Related
Hi,
this seems to be the right place for the question, but I'm sure the answer will be applicable to other phone. Assuming there is going to be an answer
Stupidly, yours truly downloaded and installed hotfix from here http://www.htc.com/www/supportdownloadlist.aspx?p_id=140&act=sd&cat=all in the hopes of improving audio quality. Well, this apparently was not meant for CDMA (or US phones). After installing the phone rebooted and got stuck at the Touch Pro screen where it lists FW/SW versions in red towards the bottom. The phone can not get past that point no matter what I do (reset, battery remove/replace) or how long I wait (overnight). Sprint 'suggested' hard reset (thank you very much) and HTC said they have no fix for that either. Well, if you have not guessed it already, I have not backed up the data on that phone. Ever.
Not smart
The phone was running stock SF/FW before. I have not had time to mess with it.
US$64K question is: Could I retrieve the phone book? Any other data that was not on SD card (that one is safe)? Is there a chance to recover data AFTER hard reset? Anything else the smart folk out there can recommend?
Thanks a lot in advance.
try flashing via SD card
If its stuck at the bootloader mode (the tri color screen) i thing its possible to flash it via SD card.
there is plenty of info around or check out the Raphael wiki.
There is a chance it is not bricked.
(i seriouslly doubt is it because the HTC hotfix cannot do that)
Let me know if you need any more help my email me at hotmail
best regards.... Erik
The screen looks like this: http://i60.photobucket.com/albums/h15/cadillacjew/TP-1.jpg
with some test indicating SW/ROM etc versions in RED at the bottom. If it is important I can upload the picture of it.
Also may take you up on your offer. Need those contacts, otherwise I'm so screwed
I dunno, it sounds like you're going to need a hard reset. That will fix the problem, I'm sure. Have you tried connecting by active sync? I'm 99.999% positive it won't work, but it wouldn't hurt to at least try and see if you can pull pim.vol off of it. Also, you might download ceregeditor (just google it) and install it on your pc, and see if you can dump the registry from the phone. But I have a bad feeling you're screwed.
Is this really the end of the road?
Yes, I (and Sprint store that I went to) tried connecting the phone via usb and it was not even recognized as a device. Hard reset sounds goo, but it will erase the data. Before I take that drastic measure I'd like to make sure there is nothing else I could do.
I'm willing to pay some money to a forensics company to extract the data, but can not find one that looks trustworthy and experienced when it comes to Win mobile phones. Any recommendations, btw?
I have no clue; you might try one of the rom dumping procedures. I think that some may dump the rom and all the info on the phone; I've never done it myself (well, I've played with grab_it on another device, with little success). I believe that some will dump all the info on the phone (rom + stuff in main memory). But I can't tell you how to do it, I'm afraid, and I have no clue if it will work on your phone.
You can check these tools-maybe there's something there.
Most likely everything is gone.
I have to sadly agree. This sounds like something only a hard reset would fix.
Any possibility of data recovery after hard reset? Anybody knows of a way to that? Of course this is wishful thinking on my part, but I'm pretty desperate now.
fatherof2 said:
Any possibility of data recovery after hard reset? Anybody knows of a way to that? Of course this is wishful thinking on my part, but I'm pretty desperate now.
Click to expand...
Click to collapse
Unfortunately, it seems that you are stuck. I do not know of any way to recover your data if the device is stuck on bootloader since, as you pointed out, the device does not get recognized by the computer.
Anything that you do at this point might end up making things worse if you are not careful. Just cut your losses and hard reset the device.
its not in booloader mode, dumping the ROM sounds like a good and only way to go, try it, it wont hurt you, if that dont work i'd say its pretty much dead with no way to recover it, unless the info is unrecoverable (spell?) hard reset it.....
best regards. Erik
The only issue with your suggestion is that I'm no longer in possession of the phone. I had to leave it in the Sprint store in order to walk out with working phone. I can go back to the store and try to get the data off of my old phone. They are holding it for me.
However, I need to know what to do exactly and be able to do it quickly. So if there are easy to follow instructions that you can point me to, please do so.
Also after dumping ROM what data will I have?
TIA for all your help.
your data will be gone but try putting a raphimg.nbh file on the memory card then holding power and volume down while hitting the reset button, that will flash you off the mem card. good luck. Ive had to do this several times due to bad flashes and vista issues. Oh and as an added thought start using microsoft myphone to back up your data in the future.
Thanks for your suggestion. I will try this in a week or so when I'm back in town.
Also myphone is something that should work. I actually did not know about it until this past Monday. I have not looked at any MS-based backup solutions because I'm not using their software, if I can avoid it. So while I have a Windows PC I do not have Outlook installed and thus have never given my phone a chance to sync up. Kind of silly, I know.
I had bitpm installed on another system that went bad. I've replaced it with a new one, retrieved other files and data, but forgot about Bitpm folder
So few lessons learned ...
Thanks again to all who provided feedback.
It sucks if you lost everything, but you should be able to put your phone in bootloader and connect it to your pc through usb. The only question is if you can dump the rom that way and if you can dump all the files on it with the rom. The only problem is that some of the rom dumping methods (like with pdocread, I think) require you to transfer a file to your \windows directory, which you're not going to be able to do. It's a long shot at best.
I back up my pim stuff 3 different ways-I think you want to do it in multiple ways just to be safe. My main method is using sk tools and its backup tool. You can separately back up the pim database and the messaging databases (not as important to me). You can also back up email accounts with sk tools (using the pim information tool). These are my main backups, and I keep them on my sd card, and occasionally transfer them to a hard drive (it's not that big of a deal if the hard drive backup is a month out of date to me). I also use Pimbackup 2.8, and store that on my sd card (and hard drive). I don't use it for restoring anymore, because it's pretty slow with 6.5 roms in my experience. Finally, I have a file backup mortscript that I use that backs up user data for various apps; I use it to restore the data after flashes. Anyway, included in the script is a command to copy pim.vol to my sd card. I never restore my pim files by copying pim.vol back to main memory, but I like having it saved just in case, and it doesn't take any time to run the script (FYI-all your contacts, tasks and calendar stuff is stored in pim.vol, which is on the root of your device). Anyway, I feel like my pim databases are pretty safe-it would take an awful lot of bad things to happen for them to be lost, and I'd probably be dead in half of those scenarios, lol.
