hi
i have china mobile called x310e has 1 gb ram and ICS 4.0.3 .. clone of x310e HTC windows phone .. but it's has ICS
the phone is good to me but i notice something
the free ram is around 200 mb in best case .. from 1gb ram
i dont know if this normal .. so that why i asked
i rooted the device and installed ssh on it
i typed "top" command and this is what i got ..
NB all my apps just take 75 MB
User 1%, System 3%, IOW 0%, IRQ 0%
User 3 + Nice 1 + Sys 10 + Idle 294 + IOW 0 + IRQ 0 + SIRQ 1 = 309
PID PR CPU% S #THR VSS RSS PCY UID Name
19889 0 1% R 1 1016K 416K fg root top
18556 0 0% S 1 1216K 256K fg root /data/data/br.com.bott.droidsshd/files/bin/dropbear
18367 0 0% S 1 0K 0K fg root tx_thread
48 0 0% S 1 0K 0K fg root mmcqd/0
237 0 0% S 81 403620K 66080K fg system system_server
137 0 0% S 1 1124K 440K fg root /system/bin/mobile_log_d
16697 0 0% S 10 289056K 31016K bg system com.android.settings
56 0 0% S 1 320K 172K fg root /sbin/ueventdworkqu
80 0 0% S 1 0K 0K fg root cfg80211
81 0 0% S 1 880K 236K fg system /system/bin/servicemanager
82 0 0% S 3 4184K 548K fg root /system/bin/vold
84 0 0% S 1 732K 220K fg root /system/bin/ccci_mdinit
1 0 0% S 1 632K 488K fg root /init
88 0 0% S 2 2884K 344K fg root /system/bin/netdiag
89 0 0% S 2 2148K 396K fg root /system/bin/mobile_log_d
90 0 0% S 3 3100K 292K fg root /system/bin/debuggerd
92 0 0% S 7 46844K 21476K fg system /system/bin/surfaceflinger
93 0 0% S 4 269936K 21292K fg root zygote
94 0 0% S 3 3040K 348K fg root /system/bin/hald
95 0 0% S 2 19416K 2344K fg drm /system/bin/drmserver
96 0 0% S 12 56712K 6664K fg root /system/bin/mediaserver
97 0 0% S 1 972K 360K fg system /system/bin/mtkGD
98 0 0% S 1 1388K 236K fg bluetoot /system/bin/dbus-daemon
99 0 0% S 1 900K 296K fg root /system/bin/installd
100 0 0% S 1 1832K 448K fg keystore /system/bin/keystore
101 0 0% S 4 6144K 464K fg root /system/bin/mtk_agpsd
102 0 0% S 1 736K 244K fg system /system/bin/6620_launcher
104 0 0% S 2 4528K 464K fg root /system/bin/dm_agent_binder
105 0 0% S 2 4188K 500K fg bluetoot /system/bin/mtkbt
106 0 0% S 1 7164K 780K fg system /system/bin/mdpd
108 0 0% S 2 4520K 448K fg root /system/bin/GoogleOtaBinder
110 0 0% S 2 14284K 1520K fg root /system/bin/em_svr
111 0 0% S 2 4476K 432K fg root /system/bin/nvram_agent_binder
112 0 0% S 2 4512K 440K fg root /system/bin/nvram_backup_binder
120 0 0% S 1 752K 284K fg root /system/bin/memsicd
134 0 0% S 1 2956K 2272K fg root /system/bin/mobile_log_d
135 0 0% S 1 1132K 448K fg root /system/bin/mobile_log_d
136 0 0% S 1 1148K 464K fg root /system/bin/mobile_log_d
138 0 0% S 1 1124K 376K fg root /system/bin/mobile_log_d
163 0 0% S 1 0K 0K fg root pvr_workqueue
166 0 0% S 1 0K 0K fg root mtklfb
311 0 0% S 14 304156K 44644K fg system com.android.systemui
438 0 0% S 39 329860K 43676K fg radio com.android.phone
448 0 0% S 9 279944K 21940K fg app_39 com.mediatek.bluetooth
463 0 0% S 9 278384K 21348K fg app_12 com.google.hfapservice
995 0 0% S 10 279252K 23440K fg radio com.mediatek.mobilelog
16197 0 0% S 1 298124K 23464K fg app_83 berserker.android.apps.sshdroid
16493 0 0% S 16 358064K 99580K fg app_31 com.android.launcher
16563 0 0% S 28 311480K 32672K bg app_24 com.google.process.gapps
16608 0 0% S 13 285064K 28500K bg app_14 android.process.media
16638 0 0% S 1 1128K 364K fg root /system/bin/ccci_fsd
16651 0 0% S 14 14240K 488K fg root /system/bin/gsm0710muxd
16652 0 0% S 1 1232K 448K fg root /system/bin/mdlogger
16722 0 0% S 19 22172K 984K fg radio /system/bin/rild
16965 0 0% S 10 281748K 30364K fg app_30 com.android.inputmethod.latin
17318 0 0% S 1 1368K 392K fg shell /system/bin/aee_aed
18372 0 0% S 1 736K 288K fg log /system/bin/logwrapper
18374 0 0% S 1 2472K 896K fg wifi /system/bin/wpa_supplicant
18376 0 0% S 1 740K 300K fg log /system/bin/logwrapper
18377 0 0% S 1 972K 416K fg dhcp /system/bin/dhcpcd
18557 0 0% S 1 764K 368K fg root -sh
18563 0 0% S 11 282412K 24152K bg app_24 com.google.android.gsf.login
18738 0 0% S 9 278380K 23356K fg radio com.mediatek.mdlogger
19106 0 0% S 1 0K 0K fg root kworker/u:2
19113 0 0% S 15 288948K 29388K bg app_72 com.whatsapp
19242 0 0% S 1 0K 0K fg root kworker/u:3
19296 0 0% S 17 292528K 28944K bg app_11 com.google.android.apps.maps:NetworkLocationService
19330 0 0% S 20 295784K 30860K bg app_11 com.google.android.apps.maps:LocationFriendService
19350 0 0% S 15 296460K 29340K bg app_2 com.android.contacts
19365 0 0% S 14 325248K 48676K bg app_2 android.process.acore
19385 0 0% S 1 0K 0K fg root kworker/0:3
19473 0 0% S 15 297296K 53908K bg app_20 com.android.gallery3d
19554 0 0% S 14 290904K 31284K bg app_17 com.mediatek.filemanager
19584 0 0% S 11 281316K 24744K bg app_36 com.google.android.apps.uploader
19634 0 0% S 16 287628K 27488K bg app_59 com.google.android.talk
19667 0 0% S 9 278356K 23784K bg radio com.android.ActivityNetwork
19679 0 0% S 14 298144K 42288K bg app_37 com.android.mms
19750 0 0% S 19 294672K 30960K bg app_11 com.google.android.apps.maps
19768 0 0% S 1 0K 0K fg root kworker/0:0
19876 0 0% S 10 279424K 24128K bg system com.mediatek.atci.service
87 0 0% S 6 8432K 1096K fg root /system/bin/netd
Click to expand...
Click to collapse
i delete some lines cuz it's has zero use of ram and cpu
waiting the response
murad052 said:
hi
i have china mobile called x310e i phone is good to me but i notice somthing
the free ram is around 200 mb in best case
i dont know if this normal .. so that why i asked
i rooted the device and installed ssh on it
i typed "top" command and this is what i got ..
i delete some lines cuz it's has zero use of ram and cpu
waiting the response
Click to expand...
Click to collapse
That model number is for the HTC Titan, which is a Windows Phone 7 phone...
But anyways, assuming you're on Android, free RAM is wasted RAM. Just because your RAM is filled with apps you're not using doesn't mean they're actually running. And you have to remember the OS itself takes up memory as well. It's the way Linux works; don't worry, it's a very efficient OS.
this is screen shot
but it's abnormal i think .. i used to have orginal s2 and it's show much of ram than this one
Any update
Sent from my X310e using XDA
Related
Hi,
i have nexus S with IMM76D_deodexed. I had preciously 4.0.3, then 4.0.4 - IMM26. Now IMM76D, CWM.
