I stumbled across a file on my S10+ that's peaked my interest; although it could be nothing it still serves a purpose of some kind and I'm not sure what.
I haven't noticed any symptoms of malicious software as of yet and none of my files have been encrypted, though I did recently have to re-flash stock firmware due to overheating issues and a plethora of errors in the dumpsys logs.
The file came along with Call of Duty Mobile, or is at least hiding in one of it's folders.
I haven't downloaded anything from Tencent in awhile due to privacy concerns, and now I've found this file which seems pretty suspicious. I've looked around online and can't seem to find anything, anyone have any idea on this?
SuperIronOut said:
I stumbled across a file on my S10+ that's peaked my interest; although it could be nothing it still serves a purpose of some kind and I'm not sure what.
I haven't noticed any symptoms of malicious software as of yet and none of my files have been encrypted, though I did recently have to re-flash stock firmware due to overheating issues and a plethora of errors in the dumpsys logs.
The file came along with Call of Duty Mobile, or is at least hiding in one of it's folders.
I haven't downloaded anything from Tencent in awhile due to privacy concerns, and now I've found this file which seems pretty suspicious. I've looked around online and can't seem to find anything, anyone have any idea on this?
Click to expand...
Click to collapse
The file you referenced is only 48 bytes; My initial impression is that whatever your phone uses to identify a file "type" (file signature? extension?) has likely collided with the same signature/extension that someone noted the referenced ransomware as having. I suspect this to be pure coincidence and not to represent any evidence of infection or threat to your device.
As always, if you have data that you care about on any device, make sure you keep backups in a safe, disconnected location.
Related
Ok, so there has been a LOT of people complaining that they are having issues updating certain apps. This seem to be happening mostly on Android 4.3 or 4.4. I too started having this issue so did a search for a fix, I found probably hundreds of threads across all the XDA forums without really finding any solutions. One of them points to a trick with a function of Lucky Patcher. That used to work but it seems the latest updates removed that feature. In most cases, clearing the data or removing updates does not seem to fix this issue either. Most threads will eventually end up saying to do a factory reset, not so. So I figured out why that is happening and thought that I would post it here for everyone to finally fix that annoying problem.
It seems like this is happening because Android is creating two data folders for that app and then when you try to update it, it tries to create another folder and the system wont let it. Therefor it is giving an out of space error. Not really an expert or proven reason but that is what it seems like to me, maybe somebody else can clarify, here is what will fix the error though.
Use a file explorer (I use Solid Explorer) and navigate to the root folder
Do a search for a small portion of the app name that you cant update. You will see several folders come up. They are most likely in /data/app-lib and are called appname-1 and appname-2. Some apps may have it by the developers name instead so make sure that it is the app that you are having issues with first.(example - tunein radios folder is called radiotime)
Delete both folders (notice - it would probably also delete the apps data too)
Go back to the play store and magically update!
Let me know if anyone else finds this useful as I have not seen this mentioned anywhere.
Hi,
I was looking for a smali to java converter and came across this thread: http://forum.xda-developers.com/showthread.php?t=2430413. I tried to use the app attached there (seems to have worked well for many other users).
Norton Anti-virus on my machine immediately blocked and deleted the .exe file - said it has WS.Reputation.1 worm.
I don't have privileges to update above thread, hence posting here if someone can help verify and remove the file.
Regards,
Anil.
hello,
I scanned the file in question and everything seems to be ok to me. Out of 51 different virus scanning tools only 1 came back with anything. It came up with a file called
Suspicious.Insight
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: http://www.clamav.net/index.php?s=pua&lang=en
Click to expand...
Click to collapse
I think norton thought the file was something that it is not. You can see the scan results in the link below
https://www.virustotal.com/en/file/...c835f477dd5a7dcef5ffde62/analysis/1411291539/
Thanks Mark, much appreciated. Seems Norton is a bit over-zealous on this one.
As you may know there is a spyware linked to the my Xperia App that seems to be affected alot of Xperia Z3 users (Maybe all of us). It's creating a baidu folder and it seems that no matter what you do is coming back, worst, it's sending info to a server in China.
There is currently another thread in the Z3 Compact Forum, but I'm posting this here for all of us that never goes over there , http://forum.xda-developers.com/z3-compact/general/spyware-preloaded-z3-phones-baidu-t2921634/post56366715#post56366715.
I've been following the instructions over there but as you will see, it's not working as expected for me, it's even mentioned that it may be linked to ES File Explorer (I do have that installed) but I've also removed ES and still doesn't work.