You're going to lose everything. The phone will not boot and as a result, all your data is unrecoverable. Next time, use a back up solution like Google Sync.
Do a hard-reset on it and you should be good to go. Turn the phone off, hold the volume down key, the center dpad key, and then hold the power button. It'll come up to a screen with hard reset instructions. Push the volume up key here. It'll be ready to go like it's brand new out of the box.
Lost everything, but .... happy
Hi,
thanks to everyone who replied. Just wanted to post and update so we can close this thread.
As I indicated before, Sprint has replaced my phone with Touch Pro 2 when I came to them with this problem. They did it beacuse they no longer have loaner phones and because I was about to go on 10 day business trip.
After using the new phone for 2 weeks, I got to tell you that this one is a leap forward compare to the the old. So I'm happy with new device, installing software and trying to recreate my Address Book by dumping my friends and family's data via Bluetooth. Backing up using MyPhone and about to install Outlook (not going to use it for anything else but the backup)
Also, I finally went to Sprint store and asked them one more time if they can think of any other way to recover the data. I even mentioned bootloader. They did not know/could not do it. I asked them to hard reset and after few tries the phone was restored to it's original state. Not a trace of my data .
Would be nice if in the future I could save contacts (and other data) directly to SD card. IMO it will give better chance of recovery, but I'm not sure it is possible.
Again thanks to all who tried to help. Much appreciated.
Same problem sort of
I tried to load Energy Rom 28005 and now can't get pro to do any thing but restart every 15 seconds or so. any ideas on what can be done? tia.
Curious for those of us without the proper tools or the know how to do this properly. This works for the Note but can also work for any other device.
Just study up. Read the instructions. Visit the general section and read. Flashing is easy. Best to just learn. Watch some YouTube videos. Be careful. Have fun.
Sent from my SAMSUNG-SGH-I717 using xda premium
NightHawkUndead said:
Just study up. Read the instructions. Visit the general section and read. Flashing is easy.
Sent from my SAMSUNG-SGH-I717 using xda premium
Click to expand...
Click to collapse
You missed the part in the OP about not having the proper tools. No amount of reading or studying or preparing can help when the tool is made for Windows and you're running a Mac (or no computer at all).
OP -- I'm sure there's plenty of people on here who do (or would help you with) flashing ROMs but a lot of that is going to depend on where you live. Best bet: Craigslist and see if you can find someone in the Cell Phones section who does that. Denver (yes... where I am) has a ton of shops that will flash custom ROMs for you - but of course they want you to pay for the privilege.
However - I would really recommend finding someone local and trustworthy. Don't EVER send someone your device, because let's be honest - you'll most likely never see it again unless you're sending it to a real business.
bmstrong said:
Curious for those of us without the proper tools or the know how to do this properly. This works for the Note but can also work for any other device.
Click to expand...
Click to collapse
First....start off at YouTube, and watch people root the Nexus One over ADB. You'll learn a few tricks...but most importantly, you'll learn your way around the device manager and the command prompt in windows. While it may seem daunting at first...there are only a few commands you'll need to learn.
That solves the problem you'd have with rooting and installing Clockwork Mod (the basis for flashing any new ROMs.
Lastly...if you can find a valid windows installation (or you can even use a 90 day trial version of windows 7 enterprise) you'll want to install boot camp on your Mac...which allows you to run windows on your Mac. Easily.
By no means am I an android powerhouse, but I do work in IT and am handy with a device manager, various hosts, and windows and Mac.
The next best option would be to offer someone here 10-20 bucks to show you over Skype, or do it for you using go to meeting.
Remember 1 thing. Its actually hard to brick a device if you do a few things.
Only flash RC or final versions of ROMs. In general. These have been THOUROUGHLY tested. The more feedback for a ROM the better. Learn to search threads here frequently.
Don't go about customizing the software by flashing mods (until your more comfortable). Android provides a perfect host system for providing customization via the Play store. Widgets...toggles...backgrounds. Notification tweaks, and almost everything else you'll need can be found on the play store and easily uninstalled.
Lastly...always keep a backup of you're system
via Nandroid, and keep a backup of your apps with Titanium backup.
If you have any more questions....feel free to ask them here or PM me.
You can start by researching "how to do a Nandroid" and "what is clockwork recovery mod" in your favorite search engine.
If you think you can follow the simple steps of performing a Nandroid and you can find your way around Clockwork Recovery Mod....there really isn't much to worry about.
Bricking your device can usually be fixed in the case of a soft brick or boot loop. The real bricking usually happens when you flash software meant for another device, or don't follow instructions.
Once you've flashed your first ROM...you'll find that the process is remarkably similar for all mods ROMs and other packages.
Appreciate the replies. The largest problem I have is the computer itself. I have whole rooms of computers sitting across the street at KSU. Not a problem to use and my pick of OS. The problem lies in they are public and get wiped on shutdown. So no backup. Thoughts?
I've done updates across various Mobiles for years like that.
bmstrong said:
Appreciate the replies. The largest problem I have is the computer itself. I have whole rooms of computers sitting across the street at KSU. Not a problem to use and my pick of OS. The problem lies in they are public and get wiped on shutdown. So no backup. Thoughts?
I've done updates across various Mobiles for years like that.
Click to expand...
Click to collapse
Honestly - Once you get CWM setup on the phone there's very little if any need for a computer. I'm not sure what you mean by "backup" but since you're talking about public computers - let's just run through this scenario:
Go across the street and install CWM. Now, let's say a few days later a new ROM comes out. Woohoo! Assuming you've already flashed CWM, all you need to do is shutdown your phone, backup it up in recovery. This saves to your external SD. Reboot. Download new ROM save to internal SD. Shutdown, pull external SD, boot to recovery, flash away.