With IMM76D I hoped all will be solved, but not.
before updating to IMM76D I did:
back to factory reset
format SD card
clean Dalvik
clean /system except /boot
Now i think, I'm only one, who has infamous autotate high cpu usage bug
- without autorotate (cpu usage is normal):
Code:
top -m 100 -d 1 -n 1 | head -20
User 0%, System 3%, IOW 0%, IRQ 0%
User 0 + Nice 0 + Sys 4 + Idle 99 + IOW 0 + IRQ 0 + SIRQ 0 = 103
PID PR CPU% S #THR VSS RSS PCY UID Name
11891 0 7% R 1 1000K 396K bg root top
11867 0 0% S 1 0K 0K fg root kworker/0:0
11814 0 0% S 11 273628K 23708K bg app_70 com.google.android.maps.mytracks
132 0 0% S 81 369556K 45464K fg system system_server
330 0 0% S 25 294536K 29760K fg radio com.android.phone
8 0 0% S 1 0K 0K fg root sync_supers
9 0 0% S 1 0K 0K fg root bdi-default
10 0 0% S 1 0K 0K fg root kblockd
11 0 0% S 1 0K 0K fg root khubd
12 0 0% S 1 0K 0K fg root kinteractiveup
14 0 0% S 1 0K 0K fg root kswapd0
15 0 0% S 1 0K 0K fg root fsnotify_mark
16 0 0% S 1 0K 0K fg root crypto
with autorotate - system_server
Code:
top -m 100 -d 1 -n 1 | head -20
User 7%, System 12%, IOW 0%, IRQ 0%
User 6 + Nice 2 + Sys 13 + Idle 85 + IOW 0 + IRQ 0 + SIRQ 0 = 106
PID PR CPU% S #THR VSS RSS PCY UID Name
132 0 14% S 81 369572K 45768K fg system system_server
12030 0 5% R 1 1004K 400K bg root top
200 0 3% S 17 285416K 33964K fg system com.android.systemui
78 0 2% S 8 42944K 16884K fg system /system/bin/surfaceflinger
290 0 0% S 1 2464K 636K fg wifi /system/bin/wpa_supplicant
223 0 0% S 1 0K 0K fg root dhd_dpc
11939 0 0% S 1 0K 0K fg root kworker/0:1
10 0 0% S 1 0K 0K fg root kblockd
11 0 0% S 1 0K 0K fg root khubd
12 0 0% S 1 0K 0K fg root kinteractiveup
14 0 0% S 1 0K 0K fg root kswapd0
15 0 0% S 1 0K 0K fg root fsnoti
again top with Threads
Code:
User 5%, System 12%, IOW 0%, IRQ 0%
User 15 + Nice 3 + Sys 39 + Idle 254 + IOW 0 + IRQ 0 + SIRQ 0 = 311
PID TID PR CPU% S VSS RSS PCY UID Thread Proc
132 146 0 7% D 369572K 45768K fg system system_server system_server
12028 12028 0 4% R 1192K 588K bg root top top
132 166 0 2% S 369572K 45768K fg system er$SensorThread system_server
132 148 0 2% S 369572K 45768K fg system er.ServerThread system_server
132 147 0 1% S 369572K 45768K fg system SensorService system_server
200 200 0 0% S 285416K 33964K fg system ndroid.systemui com.android.systemui
11864 11864 0 0% S 0K 0K fg root kworker/u:2
11939 11939 0 0% S 0K 0K fg root kworker/0:1
78 111 0 0% S 42944K 16884K fg system SurfaceFlinger /system/bin/surfaceflinger
132 187 0 0% S 369572K 45768K fg system WifiService system_server
What should i do?
edit:
strace is writing following block repeatedly like crazy
strace -f -T -v -p 132
Code:
(Timeout) <0.000037>
[pid 147] write(103, "h\0\0\0\0\0\0\0\1\0\0\0\0\0\0\0pe\34d\2340\0\0\354\337\267?>\205\[email protected]\275"..., 104 <unfinished ...>
[pid 166] <... epoll_wait resumed> ) = 1 <0.031740>
[pid 166] read(102, "h\0\0\0\0\0\0\0\1\0\0\0\0\0\0\0pe\34d\2340\0\0\354\337\267?>\205\[email protected]\275"..., 104) = 104 <0.000034>
[pid 166] clock_gettime(CLOCK_MONOTONIC, {53448, 257720074}) = 0 <0.000030>
[pid 166] write(46, "W"..., 1) = 1 <0.000278>
[pid 166] read(102, 0x519ebb80, 104) = -1 EAGAIN (Resource temporarily unavailable) <0.000032>
[pid 166] epoll_wait(0x6a, 0x519eb9f0, 0x10, 0xffffffff <unfinished ...>
[pid 148] <... epoll_wait resumed> ) = 1 <0.029798>
[pid 148] read(45, "W"..., 16) = 1 <0.000038>
[pid 148] clock_gettime(CLOCK_MONOTONIC, {53448, 261245950}) = 0 <0.000035>
[pid 148] getpid() = 132 <0.000090>
[pid 148] getuid32() = 1000 <0.000029>
[pid 148] epoll_wait(0x2f, 0x50787a90, 0x10, 0) = 0 <0.000032>
[pid 148] clock_gettime(CLOCK_MONOTONIC, {53448, 263335575}) = 0 <0.000276>
[pid 148] epoll_wait(0x2f, 0x50787a90, 0x10, 0xa6d7 <unfinished ...>
[pid 147] <... write resumed> ) = 104 <0.008302>
[pid 147] poll([{fd=37, events=POLLIN}, {fd=38, events=POLLIN}, {fd=42, events=POLLIN}, {fd=43, events=POLLIN}, {fd=41, events=POLLIN}], 5, -1 <unfinished ...>
[pid 146] <... write resumed> ) = 16 <0.012667>
[pid 146] ioctl(39, 0x80066108, 0x50587ec0) = 0 <0.016268>
[pid 146] write(36, "\0\0\0\0\0\0\0\0\2\0\0\0]\1\0\0"..., 16) = 16 <0.000044>
[pid 146] write(36, "\0\0\0\0\0\0\0\0\2\0\1\0J\0\0\0"..., 16) = 16 <0.000300>
[pid 146] write(36, "\0\0\0\0\0\0\0\0\2\0\2\0G\1\0\0"..., 16) = 16 <0.000039>
[pid 146] write(36, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 16 <unfinished ...>
[pid 147] <... poll resumed> ) = 1 ([{fd=42, revents=POLLIN}]) <0.021342>
[pid 147] read(42, "\310\320\0\0\352P\4\0\2\0\0\0]\1\0\0\310\320\0\0\333T\4\0\2\0\1\0J\0\0\0\310"..., 512) = 64 <0.000039>
[pid 147] poll([{fd=37, events=POLLIN}, {fd=38, events=POLLIN}, {fd=42, events=POLLIN}, {fd=43, events=POLLIN}, {fd=41, events=POLLIN}], 5, 0) = 0
Hey dude,
No, you are not the only one with the auto-rotate bug. I have it too, but im on stock, non rooted ICS 4.0.4 for the Nexus S. But I can't help you either
Just wanted you to know that you are not alone.
what are the symptoms of this bug? every since i loaded 4.0.4, my phone seems to be eating up battery like crazy, also freezing up and shutting off randomly. sounds like it could be my problem.
should i just disable the auto-rotate setting for now?
00Hensley said:
what are the symptoms of this bug? every since i loaded 4.0.4, my phone seems to be eating up battery like crazy, also freezing up and shutting off randomly. sounds like it could be my problem.
should i just disable the auto-rotate setting for now?
Click to expand...
Click to collapse
It's worth a try, you can't damage anything if you do
I've been using the attached patch (against the stock ICS 3.0 kernel source, but should apply to any Nexus S 2.6.35 ICS or 3.0 kernel), which throttles the orientation sensor device and reduces system_server CPU usage to a more reasonable 2-3% (similar to Gingerbread).
Thanks for confirmation.
based on the confirmation there is new bug from me:
xxxttp://code.google.com/p/android/issues/detail?id=29965
For quick autorotate on and off i'm using quick app:
xxxttps://play.google.com/store/apps/details?id=com.friedflow.autorotate&feature=order_history
Thanks for the kernel patch... but i think, i will not building kernel...
i don't understand, why these bugs are not fixed yet... Like USB slow file transfer...
steven676 said:
I've been using the attached patch (against the stock ICS 3.0 kernel source, but should apply to any Nexus S 2.6.35 ICS or 3.0 kernel), which throttles the orientation sensor device and reduces system_server CPU usage to a more reasonable 2-3% (similar to Gingerbread).
Click to expand...
Click to collapse
How's this patching working out for you? Any side effects to watch out for? Also, did you find anything more refined along the way?
Thanks!
InstigatorX said:
How's this patching working out for you? Any side effects to watch out for? Also, did you find anything more refined along the way?
Click to expand...
Click to collapse
I've been carrying this patch since December with absolutely no ill effects, and given that it works, I haven't bothered to look for better solutions ...
steven676 said:
I've been carrying this patch since December with absolutely no ill effects, and given that it works, I haven't bothered to look for better solutions ...
Click to expand...
Click to collapse
Any hints how to apply this patch?
