Hi all,
I am a bit confused. I see lots of good responses to SuperOneClick and I would certainly like to root my SGS, but when I want to download the tool, Kaspersky kicks in and says it has a trojan. The downloaded file is then not usable anymore.
I've searched the net, but don't see anything about it. Anyone know what's up?
Why does Kaspersky say that SuperOneClick got a trojan? Tried several versions from this XDAsite.
Probably because phone carriers/manufacturers paid them to say so. Just disable kaspersky then download.
Sent from my HERO200 using XDA App
I do not believe that carriers/manufacturers payed Kaspersky to give that warning....Someone with more information?
Either what the other user said or a false positive, if you are worried test it through VirusTotal, just upload a file and itll scan it through a bunch of scanners.
reason why is
take it from someone whos knows anti viruses the one click root program alters boot sequence on an item doesn't have to be your computer virus's do the same some don't but the really nasty ones do so any thing that does such a thing is percived as a threat
Jbcarrera said:
take it from someone whos knows anti viruses the one click root program alters boot sequence on an item doesn't have to be your computer virus's do the same some don't but the really nasty ones do so any thing that does such a thing is percived as a threat
Click to expand...
Click to collapse
OK, not trying to be a gramme nazi, but your mini block of text is not coherent. I actually would like to know what you mean.
Sent from my SCH-I500 using XDA App
Mageta said:
OK, not trying to be a gramme nazi, but your mini block of text is not coherent. I actually would like to know what you mean.
Sent from my SCH-I500 using XDA App
Click to expand...
Click to collapse
Sorry force of habit when typing quickly.... What i was trying to say is that anti-viruses percive anything that changes code, I.E. boot sequence or O.S. (Operating System) main code as a threat. Computer viruses change code to do their damage, a trojan will change code to make a back door in to your computer or just delete code slowly till your computer is unbootable. Rooting your phone is to change the code originally set on your phone, so most anti-viruses will see one-click roots as a virus since it does all the work automatically and won't recognize simple zip files sinces they are lines of code that aren't being run in sequence to change code.......... any questions?
Related
Occassionally lately I have been receiving texts that are labelled "browser message" and contain a long string of numbers and letters as the body. Here is an example of the latest one in its entirety:
"010606ae8d01c9b4840105030045c6080c03622e77617070757368008703776170636c69636b2f2f6d612f333136313731372f363333373535393434000103415426542046726565205469703a20596f752063616e20636865636b20796f757220766f69636520706c616e206d696e757465732075736564202620736d73206d657373616765732073656e742077697468204d79204163636f756e742e20436c69636b204f7468657220746f207472792e20546f20656e6420546970732073656e642073746f7020746f2036383431000101"
Is this trying to remotely activate something or something? My Captivate is fully stock, all downloads from the market and are popular well-rated apps, no visitation of porn sites (that I know of) or other questionable websites, or even "blank links" that I have noticed. This is really bugging me that there is some sort of malware on my phone, although I don't see how there could be. If anyone on here is wiser than I am on these issues, could they please let me know what they heck these are, should I be worried, and what I can do...
Thanks to anyone who can advise me...
Sent from my SAMSUNG-SGH-I897 using XDA App
I should add that I see nothing abnormal on my bill, and do not seem to have any unwarranted data traffic. Just weird messages every so often...
Sent from my SAMSUNG-SGH-I897 using XDA App
It appears to be a text message from AT&T about your plan minutes used. At least a quick conversion from hex to text looks something like this:
"... AT&T Free T ...plan minutes used ...ccount. Click Other to t..."
Do you have some sort of notifications turned on with your account? Hopefully they aren't spam trying to get you to click somewhere.
Oh whew, okay good. Yes I my parents had that on the account, and when I separated my line it probably stayed on there. Thanks for converting it like that, can I ask how you did it, what program or software you used? I'm not completely a NOOB but I don't know anything about hex. Plus I would like to translate them in the future. I run Ubuntu, so if you know the name or the ppa of a good conversion tool that would be awesome.
