Related
Hi folks,
I have installed the Steel web browser and like it much more that the one supplied by HTC with the phone... is it possible to uninstall it and just leave Steel?
The above is just an example, my HTC hero has lots of stuff I don't really plan to use, ever. Is there a way to get rid of them FOR GOOD?
Thanks in advance!
frandavid100 said:
Hi folks,
I have installed the Steel web browser and like it much more that the one supplied by HTC with the phone... is it possible to uninstall it and just leave Steel?
The above is just an example, my HTC hero has lots of stuff I don't really plan to use, ever. Is there a way to get rid of them FOR GOOD?
Thanks in advance!
Click to expand...
Click to collapse
I'm so with you on this one...I've added Twidroid and turned off Peep but would love to completely delete it in order to avoid any conflicts. Also the default messaging program is a bit of a dog when compared to Handcent SMS.
There used to be a way on the WinMo 6 phones to change the registry values to allow deletion of TouchFlo UI programs but I've not been able to find anything online yet. Maybe it's too early in the phone's life for anyone to have cracked this.
At the moment, the only thing I can do is to make sure that notifications from default programs that I have replaced with better ones are turned off so that they only come from the new software.
I realise this doesn't help you (or me) very much but I'd pay good money to have an add/remove program that works on the default apps (ASTRO, Appmanager and OI File Manager do not seem to be able to access the default programs for uninstallation).
Does anyone with modding experience (obviously I don't ;D) have any suggestions on how to achieve this?
DBR
i have installed QuickUninstall app and it offers all the built in apps as well as the added ones....didn't try to delete any though, they don't bother me that much to toy with it just yet
Kewl...thnx for the heads up. QuickUninstall is downloaded. I'll try to get rid of Peep and the inbuilt message program and if something goes wrong I'll be back here begging for more help
DBR
I've had some success with Root Explorer - I've successfully removed the stocks app and the stocks widget.
Big pointer before you start on removing default or stock Rom apps is to MAKE A NANDROID BACKUP!! You can do this by booting the temporary Recovery image from the rooting thread here
http://forum.xda-developers.com/showthread.php?t=543571
That way, if you do mess up, you can restore the Nandroid Backup.
Just ask Auntie Dayzee (BTW I wish I was this sensible with other stuff in my life!! LOL)
I need to partition my hard drive and install Windows in order to use Nandroid and root the phone (you need to root it in order to use root explorer right?).
As soon as I find a way for the installer to find my hard drive I'll poke you for advice, thanks dayzee
Does anyone know what's the name of the web'n'walk app? Can't find it in the app folder.
It's not an app afaik, it's just a shortcut.
all it does is open the default browser to the t-mob web and walk homepage.
Oh.. do you also happen to know where I can remove it?
Nevermind, found it in the app folder as "urlshortcut.apk"
frandavid100 said:
I need to partition my hard drive and install Windows in order to use Nandroid and root the phone
Click to expand...
Click to collapse
As far as i understand, ADB works in Mac and Linux as well, you just need to prefix the commands with ./
or have i missed something?? there's no point installing windows if you don;t have to....
how did you do it?
Dayzee said:
I've had some success with Root Explorer - I've successfully removed the stocks app and the stocks widget.
Big pointer before you start on removing default or stock Rom apps is to MAKE A NANDROID BACKUP!! You can do this by booting the temporary Recovery image from the rooting thread here
http://forum.xda-developers.com/showthread.php?t=543571
That way, if you do mess up, you can restore the Nandroid Backup.
Just ask Auntie Dayzee (BTW I wish I was this sensible with other stuff in my life!! LOL)
Click to expand...
Click to collapse
Hi Dayzee,
noob here. i just rooted my htc hero and i have root explorer running.
can you explain how you removed those apps?
I want to ditch peep, footprints and possibly pc synchronization (if this is safe).
I am a little lost in this file directory structure...
