Hey all,
I'm the proud owner of a Samsung Nexus S (sadly the i9020a model, though). I was forced against my will at gun point by someone named Jealousy to install ICS (4.0.4) on my i9020a when it was released for all other Nexus S devices except for the US AT&T version of the phone.
Anyway, love the ICS and absolutely love the ROM I'm using (Brainmaster's stock ICS, w/ Supercharger V6 and a number of other goodies). But I was a bit confused today when I opened my phone and noticed a recently downloaded APK called "update.apk". Looking at it's info, it's name is "com.android.fixed.update" with no author, developer, and minimum version of 0. It weighs roughly 40kb and is not associated with the market, so I'm going to have to disable my "Market-only" settings in order to install it, otherwise it was about to install itself.
I was wonder what it might be. With no other information, I'm a bit hesitant to install it. The only permissions it asks for is Network Access and Start on Boot.
I thought just maybe it was an OTA from a developer (maybe even Brainmaster) but I wasn't exactly sure what kind of access or ability non-service providers had to OTA functionality and what not. (I suppose, if it can probably be modified with some effort, seeing as the source is available...)
Anyway, hoping to hear your thoughts on it. Google showed ONE result for "com.android.fixed.update" and that's it. Thanks for your input in advance!
We also got the same file on our Moto Xoom, I believe its a virus so do not install it. The file was downloaded at biandroid (dot) info which is definitely not associated with android.com
http://anonhq.com/notcompatible-back-market/
that is the explanation
Back in 2012 malware called Not Compatible was haunting android devices. Now more powerful than ever the latest version of NotCompatible.C has its own self protected encryption. Thus making this program difficult to find and delete.
Lookout Inc, a mobile security firm says that this version of the malware is a threat on a massive scale. Once in it has the tendency to control and hack data. It is an advance form of malware that can be seen on a PC a botnet so powerful that it has a server design architecture, P2P communications and as previously said encryption capabilities.
The programming of the malware is one of the hardest to kill malware that we have observed. Once the malware is installed it does not appear on the android operating system as it keeps itself in the background. It only works when the device is unlocked by the user or if it is restarted.
view
Source: Imgur
The only way you can find out is through Manage Applications>Settings. This will show you that an application by the long name of (com.andriod.fixed.update) is running. All you need to do is simply uninstall it.
Related
hey i'm new just curious what rooting means? and what it lets you do?
xstreetz said:
hey i'm new just curious what rooting means? and what it lets you do?
Click to expand...
Click to collapse
Google is your friend. But, can can start here.
Root Android the Easy Way
Add advanced features, customize the interface, and boost your handset's performance by rooting your Android phone.
By Robert Strohmeyer
Sep 14, 2010 5:00 PM
Google's Android operating system is riding a wave of popularity that has rapidly eclipsed Apple's iOS, and by the end of 2010 it's expected to overtake RIM's BlackBerry as America's leading smartphone platform. However, despite the relative openness and flexibility of the OS, your Android phone still isn't as powerful and customizable as it could be. To unlock all of your phone's potential, you'll need to root it.
WARNING: Rooting--adding superuser capabilities to your phone by altering its system permissions--is an advanced technique that the inexperienced or faint of heart should NEVER ATTEMPT. It's hacking, folks, and if done improperly it can destroy your phone. Do not follow any of the instructions in this guide or on any of the linked sites unless you are comfortable with the very real risk of turning your phone into an expensive brick. As of this writing, rooting is not supported by any carrier or manufacturer, and will most likely void your phone's warranty. In short: This stuff is for big kids only. No whining if things don't go your way.
Why Root?
With that very real and important caveat out of the way, there are a few really good reasons to root your Android phone. The simplest reason is that rooting your handset allows for some cool features that probably ought to be enabled in Android by default, such as on-the-fly screen capture, tethering capabilities (even on phones whose carriers don't allow it), and advanced firewall apps.
Android Superuser Request
Rooting Android gives you superuser access to your phone's OS, letting you do more than you'd be able to with a stock Android installation.