Thanks again for converting that and responding!
Sent from my SAMSUNG-SGH-I897 using XDA App
I was using Notepad++ on my work Windows box. As for a similar Linux program, you could probably use gvim or maybe Okteta if you're using KDE. I just pasted and converted.
Okay, cool thanks. I am using GNOME, so gedit I guess. For the actual conversion I see several scripts and complicated commands, as well as some ASCII and multiple conversion programs, I will just experiment and figure out which works best. Thanks for your help with this.
Sent from my SAMSUNG-SGH-I897 using XDA App
Hello to all,
first of all forgive me if i am in the wrong forum. Second I am not an authority with ROMs and developing. I can flash a new ROM and follow guidance easily but that's it. Up to that.
I will tell you my scary experience with a specific rom which i installed a couple of days ago on my S3. First off all this post is not suppose to be rude to anyone or anything. I am telling you my story and I would appreciate your input as you are the experts.
3 days ago I installed the MIUI (http://miuiandroid.com/community) ROM on my S3.
As soon as I turned the phone on to run it for the first time I went to the typical set ups but then I noticed something.
On he top right corner of the status bar the a green phone icon appeared meaning that the phone was automatically set on "Call-diverting" .I dint pay any attention for about 30 mins as I was setting up the phone.
When I decided to see what the icon does to my sock and horror I realised that my phone was pre setted to call diverting automatically to a specific mobile number in the UK.
I quickly disabled the call diverting and dint think anything more. All of that happened around 12:30 in the afternoon (pay real attention to the times here).
about 10 minutes later I was at the office. around 2 hours after that I got a text message from my Bank to call them about a suspicious money transfer.
I called the bank and the told me that a few minutes earlier someone attempted to transfer 2000 pounds from my account. Of course my on-line banking was frozen and I was lucky not to loose the money.
Now, during these two hours my phone never rang just the text message from my bank. The bank security employee told me that it looked suspicious to them because whoever was trying to transfer the money asked for the 4 digit number via the automated bank security system to be diverted to another mobile number. The bank advised me to call my mobile carrier as I did.
The mobile carrier , when i talked to him, confirmed that someone called them and accessed my account by giving them all the right info, and requested that every time my phone was out of coverage all calls to be directed to another mobile!
have you guess what was the other mobile?? It was exactly the same mobile number as the pre-set on the ROM which I had installed 3 hours earlier!
And my bank confirmed that the same mobile was used in order to get the 4 digit pin.
I was shocked to say the least!!
When after a few minutes I managed to talk to my girlfriend , she told me that she was calling me earlier for about an hour. These phone calls never made it to my phone. As the phone was pre-setted to call diverting it was ringing to the diverted phone and not mine.
It is obvious that as I do mobile on-line banking and I access my accounts from my mobile (as many do), somehow they managed to get all the information about me and I am suspecting dodgy applications on my phone. I hope I am wrong but this experience has really shocked me.
I love android phones I love what you developers do but I am after you opinion in this one.
I am not here to offend any developers but to have a genuine answer and a sensible discussion about this issue. I am not a kid I am professional and this experience has really made me think twice about smart phones.
nice.! install only trusted ROMs with a lot of feed back
Sent from my GT-I9100 using Tapatalk 2
jowett69 said:
nice.! install only trusted ROMs with a lot of feed back
Click to expand...
Click to collapse
the miui-rom made by miuiandroid.com is a "trusted rom with a lot of feedback" and has a long history and a community with over 50.000 members.
mtdgr said:
I am suspecting dodgy applications on my phone.
Click to expand...
