I have oplus Xonphone 5 (Android 4.4.2). My phone is having virus/malware which have accessed root permission and made itself a system apps and now they are automatically turning wifi on/off and downloading tons of other apps (e.g. Hot cam, UC news, Ram booster etc.). Whenever i open running apps there are System.bin and systemMultimedi are running and consuming battery. sometimes they close all other apps and download malware. I have tries following thing which didn't solve my problem:
1. Soft and Hard resetting of phone.
2. Rooted my phone and using root browser tried to delete/Uninstall these files(viruses).
3. Tried uninstall all newly installed system apps by using Kingroot but they again showed up.
3. Cleared the cache partition and then hard reseted phone.
4. tried to flash the ROM but failed.
Please help me recover my phone . Thank you in advance.
Paresh42 said:
I have oplus Xonphone 5 (Android 4.4.2). My phone is having virus/malware which have accessed root permission and made itself a system apps and now they are automatically turning wifi on/off and downloading tons of other apps (e.g. Hot cam, UC news, Ram booster etc.). Whenever i open running apps there are System.bin and systemMultimedi are running and consuming battery. sometimes they close all other apps and download malware. I have tries following thing which didn't solve my problem:
1. Soft and Hard resetting of phone.
2. Rooted my phone and using root browser tried to delete/Uninstall these files(viruses).
3. Tried uninstall all newly installed system apps by using Kingroot but they again showed up.
3. Cleared the cache partition and then hard reseted phone.
4. tried to flash the ROM but failed.v
Please help me recover my phone . Thank you in advance.
Click to expand...
Click to collapse
This is really a big problem and if not solved soon you will be in great trouble
I suggest you to first uninstall root and then flash the stock rom again
This is the last option I have
I dont think you can do anything beyond that
Regards milkyway3
---------- Post added at 07:04 AM ---------- Previous post was at 06:59 AM ----------
I will also suggest few senior members whom I know to solve your problem as soon as possible
This could even be a police case if the malware tries to do something beyond this
If you think something more suspicious than just downloading appps and toggling settings
Then I would highly recommend you to switch off your device and keep it aside until you find a solution at xda
Regards milkyway3
Related
Hello,
I have the problem, that apps like Adblock Plus or Avast Mobile Security do not start automatically after booting the device.
Does anybody know the reason or what to do?
Thank you in advance.
Horst
Horst0113 said:
Hello,
I have the problem, that apps like Adblock Plus or Avast Mobile Security do not start automatically after booting the device.
Does anybody know the reason or what to do?
Thank you in advance.
Horst
Click to expand...
Click to collapse
Go into settings then Startup Manager and enable the apps you want to allow at startup. Then go to permissions manager and select the apps you want to trust.
Hi Horst
where did you buy your GEM-701L?
Thanks. Ralph
ralphrmartin said:
where did you buy your GEM-701L?
Click to expand...
Click to collapse
I bought it from Innova in Germany.
Horst
ajsmsg78 said:
Go into settings then Startup Manager and enable the apps you want to allow at startup. Then go to permissions manager and select the apps you want to trust.
Click to expand...
Click to collapse
Sorry, I don't have the Startup Manager.
Look in GooglePlay for "PM Plus" from Huawei - it's the Permission- and Startup Manager you need.
I have no idea why it isn't as default on the X2
Hi everybody !!
Got my X2 701 today.
After bootloader unlock/recovery&root everything works like a charm,but one thing doesnt...and this is THE KILLER for me.. NO APPS ARE AUTOSTARTING AFTER a reboot.
I have also installed PM plus as I read here ,but no matter what I try.. no apps are autostarting
justin22 said:
Hi everybody !!
Got my X2 701 today.
After bootloader unlock/recovery&root everything works like a charm,but one thing doesnt...and this is THE KILLER for me.. NO APPS ARE AUTOSTARTING AFTER a reboot.