Rooting also lets you install custom ROMs that eliminate the annoying crapware many manufacturers and carriers include by default. In addition, custom ROMs can give you the latest version of Android weeks--or even months--ahead of the carriers' sluggish update schedules.
Rooted phones can take advantage of some great performance tweaks--such as CPU overclocking and improved cache management--that can dramatically speed up Android. You can take advantage of these options either by installing a ROM that includes them or by downloading apps from the Android Market that will automatically tweak settings on your rooted phone for you.
It would be a stretch to say that rooting Android is a necessary project for most users. In fact, most people should never even try it on their phones, just as most PC users probably shouldn't attempt to overclock their processors. But if you're an advanced user (or an intermediate user with a taste for adventure) and you know the risks, rooting can help you get a lot more fun and function out of your Android device.
Get Root
Until fairly recently, rooting Android was a messy process that required installing the Android Debug Bridge and hacking the phone from a command line. Fortunately, some industrious hackers have produced a few simple apps that can root your device in seconds with the tap of a finger. In this tutorial, I'll discuss two such apps--Easy Root (for the Motorola Droid, Droid X, and Milestone, and the HTC/Google Nexus One) and Unrevoked (which supports a variety of HTC handsets).
It's important to note here that although these one-click root apps are easy to use, they aren't completely trouble-free. For instance, as of this writing the developer of Unrevoked 3 is reviewing it to solve a problem with the HTC EVO 4G (but Unrevoked 2 is still available). And the latest version of Android, 2.2 (aka Froyo), will present new challenges for root users as carriers and phone manufacturers continue to try to block users from hacking their handsets. These obstacles are a basic reality for anyone attempting to root their device, just as Apple iPhone users must constantly adapt to Apple's efforts to block people from jailbreaking the iPhone.
Even though Easy Root and Unrevoked don't work on all Android phones, they do cover a broad swath of the Android universe. If you're interested in rooting a Samsung Galaxy or another device, however, you still have options--they're just not as easy. Because the state of Android hacking is constantly in flux, your best bet for phones not covered in this tutorial is to google "root" and the name of your phone, or to keep an eye on the discussions about your phone on a good Android forum, such as AllDroid.org.
Step 1: Download a Rooting App
To get started rooting your phone, you need the appropriate app for your device. If you're using a Droid, Droid X, Milestone, or Nexus One, you'll want Easy Root. HTC users with an Aria, Desire, Droid Incredible, EVO 4G, Hero, or Wildfire/Buzz will want to use Unrevoked. With either of these apps, your first step is to download the app directly from the developer's Website and put it in the root folder of your phone's SD Card.
Easy Root downloads as an APK file that's ready to run from the phone, so you could just download it straight onto the device and tap it in your file manager app to run it.
Unrevoked downloads as a zipped file with several files inside it. If you have an unzip utility on your phone, you can download and unzip it directly on your device. Otherwise, you'll need to unzip it on a PC and copy the appropriate file to the phone. Because Unrevoked comes in a few phone-specific files, it's generally best just to copy the correct file from your PC in the first place. The documentation on the Unrevoked site clearly explains which file to use for your particular phone.
Step 2: Install the App
Once you've placed the APK file for your rooting app onto your phone's SD Card, locate it with a file-management app such as Astro File Manager and tap it to start the installation. Follow the prompts to allow the installation. Once this finishes, the rooting app will appear in the phone's App Drawer. Launch it.
Step 3: Root It
Easy Root for Android
Easy Root's interface is as simple as it gets. Tap 'ROOT ME!' to root your phone.
This is the moment of truth. With your newly installed rooting app launched, tap the option to root the phone. (You may first have to tap past a warning or disclaimer screen.) Once you tap the button to root your phone, the app will spend a few seconds running a script that alters the system's user permissions to allow superuser access and install a customized recovery image on your phone's System partition. It will then present you with a screen that says you have root.
