Related
My friend had a nerd friend of hers root her phone for her. She reports it took the person 7 hours to finish the job, which we find suspicious. Here is the phone info after root job, please let us now if there's any other info you need in order to help us:
T-Mobile::
Samsung SGH-T769
Android Version 4.1.2
kernel version 3.0.49-cyanogenod-ga56844d
[email protected]#1
CyanogenMod Verson
10-20121125-NIGHTLY-1769
CM Updater has been stuck downloading for two days now.. I've only ever done one successful root myself, to my Galaxy S3, so the only thing I can think of is to unroot. The main concern we have is that the person who did the rooting now has remote access to her device functions and cameras, seeing as he also did work to her laptop and once it connected to her home network after she got it back from him, it was remote accessing her other devices and shared files on her network, as well as her webcam and microphone.
What you posted is what anyone running cyanogenmod has in /about phone, same as mine.lol
Just look through your file explorer and see what you find and than Google search it. Install avast from play store and it can detect malware or conflicting apps, it also has firewall settings if you install as rooted when prompted. If you find a suspicious app please do post. For curiosities sake..
Its not cyanogenmod its good no worries, ask the other 3 million+ users
Hah, if you are worried about remote access, cyanogenmod doesn't have anything to do with it.
Having said that, there *are* things that a malicious person could install on your phone, especially with access to it for 7 hours, to make you frightened.
Many of these kinds of apps are geared towards peace of mind for the owner, so they can retrieve it if the phone gets lost or stolen.
However, the tools are very powerful. Being able to remotely take audio/photos/video, show your location, turn off the phone, upload photos/video taken with the phone, etc...
Some of these services will survive a "return to stock" when done in the phone. Heh, you're probably really freaked out right now.
The first thing I'd look for is to check the device administrators via settings/security/device administrators
I have one checked myself, because I like the peace of mind that I have a way of getting the phone back, or at least wiping data, should I lose it. (assuming the person doesn't pull the battery and doesn't go through the effort of removing it)
Odds are, this person hasn't done anything seedy...that's not what I'm saying, what I am saying is:
Don't trust people with your phone.
Hey there fellow blazer,,
Recommend you go back to stock and wipe everything there is on the phone, only backup things you absolutely need. It's simple but be careful and follow the steps carefully.
OK
well i went into factory hard reset it, but it is still rooted with cyanogen mod, ur saying that that level of restore will be fine? Ook, im putting AVG & Kaspersky on it, ill let you know how it goes. ok AVG did find one infected program, but it was another AV, either way got rid of it, also used Titanium backup to wipe pretty much everything, including caches and system data. Also went through sdcard0 and sdcard1, removing anything that did not look standard issue.
Cirkustanz said:
The first thing I'd look for is to check the device administrators via settings/security/device administrators
Click to expand...
Click to collapse
that is the one thing i forgot to do, but i wil text her and let her know to check. I checked the one for my GS3, and it has a "com.sec.sprextension.phoneinfo.D.." checked, and none else listed. since that seems to be a system file, and cant be unchecked, it must be okay. Should i tell her that as long as what's listed in her device administrators is either nothing or only a system file then it is fine?
if you're still shady, you could try another rom after wiping :/
Ok so here is how you fix it....
Go to http://10.cmxlog.com/?device=t769#cm-10-20130128-NIGHTLY-t769.zip and download the latest CM10 Rom
Go to http://goo.im/gapps/gapps-jb-20121011-signed.zip and download your Google Apps (google play and frameworks needed for all google stuff)
Boot into recovery mode (long press the power button, choose recovery)
Go into mounts, then format system
Go back to the main screen and format data/factory reset
Go to install zip from sd card and choose internal or external depending on where you put the files.
Install the CM10 zip first.
After CM10 install is complete, install Gaaps zip
Reboot.
This will fresh wipe everything. You will start from scratch and setup when it turns on. You will have to install your apps again, so use Titanium if you want to keep data. Best to start fresh if you are really worried about that sort of thing though. Hope this helps.