...or could you point me to a really great link on this topic?
thanks so much,
sprinkles
had success using Paul's method on Modaco...all credit to him in my case.
http://android.modaco.com/content/htc-hero-hero-modaco-com/291521/if-you-want-to-remove-htc-sync/
Used a file explorer (astro in my case) to view the folder /system/app so that i could see what needed to be removed, but am now happily without Peep, Learn More, Stocks,HTC Sync, Mail etc.
adb remount
adb shell rm /system/app/xxxxxx
replace xxxxxx with the app you want to remove
HTC Sync - PCSCII*
HTC Stocks and Widget - *Stock*
Peep - *Twit*
Learn More - Learn*
Footprints - *Foot*
Mail - HtcMail*
there's plenty of others in there as well if you have a look. Just be sure to be careful what you delete, and remember that the app names are case sensitive.
The rooted 2.73 rom from Modaco works fine with this command, and i expect the Modaco custom roms will as well.
I used a similar method to get rid of some HTC app which kept bugging me since I upgraded to the new ROM (Peep, Stock, etc), works perfectly and no problem so far.
It's pretty straightforward, even for a newb like me, but if anyone is interested in the steps I followed :
0- Before doing anything that can mess up your phone, it's recommended to do a nandroid backup.
I'll explain how to backup each removed app individually, but we're never cautious enough !
1- Load the recovery image and mount the system:
Code:
fastboot boot cm-hero-recovery.img
adb shell mount /system
2- Get the list of app installed, spot the files you want to delete
Code:
adb shell ls /system/app/
3.a - First alternative : Backup on SDcard and delete
Mount sdcard.
Create a folder saveHtcApp.
Move (copy + delete in one go ! ) files from system/app to saveHtcApp
Code:
adb shell mount /sdcard
adb shell mkdir /sdcard/saveHtcApp
adb mv /system/app/Stock.apk /sdcard/saveHtcApp
adb mv /system/app/Stock.odex /sdcard/saveHtcApp
adb mv /system/app/com.htc.StockWidget.apk /sdcard/saveHtcApp
adb mv /system/app/com.htc.StockWidget.odex /sdcard/saveHtcApp
Then check that all worked right by doing some ls (Yeah, I'm found of double-checking)
Code:
adb shell ls /sdcard/saveHtcApp
adb shell ls /system/app/
3.b - Second Alternative : (don't do it after 3.a !) Backup on Computer and delete.
(on Windows, I assume Linux's folks won't need explanations to do the same on linux.)
Create a folder saveHtcApp : in the following example, in the working directory.
(Of course, you can make it anywhere, but it make the path smaller to work on working directory... and move the save folder afterwards)
Then pull (copy) the files from the phone to the computer.
Just to make sure, a little dir to see that all files were actually copied on the computer.
Code:
mkdir saveHtcApp
adb pull /system/app/Stock.apk ./saveHtcApp
adb pull /system/app/Stock.odex ./saveHtcApp
adb pull /system/app/com.htc.StockWidget.apk ./saveHtcApp
adb pull /system/app/com.htc.StockWidget.odex ./saveHtcApp
dir
Then, delete them :
Code:
adb shell rm /system/app/Stock.odex
adb shell rm /system/app/Stock.apk
adb shell rm /system/app/com.htc.StockWidget.odex
adb shell rm /system/app/com.htc.StockWidget.apk
4 - Reboot the device !
Hope that could help someone.
Tested on Brown French Hero, 2.73.405.5 ROM offi.
Brill stuff - I'm rubbish at the coding stuff - where does this back the apps up to? and what does the dot do? and if its pulling to the PC, does the slash have to go the other way?
Dayzee
Good question, I should have explain that a little
I'll update my previous post.
For the slash-thing... I'm always switching from windows to linux to windows, so I'm always confused between which slash use.
When I have issue with /, I try with \.
BTW, in the present case, I run all those lines on Windows 7 without any issue.
Edit : post step-by-step edited. Is it clearer ?
