Netalpha Virus - Security Discussion

Hi, Everybody!
Please help me guy. I'm very very tired with it (title). This virys auto Download and Installing Application. I can't uninstall it. I use all app like root explorer, x-explore, system remove, etc. (Don't found apk file of netalpha in Root Explorer (system/app and system/priv-app).
Plz help me! My device is Lenovo IdeaTab S-A3000 (I forgot)
Have a nice day!

Hi, you resolve like this:
Go to Settings>>apps>>manage-apps
Search the netalpha icon an select
After select click >>Deactivate<< button
Afte deactivated, try search so patiently the related apk (you appear to be rooted), and delete the apk.
Some apps comes masked with false title for prevent be deleted...
:thumbup:

for me , Disabling or unistanlling was not possible..along with apps created byit(like KMplayer)...i couldn't even delete it in TWRP from system/priv-app and other places...the only things that worked for me(not delete it but somehow disable it) was to :
1-first root phone (iroot/kingoroot/geniusroot & etc....)
2-download 3 apps: " Stubborn Trojan Killer" & es task manager(or sth similar to disable start-up apps) & Avast security mobile which is free.
3-then disable internet activity(no wifi/Data) & install all 3 apps
4- scan with " Stubborn Trojan Killer" (grant/allow root if asked)& try to delete(hopefully delete but it will be created again)
5-in settings of "avast" check scan SDcard too,so when scaning with avastscanning will include internal folders too...it would probably find sth,resolve/fix it
6-use es task manager (grant/allow root)to go to start-up apps and disable all that looks supicious/ have the same time created as netalpha(for me was kmplayer.demo,google services,phone services,and 5-6 other apps)
and for now,your phone is without this virus being operated and disturbing you.unfortunately there is no way to delete the files from system and ..., so for those who doesn't want to format(flash completely) the phone(reset/factory isn't going to help at all for me and many other users), for this is the only way(the only apps that recognize some trojan activity are those 2 for now, which i had sent the files for further investigation by avast team)..hopefully there is a way to cure it otherwise it's just like Stagnet : made to kill you!!!

Dethfull said:
Hi, you resolve like this:
Go to Settings>>apps>>manage-apps
Search the netalpha icon an select
After select click >>Deactivate<< button
Afte deactivated, try search so patiently the related apk (you appear to be rooted), and delete the apk.
Some apps comes masked with false title for prevent be deleted...
:thumbup:
Click to expand...
Click to collapse
Sent from my Andromax-c using XDA Free mobile app

So, there is no way to DELETE netalpha ? ):-
Do android viruses (like netalpha or Key Chain) infect other Apps ? (Like computer viruses)

amirbahalegharn said:
for me , Disabling or unistanlling was not possible..along with apps created byit(like KMplayer)...i couldn't even delete it in TWRP from system/priv-app and other places...the only things that worked for me(not delete it but somehow disable it) was to :
1-first root phone (iroot/kingoroot/geniusroot & etc....)
2-download 3 apps: " Stubborn Trojan Killer" & es task manager(or sth similar to disable start-up apps) & Avast security mobile which is free.
3-then disable internet activity(no wifi/Data) & install all 3 apps
4- scan with " Stubborn Trojan Killer" (grant/allow root if asked)& try to delete(hopefully delete but it will be created again)
5-in settings of "avast" check scan SDcard too,so when scaning with avastscanning will include internal folders too...it would probably find sth,resolve/fix it
6-use es task manager (grant/allow root)to go to start-up apps and disable all that looks supicious/ have the same time created as netalpha(for me was kmplayer.demo,google services,phone services,and 5-6 other apps)
and for now,your phone is without this virus being operated and disturbing you.unfortunately there is no way to delete the files from system and ..., so for those who doesn't want to format(flash completely) the phone(reset/factory isn't going to help at all for me and many other users), for this is the only way(the only apps that recognize some trojan activity are those 2 for now, which i had sent the files for further investigation by avast team)..hopefully there is a way to cure it otherwise it's just like Stagnet : made to kill you!!!
Click to expand...
Click to collapse
I did it in another way.
1- My device was rooted.
2- I did a "factory reset".
3- Then scan with" Stubborn Trojan Killer" and delete founded Trojans (netalpha and KeyChain).
4- Then reboot the device and Trojans were gone!
They completely deleted.
It seems that "factory reset" will break something on them and then can delete completely.