Hello, I decided that I will analyse running processes and figure out why is my battery not lasting more then half a day usually. For that I figured maybe running
adb shell top
will work. I could send this to a file and later make some analysis of the results. The problem is that it looks like this
Code:
800%cpu 10%user 0%nice 17%sys 772%idle 1%iow 0%irq 0%sirq 0%host
←[7m PID USER PR NI VIRT RES SHR S[%CPU] %MEM TIME+ ARGS ←[0m
28364 system 20 0 2.2G 83M 61M S 15.3 2.4 1:08.09 com.samsung.and+
31155 u0_a193 20 0 2.1G 69M 40M S 4.6 2.0 6:00.62 com.facebook.or+
30834 shell 20 0 11M 4.3M 3.3M R 2.3 0.1 0:00.85 top
3246 system 12 -8 1.6G 14M 11M S 2.3 0.4 249:18.01 surfaceflinger
26367 system 10 -10 2.7G 106M 89M S 1.3 3.0 1:14.78 com.samsung.and+
22515 root 20 0 0 0 0 S 1.3 0.0 0:03.16 [kworker/u16:4]
3825 system 10 -10 3.4G 182M 81M S 1.0 5.2 572:07.02 system_server
971 root 20 0 0 0 0 S 1.0 0.0 151:39.30 [kswapd0]
29785 u0_a209 20 0 1.7G 67M 52M S 0.3 1.9 0:03.20 com.microsoft.o+
21383 root 0 -20 0 0 0 S 0.3 0.0 0:00.84 [kworker/1:0H]
20039 u0_a213 20 0 2.9G 56M 47M S 0.3 1.6 9:15.59 com.digibites.a+
3132 logd 30 10 31M 13M 836K S 0.3 0.3 25:29.47 logd
679 root 20 0 0 0 0 S 0.3 0.0 5:34.54 [kcompactd0]
13 root RT 0 0 0 0 S 0.3 0.0 2:00.01 [migration/1]
30749 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 [kworker/u17:2]
30699 u0_a379 20 0 2.2G 98M 82M S 0.0 2.8 0:00.95 org.androworks.+
30670 advmodem 20 0 2.2G 74M 65M S 0.0 2.1 0:00.33 com.samsung.and+
30661 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 [kworker/0:0H]
30652 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 [kworker/7:2H]
30651 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 [kworker/5:0H]
the process names are cut. Is there a way to make top command write wider columns? Linux top knows -w but adb top does not.
Seems like running -b makes it wide enough but it shows all processes and not just the top few which would be enough.
I can see that it's also formatted wrong and the column headers don't match the values below. Jeez...
Firmware A11 and new updated A13 Europe Version.
I have a *.txt which permanently stores every opened app internally with timestamp and other code unknown to me. After the deletion it will be created again immediately.
The exact name of the file is: proces_reclaim_info.txt
and is located in the internal memory in the main path.
The internal logger for problems is off [*#800#], so that can't be it.
Code looks like it:
[1574173879.537943][ a.fennec_fdroid 6 -2 ],[ 0 0 1 0 ],[ 0 0 ],[ 0 0 0 ],[ 0x0 0x12c00000 1024 332 ]**
[1574173879.562996][ .qcrilmsgtunnel 6 0 ],[ 1610 72 9 1959 ],[ 17 0 ],[ 25 17 0 ],[ 0x0 0x0 1024 332 ]**
[1574173879.582098][ ndroid.keychain 6 0 ],[ 2414 248 9 1966 ],[ 7 0 ],[ 40 24 2 ],[ 0x0 0x0 1024 332 ]**
[1574173879.583457][ .qualityprotect 6 0 ],[ 1682 220 9 2053 ],[ 7 0 ],[ 16 14 0 ],[ 0x0 0x0 1024 332 ]**
[1574173879.593519][ com.coloros.sau 6 0 ],[ 2274 581 9 2150 ],[ 3 0 ],[ 55 12 1 ],[ 0x0 0x0 1024 332 ]**
[1574173879.600195][ id.defcontainer 6 0 ],[ 2067 70 9 1930 ],[ 0 0 ],[ 16 0 1 ],[ 0x0 0x0 1024 332 ]**
[1574173879.605341][ oros.appmanager 6 0 ],[ 1849 223 9 1946 ],[ 21 0 ],[ 20 11 0 ],[ 0x
any ideas?
Maybe other people have the same file in the storage?
I have the same problem as you,You delete it and then it reappears, honestly it seems to me that you send a lot of data, and this thing bothers me a lot... I'm thinking of selling the phone because this reason...
I have a Motorola xt1527 which is rooted and I use it with AdAway which needs hosts file access. I also use EasyTether on it to tether over USB to a Raspberry Pi, which becomes a wifi AP, I use half a dozen phones, tablets, computers through it, ad-filtered I have a T-Mobile unlimited data plan, it's worked out well for a few years due to a lack of rural internet.
Along comes a new friend who claims I'm sending her SMS malware (ooo I've been hacked) so she keeps me blocked. Maybe the phone has something, the malware tools I've tried don't run under an Android version that old (5.02). How can I scan and clean the phone of malware? I've scanned and cleaned lots of Windows computers of viruses, mad a living at it for years. Same idea once you have the tools right?
Mostly the phone's an internet connection, I've rarely talked on it. It sits with the volume turned down. I did a few months start using MightyText, an app that runs on it and puts SMS from it on their website so I can access it remotely.
OK, I was hoping for a Windows-type solution. But here I am a retired IT guy with 27 years unix experience and a rooted Android phone. The first thing that jumps out at me is that ps ax shows nothing, only a header line. How? It is a Termux version/. On a similar but non-rooted phone ps ax shows processes as I'd expect, I can try to copy that one over.
Top shows me this but I'm not sure what shouldn't be there:
Code:
User 1%, System 1%, IOW 0%, IRQ 0%
User 17 + Nice 0 + Sys 21 + Idle 1206 + IOW 1 + IRQ 0 + SIRQ 0 = 1245
PID PR CPU% S #THR VSS RSS PCY UID Name
22276 1 1% R 1 2492K 1040K unk root top
234 2 0% S 17 61400K 4696K fg system /system/bin/surfaceflinger
1118 0 0% S 102 812644K 70464K fg system system_server
18663 0 0% D 1 0K 0K root mdss_fb0
19179 1 0% S 13 665164K 25664K bg u0_a154 com.bb.microcpu
81 0 0% S 1 0K 0K unk root kswapd0
22236 0 0% S 1 0K 0K root kworker/u8:7
1799 0 0% S 40 724580K 29968K fg radio com.android.phone
1437 1 0% S 32 768988K 51668K fg u0_a42 com.android.systemui
19102 2 0% S 1 0K 0K root kworker/2:0
18820 1 0% S 1 0K 0K root kworker/1:1
5054 2 0% S 54 707472K 20284K fg u0_a108 eu.easytether.pro:engine
8 0 0% S 1 0K 0K unk root rcu_preempt
54 0 0% S 1 0K 0K unk root system
134 0 0% S 1 0K 0K unk root cfinteractive
12 1 0% S 1 0K 0K root ksoftirqd/1
21668 0 0% S 1 0K 0K root kworker/u8:3
33 0 0% D 1 0K 0K root kworker/u9:0
20554 0 0% S 1 6216K 388K unk root daemonsu:10101:20551
30175 2 0% S 93 839104K 48944K bg u0_a105 com.estrongs.android.pop
31 1 0% S 1 0K 0K root smsm_cb_wq
34 1 0% S 1 0K 0K root rpm-smd
35 1 0% S 1 0K 0K root kworker/u9:1
36 0 0% S 1 0K 0K unk root irq/47-cpr
37 1 0% S 1 0K 0K root deferwq
38 1 0% S 1 0K 0K root mpm
49 1 0% S 1 0K 0K root writeback
50 1 0% S 1 0K 0K root bioset
51 1 0% S 1 0K 0K root crypto