In some instances, running Easy Root or Unrevoked on a supported device and following all the instructions exactly can still result in an unrooted phone. If this happens to you, don't lose heart. The developers of these apps are highly responsive to user questions and feedback, and if you take care to document everything you did and all of the relevant settings on your device, you stand a good chance of getting the help you need to root your handset. Or, at the very least, you could provide valuable information that the developer can use to update the app and make it work on phones like yours. Just remember: Rooting is a precarious business for everyone involved, and these developers have put a lot of work into their projects with very little promise of reward. So be nice, even if you're frustrated.
Step 4: Reboot
Restart your phone to enable the new root permissions on your device. Congratulations--your handset should now be rooted.
Now What?
Gaining superuser access to your phone is just the first step in a vast new territory of Android exploration. Depending on which rooting app you're using, you may already be enjoying the performance and usability benefits of a host of enhancements included in your root recovery image. But there's plenty more to explore.
Barnacle Wi-Fi Tether
Barnacle makes it one-tap easy to add Wi-Fi tethering to your phone, even if your carrier doesn't support the feature.
If your phone doesn't support Wi-Fi tethering out of the box, you can now add it to your rooted phone. Barnacle is a good, fairly simple app that exploits root for tethering with or without your carrier's support.
Root users also have the option to overclock the phone's CPU to give it a serious performance boost. For this task, it's hard to beat SetCPU, which offers a friendly slider-bar interface for setting your phone's clock speed. But be careful: Setting your clock speed too high can damage your phone permanently.
ROM Manager
ROM Manager includes a variety of features that make replacing your phone's stock OS easy.
The ultimate Android hack is to replace your phone's default operating system with a custom ROM. You have many to choose from, and each has its own pros and cons. Some ROMs are designed for specific phone models, and not all Android phones support the installation of a custom ROM. As of this writing, the Droid X is particularly problematic in this regard, while handsets such as the Nexus One and Droid Incredible support a wide variety of ROMs. The best way to find, install, and manage ROMs is to run ROM Manager, which is available for free from the Android Market. ROM Manager Premium even offers a large list of available ROMs that you can download straight from the app itself.
Have Fun
By now you should have a pretty good handle on working with a rooted Android device. I've attempted to cover all the basics in this guide, but there's no shortage of additional tips, tricks, and advice that can help you improve how Android functions. If you have some tips of your own to share, please chime in with a comment. And if you think my attempt to simplify the process has resulted in a significant error or omission, please let me know by e-mailing [email protected].
Click to expand...
Click to collapse
thanks will do some reading
Hi all.
I have a rooted phone that is used strictly in wifi mode and only needs to be able to run 4 or 5 standard aps, a couple of optional aps, plus the aps that support rooted phones and enhanced power management. I don't want google-anything on it, and I am not kidding. My prime concern is battery life, I hope to be able to run my phone for 3 to 4 days (or more) between charges, so deleting all fluff aps and crapware is important, as is underclocking it and getting rid of google. I also want to stop updating of the operating system and installed software by google.
I hope to do a hardware mod to remove power from the cell band rf transceiver. Despite it being turned off in the phone using software, I am detecting occasional transmissions from the cell band transmitter. Hardware mods are not a problem for me, I'm a retired EE, who specialized in RF design.
I need to know if it's possible for the phone to function if gmail, google+, google search, chrome, google calendar and google-whatever are exhorsized (uninstalled)? Yes, I also want to give the playstore the boot, to prevent excessive battery drain (and, yes, I do realize downloading aps will be slightly more difficult without the playstore).
For those who might be interested, the phone is used as a wifi phone for the home based Ooma telephone service. I also might like to run a mini bittorrent server. It seems to me that the android community could use bittorrent in place of the playstore, thus making it easier for others to give google and google playstore the boot
I love this forum, and want to thank all those that support and administer it.
Aloha,
A
alohagirl said:
Hi all.
