I accidentally deleted some photos. After researching about how to recover, came across a windows 10 app called PhoneRescue for Android. When I attempt recovery through that app, it say's my device is not rooted, do I want to root device.
It also says that the rooting is irreversible. Although, I've seen on many sites (including this site) that unrooting can be done. e.g: https://www.xda-developers.com/how-to-unroot-your-phone/
So, has anyone rooted their device through PhoneRescue for Android then gone on to unroot? Or perhaps, rooted using Magicsk, used PhoneRescue for Android, then unrooted using any methods mentioned on link above or other method.
Thanks.
try this app.diskdigger photo recovery. View attachment 5062389
Verstuurd vanaf mijn OnePlus 7T Pro met Tapatalk
beaverhead said:
try this app.diskdigger photo recovery. View attachment 5062389
Verstuurd vanaf mijn OnePlus 7T Pro met Tapatalk
Click to expand...
Click to collapse
I tried diskdigger. It only finds cached thumbnails and existing photos. For genuine recovery (deep scan of disk) all programs and apps I've come across need root access.
If you can't find an app that doesn't required root, you you're out of luck.
Rooting requires and unlocked bootloader which will wipe your entire phone.
And no, rooting is not irreversible.
(Also, the article you linked is very old and does not apply)
What app did you delete them with?
Go to OnePlus gallery, and look through the app, maybe it has a trashbin somewhere.
beaverhead said:
try this app.diskdigger photo recovery. View attachment 5062389
Verstuurd vanaf mijn OnePlus 7T Pro met Tapatalk
Click to expand...
Click to collapse
Lossyx said:
If you can't find an app that doesn't required root, you you're out of luck.
Rooting requires and unlocked bootloader which will wipe your entire phone.
And no, rooting is not irreversible.
(Also, the article you linked is very old and does not apply)
What app did you delete them with?
Go to OnePlus gallery, and look through the app, maybe it has a trashbin somewhere.
Click to expand...
Click to collapse
If you can't find an app that doesn't required root, you you're out of luck.
Rooting requires and unlocked bootloader which will wipe your entire phone.
Click to expand...
Click to collapse
Are you sure EVERY rooting process requires unlocked bootloader?
The software company that built the phoneresuce application (which attempts data recovery) is offering to root your device. What would be the point if their rooting process wiped the whole disk?. This would render any data recovery pretty much pointless.
And no, rooting is not irreversible.
(Also, the article you linked is very old and does not apply)
Click to expand...
Click to collapse
Not really clear. The statement in brackets contradict the statement above.
But if we go by the one in brackets you mean to say if one roots, it cannot be undone (because the article is saying it can be done and you are saying it's very old so it dosen't apply anymore)
Go to OnePlus gallery, and look through the app, maybe it has a trashbin somewhere.
Click to expand...
Click to collapse
It was the Pictures folder which was deleted by mistake. Gallery cannot handle folders as far as I know. I use 'Amaze' the file/folder manager. Funnily enough, the deleted files were showing on Amaze until the other day. If I clicked on the 'Images' link on the right. (which finds all images on your device). The deleted files would show up as thumbnails (at least I can work out what they were), but they all were showing as '0 bytes'. If I clicked on one, it would just show a blank page.
When I enabled google photos sync, deleted files appeared on Google photos too (showing 0 bytes). If I clicked on one a message would appear 'device only'.
For anyone who takes screenshots often, or photos. Just enable something like google photos or take a local backup often and you wouldn't need to rely on recovery apps.
Donny8485 said:
Are you sure EVERY rooting process requires unlocked bootloader?
The software company that built the phoneresuce application (which attempts data recovery) is offering to root your device. What would be the point if their rooting process wiped the whole disk?. This would render any data recovery pretty much pointless.
Not really clear. The statement in brackets contradict the statement above.
But if we go by the one in brackets you mean to say if one roots, it cannot be undone (because the article is saying it can be done and you are saying it's very old so it dosen't apply anymore)
It was the Pictures folder which was deleted by mistake. Gallery cannot handle folders as far as I know. I use 'Amaze' the file/folder manager. Funnily enough, the deleted files were showing on Amaze until the other day. If I clicked on the 'Images' link on the right. (which finds all images on your device). The deleted files would show up as thumbnails (at least I can work out what they were), but they all were showing as '0 bytes'. If I clicked on one, it would just show a blank page.