If you're worried about it - buy a USB external drive and use the university computer to copy the contents of your external SD across to the hard drive every one in a while.
netsyd said:
Honestly - Once you get CWM setup on the phone there's very little if any need for a computer. I'm not sure what you mean by "backup" but since you're talking about public computers - let's just run through this scenario:
Go across the street and install CWM. Now, let's say a few days later a new ROM comes out. Woohoo! Assuming you've already flashed CWM, all you need to do is shutdown your phone, backup it up in recovery. This saves to your external SD. Reboot. Download new ROM save to internal SD. Shutdown, pull external SD, boot to recovery, flash away.
If you're worried about it - buy a USB external drive and use the university computer to copy the contents of your external SD across to the hard drive every one in a while.
Click to expand...
Click to collapse
Now that sounds like a plan. Hmmm. Maybe I can do this myself. Now I need to find a stock stable ICS with NFC enabled. Even better would be one to take advantage of the radio hidden by AT&T. It would be nice to have the option to pop and flop.
Exactly. Once the initial root and new recovery menu is done then you are set. Between a CWM nandroid, Titanium Backup, MybackupPro, and even Appsaver your only real limitation is set by how large your external sdcard is.
You can even use online storage sites like Minus, Google Drive, Drop Box etc to host all of the files so that you can access them anywhere.
Hmmm. What's the closest stock ICS out there right now, if I may?
I am running Flapjaxx Unofficial ICS and it is super smooth. I plan on switching to his latest though once it is finished downloading.
netsyd said:
Honestly - Once you get CWM setup on the phone there's very little if any need for a computer. I'm not sure what you mean by "backup" but since you're talking about public computers - let's just run through this scenario:
Go across the street and install CWM. Now, let's say a few days later a new ROM comes out. Woohoo! Assuming you've already flashed CWM, all you need to do is shutdown your phone, backup it up in recovery. This saves to your external SD. Reboot. Download new ROM save to internal SD. Shutdown, pull external SD, boot to recovery, flash away.
If you're worried about it - buy a USB external drive and use the university computer to copy the contents of your external SD across to the hard drive every one in a while.
Click to expand...
Click to collapse
+1 on any Flappjaxxx ROM btw. So you pull your external sd? Have you ever had an issue or is it just a precaution?
Sent from Galaxy Note
bmstrong said:
Appreciate the replies. The largest problem I have is the computer itself. I have whole rooms of computers sitting across the street at KSU. Not a problem to use and my pick of OS. The problem lies in they are public and get wiped on shutdown. So no backup. Thoughts?
I've done updates across various Mobiles for years like that.
Click to expand...
Click to collapse
I wonder if it would help you to back up on google drive? Ive never tried it or anything but it could possibly give you some cloud space. Maybe a good option?
Yayodroid said:
I wonder if it would help you to back up on google drive? Ive never tried it or anything but it could possibly give you some cloud space. Maybe a good option?
Click to expand...
Click to collapse
Yeah. I use both Drive and Dropbox, so no worries. The larger question I have is why do I need to back some of this stuff up? I've never been a big application guy. This Note has 4? Maybe 5 apps on it, aside from the stock Google services. SMS/MMS get deleted instantly or saved into the Cloud. And email moved with my Gmail account and that gets barfed back into each Mobile I use very easily.
Titanium backup seems like a pain in the ass. All I'm after is a clean stock ICS build, a way to shut off the hard keys and replace them with soft buttons, and that MHL works. Turning this Note into a portable LTE MHL Chromebox with a fantastic screen. The option to flop and plop would be nice...
you dont have to back up, but personally i would like to have my own personal backup of stock. of course there are stock odins around here. but in your situation it might be more handy on the cloud to access anytime. you might want to use the back up to flash back to for when they release ics over the air.
Service makes some sense
If you've read many of the questions that some poeple ask on these forums, it really makes me think that certain people really shouldn't be trying some of these things themselves. Most of us have no problem reading and understanding rudimentary steps to get us going, but some people come in with little to no foundation in these matters; what we're saying really is Greek to them. I feel bad, but for these people, I encourage them to seek out someone that knows, at least on a basic level, what they are doing.
I've written looooong, detailed tutorials for people and I'm glad to do it. But sometimes even after that, I get the feeling that these people will still end up messing their phones up. I've been proven right on at least two occasion and I can't help but feel bad... So maybe a pool of people in each area capable and willing to do these kinds of things might make sense. Haven't thought through how that would work, but maybe. Hmmm...
bmstrong said:
Hmmm. What's the closest stock ICS out there right now, if I may?
Click to expand...
Click to collapse
Im using team perfections ics ucle2 objection with rc1 its great as well as fj's
sent from team perfections ics rom
Extremely interesting process and results. I still have a host of questions, why certain things are done in a certain order, what exactly some of the things do that I did, and why when I did not make a back up of anything, it said specifically that it failed, some of my apps and vids are still here in the new FJ ROM. Just a fasincinating first time experience from someone who has always used stock Nexi. The ROM isn't really my taste, I hate Apex and there is bloat apps in it. But!
I feel like the old Quantum Leap show...
You can debloat with tibu. Also, you can use any launcher you want.
Sent from Galaxy Note
I feel super awkward and a bit embarrassed to ask this question, but I'm asking for help from this community (see last 2 or paragraphs for ask if you want to skip the boring details) and I think I need to explain briefly why to define my ultimate goal and why I even have to ask rather than sift through searches and assemble the steps/versions I need, etc.
My 22 year old daughter died recently (unexpectedly). I obviously want to preserve everything I can of hers, but I'm not firing on all cylinders mentally. I was able take her ThinkPad and virtualize it to my ESX system and also yank and clone the physical drive for safe keeping. But even doing that took me a while (which it shouldn't, that's kind of what I do for a living - I should be able to do that in my sleep, but it took 3 days and a lot of screaming). I was able to access her google accounts, facebook accounts, etc. and preserve a ton of stuff from there.