I have a rooted phone that is used strictly in wifi mode and only needs to be able to run 4 or 5 standard aps, a couple of optional aps, plus the aps that support rooted phones and enhanced power management. I don't want google-anything on it, and I am not kidding. My prime concern is battery life, I hope to be able to run my phone for 3 to 4 days (or more) between charges, so deleting all fluff aps and crapware is important, as is underclocking it and getting rid of google. I also want to stop updating of the operating system and installed software by google.
I hope to do a hardware mod to remove power from the cell band rf transceiver. Despite it being turned off in the phone using software, I am detecting occasional transmissions from the cell band transmitter. Hardware mods are not a problem for me, I'm a retired EE, who specialized in RF design.
I need to know if it's possible for the phone to function if gmail, google+, google search, chrome, google calendar and google-whatever are exhorsized (uninstalled)? Yes, I also want to give the playstore the boot, to prevent excessive battery drain (and, yes, I do realize downloading aps will be slightly more difficult without the playstore).
For those who might be interested, the phone is used as a wifi phone for the home based Ooma telephone service. I also might like to run a mini bittorrent server. It seems to me that the android community could use bittorrent in place of the playstore, thus making it easier for others to give google and google playstore the boot
I love this forum, and want to thank all those that support and administer it.
Aloha,
A
Click to expand...
Click to collapse
There are threads all over the place trying to do this. Google is deeply ingrained into all the apks used by the os. You will be very hard pressed to find away to remove them completely and still have things work right.
I agree that security is an illusion. I dumped Microshaft in 2013 in order to improve my security and privacy.
However, the android operating system is supposed to be open source, so it should be possible to de-google-ize it IF someone knows how to edit and recompile the android OS.
I was merely asking if anyone knew of a way to give google the boot, even if it came down to paying someone to compile a custom rom.
The loss of google playstore is not a consideration, neither is a monetary forfeiture (any programmers out there?).
I'm curious, is it possible to gag google so it can't connect to the outside world (with a firewall)? We used to do this in XP to prevent Bill's Internet Explorer from downloading updates.
Are any of the custom roms currently available able to run without google-anything??
Is there any hope, or is it truly hopeless? If a custom rom that gave google the boot was available, how many would pay a small fee to have it? Just curious??!!
TY
A.
alohagirl said:
I agree that security is an illusion. I dumped Microshaft in 2013 in order to improve my security and privacy.
However, the android operating system is supposed to be open source, so it should be possible to de-google-ize it IF someone knows how to edit and recompile the android OS.
I was merely asking if anyone knew of a way to give google the boot, even if it came down to paying someone to compile a custom rom.
The loss of google playstore is not a consideration, neither is a monetary forfeiture (any programmers out there?).
I'm curious, is it possible to gag google so it can't connect to the outside world (with a firewall)? We used to do this in XP to prevent Bill's Internet Explorer from downloading updates.
Are any of the custom roms currently available able to run without google-anything??
Is there any hope, or is it truly hopeless? If a custom rom that gave google the boot was available, how many would pay a small fee to have it? Just curious??!!
TY
A.
Click to expand...
Click to collapse
There is one project that is working on removing Google completely in the forums. A search will find it for you. There are some issues that I don't recall if they could find a way around or fix. You could give that a shot.
OK, I know, some of you would tell my friend to just root the phone, delete the offending APK, and get on with it. Problem is it's under warranty, and he just isn't confident with hacking the device for now. He stumbled upon what appears to be an SMS malware app in /system, and while a few virus scanners flagged it as malicious, Kphone's customer support apparently shrugs it off in a (automated) reply to my friend's inquiry.
My friend bought it off QVC, and so far we haven't succeded in convincing either the manufacturer or QVC in recalling the device and/or issuing an OTA zip to rectify the issue in some way. To put it another way, we need confirmation that the app is of malicious nature, regardless of how the manufacturer tries to downplay or cover things up. I could more or less dechiper the code, but I'm no Java expert so any help would be appreciated.
Hello. I am the OP's friend here. I'm here to share some more details about the APK file and what programs detect it.