52 1 0% S 1 0K 0K root kblockd
53 1 0% S 1 0K 0K unk root khubd
55 1 0% S 1 0K 0K unk root irq/75-msm_iomm
56 1 0% S 1 0K 0K unk root irq/75-msm_iomm
57 1 0% S 1 0K 0K unk root irq/273-msm_iom
58 1 0% S 1 0K 0K unk root irq/274-msm_iom
59 1 0% S 1 0K 0K unk root irq/102-msm_iom
60 1 0% S 1 0K 0K unk root irq/102-msm_iom
61 1 0% S 1 0K 0K unk root irq/102-msm_iom
62 1 0% S 1 0K 0K unk root irq/102-msm_iom
63 1 0% S 1 0K 0K unk root irq/102-msm_iom
64 1 0% S 1 0K 0K unk root irq/102-msm_iom
65 1 0% S 1 0K 0K unk root irq/102-msm_iom
66 1 0% S 1 0K 0K unk root irq/102-msm_iom
67 1 0% S 1 0K 0K unk root irq/102-msm_iom
68 1 0% S 1 0K 0K unk root irq/102-msm_iom
69 1 0% S 1 0K 0K unk root irq/102-msm_iom
70 1 0% S 1 0K 0K unk root irq/102-msm_iom
71 1 0% S 1 0K 0K unk root irq/102-msm_iom
72 1 0% S 1 0K 0K unk root irq/102-msm_iom
73 1 0% S 1 0K 0K unk root irq/102-msm_iom
74 1 0% S 1 0K 0K unk root irq/102-msm_iom
75 1 0% S 1 0K 0K unk root irq/102-msm_iom
76 1 0% S 1 0K 0K unk root irq/102-msm_iom
77 1 0% S 1 0K 0K unk root irq/102-msm_iom
78 1 0% S 1 0K 0K unk root irq/102-msm_iom
79 1 0% S 1 0K 0K root devfreq_wq
80 1 0% S 1 0K 0K root cfg80211
82 0 0% S 1 0K 0K unk root fsnotify_mark
101 1 0% D 1 0K 0K unk root mdss_dsi_event
102 1 0% S 1 0K 0K root apr_driver
103 1 0% S 1 0K 0K root pil_vote_wq
104 1 0% S 1 0K 0K root mem_share_svc
105 1 0% S 1 0K 0K root qmi_hndl0000000
106 1 0% S 1 0K 0K root msm_ipc_router
107 1 0% S 1 0K 0K unk root hwrng
108 1 0% S 1 0K 0K root diag_real_time_
109 2 0% S 1 0K 0K root diag_modem_data
110 1 0% S 1 0K 0K root diag_lpass_data
111 2 0% S 1 0K 0K root diag_wcnss_data
112 1 0% S 1 0K 0K root diag_wq
113 2 0% S 1 0K 0K root diag_usb_wq
114 0 0% S 1 0K 0K root diag_cntl_wq
115 0 0% S 1 0K 0K root diag_dci_wq
116 1 0% S 1 0K 0K root kgsl-3d0
117 1 0% S 1 0K 0K root kgsl-events
118 1 0% S 1 0K 0K root governor_msm_ad
119 1 0% S 1 0K 0K root kgsl_devfreq_wq
120 1 0% S 1 0K 0K root proximity_als
121 0 0% S 1 0K 0K unk root spi0
124 1 0% S 1 0K 0K root stml0xx_wq
125 1 0% S 1 0K 0K root usbnet
126 1 0% S 1 0K 0K root sharedmem_qmi_w
127 1 0% S 1 0K 0K root qmi_hndl0000000
128 1 0% S 1 0K 0K root k_gserial
129 1 0% S 1 0K 0K root rmi_det_workque
132 0 0% S 1 0K 0K root msm_cpp_workque
133 0 0% S 1 0K 0K unk root irq/322-max170x
135 0 0% S 1 0K 0K unk root irq/170-7824900
136 0 0% S 1 0K 0K unk root irq/253-7864900
137 1 0% S 1 0K 0K unk root irq/288-7864900
158 1 0% S 1 0K 0K root binder
159 1 0% S 1 0K 0K root usb_bam_wq
160 1 0% S 1 0K 0K unk root krfcommd
161 0 0% S 1 0K 0K unk root irq/461-wcnss
162 0 0% S 1 0K 0K unk root irq/429-modem
163 0 0% S 1 0K 0K root msm_vidc_worker
164 0 0% S 1 0K 0K root pm_workerq_venu
166 0 0% S 1 0K 0K unk root irq/321-fan5404
167 1 0% S 1 0K 0K unk root kcompact
168 1 0% S 1 0K 0K root rq_stats
169 1 0% S 1 0K 0K root bam_dmux_rx
170 1 0% S 1 0K 0K root bam_dmux_tx
171 1 0% S 1 0K 0K root k_bam_data
172 1 0% S 1 0K 0K root f_mtp
173 1 0% S 1 0K 0K unk root file-storage
174 0 0% S 1 0K 0K unk root msm_thermal:hot
175 2 0% S 1 0K 0K unk root msm_thermal:fre
176 2 0% S 1 0K 0K unk root msm_thermal:the
177 0 0% S 1 0K 0K unk root mmcqd/0
178 1 0% S 1 0K 0K unk root mmcqd/0rpmb
179 0 0% S 1 0K 0K unk root mmcqd/1
183 0 0% S 1 0K 0K unk root jbd2/mmcblk0p42
184 1 0% S 1 0K 0K root ext4-dio-unwrit
186 0 0% S 1 0K 0K unk root f2fs_gc-259:12
190 0 0% S 1 0K 0K unk root jbd2/mmcblk0p43
191 0 0% S 1 0K 0K root ext4-dio-unwrit
192 0 0% S 1 0K 0K unk root jbd2/mmcblk0p31
193 1 0% S 1 0K 0K root ext4-dio-unwrit
194 0 0% S 1 0K 0K unk root jbd2/mmcblk0p1-
195 0 0% S 1 0K 0K root ext4-dio-unwrit
196 0 0% S 1 0K 0K root ext4-dio-unwrit
197 1 0% S 1 0K 0K root kworker/1:1H
223 0 0% S 1 0K 0K root IPCRTR
225 2 0% S 1 0K 0K root modem_IPCRTR
229 2 0% S 5 8020K 2404K unk logd /system/bin/logd
230 0 0% S 1 1584K 188K fg root /sbin/healthd
231 0 0% S 1 2368K 368K unk root /system/bin/lmkd
232 3 0% S 1 1176K 376K unk system /system/bin/servicemanager
233 3 0% S 3 5828K 516K unk root /system/bin/vold
236 0 0% S 2 3172K 324K unk system /system/bin/rfs_access
238 3 0% S 1 2888K 296K unk system /system/bin/qseecomd
245 0 0% S 5 6948K 308K unk nobody /system/bin/rmt_storage
246 2 0% S 1 0K 0K root kworker/2:1H
251 3 0% S 1 0K 0K root kworker/3:1H
257 1 0% S 1 0K 0K unk root kauditd
263 3 0% S 5 7100K 192K unk system /system/bin/qseecomd
279 0 0% S 20 38300K 1132K unk radio /system/bin/rild
281 1 0% S 2 14988K 312K fg drm /system/bin/drmserver
284 1 0% S 1 1136K 304K unk install /system/bin/installd
286 0 0% S 1 4480K 424K fg keystore /system/bin/keystore
291 3 0% S 31 35156K 260K unk root /system/bin/thermal-engine
292 2 0% S 1 1760K 112K unk system /system/bin/wcnss_service
300 0 0% S 1 1808K 228K unk gps /system/bin/loc_launcher
303 3 0% S 4 8008K 360K unk system /system/bin/ATFWD-daemon
304 3 0% S 3 12772K 252K unk camera /system/bin/mm-qcamera-daemon
305 0 0% S 4 6484K 292K unk system /system/bin/time_daemon
306 0 0% S 3 10392K 284K fg system /system/bin/audiod
318 0 0% S 1 1780K 112K unk diag /system/bin/dropboxd
352 0 0% S 2 4928K 444K unk radio /system/bin/qmuxd
356 3 0% S 2 33208K 396K unk system /system/bin/mm-pp-daemon
362 0 0% S 1 372K 4K unk mot_esdf /system/bin/esdpll
381 0 0% S 7 11128K 348K unk radio /system/bin/netmgrd
396 2 0% S 2 8400K 264K unk mot_tcmd /system/bin/tcmd
436 0 0% S 3 5832K 432K unk radio /system/bin/qmi_motext_hook
521 0 0% S 1 0K 0K root IPCRTR
544 0 0% S 1 0K 0K root wcnss_IPCRTR
667 0 0% S 1 1092K 112K unk root daemonsu:mount:master
673 0 0% S 1 912K 356K unk root /sbin/ueventd
802 1 0% S 4 4164K 236K unk root daemonsu:master
832 0 0% S 9 13248K 492K unk root /system/bin/netd
833 0 0% S 11 37972K 2816K fg media /system/bin/mediaserver
834 3 0% S 1 1816K 264K unk radio /system/bin/subsystem_ramdump
835 2 0% S 6 654840K 14012K unk root zygote
933 0 0% S 22 833824K 33144K bg u0_a16 com.google.android.gms.unstable
1392 1 0% S 1 0K 0K unk root VosWDThread
1394 0 0% S 1 0K 0K unk root VosMCThread
1395 0 0% S 1 0K 0K unk root VosTXThread
1396 2 0% S 1 0K 0K unk root VosRXThread
1404 0 0% S 13 679772K 20844K bg u0_a103 org.galexander.sshd
1414 0 0% S 1 0K 0K unk root wlan_logging_th
1419 0 0% S 2 7464K 700K unk wifi /system/bin/wpa_supplicant
1455 3 0% S 14 664284K 12456K fg system com.motorola.process.slpc