When I enabled google photos sync, deleted files appeared on Google photos too (showing 0 bytes). If I clicked on one a message would appear 'device only'.
For anyone who takes screenshots often, or photos. Just enable something like google photos or take a local backup often and you wouldn't need to rely on recovery apps.
Click to expand...
Click to collapse
An unlocked bootloader is a must, yes, and that wipes your data.
And I just meant that the article you linked is old and the tool it refers to is obselete, but yes, rooting can 100% be undone.
Donny8485 said:
I accidentally deleted some photos. After researching about how to recover, came across a windows 10 app called PhoneRescue for Android. When I attempt recovery through that app, it say's my device is not rooted, do I want to root device.
It also says that the rooting is irreversible. Although, I've seen on many sites (including this site) that unrooting can be done. e.g: https://www.xda-developers.com/how-to-unroot-your-phone/
So, has anyone rooted their device through PhoneRescue for Android then gone on to unroot? Or perhaps, rooted using Magicsk, used PhoneRescue for Android, then unrooted using any methods mentioned on link above or other method.
Thanks.
Click to expand...
Click to collapse
Don't you use Google photos if so there all be on there
Lossyx said:
An unlocked bootloader is a must, yes, and that wipes your data.
And I just meant that the article you linked is old and the tool it refers to is obselete, but yes, rooting can 100% be undone.
Click to expand...
Click to collapse
imobie, vendor of 'PhoneRescue for Android' has confirmed their rooting process does not wipe data, but I think their rooting process only works with some phones.
If their rooting doesn't work they recommend we use Kingoroot or iRoot. I read that Kingoroot wipes the drive. Don't know about iRoot.
Lossyx said:
An unlocked bootloader is a must, yes, and that wipes your data.
And I just meant that the article you linked is old and the tool it refers to is obselete, but yes, rooting can 100% be undone.
Click to expand...
Click to collapse
jaythenut said:
Don't you use Google photos if so there all be on there
Click to expand...
Click to collapse
Do you guys actually read all posts before replying?
Donny8485 said:
Do you guys actually read all posts before replying?
Click to expand...
Click to collapse
The question is, "Did you read all the answers"?
You are asking and users are answering but it seems you refuse to accept the answers.
Rooting your device WILL WIPE ALL YOUR DATA since it requires unlocked bootloader.
If you are trusting some company that is saying they will root your device without loose your data is up to you! But please don't make users loose their time.
All the answers here are based on user knowledge and user experience, you accept them or find your way
FSadino said:
The question is, "Did you read all the answers"?
You are asking and users are answering but it seems you refuse to accept the answers.
Rooting your device WILL WIPE ALL YOUR DATA since it requires unlocked bootloader.
If you are trusting some company that is saying they will root your device without loose your data is up to you! But please don't make users loose their time.
All the answers here are based on user knowledge and user experience, you accept them or find your way
Click to expand...
Click to collapse
You misunderstood and are conflating.
I only meant that he/she has missed the part where I say 'When I enabled google photos sync...'. Read in context, this implies that I enabled Google photos after the folder deletion.
Btw, i'm not blindly trusting 'some company'. I've done my research, and also done a backup using multiple methods.
Still, I refuse to trust companies like Kingo root. Their website has confusing and conflicting info, no physical address, and they haven't replied to my query submitted through the web form.
I've also read on these very forums (that could actually be about King root - two very similar names) that they may be leaking your personal info.
I discovered that there is a rooting app developed by a user on these very forums. Still, I won't be installing without understanding exactly what the procedure does. It'll be good if I can see the code and compile the program myself.
Related
Is there any site or source on the web that provides downloads of old versions of Android Market apps? This would be for apps that are now updated or no longer available on the Market? I am looking for a site similar to "OldVersion.com" which has some old/classic PC software (but this would be something for android apps instead)?
Thanks if anyone knows of a source or sites.
CustomShortcut gone?
