version for those with locked bootloaders. I make regular backups with TWRP-in-FiSH and when I am confident the latest one I've made is clean with no issues detected on the phone, I copy them over to my desktop for a backup in the event my phone does get infected or bricked.
Anyone have any luck with Titanium Backup on Android Q? Mine always boots, confirms root permissions, and then only shows a blank screen with "All Done" printed in the middle.
Any alternatives for app and appdata backups that are working on Q?
ethanelle said:
Anyone have any luck with Titanium Backup on Android Q? Mine always boots, confirms root permissions, and then only shows a blank screen with "All Done" printed in the middle.
Any alternatives for app and appdata backups that are working on Q?
Click to expand...
Click to collapse
Haven't had anything issues. Mine works as expected.
Sent from my Pixel 3 XL
Eudeferrer said:
Haven't had anything issues. Mine works as expected.
Sent from my Pixel 3 XL
Click to expand...
Click to collapse
Beta 6? Titanium Backup v8.3.3? Pro or base version?
Did yours install the add-on application it requests on Pie? Mine did not.
Edit: Got it working - I needed to download the add-on manually. Thanks.
I'm on Stable 10 and notice I'm not able to remove a system app with Ti Backup. I tried to remove Play movies with no luck.
ethanelle said:
Beta 6? Titanium Backup v8.3.3? Pro or base version?
Did yours install the add-on application it requests on Pie? Mine did not.
Edit: Got it working - I needed to download the add-on manually. Thanks.
Click to expand...
Click to collapse
Where did you get the add on from and what version is it?
C5Longhorn said:
I'm on Stable 10 and notice I'm not able to remove a system app with To Backup. I tried to remove Play movies with no luck.
Click to expand...
Click to collapse
Even with Root Explorer I'm unable to delete system apps.
airmaxx23 said:
Even with Root Explorer I'm unable to delete system apps.
Click to expand...
Click to collapse
Hmmm, on 9 I was able to remove system apps I didn't use.
TitBu works but root explorer isn't mounting the system to read write.
devsk said:
Where did you get the add on from and what version is it?
Click to expand...
Click to collapse
I found the add-on (v 1.0.0) on apk mirror. Installed it separately and the main app works.
C5Longhorn said:
I'm on Stable 10 and notice I'm not able to remove a system app with Ti Backup. I tried to remove Play movies with no luck.
Click to expand...
Click to collapse
I can't either. I get an error that it can't find the apk.
ethanelle said:
I can't either. I get an error that it can't find the apk.
Click to expand...
Click to collapse
Yes, that is the error I get.
Use Swift Backup. Works perfectly on Q.
HamsterHam said:
Use Swift Backup. Works perfectly on Q.
Click to expand...
Click to collapse
Read their privacy policy at: https://sites.google.com/swiftapps.org/dash/home/privacy-policy?authuser=0
You are selling your soul.
With TiBu, you can make it never allow the internet access. So, all this info collection gets shut right there. You can't run Swift Backup in local phone only mode, you have to connect to your Google account within the app and they get access to pretty much everything about you.
Running Custom Kernel? If you dont have a customer Kernel to allow R/W access to the System folders etc then it wont allow you to uninstall apps.
devsk said:
Read their privacy policy at: https://sites.google.com/swiftapps.org/dash/home/privacy-policy?authuser=0
You are selling your soul.
With TiBu, you can make it never allow the internet access. So, all this info collection gets shut right there. You can't run Swift Backup in local phone only mode, you have to connect to your Google account within the app and they get access to pretty much everything about you.
Click to expand...
Click to collapse
Well you're wrong. Anyways for OP Swift Backup is working perfectly on Q.
HamsterHam said:
Well you're wrong
Click to expand...
Click to collapse
That statement is usually at the end of a logical argument presented to prove someone wrong, not as a first statement. I did not see any arguments provided. But to each their own! Good luck!
devsk said:
That statement is usually at the end of a logical argument presented to prove someone wrong, not as a first statement. I did not see any arguments provided. But to each their own! Good luck!
Click to expand...
Click to collapse
Don't want to get into it but I've even spoken to the dev.
After reading a little more, I don't think the issue is with Ti Backup. Rather no one has been able to get r/w access to system folder with root on Q.
devsk said:
That statement is usually at the end of a logical argument presented to prove someone wrong, not as a first statement. I did not see any arguments provided. But to each their own! Good luck!
Click to expand...
Click to collapse
Thanks for the link to the privacy policy. It doesn't seem good for those who care about privacy.
First of all, why should you have to allow an app to sign into your Google account to do backups? It makes no sense and serves no functional purpose. First warning sign.
But then, the privacy policy clearly says they collect personal information about you and share it:
We collect Personal Data such as your name, email address & if available, a link to your profile image.
Click to expand...
Click to collapse
Note the "such as," which means they are not even clearly spelling out everything they collect.
We may share some or all of your Personal Data with our parent company, subsidiaries, joint ventures, or other companies under a common control... If another company acquires our company, business, or our assets, that company will possess the Personal Data collected by us and will assume the rights and obligations regarding your Personal Data as described in this Privacy Policy.
Additionally, we may disclose your Personal Data if required to do so by law or in the good faith belief that such disclosure is reasonably necessary to respond to subpoenas, court orders, or other legal process.
Click to expand...
Click to collapse
https://sites.google.com/swiftapps.org/dash/home/privacy-policy?authuser=0
And so on. This is all unnecessary for the apps functionality, so clearly part of their business model is data collection and marketing. Too bad, because it looks like a nice app.
Mine is working...
I had the mentioned blank screen when first booting up and trying to use it...after rebooting a couple times and making sure I had the pro key downloaded, I rebooted and it worked fine and has been working fine (freezing/unfreezing/backing up)...