Android Remote Access Trojan - G4 Q&A, Help & Troubleshooting

Hi all,
I got my LG G4 H815 phone infected with a remote access trojan. I believe it was binded to an image, and came through the Kik app, as I havn't installed any APKs on it (I recently flashed the stock image). It all started by some guy on kik who I met in a hacking group, and he sent me a fully black image, I clicked it, and ever since, I monitored the outbound and inbound connections and found some suspicious connections. The guy admits he can see what I am doing and see through my camera even. Luckily I dont have it rooted, so the trojan can't access administrator privileges. Would flashing the stock firmware clear the malware?
And can someone please look into the vulnerability that allows for executable files to be embedded into images, and sent?

Install twrp and formate everything I had same issue but from an app
He can remote root it and make the phone look u rooted from normal means that also I had I would try to use root apps to check but Android pay would detect root
Sent from my Nexus 6P using Tapatalk

gjkrisa said:
Install twrp and formate everything I had same issue but from an app
He can remote root it and make the phone look u rooted from normal means that also I had I would try to use root apps to check but Android pay would detect root
Sent from my Nexus 6P using Tapatalk
Click to expand...
Click to collapse
Thank god this model of the G4 has an unlocked bootloader, and can therefore install TWRP. Now what would be the situation for those with locked bootloaders?
I installed Android Pay, I can login to it, and come to the step where you add a credit/debit card. Is this a good sign?

the best way to have clean phone is using KDZ and refurbished option

raptorddd said:
the best way to have clean phone is using KDZ and refurbished option
Click to expand...
Click to collapse
Will refurbish option format the drive and then reinstall the Android?

BIG_BADASS said:
Will refurbish option format the drive and then reinstall the Android?
Click to expand...
Click to collapse
it clean wipe all partitions like the first time LG factory installed firmware on phone the first time.. all will be wiped.

raptorddd said:
it clean wipe all partitions like the first time LG factory installed firmware on phone the first time.. all will be wiped.
Click to expand...
Click to collapse
Ok thanks.

BIG_BADASS said:
Hi all,
I got my LG G4 H815 phone infected with a remote access trojan. I believe it was binded to an image, and came through the Kik app, as I havn't installed any APKs on it (I recently flashed the stock image). It all started by some guy on kik who I met in a hacking group, and he sent me a fully black image, I clicked it, and ever since, I monitored the outbound and inbound connections and found some suspicious connections. The guy admits he can see what I am doing and see through my camera even. Luckily I dont have it rooted, so the trojan can't access administrator privileges. Would flashing the stock firmware clear the malware?
And can someone please look into the vulnerability that allows for executable files to be embedded into images, and sent?
Click to expand...
Click to collapse
Easier method may be to install Malwarebytes for android available on Play Store. Take note on this information from the Malwarebytes site (https://blog.malwarebytes.com/threats/remote-access-trojan-rat/):
Remediation
Remote Access Trojans are covert by nature and may utilize a randomized filename/path structure to try to prevent identification of the software. Installing and running Malwarebytes Anti-Malware and Malwarebytes Anti-Exploit will help mitigate any potential infection by removing associated files and registry modifications, and/or preventing the initial infection vector from allowing the system to be compromised.
Aftermath
Remote Access Trojans have the potential to collect vast amounts of information against users of an infected machine. If Remote Access Trojan programs are found on a system, it should be assumed that any personal information (which has been accessed on the infected machine) has been compromised. Users should immediately update all usernames and passwords from a clean computer, and notify the appropriate administrator of the system of the potential compromise. Monitor credit reports and bank statements carefully over the following months to spot any suspicious activity to financial accounts.
Basically, you could be seriously screwed ... and have a lot of work to do to overcome this. LOL

sdembiske said:
Easier method may be to install Malwarebytes for android available on Play Store. Take note on this information from the Malwarebytes site (https://blog.malwarebytes.com/threats/remote-access-trojan-rat/):
Remediation
Remote Access Trojans are covert by nature and may utilize a randomized filename/path structure to try to prevent identification of the software. Installing and running Malwarebytes Anti-Malware and Malwarebytes Anti-Exploit will help mitigate any potential infection by removing associated files and registry modifications, and/or preventing the initial infection vector from allowing the system to be compromised.
Aftermath
Remote Access Trojans have the potential to collect vast amounts of information against users of an infected machine. If Remote Access Trojan programs are found on a system, it should be assumed that any personal information (which has been accessed on the infected machine) has been compromised. Users should immediately update all usernames and passwords from a clean computer, and notify the appropriate administrator of the system of the potential compromise. Monitor credit reports and bank statements carefully over the following months to spot any suspicious activity to financial accounts.
Basically, you could be seriously screwed ... and have a lot of work to do to overcome this. LOL
Click to expand...
Click to collapse
That's why in my experience formating all storage is easier to get rid of the trojan or if you have warranty find a reason to send it in and they will send you a different one
Sent from my Nexus 6P using Tapatalk

How does this trojan work ?
As a background process ?
Sent from my SM-N930F using Tapatalk

gjkrisa said:
That's why in my experience formating all storage is easier to get rid of the trojan or if you have warranty find a reason to send it in and they will send you a different one
Sent from my Nexus 6P using Tapatalk
Click to expand...
Click to collapse
Easier and a loss less hassle (no data loss), is to use a good anti-malware/anti-virus program to remove the infection and associated entries e.g., Malwarebytes or Norton Security Mobile. However, doing it your way is also a good solution ... BUT ... it does not solve the most important issue in and of itself, namely: any personal information (which has been accessed on the infected machine) has been compromised. Users should immediately update all usernames and passwords from a clean computer, and notify the appropriate administrator of the system of the potential compromise. Monitor credit reports and bank statements carefully over the following months to spot any suspicious activity to financial accounts. Simply formatting the storage does not take care of this, does it. eh ... ?