The app that I am looking for in the above post was a free one called CustomShortcut APK. I now have it on one of my two phones (the other phone had it but was lost and replaced). I have tried looking for a developer page for this app but no luck as everything seems to point back to android market as the source link for download.
Does anyone know of a way or source for me to get this APK back on my other phone? Is there a way to copy it from one phone to the other? I am assuming that it was removed from the market because it may not be compatible with ICS but I am not running ICS. The application was made by appli.club.
Are you rooted? If so use root explorer to look for the .apk in the /system/app folder and copy or email it to the other phone and install it.
85gallon said:
Are you rooted? If so use root explorer to look for the .apk in the /system/app folder and copy or email it to the other phone and install it.
Click to expand...
Click to collapse
No sadly I am not rooted. Is that how this could be done? I have an HTC phone (Sensation) and I like my "sense" gui. Don't want to wipe it out by rooting (that is what would happen, right?) If access to the apk is possible with rooting, then I guess my question would be, does anyone else here have CustomCut on their rooted phone? (Or possibly know of any website that would have those apk's available for download). I would be willing to pay if someone would take the time to send me a replacement copy.
just google for any app you want like this:
"title" "versionnumber" "apk" "download"
for example:
android market 2.9 apk download
mojosingle said:
No sadly I am not rooted. Is that how this could be done? I have an HTC phone (Sensation) and I like my "sense" gui. Don't want to wipe it out by rooting (that is what would happen, right?) If access to the apk is possible with rooting, then I guess my question would be, does anyone else here have CustomCut on their rooted phone? (Or possibly know of any website that would have those apk's available for download). I would be willing to pay if someone would take the time to send me a replacement copy.
Click to expand...
Click to collapse
Rooting will not wipe out your phone or change it other than giving you super user privileges. That way you will have access to get to the system apps folder.
I notice apktop keeps old versions around. But part of the reason I like Titanium backup is because I have a fail safe if a new update to an app is bad, as I can just restore from the last backup the older version.
85gallon said:
Rooting will not wipe out your phone or change it other than giving you super user privileges. That way you will have access to get to the system apps folder.
Click to expand...
Click to collapse
Well I am not really too concerned about it wiping out my phone, but I thought I had read many posts here talking about once you root your phone the native skin from the manufacturer is eliminated (for HTC that would be the "Sense" user interface). Can you please confirm? Is this not true? HTC Sense will remain exactly the same after rooting my phone?
The other thing that has made me cautious is that my phone runs perfectly now and I see so many threads on the xda boards here and over at various android forums that start off with "My ____ app is not working right since I rooted...." Just a little daunting for a newbie like myself.
spunker88 said:
I notice apktop keeps old versions around. But part of the reason I like Titanium backup is because I have a fail safe if a new update to an app is bad, as I can just restore from the last backup the older version.
Click to expand...
Click to collapse
Thanks very much for the site suggestion. I have been trying to search for the CustomShortcut APK over there but no luck ...so far (the site search is not that easy to use). I have even tried to seach the site externally using google but, unfortunately, still no luck.
Wait for someone else to confirm on the htc, but nothing changed on my droidx. I just had superuser privs. All of the "this app quit working" is when people flash custom roms. You don't do that when you just root. But you have to be rooted in order to do things like that. Lol.
Rooting gives you the power to do that if you want to.
When I rooted my droidx, I did it just so I could have the power to do other things if I wanted. I am still on factory rom. But I am able to get to parts of the phone that are off limits if I wasnt rooted. I made it where I could tether, later I got rid of bloatware, etc.
85gallon said:
Wait for someone else to confirm on the htc, but nothing changed on my droidx. I just had superuser privs. All of the "this app quit working" is when people flash custom roms. You don't do that when you just root. But you have to be rooted in order to do things like that. Lol.
Rooting gives you the power to do that if you want to.
When I rooted my droidx, I did it just so I could have the power to do other things if I wanted. I am still on factory rom. But I am able to get to parts of the phone that are off limits if I wasnt rooted. I made it where I could tether, later I got rid of bloatware, etc.
Click to expand...