I recommend the above suggestion and do a full wipe just to be safe, with formatting the /system partition. When you do a factory reset it do not wipe the system apps, some app like Cerberes can hide in the system partition. Additionally with root, you can install the app LBE (link in my sig) that can prevent permission and internet connection for apps, among other things.
I don't think it's anything to worry about, but it depends on the person who did the rooting, you might be blaming an innocent person. But then there are creeps out there as well.
Sent from XDA app
First, I am rooted, s-off, and running dottat's custom MM ruu.
I am having a problem with a virus or something on Chrome. I keep getting a popup window to fix a virus problem or something. I have managed to get out of it without clicking OK.
I have Chrome frozen right now with Titanium Backup. Can I use TiBk to wipe Chrome data and restore previous uninfected backup? Or uninstall Chrome entirely, reinstall Chrome from Play store and restore previously backed up data? Or is there maybe a particular file or folder I need to delete manually to fix this?
I have Kaspersky Internet Security app, and have scanned my phone and its coming up clean.
Anyone have any ideas?
Thanks in advance for any help.
fjm568 said:
First, I am rooted, s-off, and running dottat's custom MM ruu.
I am having a problem with a virus or something on Chrome. I keep getting a popup window to fix a virus problem or something. I have managed to get out of it without clicking OK.
I have Chrome frozen right now with Titanium Backup. Can I use TiBk to wipe Chrome data and restore previous uninfected backup? Or uninstall Chrome entirely, reinstall Chrome from Play store and restore previously backed up data? Or is there maybe a particular file or folder I need to delete manually to fix this?
I have Kaspersky Internet Security app, and have scanned my phone and its coming up clean.
Anyone have any ideas?
Thanks in advance for any help.
Click to expand...
Click to collapse
It's probably ransomware, clear data off chrome and you should be fine. It's just someone trying to trick you to pay for something to get money and it locks the browser. There shouldn't be an actual virus on your phone.
The really advanced stuff will actually encrypt your data and tell you if you don't pay them they will delete all data off your device in a set amount of time. It'll set a random lockscreen pin to prevent you from entering your phone. Even this should be easily fixable with an s-off device, but you don't have anything that dangerous.
OK. Wiped data with built-in app manager. Wiped data again with TiBk. Restored backup of data only with TiBk, and rebooted. So far, everything seems to be fine.
I will report back in here in a couple of days if nothing pops up.
Thanks for your help.
Just wanted to check in for anyone who may be looking for a solution to this problem, that at least for the last two days, I've had NO pop-ups. So, I'm going to say that it worked.
Thanks again for the help.
i would like to install google prey or similar apps as an system app, or default app so when you factory reset the device it is already installed with the user and configuration, are the tutorials "installing app as system app" the ones that will work?
any tips for where to go or what to do? thanks
jvds said:
i would like to install google prey or similar apps as an system app, or default app so when you factory reset the device it is already installed with the user and configuration, are the tutorials "installing app as system app" the ones that will work?
any tips for where to go or what to do? thanks
Click to expand...
Click to collapse
If you're rooted you can use Titanium Backup to convert it to a system app or you can use ES File Explorer with root explorer enabled to manually push it to your /system/app folder then boot to recovery and wipe cache and Dalvik/Art cache then reboot to system.
You can also use adb to adb push it to /system/app folder.
Sent from my SCH-I535 using Tapatalk
Droidriven said:
If you're rooted you can use Titanium Backup to convert it to a system app or you can use ES File Explorer with root explorer enabled to manually push it to your /system/app folder then boot to recovery and wipe cache and Dalvik/Art cache then reboot to system.
You can also use adb to adb push it to /system/app folder.
Click to expand...
Click to collapse
thanks, i tried it with airdroid, but factory reset still delete the settings, the app stays like intended but configurations and login to app is all gone. any tips?
jvds said:
will factory reset still delete it or delete the settings?
Click to expand...
Click to collapse
It won't delete the app but it will delete the settings but you can also use Titanium Backup to backup and restore the app data for that app, you can also backup the app data to google and you can restore it from Google.
