If you receive the ransomware FBI virus connect your phone to adb and do the following:
Code:
adb shell
enter
Code:
su
if you get a $ instead of a #.
Do
Code:
cd /
Apps are stored either in /data/app, /system/app, or /system/app-private. In my case it was in /data/app so check there first.
The app that was the actual virus showed up as adobe flash player under app management, but in /data/app it was titled com.porno.player1.apk
Next do
Code:
rm "app name"
for example
Code:
rm com.porno.player1.apk
Now you should be able to reboot and the virus should be gone. I hope this helps someone out.
Without su working i cant use ls -l to get the directory contents or rm any file i dont own. I tried using adb root didn't work. I also tried adb remount to to no avail. What do i need to do, everything appears to be working as i can execute all commands as long as i have the permissions as the regular user. I have windows xp and debian linux hard disk install not flash drive same result on both systems.
Is your phone rooted?
Just remembered that you have to be rooted in order to get this virus.
When you're in adb what happens when you type su?
weinerwad3000 said:
When you're in adb what happens when you type su?
Click to expand...
Click to collapse
Is much easier if you boot your phone into Safe Mode and remove the app.After the removing app remove the app's apk.
About Safe Mode:Safe Mode is a mode where no programs are starting with android only android and nothing other.Much people know the FBI Ransomware on android and pc too put's her/his files to startup and this causes:Virus is starting with android and you can't do anything.
Tibix said:
Is much easier if you boot your phone into Safe Mode and remove the app.After the removing app remove the app's apk.
About Safe Mode:Safe Mode is a mode where no programs are starting with android only android and nothing other.Much people know the FBI Ransomware on android and pc too put's her/his files to startup and this causes:Virus is starting with android and you can't do anything.
Click to expand...
Click to collapse
In my case I could not remove the app in safe mode.
Related
I'm sure i'm not the only one that has noticed that you can't update terminal emulator with modded firmware, i did a mild look through the searches, and didn't find what i was looking for, is there a means to update this, i've tried takeing it out of white list and then updating, but no go... Not that its a big deal TE works, its just an annoying knawing thing in the back of my mind, knowing there is an update on the market, and i can't have it
Delete the terminal app in terminal by
su
cd /system/app
ls
them find the app that starts with com. something
type rm -> name of the app
update it in market
card13 said:
Delete the terminal app in terminal by
su
cd /system/app
ls
them find the app that starts with com. something
type rm -> name of the app
update it in market
Click to expand...
Click to collapse
gives me a read only error, i have to chmod it first right? have no clue how to do that right now, have to look it up. Thanks for pointing me to the proper file though
It'd probably be best to use adb.exe (available in the android SDK) to remove terminal emulator rather than using terminal emulator.
Also, in order to change anything in the /system partition, you need to remount it as read/write.
With adb this is easy:
Make sure your android has debug mode enabled (which I think is by default in all JF releases)
Hook it up to your computer with the USB cable
Open up a command prompt in windows (or whatever other OS you're using that has the Android SDK) and go to the tools directory in the SDK
Type "adb devices" to make sure adb sees your phone, if it doesn't, well uh...it's not working right, and you'll have to figure out why
Type "adb remount" to remount the /system partition as read-write
Type "adb shell" this will give you shell access to your G1, from there you can delete stuff from the /system partition. I think you might also be able to use "adb uninstall" but I don't know if that works for the /system/app folder.
thanks for the info TM will play with the sdk tools and see what i can do, they have been giving me a headache on linux, but then i haven't played with linux in about 6 years.. its come along way. Thanks again for the info wait 2 secs to reload the image
I've noticed that, too. I don't see a reason why I need to update TE, the one I have works just fine.
here your answer in the link below
this will allow you to remove the terminal and install the new one from market
http://forum.xda-developers.com/showthread.php?p=3287558
how can i get the removed sprint apps
By searching for them. They're all over the place.
jerry43812 said:
By searching for them. They're all over the place.
Click to expand...