Fix
amirbahalegharn said:
for me , Disabling or unistanlling was not possible..along with apps created byit(like KMplayer)...i couldn't even delete it in TWRP from system/priv-app and other places...the only things that worked for me(not delete it but somehow disable it) was to :
1-first root phone (iroot/kingoroot/geniusroot & etc....)
2-download 3 apps: " Stubborn Trojan Killer" & es task manager(or sth similar to disable start-up apps) & Avast security mobile which is free.
3-then disable internet activity(no wifi/Data) & install all 3 apps
4- scan with " Stubborn Trojan Killer" (grant/allow root if asked)& try to delete(hopefully delete but it will be created again)
5-in settings of "avast" check scan SDcard too,so when scaning with avastscanning will include internal folders too...it would probably find sth,resolve/fix it
6-use es task manager (grant/allow root)to go to start-up apps and disable all that looks supicious/ have the same time created as netalpha(for me was kmplayer.demo,google services,phone services,and 5-6 other apps)
and for now,your phone is without this virus being operated and disturbing you.unfortunately there is no way to delete the files from system and ..., so for those who doesn't want to format(flash completely) the phone(reset/factory isn't going to help at all for me and many other users), for this is the only way(the only apps that recognize some trojan activity are those 2 for now, which i had sent the files for further investigation by avast team)..hopefully there is a way to cure it otherwise it's just like Stagnet : made to kill you!!!
Click to expand...
Click to collapse
Thank's sir

Related

[APP][4.0+] APK Safe

APK Safe is an app that saves the APK of apps on your device when they are updated.
Later, you can install one of the saved APK to upgrade/downgrade your app.
How to use it:
Long press an app in the list. The app is selected and you can add more apps in the selection. Press the add button in the action bar, APK safe will saves the APK of the selected apps and each time you update (manually or from a store) one of these apps, the new APK is saved as well.
To change the version of an app (there is a green mark at the left of the card), press it. A popup will list the backup APKs of that app and you can select one of them to replace the currently installed one. If you downgrade and app on android 4.2 and later, the app will uninstall it first.
The app doesn't requires root but if your device is rooted and you activate "Install as root" in the settings, you'll get more features:
Silent install: upgrading/downgrading an app will show a progress bar while installing the app. You don't have to confirm the replacement, validate permissions, ...
On android 4.2 and later, you can downgrade without loosing data (without root, downgrading requires to uninstall first meaning loosing data)
Features:
Automatically save the the APK when an app is installed.
Can uninstall selected app, show informations or open the app on the market (support google play, amazon and samsung)
You can choose the backup folder for the APKs in the settings. If you want to save your APKs on a microSD on android 4.4, you MUST choose the folder /mnt/extSdCard/Android/data/net.cyl.apksafe/files/backup, where /mnt/extSdCard/ is the root of your sd card (the name maybe different on your system).
Downloads: https://cyberneticlifeform.wixsite.com/cylonu87/legacy
Feedback, comments and bug reports are welcomed.
Good app mate. I'm going to test it.

[Resolved] [Help Needed! !] Android is upgrading..Starting apps...finishing boot.on every reboot

FIx for this( Android upgrading...Starting apps... finishing boot.)error has been found, it is mainly due to odex files which are created by lucky patcher, so deleting these files using lucky patcher itself will surely remove this error with 50 percent success rate.These are the real culprit which cause automatic wiping of dalvik cache on every reboot.
Here's the fix; open lucky patcher, there in lower left section you can see Toolbox, click Toolbox button then select 4th last option i.e Remove all odex files. Thats it android will reboot on itself and vola no android is upgrading. . Even if u didn't install apps like LP just try to remove faulty odex files(for location refer to attachment).
Check out attachement for any help.
:good:Hits Thanks If I helped u:good:

need help : malware in system

hi everyone !
so i'm having dificult now , my system has got infected with some malware , it keep install apps when conect to internet
u'm using malwarebyte to scan and it say that i got trojan on search.apk , setting and update software
i try to hard reset my phone but not work , ai know that root can delet system but i can't delete it becouse it in setting how can i delet setting?
ist there is a way beside flashing to fix this ?
also my phone is lolipop 5.1 and unroot
Rootkit on an android? Now that's rare. If you tried every conventional method, I doubt anything is going to work. You can try disconnecting from the internet, check your running processes and services, kill them if found, scan with Malwarebytes and attempt to locate problematic files manually using explorer. There have to be some specific apps that are being installed, can you name them?
And full factory reset did not help you?
Josh Ross said:
Rootkit on an android? Now that's rare. If you tried every conventional method, I doubt anything is going to work. You can try disconnecting from the internet, check your running processes and services, kill them if found, scan with Malwarebytes and attempt to locate problematic files manually using explorer. There have to be some specific apps that are being installed, can you name them?
And full factory reset did not help you?
Click to expand...
Click to collapse
full factory reset doesn't work
idk what is rootkit , but yeah im already disconect my internet , i'm already scan and this is what i found ,
imagebam. com/image/a5668f584241333
imagebam. com/image/80f2c2584241513
imagebam. com/image/77efcb584241423
(i can't post link)
i mean this malware infected setting so it change system (like permission to install from outside play store) also my setting icon changed too
here is list apps being installed : uc browser , ucnews , some cleaner , some launcher and lock screen