Sent from my SCH-I535 using Tapatalk
Droidriven said:
It won't delete the app but it will delete the settings but you can also use Titanium Backup to backup and restore the app data for that app, you can also backup the app data to google and you can restore it from Google.
Sent from my SCH-I535 using Tapatalk
Click to expand...
Click to collapse
but will titanium backup survive factory reset?
do any one know if you can also move the settings to specific locations to avoid them being deleted? for airdroid, or google prey or any other app that can track?
for airdroid the apk and the lib files hat to be moved to system folders and it stays after a factory reset, but anything that looses the settings over a factory reset is pretty much useless for stolen devices, the first step a thief takes is factory reset and format the device. all aps on play store is as good as nothing when it comes to recovering a stolen device. :silly:
jvds said:
but will titanium backup survive factory reset?
do any one know if you can also move the settings to specific locations to avoid them being deleted? for airdroid, or google prey or any other app that can track?
for airdroid the apk and the lib files hat to be moved to system folders and it stays after a factory reset, but anything that looses the settings over a factory reset is pretty much useless for stolen devices, the first step a thief takes is factory reset and format the device. all aps on play store is as good as nothing when it comes to recovering a stolen device. :silly:
Click to expand...
Click to collapse
Titanium Backup will back up whatever apps, app data and settings that you want it to.
You can use Titanium Backup to make itself a system app, it won't get removed by the factory reset, then just use it to restore everything that you backed up.
There is plenty of information about all of this all over XDA and all over the internet if you'll just take the time to do some searching. Get off your butt and get to looking and you'll see.
As for the device being stolen, there are apps that you can install on the device that can be used to lock the device or wipe the device or even track the device to its location or last known location, whichever of those apps you use to secure your device can also be made into system apps using Titanium Backup. Then if its stolen and wiped the apps will still be there.
It isn't rocket science, why are you over thinking and complicating it?
Sent from my SCH-I535 using Tapatalk
Droidriven said:
Titanium Backup will back up whatever apps, app data and settings that you want it to.
It isn't rocket science, why are you over thinking and complicating it?
Click to expand...
Click to collapse
hi, i'm not trying to over complicating it, the thing is that i tried moving aps like google prey and airdroid that can locate a device to the system folders but when i factory reset the device, the apps are there but the configuration of the aps is gone, i want the configuration to stay alive with the aps, because thieves just factory reset the device at the moment they steal it and then you kiss your device good bye, at least if i can get the configuration to stay alive then i have a 50% chance against thieves, at the moment the chance is next to none.
the reason i ask is to not waste time testing things that some one already know, i searched but don't find good tutorials on that, and i'm not sure if Titanium Backup will work for that, i was expecting some one knowing the software like Titanium Backup can tel me that if i do convert an app to a system app with Titanium, that the system app and its configuration will sirvive a reset and not just the app.
i will test Titanium Backup later today when i have some free time, thanks
jvds said:
hi, i'm not trying to over complicating it, the thing is that i tried moving aps like google prey and airdroid that can locate a device to the system folders but when i factory reset the device, the apps are there but the configuration of the aps is gone, i want the configuration to stay alive with the aps, because thieves just factory reset the device at the moment they steal it and then you kiss your device good bye, at least if i can get the configuration to stay alive then i have a 50% chance against thieves, at the moment the chance is next to none.
the reason i ask is to not waste time testing things that some one already know, i searched but don't find good tutorials on that, and i'm not sure if Titanium Backup will work for that, i was expecting some one knowing the software like Titanium Backup can tel me that if i do convert an app to a system app with Titanium, that the system app and its configuration will sirvive a reset and not just the app.
i will test Titanium Backup later today when i have some free time, thanks
Click to expand...
Click to collapse
Factory reset removes all data and settings when you factory reset even for system apps, there is no way to protect that data from a factory reset. You can back it up and restore it but you can't prevent it from being wiped.