If anyone see anything to change or explain, just say so.
removing htc hero sucka apps
Tweedeldee said:
Good question, I should have explain that a little
I'll update my previous post.
Click to expand...
Click to collapse
great and thanks. while you were sleeping, i went in and did some removals; just the apk files. what about the .odex files?
I took these apps out at the knees
-peep
-footprints
-tutorial
any other suggestions?
thanks.
Hey, I wasn't sleeping ! Just finding a way to save on sdcard instead of pc and re-redacting the post ! >.<
I didn't knew what was an odex file either, so I googled it :
http://groups.google.com/group/android-framework/browse_thread/thread/70ee61a240edc84a?pli=1
They are created for a final system image. They are not required --
if they don't exist, the system will create them in /data during
boot.
Click to expand...
Click to collapse
I backuped them too, just in case...
For the suggestion, the list to remove is pretty simple : anything you don't use at all.
As long as you keep the backups, there shouldn't be any problem to put them back if there is any issue.
Of course, any app used by other apps must stay on the phone.
I removed :
Stock
Peep
Footprints
Tutorial
HTC Sync
rhedgehog says he removed HtcMail too.
removing htc hero sucka apps
Tweedeldee said:
Hey, I wasn't sleeping ! Just finding a way to save on sdcard instead of pc and re-redacting the post ! >.<
I didn't knew what was an odex file either, so I googled it :
http://groups.google.com/group/android-framework/browse_thread/thread/70ee61a240edc84a?pli=1
I backuped them too, just in case...
For the suggestion, the list to remove is pretty simple : anything you don't use at all.
As long as you keep the backups, there shouldn't be any problem to put them back if there is any issue.
Of course, any app used by other apps must stay on the phone.
I removed :
Stock
Peep
Footprints
Tutorial
HTC Sync
rhedgehog says he removed HtcMail too.
Click to expand...
Click to collapse
thanks dog.
technically, if you wipe the device and start over all these apps are reinstalled from the get go.
this list is great. i am going to do some more cleaning and move onto the next task of partitioning my storage.
dayzee did a wonderful job for that newb root posting...i wish there was locked how to list that was easy enough for anyone to:
-1- root the htc hero (completed)
-2- remove and replace htc's crapware apps (maybe this thread is part 2)
-3- partition storage (not seeing an easy way yet but downloaded apps2sd)
-4- recommended replacement apps and next steps
i'd be glad to help put this together, make it easy to read, make it pretty, etc.
-sprinkles
Not a bad idea, you're on your way !
I want a pretty, clean, post with colors, pics, screencasts, videos, nice fonts...
Good luck with that !
sprinkles said:
thanks dog.
technically, if you wipe the device and start over all these apps are reinstalled from the get go.
this list is great. i am going to do some more cleaning and move onto the next task of partitioning my storage.
dayzee did a wonderful job for that newb root posting...i wish there was locked how to list that was easy enough for anyone to:
-1- root the htc hero (completed)
-2- remove and replace htc's crapware apps (maybe this thread is part 2)
-3- partition storage (not seeing an easy way yet but downloaded apps2sd)
-4- recommended replacement apps and next steps
i'd be glad to help put this together, make it easy to read, make it pretty, etc.
-sprinkles
Click to expand...
Click to collapse
I agree - I've added Tweedeldee's method to the Hero Wiki which is here
http://wiki.xda-developers.com/index.php?pagename=HTC_Hero
and has some other guides - Sprinkles, there is also a Dayzee Walkthrough for installing MoDaCo Roms, including some tips on Aps2SD partitioning methods.