Click to collapse
Thanks once again for the reply. Now that you mention it, I remember reading the terminology "flashed" rom and thought they were similar or the same thing as rooting. One other question, once a phone is in a rooted state, if I was to go in and copy the APK for my replacement phone and put it on there could I then "unroot" lol ...sorry if this is not a word... so that my phone was no longer open? I had read somewhere (perhaps I heard it on a TWIT or Android podcast) that when your phone is in root state that anyone (ie: potentially bad software) has easier access to your phone's vunerable areas.
mojosingle said:
Thanks once again for the reply. Now that you mention it, I remember reading the terminology "flashed" rom and thought they were similar or the same thing as rooting. One other question, once a phone is in a rooted state, if I was to go in and copy the APK for my replacement phone and put it on there could I then "unroot" lol ...sorry if this is not a word... so that my phone was no longer open? I had read somewhere (perhaps I heard it on a TWIT or Android podcast) that when your phone is in root state that anyone (ie: potentially bad software) has easier access to your phone's vunerable areas.
Click to expand...
Click to collapse
yes you can unroot. As for easy access after you are rooted to vulnerable areas, they can only get access if you let them. If an app wants super user privileges, you will get a pop up from su(the super user apk) telling you that some app is wanting privileges. You can grant or deny access. The only things on my phone that have ever given me a pop up are things that i downloaded and know need su access. Wifi tether, root explorer, adfree, etc.
I have found a site that keeps older version of an android app. It's called Android Drawer.
Hope it helps
Hi,
So I was always under the impression that rooting is more dangerous because it lets applications more access to the system and let it perform more actions. However, now that I think about it can't this be handeled by a program that limits permissions?
Or do apps in a rooted phone behave differently than in an unrooted one (ie.can do actions not included in the permission system)?
What about an unrooted phone?
If I install a spyware what information can't it gather that it can on a rooted?
Thank you very much!
oy-ster said:
Hi,
So I was always under the impression that rooting is more dangerous because it lets applications more access to the system and let it perform more actions. However, now that I think about it can't this be handeled by a program that limits permissions?
Or do apps in a rooted phone behave differently than in an unrooted one (ie.can do actions not included in the permission system)?
What about an unrooted phone?
If I install a spyware what information can't it gather that it can on a rooted?
Thank you very much!
Click to expand...
Click to collapse
http://www.lockergnome.com/android/2013/01/25/how-safe-is-rooting-android-devices/
http://google.about.com/od/socialtoolsfromgoogle/a/root-android-decision.htm
http://www.bullguard.com/bullguard-...ity/mobile-threats/android-rooting-risks.aspx
Thank you for the links, I have alredy enconutered some of them previously (I usually Google before posting ) and they are part of my confusion.
On one hand: http://www.bullguard.com/bullguard-...ity/mobile-threats/android-rooting-risks.aspx says about apps with root access circumvent the security system, on the other: http://google.about.com/od/socialtoolsfromgoogle/a/root-android-decision.htm notes that you can control this access, so why does first warning exists?
Also, do superuser apps can detect every element and limit it accessability? For example, what about malicious code that I recieve from clicking on some pernicious link?
PS. When one of the pages said: "A common practice that people do with "rooted" phones is to flash their ROM's with custom programs." - it meant custom OS/ROM or did it mean the program you are using in order to perform flashing?
Thank you.
upity up.
I just recently purchased a LG Optimus Exceed 2 VS450PP1 Verizon prepaid and I would like to root it, but I'm afraid to use the wrong guide to do so.
I have already done this part: Turn on USB debugging: Settings and enabled the installation of unknown sources.
It seems that Towelroot used to work but no longer does. Can someone post a link to the correct procedure for my phone or the instructions to do so? I already read did a search for my phone and read several pages, but I'm still unsure which procedure will work for my phone.
This is my phone info:
LG Optimus Exceed 2 VS450PP1
Build Number KOT49I,VS450PP1
Software version VS450PP1
Kenel version 3.4.0+
Solved. I used towelroot and Root Checker to my phone, and it is now rooted.