1488 0 0% S 15 667308K 13252K fg u0_a40 com.motorola.slpc
1523 1 0% S 18 669112K 15092K fg u0_a24 com.motorola.modemservice
1618 0 0% S 16 866176K 27032K fg u0_a31 com.motorola.motodisplay
1645 1 0% S 14 805156K 13884K fg u0_a43 com.google.android.googlequicksearchbox:interactor
1684 3 0% S 19 676008K 28652K fg u0_a123 org.pocketworkstation.pckeyboard
1758 1 0% S 22 677212K 23268K fg system com.motorola.process.system
1777 3 0% S 14 665108K 12824K fg radio com.android.server.telecom
1818 0 0% S 41 731924K 38816K bg u0_a157 com.teslacoilsw.launcher
1970 0 0% S 1 0K 0K unk root loop0
1971 3 0% S 1 0K 0K root kdmflush
1983 2 0% S 1 0K 0K root bioset
1984 2 0% S 1 0K 0K root kcryptd_io
1985 2 0% S 1 0K 0K root kcryptd
1986 2 0% S 1 0K 0K unk root dmcrypt_write
1987 2 0% S 1 0K 0K root bioset
1988 1 0% S 1 0K 0K root ext4-dio-unwrit
2028 0 0% S 1 0K 0K unk root loop1
2032 1 0% S 1 0K 0K root kdmflush
2033 1 0% S 1 0K 0K root bioset
2034 1 0% S 1 0K 0K root kcryptd_io
2035 1 0% S 1 0K 0K root kcryptd
2036 1 0% S 1 0K 0K unk root dmcrypt_write
2037 1 0% S 1 0K 0K root bioset
2039 1 0% S 1 0K 0K root ext4-dio-unwrit
2104 2 0% S 1 0K 0K unk root loop2
2106 1 0% S 1 0K 0K root kdmflush
2107 1 0% S 1 0K 0K root bioset
2108 1 0% S 1 0K 0K root kcryptd_io
2109 1 0% S 1 0K 0K root kcryptd
2110 3 0% S 1 0K 0K unk root dmcrypt_write
2111 1 0% S 1 0K 0K root bioset
2112 1 0% S 1 0K 0K root ext4-dio-unwrit
2249 2 0% S 1 0K 0K root loop4
2250 2 0% S 1 0K 0K root kdmflush
2251 2 0% S 1 0K 0K root bioset
2252 2 0% S 1 0K 0K root kcryptd_io
2253 1 0% S 1 0K 0K root kcryptd
2254 1 0% S 1 0K 0K root dmcrypt_write
2255 1 0% S 1 0K 0K root bioset
2256 2 0% S 1 0K 0K root ext4-dio-unwrit
2275 2 0% S 1 0K 0K root loop5
2276 1 0% S 1 0K 0K root kdmflush
2277 0 0% S 1 0K 0K root bioset
2278 0 0% S 1 0K 0K root kcryptd_io
2279 0 0% S 1 0K 0K root kcryptd
2280 1 0% S 1 0K 0K root dmcrypt_write
2281 0 0% S 1 0K 0K root bioset
2282 1 0% S 1 0K 0K root ext4-dio-unwrit
2283 0 0% S 1 0K 0K root loop6
2284 0 0% S 1 0K 0K root kdmflush
2285 0 0% S 1 0K 0K root bioset
2286 0 0% S 1 0K 0K root kcryptd_io
2287 0 0% S 1 0K 0K root kcryptd
2288 2 0% S 1 0K 0K root dmcrypt_write
2289 0 0% S 1 0K 0K root bioset
2290 0 0% S 1 0K 0K root ext4-dio-unwrit
2306 0 0% S 1 0K 0K root loop7
2307 2 0% S 1 0K 0K root kdmflush
2308 0 0% S 1 0K 0K root bioset
2309 1 0% S 1 0K 0K root kcryptd_io
2310 1 0% S 1 0K 0K root kcryptd
2311 2 0% S 1 0K 0K root dmcrypt_write
2312 1 0% S 1 0K 0K root bioset
2313 2 0% S 1 0K 0K root ext4-dio-unwrit
2315 0 0% S 1 0K 0K root loop8
2316 2 0% S 1 0K 0K root kdmflush
2317 2 0% S 1 0K 0K root bioset
2318 2 0% S 1 0K 0K root kcryptd_io
2319 2 0% S 1 0K 0K root kcryptd
2320 2 0% S 1 0K 0K root dmcrypt_write
2321 2 0% S 1 0K 0K root bioset
2322 2 0% S 1 0K 0K root ext4-dio-unwrit
2324 1 0% S 1 0K 0K root loop9
2325 1 0% S 1 0K 0K root kdmflush
2326 0 0% S 1 0K 0K root bioset
2327 1 0% S 1 0K 0K root kcryptd_io
2328 1 0% S 1 0K 0K root kcryptd
2329 0 0% S 1 0K 0K root dmcrypt_write
2330 1 0% S 1 0K 0K root bioset
2331 1 0% S 1 0K 0K root ext4-dio-unwrit
2334 0 0% S 1 0K 0K root loop10
2335 2 0% S 1 0K 0K root kdmflush
2336 0 0% S 1 0K 0K root bioset
2337 0 0% S 1 0K 0K root kcryptd_io
2338 0 0% S 1 0K 0K root kcryptd
2339 0 0% S 1 0K 0K root dmcrypt_write
2340 0 0% S 1 0K 0K root bioset
2341 1 0% S 1 0K 0K root ext4-dio-unwrit
2347 0 0% S 1 0K 0K root loop11
2348 3 0% S 1 0K 0K root kdmflush
2349 0 0% S 1 0K 0K root bioset
2350 2 0% S 1 0K 0K root kcryptd_io
2351 0 0% S 1 0K 0K root kcryptd
2352 0 0% S 1 0K 0K root dmcrypt_write
2353 1 0% S 1 0K 0K root bioset
2354 2 0% S 1 0K 0K root ext4-dio-unwrit
2363 0 0% S 1 0K 0K root loop12
2364 2 0% S 1 0K 0K root kdmflush
2365 0 0% S 1 0K 0K root bioset
2366 0 0% S 1 0K 0K root kcryptd_io
2367 0 0% S 1 0K 0K root kcryptd
2368 2 0% S 1 0K 0K root dmcrypt_write
2369 0 0% S 1 0K 0K root bioset
2370 0 0% S 1 0K 0K root ext4-dio-unwrit
2377 0 0% S 1 0K 0K root loop13
2378 3 0% S 1 0K 0K root kdmflush
2379 2 0% S 1 0K 0K root bioset
2380 2 0% S 1 0K 0K root kcryptd_io
2381 2 0% S 1 0K 0K root kcryptd
2382 1 0% S 1 0K 0K root dmcrypt_write
2383 2 0% S 1 0K 0K root bioset
2384 3 0% S 1 0K 0K root ext4-dio-unwrit
2427 2 0% S 1 0K 0K root loop14
2428 0 0% S 1 0K 0K root kdmflush
2429 1 0% S 1 0K 0K root bioset
2430 2 0% S 1 0K 0K root kcryptd_io
2431 3 0% S 1 0K 0K root kcryptd
1 0 0% S 1 1044K 536K unk root /init
2433 0 0% S 1 0K 0K root bioset
2434 0 0% S 1 0K 0K root ext4-dio-unwrit
2453 1 0% S 1 0K 0K root loop15
2454 2 0% S 1 0K 0K root kdmflush
2455 1 0% S 1 0K 0K root bioset
2456 2 0% S 1 0K 0K root kcryptd_io
2457 0 0% S 1 0K 0K root kcryptd
2458 3 0% S 1 0K 0K root dmcrypt_write
2459 3 0% S 1 0K 0K root bioset
2460 0 0% S 1 0K 0K root ext4-dio-unwrit
2486 1 0% S 1 0K 0K root loop16
2487 3 0% S 1 0K 0K root kdmflush
2488 2 0% S 1 0K 0K root bioset
2489 3 0% S 1 0K 0K root kcryptd_io
2490 3 0% S 1 0K 0K root kcryptd
2491 1 0% S 1 0K 0K root dmcrypt_write
2492 1 0% S 1 0K 0K root bioset
2493 0 0% S 1 0K 0K root ext4-dio-unwrit
2495 0 0% S 1 0K 0K root loop17
2496 1 0% S 1 0K 0K root kdmflush
2497 1 0% S 1 0K 0K root bioset
2498 0 0% S 1 0K 0K root kcryptd_io
2499 1 0% S 1 0K 0K root kcryptd
2500 1 0% S 1 0K 0K root dmcrypt_write
2501 1 0% S 1 0K 0K root bioset
2502 3 0% S 1 0K 0K root ext4-dio-unwrit
3040 0 0% S 37 727556K 46708K bg u0_a23 com.android.mms
3216 1 0% S 40 917812K 37732K bg u0_a65 com.google.android.gm
3222 1 0% S 1 3140K 244K unk root daemonsu:10125
3245 1 0% S 41 739544K 29152K fg u0_a0 com.motorola.ccc
3691 0 0% S 20 685044K 28176K fg u0_a30 com.motorola.motocare
7200 0 0% S 4 3600K 236K unk shell /sbin/adbd
7788 2 0% S 20 695804K 30240K bg system com.android.settings
7870 0 0% S 1 1740K 184K unk root /system/bin/debuggerd
16840 0 0% S 1 0K 0K root kworker/0:3
16923 3 0% S 1 0K 0K root kworker/3:0
18674 0 0% S 1 0K 0K root irq/320-synapti
18827 1 0% S 31 763360K 50008K bg u0_a112 org.thoughtcrime.securesms
18919 0 0% S 16 717620K 27852K bg u0_a105 .esfm
18970 0 0% S 15 667300K 24128K bg u0_a13 android.process.media
19144 0 0% S 1 0K 0K root kworker/u8:8
19145 1 0% S 1 0K 0K root kworker/u8:9
19146 0 0% S 1 0K 0K root kworker/u8:10
19147 1 0% S 1 0K 0K root kworker/u8:11
19236 1 0% S 15 677456K 23028K bg u0_a26 com.motorola.camera