I have also installed PM plus as I read here ,but no matter what I try.. no apps are autostarting
Click to expand...
Click to collapse
Flash it to a 703L B111. B111 fixed a lot of issues and I mean a LOT.
can I flash the 701 to a 703 without troubles/drawbacks ???
justin22 said:
can I flash the 701 to a 703 without troubles/drawbacks ???
Click to expand...
Click to collapse
If you follow the guide you will be able to upgrade with no problems.
I spend the morning reading all there is about 701 to 703.. and its dangerous,and not 100% documented,so I dont dare to do that.
I restored the stock recovery on my 701,I removed su,I wiped the whole thing a few times,and no matter what I do... NO APPS ARE STARTING AFTER A REBOOT...
everything works like a charm,no fc,no errors at ALL,just... when I reboot/turn the thing on.. its loading googleplay/services/gmail/... whatever it came with,but NO 3rd party apps from the store are loading on boot.
I enabled ALL apps in the startup/permission manager... but still they wont load.
WHAT ELSE is there to check/click/switch/do ??(
---------- Post added at 10:25 AM ---------- Previous post was at 09:47 AM ----------
I restored my X2 today ,so no SU/TWRP/... did a full wipe with stock recovery,still the same... I suspect,this isnt a bug... but more a feature.
No matter what I try.. NO APPS are autostarting...
(just the whole system crap like playstore/gmail/google services/bla blabla)
Cant be that Im the ONLY one with this (unsolvable ???) problem ?????
well.. turns out.. nothing is unsolveable.. besides curing human stupidity.. and NO.. Im not talking about myself
If you want an app to be 100% sure its loading when you turn on your phone or reboot it => you have to convert the app with Titanium Backup to a SYSTEM APP.
(so basically TiB just moves the .apk into system/app).
Be sure to reboot afterwards,as otherwise the app is gone from your launcher.
I tested this with 3 apps (afWALL+/allinONEgestures/wifiONoff) and all three NEVER started after a cold/warm/lukeWarm(re)BOOT,and after converting them with TiB,all 3 start now everytime.
so maybe I was/am the only one who was annoyed by this BOOTloadingBUG,but with this workaround its solved for me !
justin22 said:
well.. turns out.. nothing is unsolveable.. besides curing human stupidity.. and NO.. Im not talking about myself
If you want an app to be 100% sure its loading when you turn on your phone or reboot it => you have to convert the app with Titanium Backup to a SYSTEM APP.
(so basically TiB just moves the .apk into system/app).
Be sure to reboot afterwards,as otherwise the app is gone from your launcher.
I tested this with 3 apps (afWALL+/allinONEgestures/wifiONoff) and all three NEVER started after a cold/warm/lukeWarm(re)BOOT,and after converting them with TiB,all 3 start now everytime.
so maybe I was/am the only one who was annoyed by this BOOTloadingBUG,but with this workaround its solved for me !
Click to expand...
Click to collapse
That explain a lot of the trouble I experienced with my X2 device.
And, yes, I agree with you about human stupidity (growing more and more around us).
Thanks for your explanation of this BUG !.
My sony xperia c 2305 is somehow affected by virus /malware , whenever I connect it to internet it starts to download porn apps which I cant remove it , I tried to format phone via recovery but when phone restarts it gives error Cps stopped and as soon as conect to wifi/data it starts downloading those apps even without entering google account details .my phone has become buggy ,Can't open camera ,all errors ,its messed.
So How can I format everything and install new rom ?
I am not aware how to install roms etc on sony phones , so can someone guide me ?
Just conect your phone to pc and repair with pccompanion.
I think its called monkey virus, try use system apps remover, but you need to root your phone first , and go to system/apps, delete MONKEY TEST and TIME SERVICE
Von_30 said:
I think its called monkey virus, try use system apps remover, but you need to root your phone first , and go to system/apps, delete MONKEY TEST and TIME SERVICE
Click to expand...