Click to collapse
i think you're right, it wasn't the rom but some malware-/spyware-app.
assuming your phone was rooted, it would be easy for an app to do all kind of bad stuff once it got root-privileges, eg hiding on your sdcard and spying your data and after that establishing the call-divert to catch the 4digit-pin and the rest would be history.
only thing you could do is think what questionable apps with root privileges you installed in the last days before this happened, try to get a copy of it and have a closer look on it, maybe installing it without a simcard inserted or with a simcard without charge on it, to see what happens...
a big piece of luck would be some kind of log from about 1230h to see what established the call-divert, but if i would do such app i would ensure to delete all logs with traces afterwards, but who knows?
though, all of that are just the ideas that came to my mind as i read your post...
good luck for the investigation, would be interesting to know if you could get any information about what happened, so keep us updated, ok?
greetz,
sUsH
It would be difficult for me to know which custom ROM is safe and which one is not! I am not an expert you see. And the same goes with apps. I don't think anyone can state with certainty that any are safe.
It is just shocking to know how easy it is for your details to "escape" !
I will keep you informed about how this goes.
jowett69 If you can tell me how to get that log you are talking about, that would be great.
In the meantime can anyone advise on a descent mobile data protection application? something which will prevent any sensitive data from leaking from my phone? Payware or freeware I don't mind.
some ideas
mtdgr said:
It would be difficult for me to know which custom ROM is safe and which one is not! I am not an expert you see. And the same goes with apps. I don't think anyone can state with certainty that any are safe.
It is just shocking to know how easy it is for your details to "escape" !
I will keep you informed about how this goes.
jowett69 If you can tell me how to get that log you are talking about, that would be great.
In the meantime can anyone advise on a descent mobile data protection application? something which will prevent any sensitive data from leaking from my phone? Payware or freeware I don't mind.
Click to expand...
Click to collapse
A start might be to check the Superuser app and click on Log and see what apps received su permissions.
Also, from a cmd prompt you can enumerate all the running processes by running:
Code:
adb shell "busybox ps -A > /mnt/sdcard/process.log"
adb pull /mnt/sdcard/process.log
View process.log for anything suspicious, or post it up and I'll have a look.
fluxist
fluxist said:
A start might be to check the Superuser app and click on Log and see what apps received su permissions.
Also, from a cmd prompt you can enumerate all the running processes by running:
Code:
adb shell "busybox ps -A > /mnt/sdcard/process.log"
adb pull /mnt/sdcard/process.log
View process.log for anything suspicious, or post it up and I'll have a look.
fluxist
Click to expand...
Click to collapse
I don't think I could do that my friend. As soon as I suspected that something with that ROM was wrong I performed a full wipe and installed omega 9.1 rom.
My question is this. By performing a full wipe should really erase any malware from the previous installation right? Can anyone advise on a descent antivirus/firewall application which will help me (and others like me) monitor and "block" unusual application behavior?
oh and one more question for my information...sensitive personal data can only be leaked when the device is rooted ? if it is not rooted am I safe?
mtdgr said:
I don't think I could do that my friend. As soon as I suspected that something with that ROM was wrong I performed a full wipe and installed omega 9.1 rom.
My question is this. By performing a full wipe should really erase any malware from the previous installation right? Can anyone advise on a descent antivirus/firewall application which will help me (and others like me) monitor and "block" unusual application behavior?
Click to expand...
Click to collapse
did you wipe your internal and external sdcards too? how did you wipe? cause it depends where the malware was hiding, if it is erased now or not.
a simple, yet powerful firewall is droidwall. you can find it in the market. put it in whitelist-mode and allow only the stuff you know. but droidwall controlls "only" internet-connections (wifi and 3g or such). for full controll over every permission of every app and connection of your phone you sohuld use pdroid, but i don't know if that's really necessary, though i understand your fear. but if someone really wants to harm you and has some knowledge, there are always ways, i think...
mtdgr said:
oh and one more question for my information...sensitive personal data can only be leaked when the device is rooted ? if it is not rooted am I safe?
Click to expand...