Could you drop the link you got towelroot from, i searched and there were a lot of sites that had it, and i would like to make sure it works
adrw4 said:
Could you drop the link you got towelroot from, i searched and there were a lot of sites that had it, and i would like to make sure it works
Click to expand...
Click to collapse
I sure will. Here is the site for towel root. Type this address on your phones browser, and then click on the upside down letter "Y". https://towelroot.com/
And here is a site that shows you what to do http://forum.xda-developers.com/showthread.php?t=2795300
I did mine recently for a LG Optimus Exceed 2 VS450PP1, and it's been working great so far.
You may also want to download a file called VS450PP1_04.kdz here. I think this is a backup of the phone software, should it be necessary in the future. This file is not necessary to root your phone, so you save it on some other media than your phones memory. http://forum.xda-developers.com/android/help/lg-vs450pp-exceed-2-help-t2989811
Good luck.
pand8888 said:
I sure will. Here is the site for towel root. Type this address on your phones browser, and then click on the upside down letter "Y". https://towelroot.com/
And here is a site that shows you what to do http://forum.xda-developers.com/showthread.php?t=2795300
I did mine recently for a LG Optimus Exceed 2 VS450PP1, and it's been working great so far.
You may also want to download a file called VS450PP1_04.kdz here. I think this is a backup of the phone software, should it be necessary in the future. This file is not necessary to root your phone, so you save it on some other media than your phones memory. http://forum.xda-developers.com/android/help/lg-vs450pp-exceed-2-help-t2989811
Good luck.
Click to expand...
Click to collapse
lmao you might be saving me here, if i flash the file you just recomended, will it restore deleted google apps,or gapps as most say?
and thank you for responding politly
adrw4 said:
lmao you might be saving me here, if i flash the file you just recommended, will it restore deleted google apps,or gapps as most say?
and thank you for responding politly
Click to expand...
Click to collapse
You're welcome.
I believe the file called VS450PP1_04.kdz is a ROM image for the phone with all the original stuff that came with it. I have not use this image for anything myself, but I believe it can be used to restore the phone back to factory settings as a last resort should things go wrong. I would recommend that after rooting successfully, you install the app called Titanium Backup Pro and let it back up everything to an external usb memory card on the phone. This is probably the better and safer approach to restore something that you had removed and would like back.
You can also go to the google play store and download the latest google apps that you have deleted if so desired.
I should mention that I'm not an expert at this stuff, just a beginner, so my knowledge is limited to what I did to my phone . I only rooted my phone to be able to install apps like Titanium Backup Pro.
I hope this answered your question.
Hey there,
I have two new phones (Pixel & S7).
I'd like to root them. Found the guides for both but I'm not an expert and I'm way too busy these days to spend precious time on that.
Was thinking to look for someone that would do it for me, which I'm sure won't be an issue as there are several services around where I live.
I'm just worried that that person could be an asshole/pervert/too-bored and also install on my devices a tracking tool and they'd have remote access to my phones whenever they feel like it.
Is there a way to make sure there's no such tracking app on my phone after I receive the devices back or... it's too big of a risk and I should either find the time or give up on rooting?
Thanks,
Hmmmm....trying again.
Anyone?
TheAsker70 said:
Hey there,
I have two new phones (Pixel & S7).
I'd like to root them. Found the guides for both but I'm not an expert and I'm way too busy these days to spend precious time on that.
Was thinking to look for someone that would do it for me, which I'm sure won't be an issue as there are several services around where I live.
I'm just worried that that person could be an asshole/pervert/too-bored and also install on my devices a tracking tool and they'd have remote access to my phones whenever they feel like it.
Is there a way to make sure there's no such tracking app on my phone after I receive the devices back or... it's too big of a risk and I should either find the time or give up on rooting?
Thanks,
Click to expand...
Click to collapse
Just take a note of all your apps names(eg: google.play.com) and then you can freely give him your device for rooting
After your device is rooted you can again check the app list for all the apps
If you find any app other than those you have noted(except the rooting app-supersu or kingroot etc.) No worries,you are already rooted just uninstall the suspicious app from your device
Regards,
milkyway3
milkyway3 said:
Just take a note of all your apps names(eg: google.play.com) and then you can freely give him your device for rooting
After your device is rooted you can again check the app list for all the apps
If you find any app other than those you have noted(except the rooting app-supersu or kingroot etc.) No worries,you are already rooted just uninstall the suspicious app from your device
Regards,
milkyway3
Click to expand...