Click to collapse
It keeps installing sex apps, as well as other apps like some file Explorer etc. And keep getting cpf error.
Sent from my SM-N920G using XDA-Developers mobile app
Rooted phone and installed system app remover, after selecting apps to uninstall/remove, app freezes. Tried many times but same, I keep getting different errors. Now I am downloading flash file(official rom) and flash tool - WMshua, hope flashing will work. If anyone has any tips regarding flashing please post.
Sent from my SM-N920G using XDA-Developers mobile app
Flashed stock fw from flash tool, everything is good.
Sent from my SM-N920G using XDA-Developers mobile app
Phone leagoo m5, fw latest official based on freemeos. Reflashed latest rom, installed only apps which i used long time without any ads and still grtting annoying full screen ad which can't be closed 10seconds. Phone rooted, but none app aaked/granted root permissions. My only though that it's caused by os itself. There are 2 weird apps: "settings"(can be deleted, but restores after some time. Not weird settinga app(definetely part of os}) shows translated name "nustatymai") other is "app store" can't even delete. Eg. In screenshot imgur dot com/a/btCfz ad appears from time to time even if none apps is opened
gymka said:
Phone leagoo m5, fw latest official based on freemeos. Reflashed latest rom, installed only apps which i used long time without any ads and still grtting annoying full screen ad which can't be closed 10seconds. Phone rooted, but none app aaked/granted root permissions. My only though that it's caused by os itself. There are 2 weird apps: "settings"(can be deleted, but restores after some time. Not weird settinga app(definetely part of os}) shows translated name "nustatymai") other is "app store" can't even delete. Eg. In screenshot imgur dot com/a/btCfz ad appears from time to time even if none apps is opened
Click to expand...
Click to collapse
You probably used Kingroot or Kingoroot to root your device and it installed malware/adware apps your system partition. Flashing stock firmware probably doesn't wipe system during flashing instead of removing those apps and factory resetting won't work because the apps are in system and factory reset doesn't touch system, it only wipes the user partition.
If none of your apps are requesting root permission then I'd say you lost root and need to root the device again.
Try MalwareBytes app to remove those apps. If that doesn't work you need to get the device properly rooted and then look in your system/app or system/priv-app folder and delete those apps.
I DO NOT PROVIDE HELP IN PM, KEEP IT IN THE THREADS WHERE EVERYONE CAN SHARE
From twrp, wipe system and flash some rom
Sent from this galaxy
pr1jker said:
From twrp, wipe system and flash some rom
Sent from this galaxy
Click to expand...
Click to collapse
That can work...........
But.......
Assuming there are ROMs available and assuming they want to use a ROM. But what if they don't want TWRP or a custom ROM? What if they want to stay with what they have?
I DO NOT PROVIDE HELP IN PM, KEEP IT IN THE THREADS WHERE EVERYONE CAN SHARE
Looks like adware installed by root app. "Supersu" caused problems. Kaspersky/malwarebytes and few other random AV didn't found any issues, then i searched with "dr. Web" it found 4 threats i deleted them(with twrp, dr web not offered option to delete) and no more issues. Thanks for pointing to right direction.
gymka said:
Looks like adware installed by root app. "Supersu" caused problems. Kaspersky/malwarebytes and few other random AV didn't found any issues, then i searched with "dr. Web" it found 4 threats i deleted them(with twrp, dr web not offered option to delete) and no more issues. Thanks for pointing to right direction.
Click to expand...
Click to collapse
Just remember, this is typical behaviour when using Chinese rooting apps and other Chinese softwares, pretty much all of them come with unwanted extras that hide themselves in your system. China is the hacker think tank of the world, they design software to invade devices and steal personal information.