Ultimately while I would want to do with her phone the same thing I did to her notebook - preserve it virtually so I could examine it without fear of changing/modifying anything, but I don't think the product exists that allows me to virtualize an existing Android phone with apps and everything intact into a PC environment. I think I could install a whole new Android emulator in Windows, but that's not probably what I want.
I had just given her a Samsung S5 SM-G900T running on Ting for her birthday about 2 weeks before she died. It was unlocked but unrooted, it's rare that I would do nothing to the phone prior to giving it to her - but I pretty much just turned it on and handed it over with no custom ROM or anything - mostly because I was pressed for time the day of her party and it was shipped late.
When I got it back from the police a few say ago (they held it for 2 months) and charged it and turned it on 2 days ago, it upgraded from Lollipop to Marshmallow 6.0.1 (baseband is PE1), which was apparently pending. I don't know if that complicates things. It pissed me off, though. I have copied off local photos off and videos and already took control of her Google and Facebook accounts as I mentioned.
My slightly confused brain tells me normally I might install TWRP or CWM and make a NAND backup and copy it off someplace and at least have a restorable copy of her phone. I haven't done much of this sort of thing with phones for a year or two, I don't know what's changed in the latest OS versions and beides, plus I sort of "lose it" a bit, especially going through her personal things.
I'm not an idiot, I'm just not all here, yet. I'm asking if someone can please give me steps to safely preserve an image of her phone (IE, install TWRP or CWM using specific version xxx, etc., using Odin version xxx, etc.) - If I can virtualize it, too, I'd love to know what product does that, but again, I don't think I can.
I don't know why I feel the need to do these things, I just do.
Any help would be greatly appreciated.
Bump. Somebody please help this fellow. This is too important for me to try advising him, I don't know enough.
So even though half my brain is addled, I did some more research and found out a few interesting things, should anyone care to try this. I found there are a couple of open source tools built for android forensics:
Open Source Android Forensics Toolkit
https://sourceforge.net/projects/osaftoolkit/
Santoku
https://santoku-linux.com/about-santoku/
And there are commercial products, , like NowSecureForensics, some (if not most) built on the toolkits I just mentioned. Another is the painfully ironically named (for me, anyway) Autopsy.
This interesting website verified (to me anyway) that rooting the phone and changing access is still fundamentally sound forensically:
http://freeandroidforensics.blogspot.com
And it confirmed there is no way (yet) to truly "virtualize" the phone entirely (unless you are the manufacturer and you have some proprietary software).
For a "live" example virtually, the best you can do is install an Android emulator and restore an ADB backup of an app. This obviously may or may not work if the app is very hardware dependent. But for a simple program it might work fine.
So in addition to rooting my daughter's S5, installing TWRP, and backing it up, I also got my daughter's HTC One M7 to finally power up, and I rooted it and installed TWRP for backup purposes as well. Many of the forensic tools I mentioned will then report from the standard TWRP backups, with no risk to changing the phone. Some want to look at the phone themselves, even offering to root them, which I find more risky.
I haven't found any one tool to fully provide what I need, you need a Windows PC, a Linux PC (or VM), one or more toolsets (each comprised of other toolsets) and then a lot of time/will to really piece together things. I haven't completed the examinations - even typing is harder now for some reason, but should anyone else need this sort of thing (hopefully for different reasons than mine), the above info is a good start.
Aight so I have this Samsung Galaxy J7 Max that I've been trying to unlock for more than 2 years now. I of course, don't want to lose the super important data it holds. It got locked out randomly and hasn't been able to take up the pattern I had put on it till date. I'm absolutely sure no one changed its lock screen pattern and its the phone that is unable to recognize the exact same password it had before this happening. I got hold of it today and yet again, started looking for solutions on YouTube and the internet itself. After all of my research, one thing is clear. There is only one way that the pattern lock can be removed in such a condition; by deleting this system folder called gesture.key that lies within the phone itself. I am by no means a nerdy software dev or something but I do have very little knowledge about these workarounds. I used an ADB via a cmd terminal to contact my phone. But it turns out that due to my usb debugging setting not being turned on in my phone, the adb didn't have the required authorization to make any changes to the target. I then got my phone into stock recovery mode and chose the Install through ADB option there. Now when I input the command adb devices, the prompt showed me my device ID, but instead of the "unauthorized" indicator beside it, it now had the indicator "sideload". I had no idea of what had to be done when such happens, so I tried the adb shell > cd data/system > su > rm *.key [taken from an XDA forums thread] commands again. But right on the second step it displayed error this time. I have tried using a key eraser via sd card too, but it just doesn't happen, the sd card folder in the stock mode does not display the contents of the folder.
Now the phone isn't being an obstacle in my life right now, but I really hope there's a way to fix it. Early help would be appreciated. Thank You.
If the data is super important why isn't it redundantly backed up?
Having a set lock screen and storing data on the OS is a sure fire way to lose data, eventually.
Maybe you'll get lucky... is that drive encrypted?
If not it may still be corrupted and unusable.
Don't put yourself in this position again... been there, done that
@blackhawk As I said, this was an absolutely random incident, had never even thought this could've been the case someday. Its not like the phone crashed and then this happened, I turned off my phone's display and the next time I woke it up, the pattern wasn't working anymore. Furthermore, the timed attempts that happen after 5 incorrect tries wasn't existing anymore. Now it could be that someone did get the timed attempts wrong as well [it isn't my own phone]. But I really don't see any other reason to that occurrence.
About the backups, I mean cmon, I was 15 back then, a medico student even more so. I never got my hands around backing up anything. But yes, have been backing up every single bit of data within these two years.