First off, this phone piqued my interest when it was actually shown on air late one night on the QVC network, which I don't usually watch much. I got the phone, and upon the recommendation of Blake and another friend, the first thing I did was run Malwarebytes on the Kphone. It initially picked up the APK as a generic SMSSend trojan variant, but after sending in the APK to Malwarebytes for a more detailed analysis, they reclassified it a not-as-severe PUP/Riskware. Another mobile antivirus app, AVG, also detected this APK as an SMSSend variant, but upon rescanning the device a few days ago, it no longer flags this APK. No other AV app I tried flags it, and I have tried ESET, 360 Security, Avast, Kaspersky, Sophos, and Avira. For the AV apps that detected the APK, removal is impossible since it's installed in the system folder. The phone isn't rooted out of the box.
I did initially email QVC about this potential problem, and they claimed to forward my concern to the proper department. I haven't heard from them since and the phone is still listed for sale. I also contacted Kphone's support site. After a few days, they replied back and stated that the file is meant for "international use" and it's a false positive. While the CSR could just be trying to cover up malicious activity, the fact that AVG seems to have removed the file from it's definition files seems to indicate a bit of truth behind their explanation. Even so, we do need a second opinion, which is why my friend put the file up here for further analysis.
It would be a shame too if the file is indeed malicious since the Kphone itself is rather great for the price. The performance and screen are great overall and it would actually make a good Android-based media player if you don't plan on using it as a phone.
wb8976 said:
Hello. I am the OP's friend here. I'm here to share some more details about the APK file and what programs detect it.
First off, this phone piqued my interest when it was actually shown on air late one night on the QVC network, which I don't usually watch much. I got the phone, and upon the recommendation of Blake and another friend, the first thing I did was run Malwarebytes on the Kphone. It initially picked up the APK as a generic SMSSend trojan variant, but after sending in the APK to Malwarebytes for a more detailed analysis, they reclassified it a not-as-severe PUP/Riskware. Another mobile antivirus app, AVG, also detected this APK as an SMSSend variant, but upon rescanning the device a few days ago, it no longer flags this APK. No other AV app I tried flags it, and I have tried ESET, 360 Security, Avast, Kaspersky, Sophos, and Avira. For the AV apps that detected the APK, removal is impossible since it's installed in the system folder. The phone isn't rooted out of the box.
I did initially email QVC about this potential problem, and they claimed to forward my concern to the proper department. I haven't heard from them since and the phone is still listed for sale. I also contacted Kphone's support site. After a few days, they replied back and stated that the file is meant for "international use" and it's a false positive. While the CSR could just be trying to cover up malicious activity, the fact that AVG seems to have removed the file from it's definition files seems to indicate a bit of truth behind their explanation. Even so, we do need a second opinion, which is why my friend put the file up here for further analysis.
It would be a shame too if the file is indeed malicious since the Kphone itself is rather great for the price. The performance and screen are great overall and it would actually make a good Android-based media player if you don't plan on using it as a phone.
Click to expand...
Click to collapse
And it's just as much of a disappointment when similar low-cost Android devices end up being tainted OOB, as what you mentioned on our forum some time ago, and when a friend of mine recalled a tablet belonging to a kid whose parent or relative is a friend of his, to which they had a rather hard time due to the sheer amount of popup ads being shoved up their throats, all thanks to the malware that's present in /system.
Mobile virus scanner apps are ****.
(Atleast most of them.)
I saw 360 security flaged share it.apk as a malware and deleted all my files.
So,I recommend u to get d help of a pc and run a anti-v test.
If it still shows as a malware then disable it from system.
For rooted user's, there's some easy solution like,
delete/freeze/denying permissions.
good luck
BatDroid said:
Mobile virus scanner apps are ****.
(Atleast most of them.)
I saw 360 security flaged share it.apk as a malware and deleted all my files.
So,I recommend u to get d help of a pc and run a anti-v test.
If it still shows as a malware then disable it from system.
For rooted user's, there's some easy solution like,
delete/freeze/denying permissions.
good luck
Click to expand...