sdembiske said:
Easier and a loss less hassle (no data loss), is to use a good anti-malware/anti-virus program to remove the infection and associated entries e.g., Malwarebytes or Norton Security Mobile. However, doing it your way is also a good solution ... BUT ... it does not solve the most important issue in and of itself, namely: any personal information (which has been accessed on the infected machine) has been compromised. Users should immediately update all usernames and passwords from a clean computer, and notify the appropriate administrator of the system of the potential compromise. Monitor credit reports and bank statements carefully over the following months to spot any suspicious activity to financial accounts. Simply formatting the storage does not take care of this, does it. eh ... ?
Click to expand...
Click to collapse
You are right that you must use a uninfected pc or device to update/change password
But using a antivirus may catch most viruses but there are still ways to not be detected as issue I had with my last run in I had antivirus installed but probably after infection.
Sent from my Nexus 6P using Tapatalk

BIG_BADASS said:
Thank god this model of the G4 has an unlocked bootloader, and can therefore install TWRP. Now what would be the situation for those with locked bootloaders?
I installed Android Pay, I can login to it, and come to the step where you add a credit/debit card. Is this a good sign?
Click to expand...
Click to collapse
Logging in to Android pay is first and foremost not smart ... and entering your credit/debit information would be even less smart, i.e., Dumb and Dumber. Change your Google account login and password IMMEDIATELY!
Locked bootloaders do not prevent you from removing malware, whatsoever. Give your head a shake.
It looks like you ran into a bigger BADASS than you purport to be ... LOL.
---------- Post added at 01:12 AM ---------- Previous post was at 01:06 AM ----------
gjkrisa said:
You are right that you must use a uninfected pc or device to update/change password
But using a antivirus may catch most viruses but there are still ways to not be detected as issue I had with my last run in I had antivirus installed but probably after infection.
Sent from my Nexus 6P using Tapatalk
Click to expand...
Click to collapse
Depends on what anti-malware/anti-virus program you are using ... I use both that I mentioned (Malwarebytes and Norton Security, premium versions) ... they are top rated and very effective. I also scan ANY download BEFORE I install it - just common sense in today's world!

sdembiske said:
Logging in to Android pay is first and foremost not smart ... and entering your credit/debit information would be even less smart, i.e., Dumb and Dumber. Change your Google account login and password IMMEDIATELY!
Locked bootloaders do not prevent you from removing malware, whatsoever. Give your head a shake.
It looks like you ran into a bigger BADASS than you purport to be ... LOL.
---------- Post added at 01:12 AM ---------- Previous post was at 01:06 AM ----------
Depends on what anti-malware/anti-virus program you are using ... I use both that I mentioned (Malwarebytes and Norton Security, premium versions) ... they are top rated and very effective. I also scan ANY download BEFORE I install it - just common sense in today's world!
Click to expand...
Click to collapse
Thats why I asked before signing into google pay, whether I have come far enough to distinguish. I never EVER put banking details on my phone. Also, I'ts really easy to bypass antivirus if the trojan is crypted. Also even more difficult if its attached to a file as an Alternate Data Stream. I've tried all the possible antivirus software you can think of, nothing caught it...I have come to my last resort.. that is format everything. Also, you can't practically scan everything you download... especially images you get on whatsapp, kik and others. Once they are downloaded, the damage is already done.
Anyway, I learned my lesson, use kik and other apps where you can share media, on a virtual machine, NEVER on the actual phone. You know.. sometimes I wonder.. why arn't these messaging apps sandboxed properly???

Vuska said:
How does this trojan work ?
As a background process ?
Sent from my SM-N930F using Tapatalk
Click to expand...
Click to collapse
Yes I believe so.

sdembiske said:
Easier and a loss less hassle (no data loss), is to use a good anti-malware/anti-virus program to remove the infection and associated entries e.g., Malwarebytes or Norton Security Mobile. However, doing it your way is also a good solution ... BUT ... it does not solve the most important issue in and of itself, namely: any personal information (which has been accessed on the infected machine) has been compromised. Users should immediately update all usernames and passwords from a clean computer, and notify the appropriate administrator of the system of the potential compromise. Monitor credit reports and bank statements carefully over the following months to spot any suspicious activity to financial accounts. Simply formatting the storage does not take care of this, does it. eh ... ?
Click to expand...
Click to collapse
Malwarebytes caught NOTHING.

sdembiske said:
Locked bootloaders do not prevent you from removing malware, whatsoever. Give your head a shake.
Click to expand...
Click to collapse
Yes but you cannot install TWRP and format the disk if you have a locked bootloader, right? All you can do is flash the stock firmware.