Click to collapse
not really, think of those apps you can use to root your device. think a bit further and one could make an app that roots your device and afterwards does the stuff it wants. but seriously, though it is possible, who would do that to you? that's what you should think about...
greetz,
sUsH
ps: cause you did a wipe, there's no possibilty of going through some logs, sry. (though this too depends on the way you wiped and what exactly you wiped...)
I did a full wipe to install the new rom...wipe cache data ...devlink and one more but cant remember it
Sent from my GT-I9300 using xda app-developers app
mtdgr said:
I did a full wipe to install the new rom...wipe cache data ...devlink and one more but cant remember it
Sent from my GT-I9300 using xda app-developers app
Click to expand...
Click to collapse
sry, then your try to get rid of the problem also got rid of possible evidence. just try to forget it and be more careful in future with suspicious apps from questionable sources and similar.
greetz,
sUsH
Recently tried installing 9 innings baseball and upon startup of the app it prompted me that "Device is Rooted, Please try again when Unrooted". First, is this legal? Second, is there a way to get around this? Third, How does this app even detect my root?
I'd love to play this game as I heard good things about it!
Thanks in Advance!
fadac said:
Recently tried installing 9 innings baseball and upon startup of the app it prompted me that "Device is Rooted, Please try again when Unrooted". First, is this legal? Second, is there a way to get around this? Third, How does this app even detect my root?
I'd love to play this game as I heard good things about it!
Thanks in Advance!
Click to expand...
Click to collapse
been looking for a good baseball app - but I guess I cannot use it now. found this forum though - might have better luck there:
http://global.com2us.com/forum/showthread.php?p=424792
Why would it not be legal? Note, this is the not the same question as whether or not it's the right thing to do. They can stop anyone they want from playing, it's their right. Apps typically block root when they used some type of shared scoring or leaderboard system that is susceptible to client-side hacking. It's a cheap workaround to prevent rooted players from playing rather than having to actually make their app secure.
As for how, a quick Google search turned up this: http://stackoverflow.com/questions/1101380/determine-if-running-on-a-rooted-device
That's a very simplistic way to check, and even it would be difficult to hide from. I've no doubt companies that are doing this as an anti-hacking measure are doing things more complex than this.
Yea I did a google search too and nothing seemed to help. I tried the temp unroot but that doesn't work. Was wondering if the XDA community knew some better way as I didn't find anything on the forums.
Legality side of it, Yea I suppose your right. But it's like saying I can't install WinAMP on Windows because I changed some registry files. Companies should defiantly not use rooting as an "anti-hacking" tool against their app. Either way they got a bad review because of it, hopefully they will take it into consideration and fix it.
It's the first time I've ever heard of an app not allowed because of root, is that a common thing?
Not really common, per se, but I've heard of it on a couple of other games. It's almost universally games that are susceptible to some type of client side hacking. There are some other apps that will do more specific things, like block you if you try to run an ad blocker, but very few will outright stop you for only rooting.
fadac said:
Yea I did a google search too and nothing seemed to help. I tried the temp unroot but that doesn't work. Was wondering if the XDA community knew some better way as I didn't find anything on the forums.
Legality side of it, Yea I suppose your right. But it's like saying I can't install WinAMP on Windows because I changed some registry files. Companies should defiantly not use rooting as an "anti-hacking" tool against their app. Either way they got a bad review because of it, hopefully they will take it into consideration and fix it.
It's the first time I've ever heard of an app not allowed because of root, is that a common thing?
Click to expand...
Click to collapse
User SuperSU then click enable root . The game will run after that .
Sent from my SGH-T959 using xda premium
AgentFour20 said:
User SuperSU then click enable root . The game will run after that .
Sent from my SGH-T959 using xda premium
Click to expand...
Click to collapse
Hey it WORKED!
What I had to do:
1) Installed SuperSU
2) Went to Settings>Apps>Manage Apps>All and Force Stopped Superuser
3) Opened SuperSU, Settings, and unchecked Enable Superuser.
