Related
I can't get music from force closing when I try to stream to my phone. Tried fresh ROM install, tried nandroid backup that it used to work on. Fixed permissions, cleared data, uninstall reinstall, different kernels, different apk downloads, installed as system app, installed as user app. Tried everything and in different orders.
Any ideas?
Sent from the bowels of hell
Are you blocking ads?
Yes. Never thought of it. Will unblock.
Edit: problem solved. +1000 internets to you
Sent from the bowels of hell
I'm blocking ads, am outside of the US, and still can use the music cloud, it must have been something else...
mkoch820 said:
I'm blocking ads, am outside of the US, and still can use the music cloud, it must have been something else...
Click to expand...
Click to collapse
What are you using to block ads? A specific app or your own host files? I'd say it has to do with which host files you use as they're all gonna have different addresses blocked.
EDIT: Just tried it using AdAway and the default hosts with no problem. Was using a custom host file I'd gotten from somewhere before.
AdFree is what i use, i refreshed my cloud today, syncronized perfectly with the phone
For myself I used the ad blocking feature of ROM toolbox. Not sure why but turning this off did the trick. I haven't played with any other settings.
Sent from the bowels of hell
Hi,
Sometimes an app (.apk) is either simply not available through Google's store, or it might say "not compatible with your device", etc. There can be various reasons why a person might download a .apk from somewhere other than a "trusted" source.
If this was a file for my PC I could test it in a "sandbox", and I could scan it with both Microsoft Security Essentials and Malware Bytes Antimalware.
On my Android phone(s) I'm not aware of something like the "sandbox" option, and I don't really want to run an "antivirus" program on my phone. Is there an easy way to scan .apk files on the PC to see if they are rogue apps, might send SMS, "phone home", or otherwise mess with other applications or the system software installed on my phone?
Lets give another example: say I thought 15 minutes was not long enough to evaluate a relatively expensive Android game (it certainly isn't!) and I want to test it out first. Let's assume my only option in that case might be an illegally downloaded copy from unknown sources. Of course, we shouldn't do that. But if we did, how could we know if the file is safe and not risk installing some Chinese spyware?
About Android AV programs: anybody know how effective they are? Do some defend against "trojans" - I would think these days trojans are 99% of problems and viruses mostly a relic of the past?
My biggest concern is actually just unwanted crap that runs in the background which eats up battery, makes my phone warm (which I hate), or, perhaps even sends SMS message [this would be even worse because I don't have a text message plan].
EDIT: I see web pages with tiles like "new study finds Android antivirus apps not effective" and articles like this one: http://www.zdnet.com/blog/hardware/...bouncer-does-it-offer-enough-protection/17981
Do we have an easy way to boot Galaxy S3 off of "external" SDCARD instead of internal memory?
Search play store for avast antivirus, completely free, updates daily and works really well (firewall. Anti theft. And many more Features
sony xperia ray ics 4.0.4
stock rom unrooted
I found this website, maybe it can help someone.
h t t p://scan.netqin.com/en/
Maybe someone can post another one...
an easy way to check for safe apk
The easiest way to check for safe apk is to have one gmail account and another "whatever" email account. Then just send the apk from the gmail one to the second account, gmail always find viruses in any apk and stop the process to join the file (virus alert). Bad point is you are limited with the size of the file you wanna send.
Nowadays, even pc antiviruses can detect viruses in apks. I would rather not burden my phone with any android antivirus,since they are literally battery hogs.
sent using my HTC One S
Go here and upload the APK
http://anubis.iseclab.org/
Anubis is a service for analyzing malware.
Submit your Windows executable or Android APK and receive an analysis report telling you what it does. Alternatively, submit a suspicious URL and receive a report that shows you all the activities of the Internet Explorer process when visiting this URL.
Andrubis executes Android apps in a sandbox and provides a detailed report on their behavior, including file access, network access, crypto operations, dynamic code loading and information leaks. In addition to the dynamic analysis in the sandbox, Andrubis also performs static analysis, yielding information on e.g. the app's activities, services, required external libraries and actually required permissions.
Found a good one too
apkscan.nviso.be - give it a try. Drag and drop - wait for the upload - than click SCAN . Wait for a few minutes. That`s all. Unlike ANUBIS it has a resolution at the end of the analysis . Usually helpful.
You can also email the file to [email protected] and it will email the report back in about ten minutes. Virustotal can display some interesting info, for example it said that Lucky Patcher is a "Potentially Infected Hosts File (v)", as reported by VIPRE and AVware.
Virustotal also has an official android app.
The Netqin scanner is also an android mobile app.
Late answer, sure, but I think ClamAV is what you want. You also want its bytecode signature file, and to speed things up, you only want that single file (speeds up things quite a bit).