19337 2 0% S 13 681784K 20160K bg u0_a27 com.motorola.MotGallery2
19454 0 0% S 14 664316K 17688K bg radio com.qualcomm.qcrilmsgtunnel
19599 1 0% S 14 664388K 18108K bg system com.qualcomm.telephony
19652 3 0% S 13 713484K 21548K bg u0_a105 com.estrongs.android.pop:local
20064 1 0% S 1 3224K 1412K fg u0_a101 /data/data/com.termux/files/usr/bin/bash
20551 2 0% S 1 1052K 336K fg u0_a101 /system/xbin/su
20560 1 0% S 1 1144K 608K unk root tmp-mksh
20756 1 0% S 1 0K 0K root kworker/1:0
20828 3 0% S 1 0K 0K root kworker/3:2
20829 2 0% S 1 0K 0K root kworker/2:2
21101 0 0% S 1 0K 0K root kworker/0:0
21390 1 0% S 14 669556K 22424K bg u0_a16 com.google.process.gapps
21533 1 0% S 24 706452K 42332K bg u0_a102 bbc.mobile.news.ww
21666 1 0% S 1 0K 0K root kworker/u8:1
21667 0 0% S 1 0K 0K root kworker/u8:2
21788 1 0% S 1 0K 0K root kworker/1:2
21804 0 0% S 1 0K 0K root kworker/u8:4
21805 0 0% S 1 0K 0K root kworker/u8:5
21806 0 0% S 1 0K 0K root kworker/u8:6
21903 2 0% S 1 0K 0K root kworker/2:1
22237 1 0% S 1 0K 0K root kworker/u8:12
22275 0 0% S 1 0K 0K root kworker/0:1
30503 0 0% S 105 1193908K 80704K bg u0_a16 com.google.android.gms
30534 0 0% S 58 912720K 81020K fg u0_a16 com.google.android.gms.persistent
31478 0 0% S 30 706660K 44316K fg u0_a101 com.termux
31515 1 0% S 1 3220K 264K fg u0_a101 /data/data/com.termux/files/usr/bin/bash
31538 0 0% S 1 1052K 308K fg u0_a101 /system/xbin/su
31541 0 0% S 3 6212K 92K unk root daemonsu:10101
31543 2 0% S 1 5192K 220K unk root daemonsu:10101:31538
31547 1 0% S 1 1140K 392K unk root tmp-mksh
32327 0 0% S 1 1092K 320K fg u0_a105 su
32332 0 0% S 2 6212K 104K unk root daemonsu:10105
32336 1 0% S 1 1120K 400K unk root tmp-mksh
32376 0 0% S 1 1000K 220K unk root /data/data/com.estrongs.android.pop/files/libestool2.so
32411 0 0% S 3 3032K 216K fg u0_a105 /data/data/com.estrongs.android.pop/files/libestool2.so
2432 0 0% S 1 0K 0K root dmcrypt_write
2 0 0% S 1 0K 0K root kthreadd
3 0 0% S 1 0K 0K root ksoftirqd/0
5 0 0% S 1 0K 0K root kworker/0:0H
6 0 0% D 1 0K 0K root kworker/u8:0
7 0 0% S 1 0K 0K root migration/0
9 0 0% S 1 0K 0K unk root rcu_bh
10 2 0% S 1 0K 0K unk root rcu_sched
11 1 0% S 1 0K 0K root migration/1
14 1 0% S 1 0K 0K root kworker/1:0H
15 2 0% S 1 0K 0K root migration/2
16 2 0% S 1 0K 0K root ksoftirqd/2
18 2 0% S 1 0K 0K root kworker/2:0H
19 3 0% S 1 0K 0K root migration/3
20 3 0% S 1 0K 0K root ksoftirqd/3
22 3 0% S 1 0K 0K root kworker/3:0H
23 1 0% S 1 0K 0K root khelper
24 1 0% S 1 0K 0K root netns
29 0 0% S 1 0K 0K root kworker/0:1H
30 1 0% S 1 0K 0K root smd_channel_clo
OK, so I do a list from my similar phone that's never had a sim, load them into SqlLite maybe to find some normal processes. Google the ones that are unique to see what they are.
Lookout seems about like what I had in mind, but it didn't find anything other than that the phone is rooted. It did find a trojan on another one I was trying it out on. Delighted that it runs under Android 5.02
Had problems with a phone getting infected by trojans which were installing via play services and finally tracked it down to ES file explorer. Strange thing is that I use the exact same .apk on other phones, tablets and tv boxes with no issues (the root of which I was able to track down with the help of lookups of hmma.baidu.com in the logs of my DNS server on the LAN).
Two approaches I used to check for viruses were:
1. Dump flash to a backup and then mount the .ext4 backups files on a Linux machine and run clamscan which did not find much. I've not tried a commercial windows virus scanner which might be more successful.
2. Scanned using virustotal by uploading binaries, executables,
apps & apk etc from /data and /system in multipart zip files (the service has an upload file size limit).
Virustotal found more infected files. Only issue with this scanning method is even some lineageos binaries are flagged infected or suspect.
Clamscan twice now tells me it scanned 0 files but took 15+ minutes to do it. Trying clamscan -ar dir now. Eating more cpu at least. If this would work clamscan could be made into an apk. Haven't gotten to virustotal yet. I copied the same dirs to an sd card, scanning that. segfault, oh-oh.
clamscan -ar sdcard0 > scanlog.txt 2>&1
That worked better:
----------- SCAN SUMMARY -----------
Known viruses: 8604195
Engine version: 0.103.3
Scanned directories: 414
Scanned files: 1950
Infected files: 0
Data scanned: 1847.28 MB
Data read: 1364.57 MB (ratio 1.35:1)
Time: 4435.304 sec (73 m 55 s)
Start Date: 2022:01:20 21:18:41
End Date: 2022:01:20 22:32:36
But it didn't find anything.
One of the things the victim mentioned was camera activity, so I googled and sure enough you can get a hacking kit (free?). Runs the camera, runs down the battery, makes noises. https://minspy.com/phone-hack/how-to-hack-someones-phone-camera/ Creep.
Review at https://thinkcomputers.org/the-best-free-spy-app-for-android-minspy-review/ The one ray of sunshine is that the hacker has to get his hands physically on the phone for at least 5 minutes. And probably a factory reset will wipe it out. So if you're really worried have a few phones and switch the sim around and factory reset them like every day.
OK, I've uploaded and scanned 5 GB of stuff without finding much of significance. This article https://spyic.com/phone-hack/hacking-apps-for-android/ shows how common and easy phone hacking is. This one talks a little about prevention and cleanup https://www.kaspersky.com/resource-center/threats/how-to-stop-phone-hacking
But these aren't viruses, so malware detection might work. But looking at processes running might work better, which you can do with Termux and top, even without rooting. ps ax on this phone shows nothing, which is suspicious. Top looks normal unless it's not showing system tasks and the bad guys are hiding there. But there are 390 or so tasks running, I'm working at parsing that output and loading into a database.
Well, I did a factory reset after all. The phone stayed rooted, the bootloader stayed unlocked, I just had to put easytether and adaway back in. Oh, and reinstall the Linux end of easytether for some reason. Up and running now, seems stable. The thing I'd miss most was being able to access my other computers by name over wifi while online. The ads are disgusting.