Hugs - Dayzee xxx
This is just a simple build.prop mod to fix the fingerprint back to the working ERE27 one used in CM. Everything in Settings still shows FroYo, but the Market sees you as ERE27 & thus gives you your protected apps back
To install run this from the directory you unzip the file to:
ADB Method:
Code:
adb remount
adb shell rm /system/build.prop
adb push froyo.prop /system/build.prop
adb shell reboot
Then, once it reboots, go into the dialer, and type
Code:
*#*#CHECKIN#*#*
which is
Code:
*#*#2432546#*#*
for those of you who are too lazy to read the letters
A message should pop up into the status bar after a few seconds depending on your connection speed saying checkin succeeded.
Now you're good to go, open Market and download away
EDIT: Since I know some of you will wonder what this does, it just changes the ro.build.fingerprint & ro.build.description settings back to ERE27. This alone would normally be enough, but you're depending on luck to when you next check in. Dialing that code in the Dialer will force a checkin.
EDIT 2: Thanks to Shafty023 here is a method for the shell:
LINUX SHELL METHOD
Copy froyo.zip to /sdcard, then open a Terminal shell on your phone
Code:
su
mount -o remount,rw /system
cd /system
mv build.prop new.build.prop
unzip /sdcard/froyo.zip
mv froyo.prop build.prop
rm /sdcard/froyo.zip
reboot
Upon booting back up, open Dialer and type in the following code
Code:
*#*#2432546#*#*
Once you see a notification in the notification bar that says checkin succeeded you can now open Market and are done.
Nice! Trying it now.
EDIT: Working great so far. Thanks!
athereal said:
Nice! Trying it now.
EDIT: Working great so far. Thanks!
Click to expand...
Click to collapse
testing it in a few minutes too.... [UPDATE: works like a charm!]
Nice job Geniusdog254! really nice
thanks!
Thanks, works great!
Grrr... adb has been broken for me for months. Any way to fix this without adb?
Part Four said:
Grrr... adb has been broken for me for months. Any way to fix this without adb?
Click to expand...
Click to collapse
Use one of the root file explorers to unzip the file, delete the old build.prop, put the new one in, and then type the command in the dialer
Works like a charm, thanks!
Worked great, THANK YOU!!!!!
I'm getting checkin failed. should I have renamed froyo.prop to build.prop?
edit: I'm able to see protected apps though.
So what happens when apps start getting udated to take advantage of JIT? If you have ERE27 signature do you get the JIT'less version of the apps? I know Replica Island is coming with a JIT version. I'm afraid to mess with anything right now, rather be patient and give it a few days.
dudebro said:
I'm getting checkin failed. should I have renamed froyo.prop to build.prop?
edit: I'm able to see protected apps though.
Click to expand...
Click to collapse
If you inserted this line correctly, it renames and places the file in its directory as build.prop
adb push froyo.prop /system/build.prop
Mikey1022 said:
If you inserted this line correctly, it renames and places the file in its directory as build.prop
adb push froyo.prop /system/build.prop
Click to expand...
Click to collapse
yeah, I was wondering if it worked because I was getting checkin failed.
bluehaze said:
So what happens when apps start getting udated to take advantage of JIT? If you have ERE27 signature do you get the JIT'less version of the apps? I know Replica Island is coming with a JIT version. I'm afraid to mess with anything right now, rather be patient and give it a few days.
Click to expand...
Click to collapse
Apps don't have to be updated to take advantage of JIT at all. They can be optimized but they can be optimized without JIT too. There are no different versions. JIT just converts the Java/Dalvik code into native code at app launch, instead of running it through the slower virtual machine. Its like C++ vs Java on a desktop, the native code (C++) is much faster when executed.
The only thing this will lead to is when apps start showing up in the Market as 2.2+ only, but by that point Google will have updated the market to recognize the new footprint.
Can someone give an example of a "Protected" app? If its worth anything, im assuming its paid apps. If so, i can see them without a modded build.prop.
serialtoon said:
Can someone give an example of a "Protected" app? If its worth anything, im assuming its paid apps. If so, i can see them without a modded build.prop.
Click to expand...
Click to collapse
I think Twidroid Pro is protected.