The storage drive shouldn't be encrypted. It was a regular phone bought online that had pdfs, images, recordings and videos stored. The google account was not that of the owner either! It was my uncle's account that was being used ever since he bought it. And since there was never a problem having used his account for quite a while, we never cared to change it to a new google account. Now my uncle's google account itself handles another device, his own phone, exact same model, Galaxy J7 Max. I have tried using his account at the Google Find My Device app to locate and unlock the phone that way [I hope you know it has the three options Ring, Secure and Erase Data]. But it happens so that the Secure phone with password option only for devices that have been lost and don't have a security lock already setup, which wasn't, unfortunately, my case. So that option was greyed out.
For the data corruption, you might be correct. But that phone still does receive SMS texts, calls, whatsapp texts and other notifications. They just don't show up on the lock screen anymore. I honestly had the "Screw the data, I'll erase it anyway" thought yesterday, but during my latest tries, I found the XDA forums website to be quite helpful. Had not it been the damn USB debugging, the solution I approached from this forum would've got the job done in a couple minutes. Again, if the data might've gone corrupted, I will erase the data [I mean I would have to]. But this little glimmer of hope that I experienced yesterday is what is preventing me from doing that. I really hope there is a fix to my situation.
@Chinmay47
a phone can get booted into these modes
Normal ( AKA Android OS )
Recovery
Fastboot
Sideload
EDL
Sideload mode is used to flash OTAs and/or ROMs.
Recovery mode allows you to perform some ADB actions as e.g. pull userdata, but this reqires ADB ( read: USB debug ) got enabled.
So my guess is you can't recover phone's userdata at your own, this would have to be done by an external service who can pull out phone's internal SD-card and has the forensic tools to read it.
@jwoegerbauer Surprisingly the idea of taking the phone to a forensic service struck me yesternight too. As you mentioned, since I can't recover the phone's data myself, all tips and tweaks on the web should now be struck off of my list of solutions. I'll leave the data to some forensic services then. Let's hope the recovery is worth the hassle. The thread is still open to more suggestions though. Thanks for the replies everyone. Really appreciate it!
Chinmay47 said:
@jwoegerbauer Surprisingly the idea of taking the phone to a forensic service struck me yesternight too. As you mentioned, since I can't recover the phone's data myself, all tips and tweaks on the web should now be struck off of my list of solutions. I'll leave the data to some forensic services then. Let's hope the recovery is worth the hassle. The thread is still open to more suggestions though. Thanks for the replies everyone. Really appreciate it!
Click to expand...
Click to collapse
It not a card they can pull. More than likely it's on a BGA chipset, the hardest kind there is to work with.
If they can't access the data on/with the mobo they will have to unsolder the chipset without damaging it then put it into a test jig or another mobo (after pulling that mobo's matching chipset).
If they can access the data on the mobo, not so bad. Otherwise not so good.
Let us know how this plays out for you.
Here's one I found showing you this complex procedure: https://flashfixers.com/recover-data-dead-phone-chip-off-data-recovery/
They may be able to help you, but I have no personal knowledge of this company.
blackhawk said:
If they can't access the data on/with the mobo they will have to unsolder the chipset without damaging it then put it into a test jig or another mobo (after pulling that mobo's matching chipset).
Click to expand...
Click to collapse
Actually thought of this idea right after a couple days from the beginning of the problem. Yes its gonna take loads of precision and patience but it does sound doable. Maybe that's what is gonna be the last option for the forensic service too in case, god forbid, they aren't able to do it the "simple" way. Can't say yet, but I'm gonna keep this thread updated with all the developments that take place.
Chinmay47 said:
Actually thought of this idea right after a couple days from the beginning of the problem. Yes its gonna take loads of precision and patience but it does sound doable. Maybe that's what is gonna be the last option for the forensic service too in case, god forbid, they aren't able to do it the "simple" way. Can't say yet, but I'm gonna keep this thread updated with all the developments that take place.
Click to expand...
Click to collapse
If they need to remove the chipset the chances of failure increase. Flash memory retension is generally good for 10+ years but it may be damaged in the removal process if so, snake eyes.
Get price quotes up front for the whole process.
Once they got the phone, they got you by the balls. Not saying they aren't trustworthy but feel them out. If it's a couple hundred and you get the data back, you did good.
No idea of the cost though, my guess is $400-1000+ especially if they need to pull the chipset.
That's high risk even if they do it by the book.
If their policy is no data, no charge... expect higher rates to cover their loses.
@blackhawk All of that sounds kinda terrifying if you ask me. Well I mean, there is always a first option that can be tried without any mentions of pull-aparts. Yet I will surely judge the person well before I hand my device in his hands. I would try my level best to not take it to the critical stage, but if it needs be and there is a really high chance of losing my data, I can factory reset my data at home by myself too can't I? Future shall tell I suppose.
If you factory reset it all data will be lost.
It will not be recoverable!
If you want the data you will need to use a service like I showed you. They will need physical access to the phone to recovery the data.
The phone may be scrape afterwards
@blackhawk Sure does look like it would be! But paying to get your phone reset for you is way to harsher than doing it yourself. It is only in case the data is nearly impossible to recover that I'll reset the phone myself.
Chinmay47 said:
@blackhawk Sure does look like it would be! But paying to get your phone reset for you is way to harsher than doing it yourself. It is only in case the data is nearly impossible to recover that I'll reset the phone myself.
Click to expand...
Click to collapse
Reset? Most likely destroyed.
Do you really want the data?
blackhawk said:
Reset? Most likely destroyed.
Do you really want the data?
Click to expand...
Click to collapse
I actually do though. But well, if it ain't coming back then why wish for it. Yeah the data was really important.
Chinmay47 said:
I actually do though. But well, if it ain't coming back then why wish for it. Yeah the data was really important.
Click to expand...
Click to collapse
Call them up and see what they say.
Since it's not physically damaged they may be able to access it none invasively.
blackhawk said:
Call them up and see what they say.
Since it's not physically damaged they may be able to access it none invasively.
Click to expand...
Click to collapse
I'll do that and report back ASAP. Thanks for the help sire!