Click to collapse
root your phone.
a lot of the custom roms have them removed already but if u dont want to go that route then after rooting find the package names for the sprint apps. this can be done by searching online for them or issuing the following commands once your phone has been connected and in debugging mode:
adb shell
ls system/app
this will list all the files in that directory.
once you know the app name issue the following commands inside the shell (phone is connected to the computer in debugging mode and adb shell has been run)
rm system/app/<sprint app>.apk
Requirements:
- ClockworkMod Recovery on your device
- Know how to reboot into recovery
- Have Android SDK (adb) installed - and familiar with the concept of what it does, and know how to access it via command line - if not look around, it's everywhere on how to do this.
Disclaimer:
- What you do is your fault
Optional:
- Ability to discern what, and what not to remove
Synopsis:
This is a good technique if you're receiving 'read only' errors while trying to remove apps - namely located in /system/app
[size=+3]Method:[/size]
- Reboot into recovery - it's been said in other threads it's best to DISCONNECT USB, power down, boot into recovery and THEN replug the USB connector.
- Using the clockwork menu - navigate down to 'partitions menu' using your volume down button - then hit the power button
- From the partitions menu, select 'mount /system' and hit the power button
- From your Android SDK tools directory - check 'adb devices' - this should indicate your phone is connected and in 'recovery' mode.
e.g.:
Code:
$ adb devices
List of devices attached
HT06BR007742 recovery
- Type 'adb shell' - this will put you into a command line for your phone
- From the command shell: 'cd /system/app'
- To get a list of what you can remove, type 'ls'
- To remove an .apk - type 'rm FileName.apk'
- When you're done, it's suggested you use the clockwork menu to reboot the phone ('back to the main clockwork menu, and 'reboot device')
Further example / note:
Once logged in via 'adb shell' and the system dir is mounted via clockwork:
Code:
/system/app # ls |grep "ATT"
ATT_Maps.apk
ATT_Navigator.apk
/system/app # rm ATT_Navigator.apk
Also, a side note, you can see all available commands for this shell by typing:
Code:
ls /sbin
The list is quite comprehensive.
I hope this helps someone
thanks thinice !
Added to the sticky roll-up.
I'm not 100% on this but I was able to uninstall whatever I wanted through Titanium Backup, including the ATT bloatware once I was rooted.
I am not sure about the Titanium Backup method. I restored to stock rom with root and used Titanium backup to remove some apps. They showed as removed, however when I reboot the phone the apps are back and not removed. I could not get Titanium backup to remove the apps with root alone.
removing AT&T Radio
I have searched the forum and have not yet found the answer to this question...I have removed all of the AT&T apps that I want to remove, except, which apk is AT&T radio?
You talking about fm radio on a sense rom?
Sent from my HTC Liberty using XDA App
Ah, no I'm using my HTC Aria with the stock image. I've rooted it though, and I'm just getting rid of the included AT&T apps I do not want. This one shows up as "AT&T Radio". Just trying to figure out which apk to remove in order to remove this app.
what apps are SAFE to remove without effecting HTC Sense or Aria? we need to make a list of files/apps safe to remove. i heard one user saying removing HTC stocks caused error issues when it tried to sync.
Hello also any luck with change the radio to activate for 1700 mhz UMTS ?
wdlamb said:
Ah, no I'm using my HTC Aria with the stock image. I've rooted it though, and I'm just getting rid of the included AT&T apps I do not want. This one shows up as "AT&T Radio". Just trying to figure out which apk to remove in order to remove this app.
Click to expand...
Click to collapse
AndroidMusic.apk
Thanks, that was exactly what I was looking for.
I've worked on this a few hrs now. I got Clockwork Recovery to work. Figured out HTC Sync was reverting the phone to stock recovery somehow. Removed that though...
Have rerun Unrevoked, and I can get into clockwork. I'm not interested in changing to different ROM now, just removing ATT crap.