This app must use the 3rd method listed on shrike1978's link where it checks for su binary. Thankfully because the other two checking methods would be impossible to get around without unrooting. (I'm sure it's not impossible, but more work than I care to do)
Thanks for the help AgentFour20
No problem . Just hit the thanks button , that would be greatly
appreciated .
Sent from my SGH-T959 using xda premium
I just visited this forum form my Nexus 5 and a pop up stating that I had malware appeared. It said if I wanted to remove it. I was gonna click 'NO', then I thought "Well, this is xda-developers..." so I... pressed 'YES'.
Nothing happened. Closed the tab and nothing seems to have happened. Did I install malware? Did I get an infection of any kind?
Thanks.
Hi,
Something like this: http://forum.xda-developers.com/showthread.php?t=1696660&page=16 ?
If yes, report in the thread above (there are another threads about that but this one is the main about XDA and ads).
rwed said:
I just visited this forum form my Nexus 5 and a pop up stating that I had malware appeared. It said if I wanted to remove it. I was gonna click 'NO', then I thought "Well, this is xda-developers..." so I... pressed 'YES'.
Nothing happened. Closed the tab and nothing seems to have happened. Did I install malware? Did I get an infection of any kind?
Thanks.
Click to expand...
Click to collapse
A malware won't tell you that it is a malware. Also, if you dont have an Antimalware installed, why did you hit yes? common sense. it was maybe an ad. next time hit the back button on your phone and never touch a pop up
GUGUITOMTG4 said:
A malware won't tell you that it is a malware. Also, if you dont have an Antimalware installed, why did you hit yes? common sense. it was maybe an ad. next time hit the back button on your phone and never touch a pop up
Click to expand...
Click to collapse
Then what should I do now? How can I be sure it was just an ad or something harmeless? I'm even considering restoring from a nandroid backup made with TWRP...
rwed said:
Then what should I do now? How can I be sure it was just an ad or something harmeless? I'm even considering restoring from a nandroid backup made with TWRP...
Click to expand...
Click to collapse
If you are using custom Rom, it likely has a modified hosts file that blocks redirection from ads and nothing just happened.
did it take you to another page out of xda? do you have new icons on the home screen? if so, download Airpush detector and run it. it will detect fake apps
I dont think anything installed on your phone unless you saw something downloading. It was an advertisement looking for click or to sell you a fake antimalware solution.
GUGUITOMTG4 said:
If you are using custom Rom, it likely has a modified hosts file that blocks redirection from ads and nothing just happened.
did it take you to another page out of xda? do you have new icons on the home screen? if so, download Airpush detector and run it. it will detect fake apps
I dont think anything installed on your phone unless you saw something downloading. It was an advertisement looking for click or to sell you a fake antimalware solution.
Click to expand...
Click to collapse
I'm using stock ROM. 4.4.2. It didn't redirect me anywhere. I ended up running a couple of anti malwares which found nothing. I then restored from my most recent backup. Didn't wanna take any chances...
At least now I know these messages are fake...
rwed said:
I'm using stock ROM. 4.4.2. It didn't redirect me anywhere. I ended up running a couple of anti malwares which found nothing. I then restored from my most recent backup. Didn't wanna take any chances...
At least now I know these messages are fake...
Click to expand...
Click to collapse
well done. extra safety is always better.
It's one of those stupid popup adverts that - when it works - takes you to a page pretending to do a scan, then says something like "We found 247 viruses on your phone! Install Dave's Antivirus 2014 to remove them!"
I expected more of XDA.
There has been a lot of discussion about this topic and opinions. But lets be clear about a few things that are facts:
KingRoot now installs a ton of Adware on your device
KingRoot takes over your lock screen now and splatters ads on it
KingRoot's Uninstall does NOT remove everything they have modified on your device
SuperSU replace method does NOT remove everything they put on it either
KingRoot intentionally ads multiple binary files to your /system/bin folder that have nothing to do with their rooting method and are even back dating them to try and hide them
AVG has reported this and even warns of possible personal information gathering, that is NOT just a warning of rooting exploits
KingRoot has now included a Wifi option within their latest version under tools, what do you think they are gathering there ?