It is the only offline apk scanner i know of, and as for its efficiency i cannot say, but it seems like it is what you are asking for.
An alternative would be to install something like BlueStacks and remap your "Windows shared folder" (through registry) to the folder you have your apk files in, and then run BitDefender on it. BD is by far the most pernickety AV app out there for Android.
I'll have to check out bitdefender (it's also included on virustotal.com)
apkscan.nviso.be seems to be pretty good at analyzing files for suspicious activity, and it also uploads the file to virustotal for you. Then you can copy the sha256 hash into the virustotal's search, to get all the gory details.
anubis.iseclab.org limits files to 8 megabytes.
Another way to avoid malware is:
when installing an update to an already-installed version of an application, it will 99% of the time prompt you to update an existing app. There's been rare instances where some apps do use a new digital signature (for example when spotify had a big security hole, and for awhile there were two apps by spotify in the app store).
One other way to tell, as a final check when launching the apk for installation on the phone: the icon will not have the right icon. I've installed apps before that I thought came from a trusted source, but the icon was not right. In fact, I was considering not posting this publically, so the "bad dudes" would not update their methods.
Another tool I found:
http://andrototal.org/
Although it might be a duplicate of virustotal.
nintendo1889 said:
Another tool I found:
http://andrototal.org/
Although it might be a duplicate of virustotal.
Click to expand...
Click to collapse
I just tried out this site. To me, it appears to be the most thorough virus testing site that I have seen. It takes some time for it to complete the scans. mainly because it scans the file with about 7 or 8 different scanning engines. Just just have to keep refreshing the page every few minutes to see if the results have updated.
I will be using this one as my go to site for apk scanning.
Just install it on the default emulator in the Android SDK
You can also install your apps on other emulator live bluestacks(best for games), jar of beans(best for rooted app) and windroy(the lightest)
Hit thanks if this helps
nintendo1889 said:
I'll have to check out bitdefender ...
Click to expand...
Click to collapse
Your signature photo ... awesome ... Bad Dudes
By using GDATA security , When you want to install an app the GDATA will scan it befor installing
Sent from my LG-D855 using Tapatalk
Use google scanning service VirusTotal to scan any app, secondly always use secure source. There are many well reputed apk sites but I personally use apklink.com , on this site required apk file is just a click away and its quite easy as well...
be safe & secure
This threads out of date, but it has me thinking I want to use something as mentioned in several replies to OP.
Are there any sites, or apps that can warn me if an .apk (for example) has malware etc.?
Thanks in advance for any help, including a link to another discussion that may have my answer
denise1952 said:
This threads out of date, but it has me thinking I want to use something as mentioned in several replies to OP.
Are there any sites, or apps that can warn me if an .apk (for example) has malware etc.?
Thanks in advance for any help, including a link to another discussion that may have my answer
Click to expand...
Click to collapse
Malwarebytes can detect malware.
Sent from my LGL84VL using Tapatalk
I tried this site and I like it because it goes into a lot of detail after analyzing and sends me a report in email. It was mentioned, and it is still available to use: https://apkscan.nviso.be/
Thank you for the heads up on MB, I use that on my PC and works great
You can use virustotal.
This is on a generic a23 q8h tablet, I was also getting popups in the form of fake facebook alerts about some stupid drone company.I deleted 2 apps/plugins/whatever they were and the popups went away but my homepage changes between smartdrone.com, vandroidnews.com and kszz.com.I want to put a boot up someones ass for installing this garbage on these tablets and selling them.
What browser do you use ?
Check the browser settings it may have option to set the desired homepage.
Stock browser, there was also baidu browser installed but i uninstalled with titanium backup.I changed the setting but it gets replaced with one of those three pages.
Tried clearing data of the browser?
I just got a Q88 A33 "generic" tablet and I too get the "default" page and the "home page" in the browser changed to "smartdrone.com". This was/is the behavior on delivery so it is probably part of their installed firmware.
If you have made any progress on how to fix this then please let me know, I will be reading up on Android and how to take a look at the files in the ROM and see if I can find a solution but I am not very familiar with Android so some pointers would be great. For example, would this be the result of some .apk that can simply be removed or is it some shell script or file somewhere in the actual ROM files?
It's because theres a factory installed trojan, yes its baked right into the factory firmware and if you remove it with say an anti-virus program the word DEMO in big red letters will be superimposed on the screen making the tablet useless.I've seen manufacturers offering an apk to 'fix' it but that just re-installs the trojan.Here is a fix that I got from another website and uploaded to my Box account.
Instructions from another forum:
A backup will be made before actual modification are made. To restore the backup, rename SystemUI-backup.apk to SystemUI-A20/A23.apk and restart the corresponding function.