Click to collapse
This can easily be hidden really. That is the risk you take when you let someone else mess with your device.
The only way would be to reflash a custom software for the device making sure to format all partitions and storage. Then you will be sure to be pretty safe.
zelendel said:
This can easily be hidden really. That is the risk you take when you let someone else mess with your device.
The only way would be to reflash a custom software for the device making sure to format all partitions and storage. Then you will be sure to be pretty safe.
Click to expand...
Click to collapse
So ask them just to root the devices, then format everything and reflash a ROM and I'm safe?
TheAsker70 said:
So ask them just to root the devices, then format everything and reflash a ROM and I'm safe?
Click to expand...
Click to collapse
For the most part. Depending in the root method they use. Some shops use things like kingo root which is known to contain Malware.
zelendel said:
For the most part. Depending in the root method they use. Some shops use things like kingo root which is known to contain Malware.
Click to expand...
Click to collapse
Then which root should I request for?
Can I find out after it was done what kind of root they used?
Before flash twrp. After flash SuperSU.
Big thanks.
Redmi 4x satoni(not rooted or flashed)
Is there any way to detect root by exploit, apps like Kingo root and king root and many other one click root apps do this kind of thing where they use and exploit in the Android system and root the phone using it and similarly a malware can do the same?
(I'm assuming this is what it is)(spear phishing)
Can an apk file really gain root access and rewrite your device's rom with a malware in it, is that a thing?
I have installed a third party app where it just disappeared into the background(most likely social engineering) and I tried all avs but it came clean even went into safe mode and settings and tried app managers and settings but all failed
Next I tried the factory reset and the symptoms still persists
Note that I have created new accounts and changed passwords and have MFA on but is there any way for it to reinfect because I'm using the same device to create the new account?
Like is it because it infected my google access or something to come again after factory reset
Thanks
If you think a girlfriend virus is bad, just wait until you get married.
To answer your question....
Android is designed to be very rootkit-resistant. Features such as Verified Boot prevent unsigned/modified images from loading if the bootloader is locked; while it is possible for a malicious app to use an unpatched exploit to root the device every time it runs, any modificaiton made to any critical partiion such as /boot and /system would be detected, and the device would warn the user that the system is corrupted.
Since you've removed the app from your device and performed a factory reset, you should be safe. Good job on using MFA, by the way.
V0latyle said:
If you think a girlfriend virus is bad, just wait until you get married.
To answer your question....
Android is designed to be very rootkit-resistant. Features such as Verified Boot prevent unsigned/modified images from loading if the bootloader is locked; while it is possible for a malicious app to use an unpatched exploit to root the device every time it runs, any modificaiton made to any critical partiion such as /boot and /system would be detected, and the device would warn the user that the system is corrupted.
Since you've removed the app from your device and performed a factory reset, you should be safe. Good job on using MFA, by the way.
V0latyle said:
If you think a girlfriend virus is bad, just wait until you get married.
To answer your question....
Android is designed to be very rootkit-resistant. Features such as Verified Boot prevent unsigned/modified images from loading if the bootloader is locked; while it is possible for a malicious app to use an unpatched exploit to root the device every time it runs, any modificaiton made to any critical partiion such as /boot and /system would be detected, and the device would warn the user that the system is corrupted.
Since you've removed the app from your device and performed a factory reset, you should be safe. Good job on using MFA, by the way.
Click to expand...
Click to collapse
Click to expand...
Click to collapse
No I think I misunderstood there were two apps that I downloaded one disappeared into the back ground (which is causing more havoc) and is undetectable by android avs and i m having trouble removing(got from a sketchy link from my gf)
The second app was just an Instagram app follower which ran in the background and I could uninstall directly(got from playstore)
I want to know how to detect and remove the first one
alokmfmf said:
got from a sketchy link from my gf
Click to expand...