I have been trying to tell users for a long time that they are up to no good and they have even lied saying they tried to contact me to work with me on what they refer to as my app doing a malicious removal of their tool. That is completely incorrect... They have NEVER tried to contact me about this. They did try and ask my to stop and I told them once they allowed SupeSU to cleanly take over their root and they allowed all traces of their program to be replaced/removed I would then do it, but they never have adhered to any of that.
You the user have been warned and my conscious has been cleared. Install this at your own risk. They even went as far as trying to prevent my program from gaining root, why ? Because it will in fact remove all traces of their program including their custom binaries they have added, etc.. Now, keep in mind, they have many binaries that they add, depending on the device, but I do my best to catch them.
KingRoot, you want all of this to stop ? Then comply with the request of all the users and myself to remove EVERY file modification you have made to their device and allow replacement of your tools with whatever the user desires, cleanly.. You want to make it a paid app for you to get compensation for your time ? Fine, but get rid of all this Adware and malicious take over you have done to their device.
Let all the people speak now. It is your device and your choice of what you want to see, I am just one voice of many...
Respectfully submitted,
Gatesjunior (One of the people in the community)
Reference:
AVG:
http://www.avgthreatlabs.com/us-en/virus-and-malware-information/info/android-kingroot/
http://www.avgthreatlabs.com/us-en/android-app-reports/app/com.kingroot.kinguser/
http://www.avgthreatlabs.com/us-en/android-app-reports/app/com.kingstudio.purify
Finger printing the device:
Has the ability to get the wifi MAC address (may be used to fingerprint device)
Has the ability to read the device ID (e.g. IMEI or ESN)
Location Services (Where have you been ?):
Permission request for "android.permission.ACCESS_COARSE_LOCATION"
Permission request for "android.permission.ACCESS_FINE_LOCATION"
Camera (Can I see what your doing ?):
Permission request for "android.permission.CAMERA
Super-Sume Pro: https://forum.xda-developers.com/general/paid-software/supersu-please-t3110954
(Sony devices, or at least the majority, you are in a bad spot, because you are rooted, but try and mount your /system into (r/w) mode... Probably not going to happen unless you load a kernel module to allow this. Otherwise you are in a write-protected mode and can only factory restore your device to get rid of it.)
Tiny screen made me click the wrong poll answer. ><
Thanks for the info
SynisterWolf said:
Tiny screen made me click the wrong poll answer. ><
Thanks for the info
Click to expand...
Click to collapse
LOL...I can move your vote but not your name....done.
I recently upgraded my old s4 for hangouts only use (no carrier) to 501 and I used an old version of Kingroot and current SuperSUme. No worries. Thanks for a great app.
Real question is. Why can't someone legit make a kingroot type rooter that's not all jacked. It's there really no one else who knows how to do it that is honest?
craigviar said:
I recently upgraded my old s4 for hangouts only use (no carrier) to 501 and I used an old version of Kingroot and current SuperSUme. No worries. Thanks for a great app.
Real question is. Why can't someone legit make a kingroot type rooter that's not all jacked. It's there really no one else who knows how to do it that is honest?
Click to expand...
Click to collapse
Sure, it can be done. But they protect, for good reasons, their rooting methods. I can't disagree with them there. But someone else would have to come out with the exploits and wrap it into a rooting method for everyone to use. They definitely have the team and resources to be able to root devices. I am very thankful for that, don't get me wrong, but the way they make you accept it all is where I take issue.
KennyG123 said:
LOL...I can move your vote but not your name....done.
Click to expand...
Click to collapse
Thank you for correcting this..
Xda has a rule about having paid apps/donate version in threads. It does not seem unreasonable to ask for a similar policy with the more important and less costly demand of being able to uninstall the app, or at least not block the usage of other apps (like SuperSU).