My wife bought an S7+ from Amazon and it's been fine for a couple of months. She had a popup today which warned that the device would be locked because it was part of a trade in scheme and there was some sort of problem. I assumed some sort of malware but I was working so I didn't do much with it but now the device appears to have locked into a sort of "kiosk mode" where we just get 2 screens:
https://imgur.com/a/Z4N9TLy
All the blurb is plastered with "Samsung Electronics UK" but the domain the email is going to is "tradeinresponse.co.uk" which after some Googling seems to have been linked with some scam stuff in the past.
I've tried safe mode with the same locked screen, plugging the tablet into a PC results in it locking to the first screen.
I can get into recovery and I wanted to try a wipe, but the wife has some drawings on there she's done in Sketchbook that she would like to keep.
I'm a software developer by profession but I work with Windows/.NET and SaaS stuff so I've not got much experience with droid devices (a bit of java here and there in the past, but not so much XP with the OS itself)
So my questions are:
Does anyone know if this is any sort of official thing or is this malware/scam stuff as I suspect?
Is a factory reset likely to resolve the issue?
If I want to factory reset, can I pull files off the devices internal SD via ADB or some other tool before I do it?
Do I have any other options?
Kind of a wind up - I'd just have factory reset it by now to find out but like I said, I don't want to lose any of the wife's data if possible. If she gets anything back I'm going to make sure she sticks it in the cloud.
Any help would be appreciated and thanks in advance!
Always backup critical data redundantly to at least 2 hdds that are physically and electronically isolated from each other and the PC.
Or you will lose data eventually.
Factory reset but you will lose all data. If the drive is encrypted, you likely already have.
Sounds like ransomware. Contact Samsung and do some Google searches. See what you got and if there are any work arounds.
You may need to reload the OS completely if it's a rootkit and running on Android 8 or below.
This could be a nasty little bugger...
If it wasn't present on the device when purchased, your wife either downloaded or installed it. She needs to be more careful!!!
Maybe this will impress that onto her...
Thanks for the advice but I've already googled as much as I can. The domain doesn't go anywhere except a holding page though through reverse lookup it seems there are also other domains on the same host including some legitimate businesses that appear to do Samsung second life schemes for devices.
I've googled the actual lock message but no-one on the net seems to have seen it before.
The wife hasn't installed anything, she got the device a few weeks ago (from Amazon, supposedly new) and did a transfer from her old s6 (that has gone to my daughter) to the s7 using Smart Switch. Since then she's not installed any other applications.
It's not "critical data", per se, it's just drawings she'd like to keep, plus copying stuff onto physically disparate hard drives seems a bit overkill given she can just drop the files into a cloud storage account and have way more redundancy than you/I could ever reproduce by doing manual backups.
I'm posting in an s7 forum about an s7 so it's going to be running Android 10 at the minimum (given that's what the device ships with). Not sure why the comments about Android 8.
Anything she could have installed would have been from the Play store (and I don't believe she installed anything other than what automatically installed from what was on her old s6), plus her apps are from a reputable vendors (Autodesk etc). My son has a tablet and he installs all sorts of crap and hasn't had this issue because the OS prevents stuff like this from happening unless you allow side loading.
Is it possible to install a rootkit from the play store? I didn't think so ..?
So, either it was on there when we got it, it's legit or it's a vulnerability that exists in the OS and we are some of the first people to see it...
You can do what you want but any backup database that requires a password can be lost.
I have close to a dozen backup hdds, there's no way to I can lose my entire database.
At least use 2 OTG flashsticks to completely backup the data but hdds are still preferable.
NEVER encrypt data drives... and verify the backups are complete and readable.
As to how it happened you're going to have to sort that out or suffer the same fate possibly again in the future.
A factory reset seems inevitable at this point.
Afterwards change all passwords.
Malware has always existed on Playstore albeit not much or for long. She may have imported from your daughter's phone.
You got some potentially gigantic problems now.
Personally I would have already gone full nuke by now. It's simply not worth the risks.
In the future hawk the download folder daily for files you didn't authorize. Delete any unknowns without opening. Scrutinize all downloads and installs carefully, always. Scan as needed with Malwarebytes. Online Virustotal can be used to scan smaller files and apks.
There are also maliciously scripted jpegs too that can cause damage to any files in the same folder when opened. Be aware of any changes or strange behavior in the download folder. Vet all downloads before moving into your database.
Use a good brower like Brave and be careful what links you click, in the browser, emails and texts.
I can't even begin to estimate how many websites I backed out of, closed that tab or wiped the browser data over in the last year alone. Better safe than sorry. Zero malware infections in over 1.5 years and that's running on outdated Pie.
Almost all malware, rootkits etc are loaded by the user. Some will self install if the device's security isn't configured correctly or if not spotted on a timely basis. Androids, even ones with out of date OSs are generally very secure unless the user does something stupid... learn or get burned.
blackhawk said:
You can do what you want but any backup database that requires a password can be lost.
I have close to a dozen backup hdds, there's no way to I can lose my entire database.
At least use 2 OTG flashsticks to completely backup the data but hdds are still preferable.
NEVER encrypt data drives... and verify the backups are complete and readable.
As to how it happened you're going to have to sort that out or suffer the same fate possibly again in the future.
A factory reset seems inevitable at this point.
Afterwards change all passwords.
Malware has always existed on Playstore albeit not much or for long. She may have imported from your daughter's phone.
You got some potentially gigantic problems now.
Personally I would have already gone full nuke by now. It's simply not worth the risks.
In the future hawk the download folder daily for files you didn't authorize. Delete any unknowns without opening. Scrutinize all downloads and installs carefully, always. Scan as needed with Malwarebytes. Online Virustotal can be used to scan smaller files and apks.
There are also maliciously scripted jpegs too that can cause damage to any files in the same folder when opened. Be aware of any changes or strange behavior in the download folder. Vet all downloads before moving into your database.
Use a good brower like Brave and be careful what links you click, in the browser, emails and texts.
I can't even begin to estimate how many websites I backed out of, closed that tab or wiped the browser data over in the last year alone. Better safe than sorry. Zero malware infections in over 1.5 years and that's running on outdated Pie.