Click to collapse
That's why one should always use protection.
alokmfmf said:
The second app was just an Instagram app follower which ran in the background and I could uninstall directly(got from playstore)
I want to know how to detect and remove the first one
Click to expand...
Click to collapse
What makes you think the first app is still there? If you've performed a factory reset, it's gone - unless it downloaded again when you restored your Google account to your device.
Are you sure you're not mistaking a built-in app?
alokmfmf said:
Is there any way to detect root
Click to expand...
Click to collapse
Yes, almost every banking / payment app does it.
V0latyle said:
That's why one should always use protection.
What makes you think the first app is still there? If you've performed a factory reset, it's gone - unless it downloaded again when you restored your Google account to your device.
Are you sure you're not mistaking a built-in app?
Click to expand...
Click to collapse
Yes I'm sure as my accounts getting hacked my personal media getting leaked permissions asked repeatedly and sim getting disabled
Also I'm trying not to log in to my google account and see how that works
Although I have tried to make new accounts from scatch and start from a clean new slate from factory reset it it may be the device itself I'm afraid
Social engineering-spear phishing(I think)
Redmi4x satoni
I was asked to click on a link and download an apk by my girlfriend and as soon as I downloaded it, it disappeared and I was asked to delete the apk
(I do not have access to the link also)
Later I realized that it tracks permissions, media and keyboard(except of exactly who I'm texting to because of android sandbox)
I tried FACTORY RESET but the symptoms still persisted (like getting hacked again and my private info getting leaked,sim deduction and detection of sim card and permissions being asked again and again even though I allowed it)
I checked all the settings of my phone and nothing is abnormal(I'm not rooted)
Is it possible that a used account could somehow transmit virus because I had a nasty malware on my phone so I factory reset my phone but the symptoms still remain so I used a new google account and others also but it still comes back so I'm guessing its the kernel or the ROM that got infected
I tried all avs but they all came clean and I'm certain that my android is infected with something
First and foremost I need to know how to DETECT the malware (to know which app is causing this)
And second how to REMOVE the malware
Thanks.
Which OS version? If not running on Pie or higher it's suspectable to the Xhelper family of partition worming malware
Yeah sounds like you got a worm... nasty critters.
A reflash may be the best option although if it is Xhelper it can now be removed without a reflash.
You are what you load
blackhawk said:
Which OS version? If not running on Pie or higher it's suspectable to the Xhelper family of partition worming malware
Yeah sounds like you got a worm... nasty critters.
A reflash may be the best option although if it is Xhelper it can now be removed without a reflash.
You are what you load
Click to expand...
Click to collapse
Yes I know I made a stupid decision its completely my fault I tried using the xhelper method but it comes clean I assume there is only one method that involves disabling the play store
I run on miui 11 nougat 7
Any methods to detect and remove the malware are welcome
And about reflashing its very complicated for mi phones most
alokmfmf said:
I run on miui 11 nougat 7
Any methods to detect and remove the malware are welcome
And about reflashing its very complicated for mi phones most
Click to expand...
Click to collapse
Reflash it to stock firmware. If you can upgrade to Android 9 consider doing so for security purposes. It may have performance/functionality drawbacks though for your application though, not sure as I never used 6,7 or 8.
Make sure you reset all passwords, keep social media, sales and trash apps off the phone. Always keep email in the cloud ie Gmail or such.
Run Karma Firewall. Be careful what you download and especially install... don't sample apps unless you have a real need for that particular app. Once installed don't allow apps to update as they may try to download their malware payload, a way to bypass Playstore security.
blackhawk said:
Reflash it to stock firmware. If you can upgrade to Android 9 consider doing so for security purposes. It may have performance/functionality drawbacks though for your application though, not sure as I never used 6,7 or 8.
Make sure you reset all passwords, keep social media, sales and trash apps off the phone. Always keep email in the cloud ie Gmail or such.
Run Karma Firewall. Be careful what you download and especially install... don't sample apps unless you have a real need for that particular app. Once installed don't allow apps to update as they may try to download their malware payload, a way to bypass Playstore security.
Click to expand...
Click to collapse
Will not logging in my google account help
alokmfmf said:
Will not logging in my google account help
Click to expand...