What I'm wondering is, if somebody swaps out the build prop but hasn't installed flash yet, would this block them from doing so?
serialtoon said:
Can someone give an example of a "Protected" app? If its worth anything, im assuming its paid apps. If so, i can see them without a modded build.prop.
Click to expand...
Click to collapse
Pure calender widget (agenda) is a protected app taht doesnt show up in the 2.2 market
Edit: Works perfect! Thanks.
If you are having problems with the checkin, make sure your on 3g and not WiFi.
Mi|enko said:
I think Twidroid Pro is protected.
What I'm wondering is, if somebody swaps out the build prop but hasn't installed flash yet, would this block them from doing so?
Click to expand...
Click to collapse
Nope, Flash still shows up in the Market top apps for me, but I already have it installed. Technically it probably should show up only on the 2.2 Market, but Google may not be able to filter that yet since they haven't enabled the 2.2 fingerprint yet. Just theories here, don't take anything I say too seriously
Also, a perfect example of protected apps is all the Gameloft apps. Search the Market for Gameloft. They won't show up on 2.2 without this, I tried multiple times
Geniusdog254 said:
Nope, Flash still shows up in the Market top apps for me, but I already have it installed. Technically it probably should show up only on the 2.2 Market, but Google may not be able to filter that yet since they haven't enabled the 2.2 fingerprint yet. Just theories here, don't take anything I say too seriously
Also, a perfect example of protected apps is all the Gameloft apps. Search the Market for Gameloft. They won't show up on 2.2 without this, I tried multiple times
Click to expand...
Click to collapse
Yea, im not getting any of the GameLoft games.
serialtoon said:
Yea, im not getting any of the GameLoft games.
Click to expand...
Click to collapse
Even after this?
Do not use the lagfix anymore voodoo will be incorporated into our new kernels very soon. Thanks
Kept the attachments so you can remove if needed!
I keep getting permission errors when I try this. I found another way to update busybox but the script doesn't work
With the current limited root I have, I could not write to /system/bin. I just woke up and I didn't feel like figuring that out, so I copied stuff to the sdcard, then I used cat to write the file to /system/bin as shown above (steps below). I would suggest before starting, download Quadrant Standard from the Market, run the full benchmark and see where your device is on the list. Mine was below the Galaxy S before starting.
This is what I did (on Mac) to get busybox in place:
Code:
./adb shell
su
mkdir /sdcard/lag_fix/
exit
exit
./adb push ~/Downloads/busybox /sdcard/lag_fix/
./adb shell
su
cat /sdcard/lag_fix/busybox > /system/bin/busybox
cd /system/bin/
chmod 755 busybox
ls -l (check the permissions)
exit
exit
Now busybox is in it's right place with the right permissions.
Now, I have to manually execute the steps in the lagfixme.bat file, because I'm not on a PC and I don't feel like re-writing the script, because I just woke up.
Before pushing the files, I edited lines 35 and 36 in the createlagfix.txt file to fit my sdcard folder path. I like to keep my SD card organized, so I put all the files from the zip into the /sdcard/lag_fix folder I created above. Here is what my line 35 and 36 look like before I push createlagfix.txt to the SD card:
busybox cp /sdcard/lag_fix/playlogos1 /system/bin/playlogos1
busybox cp /sdcard/lag_fix/userinit.sh /system/bin/userinit.sh
Now, I know the folder paths below looks ugly, but that's because I just pushed the files directly from my Downloads folder. Hopefully you guys can see what I did here. If not, let me know and I'll edit the post to read better. These are basically the lines in the batch file written out manually for Mac users:
Code:
./adb kill-server
./adb push ~/Downloads/RyanZAEXT2LagFix\ ALPHA\ 1/createlagfix.txt /sdcard/lag_fix/createlagfix.sh
./adb push ~/Downloads/RyanZAEXT2LagFix\ ALPHA\ 1/playlogos1 /sdcard/playlogos1
./adb push ~/Downloads/RyanZAEXT2LagFix\ ALPHA\ 1/userinit.sh /sdcard/userinit.sh
./adb shell su -c "/system/bin/sh /sdcard/lag_fix/createlagfix.sh"
Once the process is complete, run Quadrant Standard again and you'll see your device as the fastest one in the list.