I was able to do ps ax using an old termux version and see processes running just fine after I reset it. It does seem a little slow and I get about 1 new spam a day, which may be trying to get me to click on the link and infect the phone.
All the phone's secrets should be laid bare here and malware should be apparent i I knew what to look for.
PID TTY STAT TIME COMMAND
1 ? S 0:01 /init
2 ? S 0:00 [kthreadd]
3 ? S 0:00 [ksoftirqd/0]
5 ? S< 0:00 [kworker/0:0H]
6 ? D 0:00 [kworker/u8:0]
7 ? S 0:00 [migration/0]
8 ? S 0:00 [rcu_preempt]
9 ? S 0:00 [rcu_bh]
10 ? S 0:00 [rcu_sched]
11 ? S 0:00 [migration/1]
12 ? S 0:00 [ksoftirqd/1]
14 ? S< 0:00 [kworker/1:0H]
15 ? S 0:00 [migration/2]
16 ? S 0:00 [ksoftirqd/2]
18 ? S< 0:00 [kworker/2:0H]
19 ? S 0:00 [migration/3]
20 ? S 0:00 [ksoftirqd/3]
21 ? S< 0:00 [kworker/3:0]
22 ? S< 0:00 [kworker/3:0H]
23 ? S< 0:00 [khelper]
24 ? S< 0:00 [netns]
25 ? S< 0:00 [kworker/1:1]
26 ? S< 0:00 [kworker/3:1]
28 ? S< 0:01 [kworker/0:1]
29 ? S< 0:00 [kworker/0:1H]
30 ? S< 0:00 [smd_channel_clo]
31 ? S< 0:00 [smsm_cb_wq]
32 ? S 0:00 [kworker/u8:1]
33 ? D< 0:00 [kworker/u9:0]
34 ? S< 0:00 [rpm-smd]
35 ? S< 0:00 [kworker/u9:1]
36 ? S 0:00 [irq/47-cpr]
37 ? S< 0:00 [deferwq]
38 ? S< 0:00 [mpm]
40 ? S 0:00 [kworker/u8:3]
49 ? S< 0:00 [writeback]
50 ? S< 0:00 [bioset]
51 ? S< 0:00 [crypto]
52 ? S< 0:00 [kblockd]
53 ? S 0:00 [khubd]
54 ? S 0:00 [system]
55 ? S 0:00 [irq/75-msm_iomm]
56 ? S 0:00 [irq/75-msm_iomm]
57 ? S 0:00 [irq/273-msm_iom]
58 ? S 0:00 [irq/274-msm_iom]
59 ? S 0:00 [irq/102-msm_iom]
60 ? S 0:00 [irq/102-msm_iom]
61 ? S 0:00 [irq/102-msm_iom]
62 ? S 0:00 [irq/102-msm_iom]
63 ? S 0:00 [irq/102-msm_iom]
64 ? S 0:00 [irq/102-msm_iom]
65 ? S 0:00 [irq/102-msm_iom]
66 ? S 0:00 [irq/102-msm_iom]
67 ? S 0:00 [irq/102-msm_iom]
68 ? S 0:00 [irq/102-msm_iom]
69 ? S 0:00 [irq/102-msm_iom]
70 ? S 0:00 [irq/102-msm_iom]
71 ? S 0:00 [irq/102-msm_iom]
72 ? S 0:00 [irq/102-msm_iom]
73 ? S 0:00 [irq/102-msm_iom]
74 ? S 0:00 [irq/102-msm_iom]
75 ? S 0:00 [irq/102-msm_iom]
76 ? S 0:00 [irq/102-msm_iom]
77 ? S 0:00 [irq/102-msm_iom]
78 ? S 0:00 [irq/102-msm_iom]
79 ? S< 0:00 [devfreq_wq]
80 ? S< 0:00 [cfg80211]
81 ? S 0:26 [kswapd0]
82 ? S 0:00 [fsnotify_mark]
101 ? D 0:00 [mdss_dsi_event]
102 ? S< 0:00 [apr_driver]
103 ? S< 0:00 [pil_vote_wq]
104 ? S< 0:00 [mem_share_svc]
105 ? S< 0:00 [qmi_hndl0000000]
106 ? S< 0:00 [msm_ipc_router]
107 ? S 0:01 [hwrng]
108 ? S< 0:00 [diag_real_time_]
109 ? S< 0:00 [diag_modem_data]
110 ? S< 0:00 [diag_lpass_data]
111 ? S< 0:00 [diag_wcnss_data]
112 ? S< 0:00 [diag_wq]
113 ? S< 0:00 [diag_usb_wq]
114 ? S< 0:00 [diag_cntl_wq]
115 ? S< 0:00 [diag_dci_wq]
116 ? S< 0:00 [kgsl-3d0]
117 ? S< 0:00 [kgsl-events]
118 ? S< 0:00 [governor_msm_ad]
119 ? S< 0:00 [kgsl_devfreq_wq]
120 ? S< 0:00 [proximity_als]
121 ? S 0:00 [spi0]
124 ? S< 0:00 [stml0xx_wq]
125 ? S< 0:00 [usbnet]
126 ? S< 0:00 [sharedmem_qmi_w]
127 ? S< 0:00 [qmi_hndl0000000]
128 ? S< 0:00 [k_gserial]
129 ? S< 0:00 [rmi_det_workque]
132 ? S< 0:00 [msm_cpp_workque]
133 ? S 0:00 [irq/322-max170x]
134 ? S 0:02 [cfinteractive]
135 ? S 0:00 [irq/170-7824900]
136 ? S 0:00 [irq/253-7864900]
137 ? S 0:00 [irq/288-7864900]
158 ? S< 0:00 [binder]
159 ? S< 0:00 [usb_bam_wq]
160 ? S< 0:00 [krfcommd]
161 ? S 0:00 [irq/461-wcnss]
162 ? S 0:00 [irq/429-modem]
163 ? S< 0:00 [msm_vidc_worker]
164 ? S< 0:00 [pm_workerq_venu]
167 ? S 0:00 [irq/321-fan5404]
168 ? S 0:00 [kcompact]
169 ? S< 0:00 [rq_stats]
170 ? S< 0:00 [bam_dmux_rx]
171 ? S< 0:00 [bam_dmux_tx]
172 ? S 0:00 [kworker/u8:4]
173 ? S< 0:00 [k_bam_data]
174 ? S< 0:00 [f_mtp]
175 ? S 0:00 [file-storage]
176 ? S 0:00 [msm_thermal:hot]
177 ? S 0:00 [msm_thermal:fre]
178 ? S 0:00 [msm_thermal:the]
179 ? S 0:46 [mmcqd/0]
180 ? S 0:00 [mmcqd/0rpmb]
181 ? S 0:01 [mmcqd/1]
184 ? S 0:00 [jbd2/mmcblk0p42]
185 ? S< 0:00 [ext4-dio-unwrit]
187 ? S 0:00 [f2fs_gc-259:12]
191 ? S 0:00 [jbd2/mmcblk0p43]
192 ? S< 0:00 [ext4-dio-unwrit]
193 ? S 0:00 [jbd2/mmcblk0p31]
194 ? S< 0:00 [ext4-dio-unwrit]
195 ? S 0:00 [jbd2/mmcblk0p1-]
196 ? S< 0:00 [ext4-dio-unwrit]
197 ? S< 0:00 [ext4-dio-unwrit]
199 ? S< 0:00 [kworker/1:1H]
224 ? S< 0:00 [IPCRTR]
226 ? S< 0:00 [modem_IPCRTR]
231 ? S 0:00 /sbin/healthd
232 ? S 0:01 /system/bin/lmkd
233 ? S 0:01 /system/bin/servicemanager
234 ? Sl 0:00 /system/bin/vold
235 ? S<l 0:17 /system/bin/surfaceflinger
237 ? Sl 0:00 /system/bin/rfs_access
239 ? S 0:00 /system/bin/qseecomd
240 ? S< 0:00 [kworker/3:1H]
246 ? Sl 0:00 /system/bin/rmt_storage
247 ? S< 0:00 [kworker/2:1H]
269 ? S 0:00 [kauditd]
290 ? Sl 0:00 /system/bin/qseecomd
297 ? S 0:00 /system/bin/debuggerd
299 ? Sl 0:00 /system/bin/rild
300 ? Sl 0:00 /system/bin/drmserver
302 ? S 0:00 /system/bin/installd
304 ? S 0:00 /system/bin/keystore /data/misc/keystore
308 ? S<l 0:00 /system/bin/thermal-engine
309 ? S 0:00 /system/bin/wcnss_service
317 ? S 0:00 /system/bin/loc_launcher
319 ? Sl 0:00 /system/bin/ATFWD-daemon
320 ? Sl 0:00 /system/bin/mm-qcamera-daemon
321 ? Sl 0:00 /system/bin/time_daemon
322 ? S<l 0:00 /system/bin/audiod
330 ? S 0:00 /system/bin/dropboxd
339 ? Sl 0:00 /system/bin/mm-pp-daemon
341 ? S 0:00 /system/bin/esdpll -w
342 ? Sl 0:00 /system/bin/tcmd
348 ? Sl 0:00 /sbin/adbd --root_seclabel=u:r:su:s0
354 ? Sl 0:00 /system/bin/qmuxd
389 ? Sl 0:00 /system/bin/netmgrd
423 ? Sl 0:00 /system/bin/qmi_motext_hook 6 10 18 0
480 ? D 0:01 [mdss_fb0]
512 ? S< 0:00 [IPCRTR]
627 ? S 0:00 [irq/320-synapti]
706 ? S 0:00 daemonsu:mount:master
793 ? Sl 0:00 daemonsu:master .....