Almost all malware, rootkits etc are loaded by the user. Some will self install if the device's security isn't configured correctly or if not spotted on a timely basis. Androids, even ones with out of date OSs are generally very secure unless the user does something stupid... learn or get burned.
Click to expand...
Click to collapse
With all due respect we aren't getting anywhere here, I don't want backup advice or malware advice, I want to know the answers to the few small questions I asked about whether this is legit and if I can access the device files or not.
You seem to be convinced it's malware, you also seem to be skim reading my posts which is fine - but I don't think your input is helping me.
I'm not going to use a different "paranoid" browser - chrome is fine, the tablet doesn't have a "security configuration" that is any different from the hundreds of thousands of other S7+ devices out there since it's a tablet and out the box it's ready to go. I'm not checking the downloads folder daily just in case some random malware has somehow "installed itself" onto my device, I'm also not keeping random flash sticks and hard drives lying about - I'll just use that geo redundant pretty solid cloud storage like most of the populace.
Yes you can put malicious content in a JPEG or a JPEG header, but it requires that there's an exploit in the OS or the app opening it (for example hiding a javascript eval in the file metadata); I don't think that's an attack vector on a tablet as far as I know given that she only browses, watches Netflix and draws using her S-pen on the device.
She's not imported "malware" from someone else's phone because if you read my post properly you'd understand that it was HER device that she transferred her data from - one that she's since given to the daughter (who has no issues). If you know how Smart Switch works you'd know that it's an unlikely vector (it just transfers data from application storage and then reinstalls the apps from the play store), plus the fact the original device doesn't have the issue...
Stop telling me to "learn or get burned". This is not a "misuse" problem. The wife is on Android 10, it's a relatively new and secure O/S and she didn't install anything she shouldn't have (she didn't actually install anything at all - it was the stock samsung application and the play store that installed the apps she ALREADY HAD on her previous device). It's not a "learn" scenario. Nothing she did should have caused this - if it is/was an OS exploit or some sort of security issue what could she have done to prevent it? Nothing.
What I have done is:
* Contacted the vendor of the device (we can still send it back if they've sent us a refurbed device instead of new as advertised)
* Sent an email to the address advertised to see what response I get (if they demand money then clearly a scam)
I've checked and the domain in the above shares a host with a company called MTR which happens to be a DCC Group company (one of the groups of companies I actually consult for) so worst case I'll speak to someone from DCC Group and see if they can shed any light.
Seems like it might be legit and quite possibly a mix up.
Do what you will... if you understand the origin of that phrase.
Anything that can't be IDed is considered malware until proven innocent
The fact that you're now completely locked out speaks volumes.
Good practices and backup are your only defenses. They apply to the future not the past... so much for flavors
Personally I think it's already too late for that device's OS load and data.
Of course I could be mistaken.
If you really want the data, take it to a data recovery specialist. They may be able to recover it.
When your at the beginning you can determine how potential data lose will end. When at the end, the outcome has already been predetermined by your actions or lack of.
You are now at the end... likely a dead end.
Been there, done that... actions have consequences.
@Charleh: if I were you, I would back up all important data and do a clean firmware flash with Odin. And a factory reset on top of that, just to be sure. Definitely sounds like you got hit by a scammer.
AnonVendetta said:
@Charleh: if I were you, I would back up all important data and do a clean firmware flash with Odin. And a factory reset on top of that, just to be sure. Definitely sounds like you got hit by a scammer.
Click to expand...
Click to collapse
Like I said there's not really any important data on there, just some drawings the wife would like to keep. Also, I can't backup anything since I can't access the device.
I'll probably just speak to DCC group and see if this company is one of theirs.
If the data is lost we are just talking some drawings the wife has done, there's nothing important on there, she just loses the layers (they are stored as multi page tiffs and sketchbook uses those as layers). She has all the images as flat renders on her cloud storage drive and on Instagram.
Think we just need to invest in some extra cloud storage as the free 15gb that Google give you isn't enough to store what she wants at the moment as the images are tens of megabytes each.
Worst case scenario I factory reset and flash it, best case I get someone at DCC telling me what's what.
The bit that gets me is that there are no ransom demands at this point so I can't be sure what's what. Usually by now with crypto ransom malware you are already being given demands...
We will see.
blackhawk said:
Do what you will... if you understand the origin of that phrase.
Anything that can't be IDed is considered malware until proven innocent
The fact that you're now completely locked out speaks volumes.
Good practices and backup are your only defenses. They apply to the future not the past... so much for flavors
Personally I think it's already too late for that device's OS load and data.
Of course I could be mistaken.
If you really want the data, take it to a data recovery specialist. They may be able to recover it.
When your at the beginning you can determine how potential data lose will end. When at the end, the outcome has already been predetermined by your actions or lack of.
You are now at the end... likely a dead end.
Been there, done that... actions have consequences.
Click to expand...
Click to collapse
It's not a big deal mate.
Stop flogging a dead horse, the most annoying thing is just that the device is unusable, regardless of me making backups or signing a pact with the devil or putting candlewax on my nips, it wouldn't have prevented this from happening..
The only reason I haven't tried a factory reset up to now is because if there's a chance I can get the drawings off the device I'd like to try it first before I nuke it.
Stop talking about my lack of actions, it's getting really boring. There's nothing I could do to forsee this happening and not my fault the wife didn't put the drawings on her cloud storage.
Go bother someone else with your multiple flash disk tinfoil hat backup routines (I bet you've got a tape drive in that routine somewhere too), stop trying to be helpful by saying "told you so" after the fact, instead try answering the questions I asked.
@Charleh: The way I see it is this:
The device's data partition/internal storage (where the drawings are stored) are encrypted by default, by Samsung. So, unless you can manage to use a MTP USB connection or ADB to make copies of them, then you're locked out and there's nothing you can do to recover them. Since they're located in an encrypted area, I highly doubt that even a professional data recovery business would be able to get them back. There are certain encryptions out there that even the US govt (NSA/CIA/FBI) can't break.