Click to collapse
No. The malware is in the phone apparently in the firmware.
blackhawk said:
No. The malware is in the phone apparently in the firmware.
Click to expand...
Click to collapse
I disagree, unless Xiaomi/Redmi's AVB/dm-verity implementation is useless, it should prevent a persistent rootkit.
I suspect this has little to do with the phone and more to do with reused passwords and other "organic" security failure.
V0latyle said:
I disagree, unless Xiaomi/Redmi's AVB/dm-verity implementation is useless, it should prevent a persistent rootkit.
I suspect this has little to do with the phone and more to do with reused passwords and other "organic" security failure.
Click to expand...
Click to collapse
You're probably right. Forgot it was running 11... lol, organic security failure, I like that
blackhawk said:
You're probably right. Forgot it was running 11... lol, organic security failure, I like that
Click to expand...
Click to collapse
The security measures that prevent persistent rootkits have been in place long before Android 11.
The most common root cause of a breach of security is the failure to ensure sufficient security in the first place. Simple passwords, reused passwords, no MFA, connected accounts, etc. Yes, there are plenty of Android viruses out there, but all of them "live" in the user data space. Of course, there may be unpatched exploits that allow root access, but these must be exploited every time the app is run. An app cannot modify the boot or system partitions without tripping AVB (if the bootloader is locked) whereupon the device would warn that the OS is corrupted.
At the end of the day, it's much much easier to simply use social engineering or other methods to gain someone's credentials, rather than trying to hack their device.
V0latyle said:
The security measures that prevent persistent rootkits have been in place long before Android 11.
Click to expand...
Click to collapse
Yeah Android 9 was where the hole for the Xhelper class of rootkits was plugged for good. It runs securely unless you do stupid things. This phone is running on that and its current load will be 3 yo in June. No malware in all that time in spite of the fact it's heavily used. It can be very resistant to attacks if set up and used correctly.
V0latyle said:
The most common root cause of a breach of security is the failure to ensure sufficient security in the first place. Simple passwords, reused passwords, no MFA, connected accounts, etc. Yes, there are plenty of Android viruses out there, but all of them "live" in the user data space. Of course, there may be unpatched exploits that allow root access, but these must be exploited every time the app is run. An app cannot modify the boot or system partitions without tripping AVB (if the bootloader is locked) whereupon the device would warn that the OS is corrupted.
Click to expand...
Click to collapse
I was initially thinking his was running on Android 8 or lower. Forgot On Android 9 and higher (except for a big hole in Android 11 and 12 that was patched if memory serves me correctly) about the only way malware is getting into the user data partition is if the user installs it, doesn't use appropriate builtin settings safeguards or by an infected USB device. Any phone can be hacked if the attacker is sophisticated and determined enough to do so... in my opinion. Even if this happens a factory reset will purge it on a stock phone unless the hacker has access to the firmware by remote or physical access. Never allow remote access to anyone...
V0latyle said:
At the end of the day, it's much much easier to simply use social engineering or other methods to gain someone's credentials, rather than trying to hack their device.
Click to expand...
Click to collapse
Lol, that's what social media is for
blackhawk said:
No. The malware is in the phone apparently in the firmware.
Click to expand...
Click to collapse
OK thanks for helping its been good
alokmfmf said:
OK thanks for helping its been good
Click to expand...
Click to collapse
You're welcome.
I retract that (post #12) as I forgot it is running on Android 11. Like V0latyl said it's probably the password(s) that were compromised if a factory reset didn't resolve the issue other than the exceptions I stated in post #16.
Also i found this on the net if that helps with the situation
Be especially wary of spear phishing. Do not click on any weird link sent by your closest friends, or if you feel compelled to do so, open it from a tightly secured operating system (a fresh VM) where you have never logged in to your social networks.
And
Factory resets are not enough to santitize the device.
Also I'm a bit scared as some people on the net have told that in some cases that even a flash might not wipe it as it resides in the boot logo or some places where flashes do not reach or in flash ROMs chips(but of course this is all very rare)
I am very fascinated and would like to learn more about it any suggestions would be helpful