BIG_BADASS said:
Yes but you cannot install TWRP and format the disk if you have a locked bootloader, right? All you can do is flash the stock firmware.
Click to expand...
Click to collapse
Of course you can install TWRP on locked bootloader.
Check TWRP-in-FIsH!
Just a note regarding Anti-Malware and your situation:
believe it or not but installing or using an antivirus program on an already infected system is completely useless !
the only chance to scan an infected system would be to do this offline (live system or within TWRP)... BUT the problem is this will not work or may not work for all malware because some of them can only be detected when the full system is running !
so the only chance to get a free and clean system is to completely format and wipe everything and to ensure that you are using a backup which is 100% clean when you want to restore something!
17 years in it security can tell you: No anti malware software can protect you 100%.
Even when you have it active and up2date all the time.
Even when you scan everything before extract/use/install software.
Even when you have multiple scanners (totally useless on the same machine but I talk about different anti malware vendors on gateway plus desktop)
Scan and clean an infected system with an Anti Malware software (even when done offline) will not necessarily mean that you are 100% clean.
The best anti malware protection was / is / and will always be: ....YOU (your brain)
Do not install dubious software.
Do not click on every link.
Do not open attachments which you do not expect to get (even when the sender is your friends address! keep in mind that he can be infected!).
.. or just simply: Use your brain before clicking
Anti malware software is only a LAST RESORT and NOT your main protection!
That's what the most humans forget or just do not (WANT TO) know.
This is the same for smartphones or desktop PCs and just to keep you scared there is a chance that even when you wipe everything that you are still infected.
on desktop PCs there is for example BIOS malware available which cannot be removed by just formatting your system. the same is possible on Android but well I haven't seen it yet... (that doesn't mean anything though).
.
Sent from my LG-H815 using XDA Labs

steadfasterX said:
Of course you can install TWRP on locked bootloader.
Check TWRP-in-FIsH!
Just a note regarding Anti-Malware and your situation:
believe it or not but installing or using an antivirus program on an already infected system is completely useless !
the only chance to scan an infected system would be to do this offline (live system or within TWRP)... BUT the problem is this will not work or may not work for all malware because some of them can only be detected when the full system is running !
so the only chance to get a free and clean system is to completely format and wipe everything and to ensure that you are using a backup which is 100% clean when you want to restore something!
17 years in it security can tell you:
No anti malware software can protect you 100%.
Even when you have it active and up2date all the time.
Even when you scan everything before extract/use/install software. Even when you have multiple scanners (totally useless on the same machine but I talk about different anti malware vendors on gateway plus desktop)
The best anti malware protection was/ is / and will always be: YOU (your brain).
Do not install dubious software. Do not click on every link. Do not open attachments which you do not expect to get (even when the sender is your friends address! keep in mind that he can be infected!).
Anti malware software is only a LAST RESORT not your main protection!
That's what the most humans forget or just do not (WANT TO) know.
This is the same for smartphones or desktop PCs and just to keep you scared there is a chance that even when you wipe everything that you are still infected.
on desktop PCs there is for example BIOS malware available which cannot be removed by just formatting your system. the same is possible on Android but well I haven't seen it yet... (that doesn't mean anything though).
.
Sent from my LG-H815 using XDA Labs
Click to expand...
Click to collapse
I unlocked my bootloader on my H815 but I'm too scared to install TWRP.... if I just flash the stock kdz file, will it clear the malware?

BIG_BADASS said:
Yes but you cannot install TWRP and format the disk if you have a locked bootloader, right? All you can do is flash the stock firmware.
Click to expand...
Click to collapse
You were more than once made aware of TWRP-in-FiSH, a customized TWRP version for those with locked bootloaders. I make regular backups with TWRP-in-FiSH and when I am confident the latest one I've made is clean with no issues detected on the phone, I copy them over to my desktop for a backup in the event my phone does get infected or bricked.

Related

May have malware, need help

Hi all I am brand new to smartphones and basically I did something really dumb. I rooted my phone with the one-click root and installed some apps that I think might be malware. I did a factory data reset but am concerned about the possibility that with a rooted phone some malware may have survived
What can I do to be absolutely sure I have removed any trace of malware that may have been on my phone. I am not concerned about data, settings, or anything like that.
Long story short I was dumb and want to fix the problem I created.
I either want someone to tell me that the malware couldn't have survived the factory reset or to tell me how to fully remove it.
I would flash again with full data wipe version, after that you should be fine but you can also download a product from Norton, AVG, Lookout or others to scan your phone from Google Play store.
Next time just buy your apps or look at porn on your computer welcome to xda
All I've done is the factory reset option in the settings menu. You said "flash again." Should I be flashing another ROM? It seems to me that that might be a more guaranteed solution as the factory reset I performed didn't delete any parts of the operating system which could be compromised.
Also, to be specific I believe I had/have this: nakedsecurity.sophos.com/2012/04/12/android-malware-angry-birds-space-game
Its possible there could have been other malware as well.
"Next time just buy your apps or look at porn on your computer welcome to xda" I know, I pirated apps, got malware, lesson learned.
Pyropanda said:
All I've done is the factory reset option in the settings menu. You said "flash again." Should I be flashing another ROM? It seems to me that that might be a more guaranteed solution as the factory reset I performed didn't delete any parts of the operating system which could be compromised.
Also, to be specific I believe I had/have this: nakedsecurity.sophos.com/2012/04/12/android-malware-angry-birds-space-game
Its possible there could have been other malware as well.
"Next time just buy your apps or look at porn on your computer welcome to xda" I know, I pirated apps, got malware, lesson learned.
Click to expand...
Click to collapse
I would think that running one of sfhub's Odin One-Click packages (the full one, not the NODATA version) should clear anything that may be lingering.
Pyropanda said:
All I've done is the factory reset option in the settings menu. You said "flash again." Should I be flashing another ROM? It seems to me that that might be a more guaranteed solution as the factory reset I performed didn't delete any parts of the operating system which could be compromised.
Also, to be specific I believe I had/have this: nakedsecurity.sophos.com/2012/04/12/android-malware-angry-birds-space-game
Its possible there could have been other malware as well.
"Next time just buy your apps or look at porn on your computer welcome to xda" I know, I pirated apps, got malware, lesson learned.
Click to expand...
Click to collapse
It would be a real asset to the community if you list the apps that you find suspect that way people can first investigate them in the future if they are interested in downloading them.
This a cleaner reset procedure you can try if you feel you are infected
1) remove external SD
2) format internal SD
3) install EK02 ODIN OneClick
4) format internal SD
5) perform ##786# reset (you can get MSL using "getprop ril.MSL" in adb shell)
This will reset internal SD, the ROM, the kernel, the modem, and NVRAM.
I won't say this is completely immune to malware infections as I've seen those vectors get quite advanced in their install techniques on PCs, but my guess is it would handle 99.9% of what is out on Android.