I'm assuming that you're not a l33t hax0r with uber skills, so unless you can successfully boot into Android again, your recovery chances are almost zero.
Or, maybe this company can help you out. It's worth a shot. But if I were a gambling man, I'd wager a lot of money that you will end up having to clean flash/reset, without being able to recover anything.
In the future, think about making copies of this stuff before bad things occur. As the saying goes, anything that can go wrong, will go wrong, sooner or later. I rarely lose access to my data because I'm frequently backing it up.
Good luck!
AnonVendetta said:
@Charleh: The way I see it is this:
The device's data partition/internal storage (where the drawings are stored) are encrypted by default, by Samsung. So, unless you can manage to use a MTP USB connection or ADB to make copies of them, then you're locked out and there's nothing you can do to recover them. Since they're located in an encrypted area, I highly doubt that even a professional data recovery business would be able to get them back. There are certain encryptions out there that even the US govt (NSA/CIA/FBI) can't break.
I'm assuming that you're not a l33t hax0r with uber skills, so unless you can successfully boot into Android again, your recovery chances are almost zero.
Or, maybe this company can help you out. It's worth a shot. But if I were a gambling man, I'd wager a lot of money that you will end up having to clean flash/reset, without being able to recover anything.
In the future, think about making copies of this stuff before bad things occur. As the saying goes, anything that can go wrong, will go wrong, sooner or later. I rarely lose access to my data because I'm frequently backing it up.
Good luck!
Click to expand...
Click to collapse
Thanks - that was a helpful answer. I suspected that droid encrypted the data - I was looking at making an ADB connection using Android tools. Might as well give it a try before I nuke.
I can't use MTP as the device auto locks when I plug in a USB cable.
Like I've said a few times it's not a massive issue if I lose the data - I work in IT, I know the importance of backing up important data. I've seen a client lose months worth of data to crypto-ransomware (they cancelled their backup solution a few months before saying they were moving to Azure soon so they didn't need it).
I've explained though, it's not my device and it's up to the wife to put her stuff on her cloud storage if she wants to keep it. She uses Google Drive for her docs etc.
Worst case scenario I complain to Amazon, wife is saying she doesn't remember the screen having a protector/film on it when she opened it and we still have time to return/exchange it since I have a Prime account.
@Charleh: AFAIK, Amazon has a 30 day no questions asked return policy for almost everything. If you're still within that return window, then I guess you just have to decide whether the loss of drawings is worth returning it, assuming all recovery efforts fail. I bought my Tab S7+ new direct from Samsung, I haven't encountered like what you describe. And your edge case is the first one I've seen.
I think it's possible that you bought a refurbished device that was preowned but sold as new. The original buyer didn't finish paying it off, returned it, it's sold to you, you get this message. It's either legitimately locked, or someone has remotely locked it and intends to scam you. Contact that company ASAP.
Another option is to find a local techie/shop that can remove this lock for a fee, preferably without data loss. They make want to see proof of purchase, if they're legit. This would at least give you the ability to use the device again. People used to bring me locked phones/tabs all the time, this is pretty much what I did for side cash. As long as they didn't outright admit they were stolen, I didn't care.
Ok speaking to Samsung support and it's legit - what's happened is that someone's returned the device to the supplier after doing a trade in with it and receiving a new device from Samsung Trade In.
Supplier has refunded us and told us to keep the device until the issue is resolved with Samsung.
Now fighting with Samsung themselves about it. Absolute pisstake.
Basically I have a brick and although Samsung have the capability to unlock the device through Knox they won't do it until a resolution is found with the supplier.
Fun-times. Sent a complaint email to Samsung as they are essentially holding the wife's artwork to ransom because of an issue they have created with the rules of their trade-in program.
I've already received the refund too - sounds like the Amazon reseller is trying to wash their hands of it.
@Charleh: So, they refunded you AND they're going to let you keep the tablet? I'd be quite happy with that.
AnonVendetta said:
@Charleh: So, they refunded you AND they're going to let you keep the tablet? I'd be quite happy with that.
Click to expand...
Click to collapse
Depends if the tablet is ever going to be functional again...
Fingers crossed!
Time to reflash, ODIN or do whatever and see if you can and up with his + hers new(sort of) tablets.
Hello, some solution?
Charleh said:
Depends if the tablet is ever going to be functional again...
Fingers crossed!
Click to expand...
Click to collapse
How did this end?
corb06 said:
How did this end?
Click to expand...
Click to collapse
still ongoing - Amazon is trying to get hold of the original supplier but they've gone dark; I complained to Samsung and they are looking into it, just waiting for a reply.
They took almost a month to get back to me - only did so when I started complaining publicly on all social media platforms (Twitter, Instagram etc) - they don't like it when you do that.
Will update when I know more.
Charleh said:
still ongoing - Amazon is trying to get hold of the original supplier but they've gone dark; I complained to Samsung and they are looking into it, just waiting for a reply.
They took almost a month to get back to me - only did so when I started complaining publicly on all social media platforms (Twitter, Instagram etc) - they don't like it when you do that.
Will update when I know more.
Click to expand...
Click to collapse
Sorry to hear it's taking so long. I'd be super pissed. Next time, buy direct from Samsung, you wouldnt have to deal with this ****. Because they wouldnt sell you a used/refurbished device unless it's clearly marked as such, and i'm pretty sure they only sell new devices anyway.
Can you post a link to the seller's Amazon page? They could be a fly-by-night op.
If you cant get your money back or an exchange, just contact your bank/card issuer and do a chargeback. This is a last resort ootion, if nothing else works. Explain the whole situation to them. Chances are, they would force the seller or someone else responsible, to give your money back. The only caveat is that if you wait too long, it might not work. i've inititated chargebacks against sellers who dont respond to support requests, it usually worked in my favor.
Edit: If you go the chargeback route and Amazon is forced to refund your money, they may retaliate by banning your account. it recently happened to a friend. Just so you know.....