When I try sideloading instructions/alternate method for removing ATT stuff, I get an error in cmd:
C:\android\tools>adb remount
remount failed: Operation not permitted
adb devices returns:
List of devices attached:
<myserial#> device
Any ideas? Have I not completed the root access procedure? I thought it was part of the Unrevoked process.
ahren37 said:
I've worked on this a few hrs now. I got Clockwork Recovery to work. Figured out HTC Sync was reverting the phone to stock recovery somehow. Removed that though...
Have rerun Unrevoked, and I can get into clockwork. I'm not interested in changing to different ROM now, just removing ATT crap.
When I try sideloading instructions/alternate method for removing ATT stuff, I get an error in cmd:
C:\android\tools>adb remount
remount failed: Operation not permitted
adb devices returns:
List of devices attached:
<myserial#> device
Any ideas? Have I not completed the root access procedure? I thought it was part of the Unrevoked process.
Click to expand...
Click to collapse
Yes, I think I was getting the same problem so I did a sequence of steps in some weird sequence to actually change it. It went something like this:
1. Make sure your PATH variable is set to Tools folder of Android SDK
2. Boot your phone into Clockwork and connect to PC
3. On your phone go to Partitions Menu and mount /system, then mount USB storage
3. Go to command prompt on your PC change your drive to phone/SD card drive (whatever that is, F:\ in my case)
4. adb remount
5. unmount /system
6. mount /data, mount USB storage
7. adb pull /data/data/com.android.providers.settings/databases/settings.db C:\settings.db
where C:\ is the main PC drive
8. change to C:\
9. echo update secure set value = 1 where name = 'install_non_market_apps';|sqlite3 settings.db
10. change to F:\
11. adb push C:\settings.db /data/data/com.android.providers.settings/databases/settings.db
12. Unmount everything, reboot and sideloading should work
sorting and backup
To see which files take the most space, use du with sort:
Code:
du * | sort -n
If concerned about deleting an important app, try moving it to the sd card instead. First mount the sdcard with the recovery menu, then:
Code:
mkdir -p /sdcard/backup/system/app
mv /system/app/something.apk /sdcard/backup/system/app
Thanks for the guide!
Great I'll try this tonight. Thanks
Sent from my HTC Aria using XDA App
I'm getting errors when attempting to remove the ATT_Navigator and ATT_Maps.
/system/app # rm ATT_Navigator.apk
rm ATT_Navigator.apk
rm: can't remove 'ATT_Navigator.apk': Directory not empty
Same error for both. Any suggestions?
I'm running Liberated 2.1 and ClockworkMod 2.5.0.1.
asiancuta said:
what apps are SAFE to remove without effecting HTC Sense or Aria? we need to make a list of files/apps safe to remove. i heard one user saying removing HTC stocks caused error issues when it tried to sync.
Click to expand...
Click to collapse
Yeah, I think it'll be nice to have a master list so future people won't have to mess with backups.
some I'm curious about is Mobi TV, Mobile banking, Mobile Video, Peep, and mostly if it'll be okay to remove the htc twitter widget.
the only program i ran into any issues with removing was the defalut mms app. i decided to see what would happen if i got rid of that app and replaced it with handcent or chompsms. those programs could still send messages, but i couldn't receive any.
the easiest way to compile a list like that is browse the forums for any preexisting knowledge, then just start testing things for yourself. make a nandroid backup of your rom as it sits, start removing programs, boot normally and see what happens! if theres no errors after you've removed the desired apk, make a new backup, reboot into recovery and keep going at it.
Did something to my captivate, when it starts and gets to the desktop, it stops force closing the launch and android accore something. I have no way of getting to anything, settings or otherwise.
I'm able to get it into recovery mode, but if i run reinstall packages it says it can't open /sdcard/update.zip.
I can connect to adb and see the device, but i can't seem to push the update.zip to it. I also have a $ i thought it should be a #.