Tutorial - how to remove bloat-ware and unwanted apps from your mate 9 WITHOUT ROOT

very interesting to know is a way to remove any bloat-ware or any unwanted app from your phone without root privilege.
This tutorial should work on other phones too.
here is my tutorial:
1.) you need linux or windows system on your pc with installed (mini) adb for it!!
2.) you need to have the "developer" menu enabled on your phone
( the way to get this is described many times- please search for it if unknown! )
3.) connect your phone to pc and open a command line interface
4.) enter following command without quotes : adb devices
If everything goes alright, you should see a response like this:
List of devices attached
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
AHK02574823233 unauthorized
5.) enter following command without quotes : adb shell
the prompt should change to:
HWMHA:/
6.) now you can enter the command to delete the unused software packages:
pm uninstall -k --user 0 <package name>
Examples:
pm uninstall -k --user 0 com.google.android.apps.photos removes Photo app
pm uninstall -k --user 0 com.huawei.hidisk removes Huawei file manager
pm uninstall -k --user 0 com.huawei.android.totemweather removes Huawei weather widget and service
pm uninstall -k --user 0 com.huawei.android.totemweatherwidget removes Huawei weather widget and service
pm uninstall -k --user 0 com.huawei.android.totemweatherapp removes Huawei weather widget and service
Tip: you can find the package name of all apps you want to delete with this app:
https://play.google.com/store/apps/details?id=com.majeur.applicationsinfo
BE CAREFULL!!! All you will do, is done at your own risk!!!!
the selected apps are only removed (for user 0 only - not from your phone!) until the next factory reset!!!
so if something goes wrong, you have to factory reset your phone to get back all deleted apps! (see Edit!!!)
After a factory reset, all deleted apps are back again!
As i know, OTA updates are possible after deleting some apps because the BB is not open and the recovery was not changed!
(personally checked!)
btw: i have tested this tutorial by myself and it works without problems! (smartkey and fb are no longer available now.:laugh
Edit:
How to rebuild removed system apps:
if you have removed a app, you can do the following steps to get back without a factory reset!
1.) install "SDMaid" app
2.) go to sdmaid app -> "app control" and list all apps which are installed on your phone
3.) go to sdmaid menu (right upper corner) and select "system" to list only to the system installed apps
4.) you will see, that all "deleted apps" are present as before but without there icons!
remember, you had removed it only for user 0!!!
5.) select the app, you want to restore and press sdmaid "app export" for it!
the app should no be exported to internal sd7download folder.
6.) you can no go to the download folder and reinstall the app back to user 0 accessibility!
Hope you will understand my bad translation! If yes, you should know now the way to rebuild removed system apps!
Now, we only need a list of apps that can be safely remove
saironjay said:
Now, we only need a list of apps that can be safely remove
Click to expand...
Click to collapse
if you don’t know which apps are not needed , this thread is not for you!
i have removed on my phone:
Swiftkey; SwiftKeyFactorySettings; Chrome; Easteregg; Duo; Music; Photos; Exchange; Tag; Google Books; Google Drive; Huawei Drive;
Totem Weather app; Live Wallpaper Pickers; Youtube; FB; FB Installer; Partner Bockmark Provider; Google Contact and Calender sync;
Watch Sync; and some others.
But this decision depends to my personal requirement!!!!
BTW:,
If this tutorial was helpful to you, feel free to press the thanks button for it!
i have seen, that all apps are still invisible resident in system after "deleting" them. I saw it in SDMAID app.
All deleted apps are listed without a icon. After taping "info" for this apps, i get a information screen, that this apps are not installed for user 0. So everything seems to be alright!
Awesome, thanks!
Saw this a while back for P10: https://forum.xda-developers.com/p10/how-to/guide-remove-apps-bloat-adb-root-t3625227
A debloat safe list? Maybe this: https://forum.xda-developers.com/honor-6x/how-to/guide-list-bloat-software-emui-safe-to-t3700814
Anyone know how to get rid of the flashlight app found in the drawer? I've never had a flashlight app icon and want it gone
Rep7ile said:
Anyone know how to get rid of the flashlight app found in the drawer? I've never had a flashlight app icon and want it gone
Click to expand...
Click to collapse
if you remove this app, you will have a unusable Torch icon gadget on your lock screen for it!
BTW: as i know, on our Mate 9 the torch functionality is a part of the system ui (com.android.systemui).
If you remove the system ui, you properly should get more problems as you like to get.
And this app isn’t removable from system! It is only removable from your access.
I suggest to stay with it.
How to rebuild removed system apps:
if you have removed a app, you can do the following steps to get back without a factory reset!
1.) install "SDMaid" app
2.) go to sdmaid app -> "app control" and list all apps which are installed on your phone
3.) go to sdmaid menu (right upper corner) and select "system" to list only to the system installed apps
4.) you will see, that all "deleted apps" are present as before but without there icons!
remember, you had removed it only for user 0!!!
5.) select the app, you want to restore and press sdmaid "app export" for it!
the app should no be exported to internal sd7download folder.
6.) you can no go to the download folder and reinstall the app back to user 0 accessibility!
Hope you will understand my bad translation! If yes, you should know now the way to rebuild removed system apps!
Icetea said:
How to rebuild removed system apps:
if you have removed a app, you can do the following steps to get back without a factory reset!
1.) install "SDMaid" app
2.) go to sdmaid app -> "app control" and list all apps which are installed on your phone
3.) go to sdmaid menu (right upper corner) and select "system" to list only to the system installed apps
4.) you will see, that all "deleted apps" are present as before but without there icons!
remember, you had removed it only for user 0!!!
5.) select the app, you want to restore and press sdmaid "app export" for it!
the app should no be exported to internal sd7download folder.
6.) you can no go to the download folder and reinstall the app back to user 0 accessibility!
Hope you will understand my bad translation! If yes, you should know now the way to rebuild removed system apps!
Click to expand...
Click to collapse
I find that I cannot install the APK after exporting from SDMaid. Any other settings that we need to do? Please help...
Great, thanks. it worked fine for my P20 pro too.
gbjack said:
I find that I cannot install the APK after exporting from SDMaid. Any other settings that we need to do? Please help...
Click to expand...
Click to collapse
Have you enabled the setting to install apps from unknown sources?
DM.IDOL said:
Have you enabled the setting to install apps from unknown sources?
Click to expand...
Click to collapse
I ran into the same issue with my Mate 10 Pro. Unknown sources is on, but it keeps saying app not installed. I tried it again on my Honor 8 just to check and it's the same thing. However, it also tells me the package appears to be corrupt. This is for the com.android.providers.calendar system app. My guess is the app is already installed but hidden from us (user 0). I'll report back if I find a fix.
Icetea said:
very interesting to know is a way to remove any bloat-ware or any unwanted app from your phone without root privilege.....
.......
Hope you will understand my bad translation! If yes, you should know now the way to rebuild removed system apps!
Click to expand...
Click to collapse
Thank you so much for this.tutorial! I could use it on my Mate 20 X! ?