HowTo use:
1. Scan for Device: searches and verifies a connected android device.
2. Scan for Trojan: checks if the trojan responsible for the demo lock is active.
3. If 2. is positive, check the Build.prop to see if you have a A20 or A23 model.
4. A20 FIX or A23 FIX, depending on the results from 3., you choose one of these.
5. The script will reboot the device to recovery mode, manually perform a factory reset.
Definition for Cloudservice / DEMO Trojan:
For clarification let me state that Android by "default" or "origin" is not susceptible to virus' and being built on Linux platform it is "open source" so that is where you get some LAME people and large corporations making these virus' encoded into the devices original configuration [ROM] and NOT NATIVE TO ANDROID.
Perfect example for how we the users can infect our own devices would be the small flashlight apps we all use daily and available for free on Google Play Store... these can factually be classified as "Intrusive Adware" that we install for quick access to our devices camera flash for use as a flashlight and yet we tolerate the pop-ups generated by the app.
Again not NATIVE to Android... this is something we the USERS have put on our devices. Harmless but annoying and same principle.
What is the Cloudservice / DEMO Trojan?
My definition based on learned knowledge as no "official" definition is or most likely will ever be available.
Firstly, in some devices it seems to be in a "sleep" mode until one day it simply "shows up" according to some reports. Our new Tool at TechKnow seeks and destroys the hidden files and configs totally eliminating all traces of the Trojan.
[SPECULATION: it could possibly be incorporated into some downloadable apps in the future. The same basic principle as adware is incorporated into the flashlight apps would suffice. However, it being included in downloadable apps is NOT confirmed and if/when it is the confirmed apps will immediately be reported to their distributor whether Google Play or Amazon App Store etc... by your friends at TechKnow]
It is a truly deceptive application that is hardcoded into the must have system dependent "framework-res.apk" on some of the newer Android devices ROM from the factory. The Trojan can track your app content such as Browser and can lock your device into a "demo" mode which will display large red DEMO text in caps across all your screens. The app is also linked to Baidu.
Baidu, Inc., incorporated on January 18, 2000, a Chinese web services company headquartered in the Baidu Campus in Haidian District in Beijing.
ok.... so you are being tracked and monitored by the Chinese?
but that's not all...
The secondary part to the Virus/Trojan is more of a pain in the :wub: imho than tracking and reporting my web history to an unknown Chinese web service company [for who knows what they seek to learn or truly have access to with this Trojan on your device]...
Click to expand...
Click to collapse
Allwinner Demo Fix: https://app.box.com/s/wpbl5nfrxtjdbgvgrwp2tbgvzlt31oqk
I can't remove Trojan virus from my tablet azpen. A739 ?
Sent from my A739 using XDA Free mobile app
Allwinner Demo Fix
This is how I removed the trojan without getting the red "Demo" letters on the screen http://forum.xda-developers.com/android/help/chinese-tablet-demo-mode-t2853062#post64002423
Hi All,
I'd like some recommendations on steps for locating a stubborn adware infestation that virus scanners don't seem to be able to find on my mobile. System is:
- Samsung SM-G900F
- Android 6.0.1
- unrooted
I get advertising redirects several times per day. It isn't clear where they are coming from. Have tried complete system reset. Uninstalled all downloaded apps. Disabled app auto updating. Ran a Malwarebytes scan. It found nothing.
Is there somewhere a log file for browser calls? At least I could find the app that requests the unwanted URLs.
thunderslug said:
Hi All,
I'd like some recommendations on steps for locating a stubborn adware infestation that virus scanners don't seem to be able to find on my mobile. System is:
- Samsung SM-G900F
- Android 6.0.1
- unrooted
I get advertising redirects several times per day. It isn't clear where they are coming from. Have tried complete system reset. Uninstalled all downloaded apps. Disabled app auto updating. Ran a Malwarebytes scan. It found nothing.
Is there somewhere a log file for browser calls? At least I could find the app that requests the unwanted URLs.
Click to expand...
Click to collapse
you could turn on logging in developer options, though you'll need a little tech skill to use & set up.
Probably an easier way is to use a no root firewall eg
https://play.google.com/store/apps/details?id=eu.faircode.netguard
while the log feature is not free as you only want to find one potential app you can set notifications for internet connection attempts to on, then manually check app & ip address it's trying to connect to win you get popup.