Any ideas on how to proceed, no way to get into anything on the phone, and adb is acting odd. It shows:
List of devices attached
I89789fda6da recovery
If an aftermarket launcher is your problem, use adb uninstall to get rid of it or any other apk that is causing problems.
its the actual launcher thats erroring out - I can't even figure out how to get adb to let me browse the files on the phone. I have the update file that will resolve the issue, but no way to get it to the internal sdcard
JacenSolo2001 said:
its the actual launcher thats erroring out - I can't even figure out how to get adb to let me browse the files on the phone. I have the update file that will resolve the issue, but no way to get it to the internal sdcard
Click to expand...
Click to collapse
in order to push files I think you need root. if you've rooted your phone, use the su command to get the # prompt, which is super user status.
ok, here's where I'm at:
Android system recovery screen, with the 4 options, reboot, reinstall packages (which can't find the zip file), and the 2 deletes. This is the only place i can use adb at from here:
I do an adb devices and get
List of devices attached
I89789fda6da recovery
So at this point, is there a way anyone knows of to get the zip file to the internal sdcard?
oh and btw: the phone is rooted
Do you have busybox on the phone? If you do, do this:
Code:
adb shell
cd /sdcard/
busybox wget <url to update.zip>
i don't think busybox is on there any longer, it just says busybox: not found
dewt said:
Do you have busybox on the phone? If you do, do this:
Code:
adb shell
cd /sdcard/
busybox wget <url to update.zip>
Click to expand...
Click to collapse
I don't get it: what wget will get? Are you saying I need a web-server on my windows laptop?
Please be more specific: update.zip sits on my D:\tmp. How wget will see it?
Example please
JacenSolo2001 said:
Did something to my captivate, when it starts and gets to the desktop, it stops force closing the launch and android accore something. I have no way of getting to anything, settings or otherwise.
I'm able to get it into recovery mode, but if i run reinstall packages it says it can't open /sdcard/update.zip.
I can connect to adb and see the device, but i can't seem to push the update.zip to it. I also have a $ i thought it should be a #.
Any ideas on how to proceed, no way to get into anything on the phone, and adb is acting odd. It shows:
List of devices attached
I89789fda6da recovery
Click to expand...
Click to collapse
If you can get into recovery mode, have you tried a master clear? If you can't copy files via ADB and you can't use any apps on your phone, then that is your only choice. Or an Odin one click restore to stock.
alphadog00 said:
If you can get into recovery mode, have you tried a master clear? If you can't copy files via ADB and you can't use any apps on your phone, then that is your only choice. Or an Odin one click restore to stock.
Click to expand...
Click to collapse
Exactly what I was thinking. It doesn't make sense to be trying so hard to fix that when a simple one click Odin will remedy the problem.
Sent from my Captivate
Hi there, I'm trying to pull root directories like /system and /data without any luck. My purpose it to have them on my PC as a backup, and be able to browse them to pull out apps and pieces of data as necessary if it ever becomes necessary.
Device: Nexus 6P (North American version)
ROM: Stock 6.0.1 Rooted, using Wugfresh Nexus Root Toolkit and SuperSU
PC OS: Windows 7 PC (64 bit)
Adb is working properly and I can easily pull non-root directories like "/sdcard" and so on. I'd like to be able to backup the entire root directory ("/") or at least the child directories (like "/system" and "/data", etc.) Unfortunately, when I try
Code:
adb pull -p "/system" "C:\somewhere"
it skips a bunch of files, so I need to come up with a better method.
I've tried
Code:
adb root
and it tells me it's already running in root mode.
I try
Code:
adb remount
and it does this properly, but doesn't change the effects of all the commands I've tried.
When I run
Code:
adb shell
it enters shell and gives me # by default, so seemingly it is giving me su permission by default?
*** Oddly, when I enter "su" while in shell, it tells me "/sbin/sh: su: not found" which seems odd to me. I think it's possibly that SuperSU is installed as systemless root, or there's something else screwy here, so I guess I'm not sure how to proceed. Still, if that were case, why would adb already be running as root, and why would shell automatically give me the #?
Any help is appreciated!!
Thanks!