[Q] Getting the most out of Rooting the SM-N910V? Please contribute!

I'm kinda new at this. I know about being able to use backups with TWRP and I know about MW Apps Manager but that's about it. Please make suggestions of how I can improve the experience of using the Note 4.
doctor-cool said:
I'm kinda new at this. I know about being able to use backups with TWRP and I know about MW Apps Manager but that's about it. Please make suggestions of how I can improve the experience of using the Note 4.
Click to expand...
Click to collapse
I'm going to assume that you have already installed the TWRP custom recovery. You probably already know that you have to do that before you can obtain root. Aside from being able to flash custom ROMs, none available right now, there are a number of apps that you can install that do a number of things that you cannot do without root. I'll list a few that I use and what they do but the list is not all encompassing:
--Titanium Backup (root)--a great tool for freezing unwanted apps, backing up apps/data etc
--Greenify--enables you to set user installed apps to "hibernate" a few minutes after you have finished using them. Significantly improves battery life.
--LagFix--an app, when run, that can eliminate "lag" when/if it occurs on the phone most of the time.
--SD Maid--a great file manager app that enables you to control which apps start at power on, enables the user to really clean out cache, duplicate files, orphaned files and compact databases. Saves memory resources and keeps your phone running smooth and clean.
--adaway--as the name implies, keeps those pesky little ads from showing up in apps.
--exposed--a favorite of many users. Enables you to customize a number of settings, notifications etc.
That's the apps I use that can only be run with root. I'm sure some other users will chime in here an provide some other things that root offers.
Thanks , I got root last night
First are there things I should enable or disable to protect root. Is it OK to run the My Verizon app and VZ Protect. Are there any applications that I should not run?
doctor-cool said:
First are there things I should enable or disable to protect root. Is it OK to run the My Verizon app and VZ Protect. Are there any applications that I should not run?
Click to expand...
Click to collapse
You can run anything you want, it's not going to hurt root. Root is really only a door, or access, to settings/system files that you wouldn't normally have. Any app that you can run without root can be run safely with root. The opposite is not true. There are a number of apps that cannot be run without root. A good way to find most of the apps that require root is to go to the Play Store and just search for "root apps". There's a bunch out there that you may want to try.
---------- Post added at 08:31 AM ---------- Previous post was at 08:24 AM ----------
doctor-cool said:
First are there things I should enable or disable to protect root. Is it OK to run the My Verizon app and VZ Protect. Are there any applications that I should not run?
Click to expand...
Click to collapse
The only thing you have to be aware of to protect root is taking an OTA update. Now that you have a custom recovery and root the likely hood that you would be able to find and download an OTA is not likely, but if by chance you receive a notice that an OTA is available do not download and install it. If by chance the phone automatically downloads it and tries to install it, the OTA should fail so you'll be alright.
Be careful not to flash or ODIN a retail firmware. That is probably the biggest warning I can offer. Retail firmware, when flashed, will lock your bootloader. You can flash a modem or a kernel or a recovery, but not the entire firmware .tar md5 file.
---------- Post added at 08:47 AM ---------- Previous post was at 08:31 AM ----------
doctor-cool said:
First are there things I should enable or disable to protect root. Is it OK to run the My Verizon app and VZ Protect. Are there any applications that I should not run?
Click to expand...
Click to collapse
By the way. Since you are new to root and custom recoveries, the first thing you should do, right now, is do a backup. Power off your phone, go into TWRP recovery (hold down the volume up, home and power buttom all at the same time). Continue to hold them down until you see the TWRP splash screen, then you can let them go. From the on screen menu select backup. Choose which file you want backed up. I recommend you do boot, system, data, modem, EFS and recovery as a minimum. After the backup is complete return to the main menu and select reboot. Do it right now
wifi hotspot
I have already paid for FoxFi and it works great even without root.
But now, how do I get the free wifi hotspot with root What are the advantages of using it?
doctor-cool said:
I have already paid for FoxFi and it works great even without root.
But now, how do I get the free wifi hotspot with root What are the advantages of using it?
Click to expand...
Click to collapse
I'm not sure, I don't use it. But, if I remember correctly I think you go into settings>more networks>and turn on mobile hotspot. But again, I don't use it so I'm not sure. Have you done your backup yet? It is the only safety net you will have until a developer releases a ROM we can flash. Don't look for Samsung to release any firmware for the Developer Edition...it ain't going to happen. Your backup and TWRP are the ONLY safety net you have right now. I can't emphasize that enough.
jpcalhoun said:
I'm not sure, I don't use it. But, if I remember correctly I think you go into settings>more networks>and turn on mobile hotspot. But again, I don't use it so I'm not sure. Have you done your backup yet? It is the only safety net you will have until a developer releases a ROM we can flash. Don't look for Samsung to release any firmware for the Developer Edition...it ain't going to happen. Your backup and TWRP are the ONLY safety net you have right now. I can't emphasize that enough.
Click to expand...
Click to collapse
Thanks ,Yes I did the backups last night before and after root default and complete. I even tested Restoring a backup before I rooted. I hope I got it
doctor-cool said:
Thanks ,Yes I did the backups last night before and after root default and complete. I even tested Restoring a backup before I rooted. I hope I got it
Click to expand...
Click to collapse
Outstanding. Didn't want to "harp" on the backup thing, but I've seen so many users root, TWRP and then do something to brick their phone and they didn't have a backup. They were screwed.
Automatic Back Up?
jpcalhoun said:
Outstanding. Didn't want to "harp" on the backup thing, but I've seen so many users root, TWRP and then do something to brick their phone and they didn't have a backup. They were screwed.
Click to expand...
Click to collapse
We should probably do a backup on a schedule. Someone could make an app that does a back up automatically on a schedule. I'm going to put Back Up Note 4 on my calender then back it up
doctor-cool said:
We should probably do a backup on a schedule. Someone could make an app that does a back up automatically on a schedule. I'm going to put Back Up Note 4 on my calender then back it up
Click to expand...
Click to collapse
It's diffidently a good idea to have a recent backup and the original backup of your stock ROM. The only problem with a lot of backups is keeping straight what backup is what and the amount of space they consume. Memory is cheap I know, but backups can eat up storage real fast, LOL.
Yes. Agree with space but every backup I do, I also have my TWRP folder sync'd to my Dropbox account. So what ever changes are made go their. I also save them on the laptop as well as a thumb drive. Been burned once on my note 3. Now, is there the stock md5 file for the developers edition like on the note 3's?
Sent from my SM-N910V using Tapatalk
GreenGoblin227 said:
Yes. Agree with space but every backup I do, I also have my TWRP folder sync'd to my Dropbox account. So what ever changes are made go their. I also save them on the laptop as well as a thumb drive. Been burned once on my note 3. Now, is there the stock md5 file for the developers edition like on the note 3's?
Sent from my SM-N910V using Tapatalk
Click to expand...
Click to collapse
No there is not a stock md5 for the DE and there most likely will not be. In the past Samsung has never released a firmware package for their DE phones, not that I have ever seen anyway. What your phone came with is what you got. NO OTAs and no updates of any kind in the future...that's if Samsung behaves like they have in the past. That's why making a good back up of your stock (no root) when you first get recovery is so important. And, making a backup after root of course.
Do you mind me asking how you sync..............
GreenGoblin227 said:
Yes. Agree with space but every backup I do, I also have my TWRP folder sync'd to my Dropbox account. So what ever changes are made go their. I also save them on the laptop as well as a thumb drive. Been burned once on my note 3. Now, is there the stock md5 file for the developers edition like on the note 3's?
Sent from my SM-N910V using Tapatalk
Click to expand...
Click to collapse
your TWRP folder to your Dropbox account.. Did you transfer the folder to your computer first or can you sync the folder on your phone to DropBox directly ?
I use dropsync select the folder and it just does it automatically.
Sent from my SM-N910V using Tapatalk
jpcalhoun said:
I'm going to assume that you have already installed the TWRP custom recovery. You probably already know that you have to do that before you can obtain root. Aside from being able to flash custom ROMs, none available right now, there are a number of apps that you can install that do a number of things that you cannot do without root. I'll list a few that I use and what they do but the list is not all encompassing:
--Titanium Backup (root)--a great tool for freezing unwanted apps, backing up apps/data etc
--Greenify--enables you to set user installed apps to "hibernate" a few minutes after you have finished using them. Significantly improves battery life.
--LagFix--an app, when run, that can eliminate "lag" when/if it occurs on the phone most of the time.
--SD Maid--a great file manager app that enables you to control which apps start at power on, enables the user to really clean out cache, duplicate files, orphaned files and compact databases. Saves memory resources and keeps your phone running smooth and clean.
--adaway--as the name implies, keeps those pesky little ads from showing up in apps.
--exposed--a favorite of many users. Enables you to customize a number of settings, notifications etc.
That's the apps I use that can only be run with root. I'm sure some other users will chime in here an provide some other things that root offers.
Click to expand...
Click to collapse
I'm assuming that the Greenify is the one with the leaf?
Is LagFix the purchase version? Is it an app by itself, or does it require exposed?
Do you use the SD Maid Pro Version?
Does the Adaway require exposed as well?
Thanks so much in advance.

Odd & problematic behaviour after 6.0 update Any ideas ?