820 ? S< 0:00 [kworker/2:2]
821 ? S 0:00 /sbin/ueventd
824 ? Sl 0:03 /system/bin/netd
825 ? Sl 0:06 /system/bin/mediaserver
826 ? S 0:00 /system/bin/subsystem_ramdump 1 0
827 ? Sl 0:09 zygote
1112 ? S<l 1:16 system_server
1296 ? S< 0:00 [kworker/0:4]
1313 ? S< 0:00 [kworker/1:2]
1418 ? Sl 0:09 com.android.systemui
1424 ? Sl 0:00 com.motorola.process.slpc
1468 ? Sl 0:00 com.motorola.slpc
1551 ? Sl 0:00 com.motorola.motodisplay
1579 ? Sl 0:04 com.google.android.googlequicksearchbox:interactor
1603 ? Sl 0:09 com.google.android.inputmethod.latin
1672 ? Sl 0:02 com.motorola.process.system
1689 ? Sl 0:00 com.android.server.telecom
1709 ? Sl 0:00 com.motorola.modemservice
1727 ? Sl 0:03 com.android.phone
1745 ? Sl 0:10 com.google.android.googlequicksearchbox
1850 ? Sl 0:42 com.google.android.gms.persistent
2297 ? Sl 0:16 com.google.android.googlequicksearchbox:search
2415 ? S 0:00 [kworker/u8:5]
2449 ? S< 0:00 [wcnss_IPCRTR]
3035 ? SLl 0:09 org.mozilla.firefox
3150 ? Sl 0:00 org.mozilla.firefox:tab15
3730 ? S 0:00 [kworker/u8:6]
3731 ? S 0:00 [kworker/u8:7]
3732 ? S 0:00 [kworker/u8:8]
4020 ? Sl 0:00 com.motorola.setup
4037 ? Sl 0:02 com.motorola.ccc
4078 ? Sl 0:26 com.google.android.gms
4538 ? S 0:00 daemonsu:10098 .....
4740 ? Sl 0:13 android.process.media
4921 ? Sl 0:01 com.motorola.motocare
5058 ? Sl 0:00 com.qualcomm.telephony
5098 ? Sl 0:00 com.qualcomm.qcrilmsgtunnel
5430 ? S 0:00 [kworker/u8:9]
5431 ? S 0:00 [kworker/u8:10]
5432 ? S 0:00 [kworker/u8:11]
5433 ? Sl 0:30 com.google.android.apps.nbu.files
5660 ? Sl 0:06 com.google.android.gms.unstable
6486 ? Sl 0:00 com.motorola.MotGallery2
6510 ? Sl 0:00 com.motorola.camera
6650 ? Sl 0:00 eu.easytether.pro:engine
6845 ? Sl 0:05 com.google.android.youtube
8321 ? Sl 0:00 com.android.defcontainer
9100 ? Sl 0:13 com.android.vending
9266 ? S< 0:00 [kworker/2:0]
9270 ? S 0:00 [kworker/u8:12]
9302 ? S< 0:00 [kworker/3:2]
9311 ? Sl 0:00 com.google.process.gapps
9430 ? Sl 0:09 com.termux
9493 pts/0 Ss 0:00 /data/data/com.termux/files/usr/bin/bash -l
9533 ? S 0:00 [kworker/0:0]
9542 ? S<l 0:03 com.android.chrome
9612 ? S 0:00 [kworker/0:2]
9645 ? S< 0:00 [kworker/1:0]
9649 ? S 0:00 [kworker/2:1]
9654 pts/0 R+ 0:00 ps ax
Hello
I need to get the cpu usage from my device (Lenovo Tab M8, Android os) and send it via http-request to my server.
I test it with my smartphone.
I found the app macrodroid, which can automatically send data via http-reuest. So the first step is done.
After a long searching i found the "adb shell" app. So i can test my shell command. So the second step is done
I want to use the command "top -n 1" because my devices are not rooted and i got alway "permission denied" with other commands.
The top command show a output.
THERE IS THE PROBLEM:
if i use the top command on my smarthpohne, i don't got a correct output. The %idle is always same like %cpu
if i connect my phone to my pc and run it in the windows command, it shows the correct data.
for example:
the output on the phone:
Code:
[s[999C[999B[6n[u[H[J[?25l[H[J[s[999C[999B[6n[uTasks: 2 total, 1 running, 1 sleeping, 0 stopped, 0 zombie Mem: 3.5G total, 3.4G used, 129M free, 39M buffers Swap: 2.0G total, 1.6G used, 396M free, 1.1G cached800%cpu 0%user 0%nice 0%sys 800%idle 0%iow 0%irq 0%sirq 0%host[7m PID USER PR NI VIRT RES SHR S[%CPU] %MEM TIME+ ARGS [0m[1m 7831 u0_a357 10 -10 36M 3.7M 3.0M R 4.0 0.1 0:00.00 top -n 1[m 7717 u0_a357 10 -10 33M 2.9M 2.4M S 0.0 0.0 0:00.01 sh[?25h[0m[1000;1H[K[?25h[?25h[0m[1000;1H[K
output on the pc:
Code:
Mem: 3.5G total, 3.4G used, 93M free, 40M buffers
Swap: 2.0G total, 1.6G used, 380M free, 1.0G cached
800%cpu 82%user 0%nice 124%sys 594%idle 0%iow 0%irq 0%sirq 0%host
←[7m PID USER PR NI VIRT RES SHR S[%CPU] %MEM TIME+ ARGS ←[0m
2305 u0_a357 10 -10 25G 258M 164M S 64.7 7.1 23:29.96 com.arlosoft.ma+
517 system 5 -15 1.7G 20M 14M S 44.1 0.5 207:08.58 surfaceflinger
←[mm 7844 shell 20 0 36M 4.3M 3.3M R 23.5 0.1 0:00.10 top -n 1
983 system 18 -2 12G 273M 130M S 17.6 7.5 595:30.94 system_server
←[mm 276 root RT 0 0 0 0 R 17.6 0.0 53:19.28 [decon0]
7843 root 20 0 0 0 0 S 11.7 0.0 0:00.20 [kworker/0:1]
488 system -3 -15 506M 4.3M 3.6M S 11.7 0.1 45:01.04 android.hardwar+
7385 root 0 -20 0 0 0 S 8.8 0.0 0:02.53 [kworker/u17:3]
7807 root 20 0 0 0 0 S 2.9 0.0 0:00.90 [kworker/3:2]
7542 root 20 0 0 0 0 S 2.9 0.0 0:00.00 [kworker/4:0]
2291 root 20 0 0 0 0 S 2.9 0.0 0:02.05 [kworker/u16:2]
2188 root 20 0 0 0 0 S 2.9 0.0 0:02.93 [kworker/u16:0]
7088 u0_a237 10 -10 7.4G 159M 75M S 2.9 4.3 95:05.07 com.samsung.and+
1365 radio 20 0 5.7G 43M 30M S 2.9 1.2 40:36.23 com.android.pho+
496 wifi 20 0 63M 2.8M 2.6M S 2.9 0.0 6:31.76 android.hardwar+
7757 u0_a239 20 0 4.9G 93M 79M S 0.0 2.5 0:00.32 com.samsung.and+
7745 u0_a62 20 0 4.9G 88M 74M S 0.0 2.4 0:00.17 com.sec.android+
7717 u0_a357 10 -10 33M 2.9M 2.4M S 0.0 0.0 0:00.01 sh
7628 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 [kbase_event]
←[?25h←[0m←[1000;1H←[K←[?25h←[?25h←[0m←[1000;1H←[Kstarlte:/ $ 0
how can i get this output on my device???
is it so difficult or is my question not good?
:-( i think there is no solution....