Sent from my Nexus 6P using XDA-Developers Legacy app
Surge1223 said:
Xda has a rule about having paid apps/donate version in threads. It does not seem unreasonable to ask for a similar policy with the more important and less costly demand of being able to uninstall the app, or at least not least not block the usage of other apps (like SuperSU).
Sent from my Nexus 6P using XDA-Developers Legacy app
Click to expand...
Click to collapse
I agree completely. Again, malicious behavior.
If so, why is the Kingroot thread and apps still here? Why didn't the mods closed it?
thanks for the info
so the only app root that do that is kingroot only ?
all othr app are safe ?
ashraf77160 said:
thanks for the info
so the only app root that do that is kingroot only ?
all othr app are safe ?
Click to expand...
Click to collapse
Good question, are there safe to use root apps? Noob friendly guide is welcome too.
Verstuurd vanaf mijn HUAWEI MT7-L09 met Tapatalk
artsnjiw said:
If so, why is the Kingroot thread and apps still here? Why didn't the mods closed it?
Click to expand...
Click to collapse
That's a great question
Sent from my Nexus 6P using XDA-Developers Legacy app
artsnjiw said:
If so, why is the Kingroot thread and apps still here? Why didn't the mods closed it?
Click to expand...
Click to collapse
Because we have not been able to prove that is what is going on, the ability is there, but this is extremely difficult to prove. But, the Adware and Malware are real and has been reported by AVG and others.
Different versions/payloads??
gatesjunior said:
Because we have not been able to prove that is what is going on, the ability is there, but this is extremely difficult to prove. But, the Adware and Malware are real and has been reported by AVG and others.
Click to expand...
Click to collapse
After a bit of digging through the same versions released, one on their website (https://kingroot.net/), and the other here on xda (https://forum.xda-developers.com/devdb/project/?id=9793#downloads), it appears that the payloads have been customized through some variances contained in the following files:
channel.ini, config.properties, KINGROOT.RSA, MANIFEST.MF, KINGROOT.SF, km, classes.dex
Specifically in the release channel# (channel.ini), the encrypted properties file (propertiesconfig.properties), and the (km) file.
So it's possible to have slightly different version of the payloads depending on where you've downloaded it from.
Any constructive input is welcome.
billa said:
After a bit of digging through the same versions released, one on their website (https://kingroot.net/), and the other here on xda (https://forum.xda-developers.com/devdb/project/?id=9793#downloads), it appears that the payloads have been customized through some variances contained in the following files:
channel.ini, config.properties, KINGROOT.RSA, MANIFEST.MF, KINGROOT.SF, km, classes.dex
Specifically in the release channel# (channel.ini), the encrypted properties file (propertiesconfig.properties), and the (km) file.
So it's possible to have slightly different version of the payloads depending on where you've downloaded it from.
Any constructive input is welcome.
Click to expand...
Click to collapse
Interesting.. I wonder even though the release is the same, is the build a different number ?
Do you think it might have to do with trying different methods to root the device?
gatesjunior said:
Interesting.. I wonder even though the release is the same, is the a different number ?
Click to expand...
Click to collapse
It is a different build number bro.if u look at the build number compared to first realease of 5.05 compared to latest release 5.05 theres a few extra numbers and/or letters in the new 5.05. But like one of the xda devs said if it's to the only way to get root do it because u can uninstall purify and replace kinguser with supersu
Using SuperSU is best.
gatesjunior said:
Because we have not been able to prove that is what is going on, the ability is there, but this is extremely difficult to prove. But, the Adware and Malware are real and has been reported by AVG and others.
Click to expand...
Click to collapse
noob question here, flashing a ROM will remove whole kingroot stuff ? or there is some deep thing that can't be removed ?
JIJOK said:
noob question here, flashing a ROM will remove whole kingroot stuff ? or there is some deep thing that can't be removed ?
Click to expand...
Click to collapse
yes it will