First of all, I salute everybody that chips in to this comunity, active or less ! G'day, gents !
And now, to the problem(s) :
I have a stock 16g/2g D855 (Romania/Orange), no root, no tweaks, nothing, except an original battery change couple of months back.
My phone didn't take OTA updates, don't know why, but i've been updating it via PC Suite / Mobile Support Tool.
Last update was 5.0, all was fine.
Now, on the other hand, after the update to 6.0, a small hell broke loose.
First of all, until now, after the power on LG image, i had a small LG animation, now it has changed to some stupid Orange explosion crap + wallpaper. That doesn't bother me that much, but the fact that whatever wallpaper i choose, it changes it back to the Orange one right after restart...
Second, and third, and fourth & fifth ...
QuickCircle apps no longer work (even though they are activated and selected), so my "submarin"ish flip case is useless... Facedetection, no reaction... KnockCode, same thing, doesn't even lock the phone, no matter the security type. I can't even change my Display Off style anymore. Developer Options, gone, not available for this user (altough user is owner) and clicking hundreds of times on build no. doesn't do anything. Notification bar, no kind of available selection on it (like wifi or data, etc), except user & the notification button in the button bar doesn't even slide it down. Plus a couple more of these "small unfortunate events" :silly:
But the biggest problem is that when and if i turn on the wifi, the phone almost instantly restarts, and keeps doing so if i'm not fast on the touch and disable it (like split second after finshing boot) and thus becoming an unusable plastic...:crying:
So i've tried reinstalling the update, via Recovery Upgrade two times (all went smooth) but problems are still there. I'm starting to think that this might be a something wrong with the update. Eitherway, main concern is, what do i do now ? Wireless is 30% of my job...
Specifing that i'm pretty much a noobie at this kind of stuff, thank you all for taking the time to read about my problem !:highfive:
the software may be having some issues, i recommend that you download the kdz file for the software and flash it via flashtool, all problems should be fixed and the o2 bloat will be removed.
d855 kdz (30B):http://csmgdl.lgmobile.com/dn/downloader.dev?fileKey=FW4DCC3332TXAZRAB5452PI/D85530B_00_1217.kdz
lg flashtool:http://lgflashtool.com/download/LG-Flash-Tool-2014.zip
ModekXKay said:
the software may be having some issues, i recommend that you download the kdz file for the software and flash it via flashtool, all problems should be fixed and the o2 bloat will be removed.
d855 kdz (30B): csmgdl.lgmobile. com/dn/downloader.dev?fileKey=FW4DCC3332TXAZRAB5452PI/D85530B_00_1217.kdz
lg flashtool: lgflashtool. com/download/LG-Flash-Tool-2014.zip
Click to expand...
Click to collapse
Thank you for your reply
But doesn't this require root ?
And most of all, won't i lose everything ? Settings, accounts, contacts, data ? Or is there anyway to backup everything ?
andy_krt said:
Thank you for your reply
But doesn't this require root ?
And most of all, won't i lose everything ? Settings, accounts, contacts, data ? Or is there anyway to backup everything ?
Click to expand...
Click to collapse
It doesn't require root.
But it would certainly wipe everything including your internal sd. The only way is to take a backup using any app and moving the backup files temporarily to a pc or any other external storage.
Sent from my LG-D855 using XDA-Developers mobile app
Sreerag ag said:
It doesn't require root.
But it would certainly wipe everything including your internal sd. The only way is to take a backup using any app and moving the backup files temporarily to a pc or any other external storage.
Click to expand...
Click to collapse
Thank you for replying
Ok, seems logical. Any advice about some software that cand do that properly ?
I mean all & all. Accounts, passwords, contacts and so on...because I can't remember my Google account pass (or any other one for that matter) for the life of me, and the maps to the nav app are a pain to dld.
And besides that, can the backup be actually performed, since i can't access the Developer Debug Mode ?
andy_krt said:
Thank you for replying
Ok, seems logical. Any advice about some software that cand do that properly ?
I mean all & all. Accounts, passwords, contacts and so on...because I can't remember my Google account pass (or any other one for that matter) for the life of me, and the maps to the nav app are a pain to dld.
And besides that, can the backup be actually performed, since i can't access the Developer Debug Mode ?
Click to expand...
Click to collapse
There are many apps on the play store for taking backups. You can use the to take backups of apps, contacts, messages and so on.
However to backup accounts, passwords and app data you require a rooted device and could use titanium backup.
Sent from my LG-D855 using XDA-Developers mobile app
Sreerag ag said:
There are many apps on the play store for taking backups. You can use the to take backups of apps, contacts, messages and so on.
However to backup accounts, passwords and app data you require a rooted device and could use titanium backup.
Click to expand...
Click to collapse
Well then that's out of the question... Having no data plan, any Play Store installation is ruled out, could probably be done via PC Suite.
I've tried using Helium, doesn't do much good. I'm thinking about rooting the phone, but with my luck, i'll probably brick it.
I wonder if there's anyway to find my Google account pass...
L.E. according to devtester, LGD855 MyIMEI A6RRTN D85530C_00 (D85530C_00_0211) is the latest version for it, pretty much the same as my last update. So ,do i re.dld this one and flash it or i go with the D85530B_00_1217 from the Quick Download page ?
L.E.2 : So far i've tried both kdz files mentioned above, plus D85521C_00_1204.kdz (Lollipop). All unsuccesful. In Download Mode, using Flash Tool as is, selecting Normal than Start. The Marshmallows kdz show the exact same problems and Lollipop doesn't even want to install. It goes up tu 4% on Pc (0 on phone) and Retry appears until Exit.
Aw man, the truth MUST be out there...
Try thos link to fix the lg flash tool stuck at 4%
http://www.theandroidsoul.com/how-t...it-stops-at-4-while-flash-kdz-firmware-80205/
Dont sweat it too much, ive been in your situation before. It sucks but the community is always by your side to fix it!
ModekXKay said:
Try thos link to fix the lg flash tool stuck at 4%
www. theandroidsoul.com/how-to-fix-lg-flashtool-problem-when-it-stops-at-4-while-flash-kdz-firmware-80205
Dont sweat it too much, ive been in your situation before. It sucks but the community is always by your side to fix it!
Click to expand...
Click to collapse
Thanks for the link, but i managed to somehow solve the problem :good:
ok, so it took some time, but finally figured this bugger out.
For anyone that needs assistance in the future, let me know and i'll support you as much as i can.
It took me 2 crazy noobie a** days, and almost lost everything, but somehow i managed not to.
So, from the start, let me just say that Remember Password on FF was heaven for me.
Mainly, for not losing everything, you definetly NEED to know your Google account. For me it was setup before to back everything up, but somehow, i forgot the pass This is where i used my PC and logged in to G+ (again, thank God for pass remembering) and reset the pass by sms. Spot on !:victory:
Then connect your phone via usb and within PC Suite (Lg Bridge didn't work for me btw) drag & drop everything from Phone to PC. Apps, contacts, messages, all.
Next, the only sofware that actually worked in flashing my G3 was LGUP. Had some problems with it by not recognising my phone, but i found a version that worked.
Once that done, i removed the Sd Card, entered Download mode and tried flashing D85530B_00_1217.kdz (MM) by selecting Upgrade. That din't work. Same problems. Tried it again, but this time selecting Refurbish (wich wipes out everything) and voila ! Alive & kickin' !
Then it's just a matter of patience resetting your phone back. Enter the Google account with your freshly changed pass and the phone will basically ask you to restore itself back.
This was a long story short, but if anyone needs more detailed aspects, let me know.
The only thing i didn't figure out yet is why the Orange bloated kdz had Slow Mo option for camera and this standard one doesn't.
Thanks to everybody for their support and the community for hosting us !
Cheers:highfive:

Android Q and Titanium Backup

Anyone have any luck with Titanium Backup on Android Q? Mine always boots, confirms root permissions, and then only shows a blank screen with "All Done" printed in the middle.
Any alternatives for app and appdata backups that are working on Q?
ethanelle said:
Anyone have any luck with Titanium Backup on Android Q? Mine always boots, confirms root permissions, and then only shows a blank screen with "All Done" printed in the middle.
Any alternatives for app and appdata backups that are working on Q?
Click to expand...
Click to collapse
Haven't had anything issues. Mine works as expected.
Sent from my Pixel 3 XL
Eudeferrer said:
Haven't had anything issues. Mine works as expected.
Sent from my Pixel 3 XL
Click to expand...
Click to collapse
Beta 6? Titanium Backup v8.3.3? Pro or base version?
Did yours install the add-on application it requests on Pie? Mine did not.
Edit: Got it working - I needed to download the add-on manually. Thanks.
I'm on Stable 10 and notice I'm not able to remove a system app with Ti Backup. I tried to remove Play movies with no luck.
ethanelle said:
Beta 6? Titanium Backup v8.3.3? Pro or base version?
Did yours install the add-on application it requests on Pie? Mine did not.
Edit: Got it working - I needed to download the add-on manually. Thanks.
Click to expand...
Click to collapse
Where did you get the add on from and what version is it?
C5Longhorn said:
I'm on Stable 10 and notice I'm not able to remove a system app with To Backup. I tried to remove Play movies with no luck.
Click to expand...
Click to collapse
Even with Root Explorer I'm unable to delete system apps.
airmaxx23 said:
Even with Root Explorer I'm unable to delete system apps.
Click to expand...
Click to collapse
Hmmm, on 9 I was able to remove system apps I didn't use.
TitBu works but root explorer isn't mounting the system to read write.
devsk said:
Where did you get the add on from and what version is it?
Click to expand...
Click to collapse
I found the add-on (v 1.0.0) on apk mirror. Installed it separately and the main app works.
C5Longhorn said:
I'm on Stable 10 and notice I'm not able to remove a system app with Ti Backup. I tried to remove Play movies with no luck.
Click to expand...
Click to collapse
I can't either. I get an error that it can't find the apk.
ethanelle said:
I can't either. I get an error that it can't find the apk.
Click to expand...
Click to collapse
Yes, that is the error I get.
Use Swift Backup. Works perfectly on Q.
HamsterHam said:
Use Swift Backup. Works perfectly on Q.
Click to expand...
Click to collapse
Read their privacy policy at: https://sites.google.com/swiftapps.org/dash/home/privacy-policy?authuser=0
You are selling your soul.
With TiBu, you can make it never allow the internet access. So, all this info collection gets shut right there. You can't run Swift Backup in local phone only mode, you have to connect to your Google account within the app and they get access to pretty much everything about you.
Running Custom Kernel? If you dont have a customer Kernel to allow R/W access to the System folders etc then it wont allow you to uninstall apps.
devsk said:
Read their privacy policy at: https://sites.google.com/swiftapps.org/dash/home/privacy-policy?authuser=0
You are selling your soul.
With TiBu, you can make it never allow the internet access. So, all this info collection gets shut right there. You can't run Swift Backup in local phone only mode, you have to connect to your Google account within the app and they get access to pretty much everything about you.
Click to expand...
Click to collapse
Well you're wrong. Anyways for OP Swift Backup is working perfectly on Q.
HamsterHam said:
Well you're wrong
Click to expand...
Click to collapse
That statement is usually at the end of a logical argument presented to prove someone wrong, not as a first statement. I did not see any arguments provided. But to each their own! Good luck!
devsk said:
That statement is usually at the end of a logical argument presented to prove someone wrong, not as a first statement. I did not see any arguments provided. But to each their own! Good luck!
Click to expand...
Click to collapse
Don't want to get into it but I've even spoken to the dev.
After reading a little more, I don't think the issue is with Ti Backup. Rather no one has been able to get r/w access to system folder with root on Q.
devsk said:
That statement is usually at the end of a logical argument presented to prove someone wrong, not as a first statement. I did not see any arguments provided. But to each their own! Good luck!
Click to expand...
Click to collapse
Thanks for the link to the privacy policy. It doesn't seem good for those who care about privacy.
First of all, why should you have to allow an app to sign into your Google account to do backups? It makes no sense and serves no functional purpose. First warning sign.
But then, the privacy policy clearly says they collect personal information about you and share it:
We collect Personal Data such as your name, email address & if available, a link to your profile image.
Click to expand...
Click to collapse
Note the "such as," which means they are not even clearly spelling out everything they collect.
We may share some or all of your Personal Data with our parent company, subsidiaries, joint ventures, or other companies under a common control... If another company acquires our company, business, or our assets, that company will possess the Personal Data collected by us and will assume the rights and obligations regarding your Personal Data as described in this Privacy Policy.
Additionally, we may disclose your Personal Data if required to do so by law or in the good faith belief that such disclosure is reasonably necessary to respond to subpoenas, court orders, or other legal process.
Click to expand...
Click to collapse
https://sites.google.com/swiftapps.org/dash/home/privacy-policy?authuser=0
And so on. This is all unnecessary for the apps functionality, so clearly part of their business model is data collection and marketing. Too bad, because it looks like a nice app.
Mine is working...
I had the mentioned blank screen when first booting up and trying to use it...after rebooting a couple times and making sure I had the pro key downloaded, I rebooted and it worked fine and has been working fine (freezing/unfreezing/backing up)...