Also you could use this app (it's NOT a proper antivirus app, but a useful 2nd opinion to your actual antivirus), it just allows you to easily see app status from virustotal.com & manually submit any that are suspicious or have not yet been submitted,
https://play.google.com/store/apps/details?id=com.funnycat.virustotal
btw even if you really have uninstalled all 3rd party apps one of the bloatware adk's may have a dodgy ad sdk within it. If so you can (probably) block this with the above firewall if you pay for that feature, without having to root your phone or freeze dodgy app. (Also boot phone into safe mode disables all 3rd polarity apps & see if it still happens)
Note: if system is infected by malware factory reset won't help, you need to reflash the FULL (eg 4 or 5 files inside) Samsung factory ROM with complete wipe. Though as I guess the S5 is not receiving updates anymore, I'd be looking into installing LineageOS to get up to date security patches (after first reinstalling stock ROM asuming you have malware as custom roms are not full roms like samsung factory rom)
thunderslug said:
Hi All,
I'd like some recommendations on steps for locating a stubborn adware infestation that virus scanners don't seem to be able to find on my mobile. System is:
- Samsung SM-G900F
- Android 6.0.1
- unrooted
I get advertising redirects several times per day. It isn't clear where they are coming from. Have tried complete system reset. Uninstalled all downloaded apps. Disabled app auto updating. Ran a Malwarebytes scan. It found nothing.
Is there somewhere a log file for browser calls? At least I could find the app that requests the unwanted URLs.
Click to expand...
Click to collapse
Could be xhelper, mostly Chinese phones (what a surprise ?) it seems but at least one Samsung running 6.0.X like you
https://threatpost.com/android-malware-45k-devices-mystery/149654/
Hi there, it's been a long time since i used my last Pixel (it was 2XL),
what i notice right away after using my P7Pro for few days is that Google Feed on this phone is showing a lot of ads/sponsored content,
i used host based adblock along with adguard private DNS on this phone, same setup like my other phone (Aquos R6)
but to my surprise, while it managed to block the ads/sponsored contents on my Aquos, it failed to do so on my Pixel.
Do google actually do same thing with apple on macOS ? setting up certain IP/URL/Connection in OS level, bypassing our DNS/VPN/Host ?
Because i dont remember ever seeing thia much of an ads in my Google Feed. And, as comparison, i dont see the same ads from my Aquos which signed into same google account.
Do you have any idea how to reduce it ? or block it ?
And, no, choosing "Show less" or "Block this ads" by pressing ... button on the Feed doesn't work.
otonieru said:
Hi there, it's been a long time since i used my last Pixel (it was 2XL),
what i notice right away after using my P7Pro for few days is that Google Feed on this phone is showing a lot of ads/sponsored content,
i used host based adblock along with adguard private DNS on this phone, same setup like my other phone (Aquos R6)
but to my surprise, while it managed to block the ads/sponsored contents on my Aquos, it failed to do so on my Pixel.
Do google actually do same thing with apple on macOS ? setting up certain IP/URL/Connection in OS level, bypassing our DNS/VPN/Host ?
Because i dont remember ever seeing thia much of an ads in my Google Feed. And, as comparison, i dont see the same ads from my Aquos which signed into same google account.
Do you have any idea how to reduce it ? or block it ?
And, no, choosing "Show less" or "Block this ads" by pressing ... button on the Feed doesn't work.
Click to expand...
Click to collapse
I don't use Google Feeds it's an open door for some pubs
I prefer to use Flym which manages my RSS feeds and I don't have ads.
I also use AdAway and the Magisk Systemless Hosts-Unified module.
Adguard app, no adds unless you missed some filters/updates. Works great on Facebook too.
As others mentioned, you need a way to block/filter traffic on your entire device. There are apps that use a VPN to filter traffic without root, though there is always the root method of editing your hosts file which has been around for a good while which will always also work.
There is also one other option which is to use a DNS server which some companies provide as a paid service, the benefit there is you can choose to put the filter in your modem to have it filter down to all of the devices on your network, though personally I would never go for this option as iot is far too easy to block something you didn't want to, and a hassle to unblock it.
I installed a Play Store App, DNS66, and this seems to block ADs system wide including YouTube Music Ads - now it plays like a regular music player without the garbage ads every other song.
Thank you for all replies,
as mentioned i already using two adblock methods, root based and DNS based, and for other apps, the ads all gone, system widely,
only Google Discover still showing it,
but it SOLVED now, after turning off Ads Personalisation in My Ads setting in Google app, somehow all the ads now gone. Probably there's cache somewhere in my system which prevent the adblock to work 100% on Discover.
otonieru said:
Thank you for all replies,
as mentioned i already using two adblock methods, root based and DNS based, and for other apps, the ads all gone, system widely,
only Google Discover still showing it,
but it SOLVED now, after turning off Ads Personalisation in My Ads setting in Google app, somehow all the ads now gone. Probably there's cache somewhere in my system which prevent the adblock to work 100% on Discover.
Click to expand...
Click to collapse
This worked perfectly for me on both my Pixel phones. Thank you so much!