There is an alternative though, you can remove the recovery, then turn USB debugging off then password/PIN protect your system settings app.
Removing recovery ensures that they can't use recovery to factory reset.
Turning off USB debugging ensures that they can't flash the device with PC or use adb/fastboot because PC won't recognise the device.
Password/PIN protecting your system settings app prevents them from getting into your system settings so they can't factory reset from settings.
The one issue with this setup is that if your device encounters an issue where it won't boot or bootloops then even YOU won't be able to fix it because you won't have recovery and you won't be able to connect to PC because you won't be able to get into settings to turn USB debugging back on to be able to flash it.
Research these things to verify its safe to do on your device because all devices are different and things are different depending on the device in question.
Sent from my SCH-I535 using Tapatalk
thank you
I'm interested in this topic, since nobody seems care that much to write up a friendly method to do that...
Not friendly
These guys claim to know these things but fail to even give a link to a tutorial on how to do it. Its infuriating. They tell us to research but asking here on XDA is part of research. Pls give a valid tutorial on how to secure prey data so it doesn't get deleted.
I have a few problems with my device, I have no idea what I'm doing and I could really use some help
When I try to uninstall apps it completely reboots my phone and nothing happens with the app.
When I try to go to the security settings it just closes the settings down, same for developer mode.
I really need to get into the security mode so I can enable HDB for Hi Suite. I also don't have an SD card if that is needed but I could go out and buy one if necessary
Build Number if it's any use. BLN-L21C432B367
Looks like something went wronf during the update, before that you was able to go on settings i assume, right? If yes, i didn't saw other users reporting this after the update so maybe something didn't went as it should. You have a TWRP backup? If not, you could backup your actual stuff by Titanium Backup (or Huawei backup too), perform a factory reset on your actual build and then check if the issue persists.
Recently, I have permanently deleted files from my Android device after factory reset and I didn't take any backup. Is there have any possibility to recover my important data without having any backup?
Try EaseUS MobiSaver app.
You can definitely check the local backup of your phone if you have take backup regularly then, you have enabled to restore data from mobile. Sometimes, files have an automatic backup on Google account. So, you can check your Google backup. In case, if you didn't get back lost after the factory reset then, you may also try the Android data recovery tool. There is no guarantee for data recovery by using any program. But if it will possible to recover files then, it will show the preview of deleted data during the free trial edition.
To be honest, the chances of it would entirely depend on how long you have performed the factory reset. If it has not been so long, then you can actually get your data back. Pick a recovery tool that supports your device, it will let you preview the data and restore them.
Sorry for the delayed reply. For the ones who have the same problem, usually it's difficult to recover them back. You can ask for help from pro shop. Pro shop like Dr.fone, EaseUS MobiSaver, Coolmuster Lab.Fone for Android, etc. I am not sure they can work well or not. Before that, you need to stop using your phone. Cause data can not be recovered if they are overwritten by new data. And do remember to take backup of your phone usually. It's easy and safe.
I'm in the same seat and I also managed to flash an original rom on a Galaxy S8 on top of that.
Tried trial versions of all the mentioned and some others but they aren't able to detect anything relevant.
At the moment I'm wondering whether to take the loss or hand it in to a professional.
Can they do anything more that the different recovery softwares can't?
(I thought my phone was synced through a cloud app but it turns out it wasn't.)
I have used an app Named "DiskDigger" it worked perfect for me for recovering Pictures.
Have NonRoot-Method and Root Methood
dashti.95 said:
I have used an app Named "DiskDigger" it worked perfect for me for recovering Pictures.
Have NonRoot-Method and Root Methood
Click to expand...
Click to collapse
how do i do it?
Sahurley78 said:
how do i do it?
Click to expand...
Click to collapse
its easy just download diskdigger on your android device and it have a button to start recovery
I just found this thread on google, I would like to know if anyone knows a way to recover a deleted application data folder inside the "Android/data" folder in the internal storage, either by adb, usb debugging or with some software since they are important data and I have not gotten any solution .
Thanks in advance.