Question Install apk from local storage

Hey guy's, I hope somebody can help me out here. I can't find any explanation on internet. I want to install an apk from the local storage on my Rog phone 5 ( android 12,un rooted) .
In the old days it was pretty simple, just a slide to activate the "allow unknown sources", click on the apk file and it would install. Now on the rog phone 5 in the apps&notifications, special app-acces, install unknown apps it only shows a few apps that I can give permissions to install from unknown sources. Like Chrome, file manager, gmail, brave browser etc. ( see picture). So I give the file manager or brave the permission,restart the phone, go to the apk in the file manager but it won't install.
It will just show the contents of the apk. If I select the apk I can remove it, rename it, compress it, anything but install it.
I can choose open with brave but still nothing happens. I tried downloading an app in the playstore to install apk files but it won't even list the apk file. I have no clue why they made something that used to be so easy so complicated. So I hope somebody can enlighten me how to install an apk on this phone. Thanks in advance!
Have you enabled install unknown apps in developers options ? Special app access allows you to allow/not allow individual apps to install unknown apk files. I think you have to enable it in developer options for the native installer first. I may be wrong but it's worth checking.
I'll go check if the option is there and let you know. Tnx man.
The only thing I found was " force app allowance on external drive" and but it changed nothing.
Piriroekoe said:
The only thing I found was " force app allowance on external drive" and but it changed nothing.
Click to expand...
Click to collapse
you could try
Code:
adb shell settings put secure install_non_market_apps 1
adb shell settings put secure unknown_sources_default_reversed 1
that would be from terminal on pc or you could install settings database editor from play store and grant it permissions via adb and you will have gui to change system settings
Could you please walk me through how to do this? Tnx.
Piriroekoe said:
Could you please walk me through how to do this? Tnx.
Click to expand...
Click to collapse
Ok, first I guess I need to ask some questions. Have you tried a different file manager, installed thru play store ? How many .apk files have you tried to install ? If it is just the one app that you have in storage it may be corrupt. Have you tried a fresh copy of it ? Is it an old app and is it compatible with your Android version ?
I don't know what I was thinking, that isn't in developer options anyway, it's in security. It would seem odd for them to remove the ability to install personal apk.

Categories

Resources