Need Help - Samsung Galaxy Tab S2 SM-T817V Knox

I have this tablet which is being restricted to use due to Knox. It appears to be for some vendor. It takes over the device even though it's not connected to the internet and doesn't allow me to do anything with it. I have read all the threads I can find and tried every possible option through Odin to install new firmware.
I understand this model is a giant pain due to Verizon and I may not be able to root this for customization. But is there not a way to get a factory clean firmware on here that doesn't have this Knox vendor customization? If not, is this good for anything or just throw it in the trash?
popguru said:
I have this tablet which is being restricted to use due to Knox. It appears to be for some vendor. It takes over the device even though it's not connected to the internet and doesn't allow me to do anything with it. I have read all the threads I can find and tried every possible option through Odin to install new firmware.
I understand this model is a giant pain due to Verizon and I may not be able to root this for customization. But is there not a way to get a factory clean firmware on here that doesn't have this Knox vendor customization? If not, is this good for anything or just throw it in the trash?
Click to expand...
Click to collapse
Same issue but I added another user and it works fine because knox isn't running device admin. Owner doesn't work and either does usb debugging. I'm thinking of calling know for remote support.
I beat frp on this same tablet before
popguru said:
I have this tablet which is being restricted to use due to Knox. It appears to be for some vendor. It takes over the device even though it's not connected to the internet and doesn't allow me to do anything with it. I have read all the threads I can find and tried every possible option through Odin to install new firmware.
I understand this model is a giant pain due to Verizon and I may not be able to root this for customization. But is there not a way to get a factory clean firmware on here that doesn't have this Knox vendor customization? If not, is this good for anything or just throw it in the trash?
Click to expand...
Click to collapse
Can u create a geust user account ? If so activate this accou t log into that account download the apk and run the very popular one click root app that i wont say but kinda rhymes with bingo shoot any ways run the apk (it wont root your device) and instal it the run the root app itll get to 99% and then quit but the entire device will be like outta the box new as far as the os goes you wont have frp lock or anything
Sorry for the run on sentence and idk how old this thread is but anyway and shout ouf to whoesever red car is with lisence plate xda guy in canada just not the country
Grimlinkush said:
Can u create a geust user account ? If so activate this accou t log into that account download the apk and run the very popular one click root app that i wont say but kinda rhymes with bingo shoot any ways run the apk (it wont root your device) and instal it the run the root app itll get to 99% and then quit but the entire device will be like outta the box new as far as the os goes you wont have frp lock or anything
Sorry for the run on sentence and idk how old this thread is but anyway and shout ouf to whoesever red car is with lisence plate xda guy in canada just not the country
Click to expand...
Click to collapse
Thank you for the response. This is still very much an active question for me.
I'm able to create the user account, install and start the install for the mentioned apk. However, it stops at 90%, and I get this error "Root Failed" Error Code 0x166508. It recommends I use the PC version, but USB Debugging is disabled in main account and I can't even access Developer tools for this new account.
Additionally, I'm unable to use the Home button. I get the following message "Security policy prevents use of Home key"
Seems like no matter what is suggested, there is something new that is blocking this from being used.

Categories

Resources