Please check your Z3s and see if you have the baidu folder, if you do, you're also infected.
erasat said:
As you may know there is a spyware linked to the my Xperia App that seems to be affected alot of Xperia Z3 users (Maybe all of us). It's creating a baidu folder and it seems that no matter what you do is coming back, worst, it's sending info to a server in China.
There is currently another thread in the Z3 Compact Forum, but I'm posting this here for all of us that never goes over there , http://forum.xda-developers.com/z3-compact/general/spyware-preloaded-z3-phones-baidu-t2921634/post56366715#post56366715.
I've been following the instructions over there but as you will see, it's not working as expected for me, it's even mentioned that it may be linked to ES File Explorer (I do have that installed) but I've also removed ES and still doesn't work.
Please check your Z3s and see if you have the baidu folder, if you do, you're also infected.
Click to expand...
Click to collapse
There seems to be very little information about what is responsible for the folder creation, and what, if any, malware is on the phones. All I see is breathless speculation about "infecting" and "sending data to china". If true then Sony has something to answer for, but I've not seen anything approaching a sensible analysis of what data is being sent, what app is producing it etc. But by all means, delete the empty folder if you like!
poldie said:
There seems to be very little information about what is responsible for the folder creation, and what, if any, malware is on the phones. All I see is breathless speculation about "infecting" and "sending data to china". If true then Sony has something to answer for, but I've not seen anything approaching a sensible analysis of what data is being sent, what app is producing it etc. But by all means, delete the empty folder if you like!
Click to expand...
Click to collapse
It's not an empty folder, it has data and when you look at it they are databases, it may look as paranoid but given that the only information we have right now is that it's sending data to China servers, I don't feel too comfortable just working with the phone as I was before knowing that.
Most of us have mostly replaced our Computers and Laptops with our Smartphones, that means that every connection I do to check and do Financial stuff have been done over my smartphone for quite some time now. Even worst, I have lastpass installed with all my personal and office passwords on it (it's encrypted both ways) because as a System manager I need to deal with a couple of dozens Office passwords and information plus my personal ones and at 42, that's not a possible task anymore without any help.
For those of you interested in block this, it seems that the instructions that you can find in the link works, my problem was that I had the my Xperia app activated as a Device Administrator, that was preventing everything from work.
I have previously posted this question in the Samsung S7 Edge section here http://forum.xda-developers.com/s7-edge/help/gc-cc-logs-mozilla-consuming-huge-space-t3397783 but didn't get any response. It is possible that the topic didn't get any attention as it is in the wrong section and I also feared that my problem could be due to malware and some other security bugs.
My problem started when I was suddenly told that my S7 is running out space without any new huge apps being installed. I tracked down the sudden lose of storage space to a folder named "memory-reports" inside the default Download folder. The folder content comprise multiple logfiles with each file sizes averaging 30mbs, and the number of files gradually increase and eventually hogging over 3gigs of storage space. I deleted the entire folder with the logfiles but the folder appeared again with similar logfiles.
after Googling around, I found the description of the logfiles here https://developer.mozilla.org/en-US/...GC_and_CC_logs. it seem to relate to Mozilla Firefox and I doubt this problem is specific to Samsung S7 Edge although this is the phone I am using now and the problem only occurred to me for the first time recently. couldn't find any mention of similar issue anywhere else via Google, but maybe some of you guys are better at digging them up. Seeking some comments, suggestions as to what cause, possible solutions...
NOTE: My phone is NOT rooted. the logfiles are still being generated periodically and have to be deleted to recover the space. deleting them don;t seem to affect the operation of any apps and especially FIREFOX, which is the only connection I can find with mention of those logfiles name with MOZILLA. The problem seem unique to me at the moment as I still couldn't find any reference on Google to them. Any head-up suggestion on possible reason and ways to track down exactly which apps, background process are generating the log files are certainly welcomed.
I am experiencing the same issue on my Motorola Nexus 6.
Thanks for this. I was facing the same problem. I just deleted the files. It didn't seem to hurt firefox. ]
Have some suspicious files that keep appearing. I'm under heavy fire being hacked recently.
I've never noticed these before but they keep showing up in my download folder, folder: system_conifg, then file: system_file16844973xxxxx 32bytes
Anyone shed some light on these for me. Even after factory reset and even loading a different firmware.
Note 10+ unlocked snapdragon.
Don't believe everything you read on the Internet. You aren't being hacked, and those are normal files.
Oh I'm def being hacked, no question about that. Have police reports, breaking and entering,, theft, vandalism. Oh it's all tied together.
What exactly are those files for?