Click to collapse
The desktop edition of Avast flagged the APK as malicious, so that's one red flag for me.
blakegriplingph said:
The desktop edition of Avast flagged the APK as malicious, so that's one red flag for me.
Click to expand...
Click to collapse
The mobile version of Avast seemed to just scan a handful of apps and did not detect the APK.
The only AV apps on my PC are Windows Defender and the PC version of Malwarebytes. Both don't flag the APK.
If one could take a look at the code and determine what it does, that could give us a better picture as to what the APK does. We did glance at some of the source code and found what appear to be various Chinese phone numbers and a server URL that seems to belong to the manufacturer of the Kphone K5, K-Touch. These can be red flags on their own, and if the rest of the APK code could be better analyzed, the meanings of these strings could be clearer.
wb8976 said:
The mobile version of Avast seemed to just scan a handful of apps and did not detect the APK.
The only AV apps on my PC are Windows Defender and the PC version of Malwarebytes. Both don't flag the APK.
If one could take a look at the code and determine what it does, that could give us a better picture as to what the APK does. We did glance at some of the source code and found what appear to be various Chinese phone numbers and a server URL that seems to belong to the manufacturer of the Kphone K5, K-Touch. These can be red flags on their own, and if the rest of the APK code could be better analyzed, the meanings of these strings could be clearer.
Click to expand...
Click to collapse
I could barely understand what the code does apart from a few functions, but it's still perturbing given the malware my friends and I encountered with no-name tabs previously.
Hi, after postponing for many years my phone finally snapped beyond logic (has an infinite system popup spam with "unfortunately x service has stopped working", with options like 'Wait' and 'Ok') and I thought this could be a good opportunity to try a custom ROM (since it was running too slow and Android was limiting resources too much, even before any of this). My phone uses Android 4.2.2 (Jelly Bean), I thought that alone was enough, but I just happened to see that it also has to match the device model... and after visiting all custom ROM websites, it seems that there's no support at all for this phone, which is utterly frustrating.
So, as a leap of faith, I'm asking here if there's any ROM known for being widely compatible that isn't indexed in search engines.
Wikipedia named some that have their websites down (or maybe the list is outdated).
Though it's not my first time installating OS in desktop devices (and laptops), I'm still entirely new in the actual android/mobile customization world.
Still waiting for a response.
waiting for a response x2
i have the same device. its possible to do something if you have knowledge about doing a kernel or modify some things man, i never find a rom for that but i can say..... uwu maybe a simple system apk modifications or deleting it......if your objetive is videogames you could delete all thrash things and have only the system essentials services to use more smothly.
OK here's a question for all you android-heads: How to get rid of it ???
Android was originally developed as open source but then Google 'bought it' and converted it to a proprietory system which requires a Google 'account' which colates and tracks personal info across devices and systems. Huawei may finally give us a way out of the Yank back-end snooping problem but that can only be defeated by getting rid of the American OS (Android and IOS) which steal and pass all data directly to American authorities and companies. What happened to privacy ???
Sailfish, Ubuntu touch and Tizen may be useful but it would be infinitely better if we could install our own Linux versions and take back control.
The 'newspeak' labelled "Smartphones' remind me of the old 8088 computers from the 1980's that could hardly be used as they were so basic. "Smartphones' are so very very basic that you cannot even access the root to install your own OS and software. Surely someone can link the ideals of the Rapberry Pi to the advanced hardware of the "Smartphone" to get a device that can actually be used normaly ! THAT will be the day! Oh and by the way - in Australia there existed "Communicators" - just like a "Smartphone", but without Sim cards, using only wi-fi and telephony with mVoIP (but that didn't give billions of $' to the phone companies...) We seem to be going backwards technologically Over and out....
Update 22.12.2019:
A new (really) open source Linux phone has just been announced - the Pine-Phone which can run any Linux system. Details at fossmint pinephone-an-open-source-smartphone-for-linux
Install Armbian if it's kernel supported hardware that you can build a map for. Otherwise there isn't really an option, irritating as that is.