I DO NOT PROVIDE HELP IN PM, KEEP IT IN THE THREADS WHERE EVERYONE CAN SHARE
wiped everything with all possible tools which twrp offers(even sdcard), then installed rom and twrp with sp flash tool(all tools took from xda or xda forum links) and adware still exist. searched google and it's not only mine problem a lot of people complains about same "triada" from stock firmware. found workaround and it fixed problem, but still need normal fix.
only few people complains about it... noone from xda don't use last firmware on leagoo m5?
i still not rooted phone, but adware already recreates it after each reboot antimalware apps only detects created bad app and deletes it, but none app can remove virus itself only it's consequences
workaround: create file /storage/emulated/0/.SDAndroid and chmod to 0600; and file /storage/emulated/0/.jm with same permssions. virus won't create folder with that name so he stops recreating it's files
hi everyone !
so i'm having dificult now , my system has got infected with some malware , it keep install apps when conect to internet
u'm using malwarebyte to scan and it say that i got trojan on search.apk , setting and update software
i try to hard reset my phone but not work , ai know that root can delet system but i can't delete it becouse it in setting how can i delet setting?
ist there is a way beside flashing to fix this ?
also my phone is lolipop 5.1 and unroot
Rootkit on an android? Now that's rare. If you tried every conventional method, I doubt anything is going to work. You can try disconnecting from the internet, check your running processes and services, kill them if found, scan with Malwarebytes and attempt to locate problematic files manually using explorer. There have to be some specific apps that are being installed, can you name them?
And full factory reset did not help you?
Josh Ross said:
Rootkit on an android? Now that's rare. If you tried every conventional method, I doubt anything is going to work. You can try disconnecting from the internet, check your running processes and services, kill them if found, scan with Malwarebytes and attempt to locate problematic files manually using explorer. There have to be some specific apps that are being installed, can you name them?
And full factory reset did not help you?
Click to expand...
Click to collapse
full factory reset doesn't work
idk what is rootkit , but yeah im already disconect my internet , i'm already scan and this is what i found ,
imagebam. com/image/a5668f584241333
imagebam. com/image/80f2c2584241513
imagebam. com/image/77efcb584241423
(i can't post link)
i mean this malware infected setting so it change system (like permission to install from outside play store) also my setting icon changed too
here is list apps being installed : uc browser , ucnews , some cleaner , some launcher and lock screen
I was installed some s8 random apps (downloaded from appmirror) by the following tricks from this forum.
Quote:
Originally Posted by Vyshakh Babu
I'm done it on my non-rooted S7 edge
These are the steps I done
1. Add a shortcut of the apk to the home screen from the my files app
2.Power off the phone.
3. Cleared the cache partition.
4. Restarted the phone.
5. Quickly installed the Apk by accessing the shortcut from home screen.
(Now it's installed )
6. But the launcher keeps force stopping.
So I cleared touchwiz home's data and cache from app manager.
7. Now it's working fine.
I also installed Bixby app through the same process.
Hope this solution works for all those who face the conflicting signature problem.
Click to expand...
Click to collapse
For some reason i was reset(hard) my phone (by wiping data + cash partition). After successfully reset when device is turned on i found an unexpected error like below:
Device Locked
Device Management has restricted certain features on your device.
Please contact the administrator to re-install Device Management to recover your restriction.
Now I can't access CAMERA(security policy restricted camera), SD-Card not found(showing not inserted), Bluetooth is also disabled. USB-debug is also disabled although DEVELOPER OPTIONS is enabled. Screen-shoot is also disabled. I have flashed my mobile multiple times after that occurrence with proper updated files(AP,BL,CP,CSC,pit). But my problem is still remain. I really don't know what to do. Plz help me out. Thanks in advanced.
N.B: I have also used a fresh gmail account but problem still remain. I have a backup EFS folder but i can't root my phone as usb-debug is disabled. I was tried multiple times to root my phone by CF-Auto root for sm-g930k but it stuck on KT logo and as a result i have flashed it again and again. :crying:
Sorry for my bad english.
Sent from my SM-G930K