Many thanks to Dirrk!!
Worked just fine for me.
Thanks for this and your root instructions!
Guys, is the phone actually laggy, or are you just assuming it's laggy because of complaints with the other models? I mean, you've only had them a day or two, right? Took me longer to notice lag than that on my i9000.
I'm tempted to grab a Fascinate, but all the issues I've had with the i9000 and it's a tough call.
I've seen it lag sometimes under high load, but I thought that was normal.
I've tested it with GroceryIQ, to compare against the last 30 seconds or so of this video ( http://www.youtube.com/watch?v=10ox35vMS78 ) and the Fascinate is nowhere near as bad at lagging. That video was 8/21/2010, so they may have updated their application by now, not sure.
Edit - Anyway, it works just fine. Nice work Dirrk! 2,191 !
Yep, worked like a charm! My Quadrant score jumped to 2125 after the fix. Phone is much snappier too. Thanks Dirrk!
i've been trying this but i keep getting permission denied.
can someone take me step by step on how to do this?
So, after running this, I am now getting a notification that internal storage is nearly full. Any ideas?
spotmark said:
So, after running this, I am now getting a notification that internal storage is nearly full. Any ideas?
Click to expand...
Click to collapse
If you have root, you can now remove many of the bloatware apps that you do not use (this fix uses 1gb of your internal storage - performance is expensive)
m2cool2go said:
If you have root, you can now remove many of the bloatware apps that you do not use (this fix uses 1gb of your internal storage - performance is expensive)
Click to expand...
Click to collapse
Whoa, careful there. That's a quick way to brick your phone. Try removing Verizon Backup Assistant and you're bricked.
C:\sdk\tools>adb shell
$ su
su
# cat /sdcard/busybox > /system/xbin/busybox
cat /sdcard/busybox > /system/xbin/busybox
cannot create /system/xbin/busybox: read-only file system
Any ideas why I'm getting this error? It looks like I'm screwing up something very simple...
namebrandon said:
Whoa, careful there. That's a quick way to brick your phone. Try removing Verizon Backup Assistant and you're bricked.
Click to expand...
Click to collapse
Really? I removed Backup Assistant and I'm not bricked. Am I missing something?
Removing VZW backup assistant will absolutely not brick your phone. Its one of the first things to go on all my android phones since the eris.
undo lagfix
Hello. I want to undo this for now, due to running out of space for apps. I assumed running unlagfixme would do the trick, but it hasn't given me back the 1 gb it used. Am I doing it wrong, or is it stuck like this now? Thanks for your help!
is there a list of apps someone can recommend to remove that's just bloat? thanks....and ive ran this quadrant score, im averaging 871 three times testing now with minimal apps (used task killer...) - and ive got 177mb left on my phone hehe...
Nevermind, figured it out
xirnibor said:
is there a list of apps someone can recommend to remove that's just bloat? thanks....and ive ran this quadrant score, im averaging 871 three times testing now with minimal apps (used task killer...) - and ive got 177mb left on my phone hehe...
Click to expand...
Click to collapse
You screwed up if your only getting 871 thats stock. Open up a shell on your phone and type mount and place the results in here
Whitepaint said:
Removing VZW backup assistant will absolutely not brick your phone. Its one of the first things to go on all my android phones since the eris.
Click to expand...
Click to collapse
Thanks for the info, and my bad on the post!
I heard that removing this on the Droid X was bricking phones.
If people want to share what they've been successful in removing/renaming, that would be helpful.
namebrandon said:
Thanks for the info, and my bad on the post!
I heard that removing this on the Droid X was bricking phones.
If people want to share what they've been successful in removing/renaming, that would be helpful.
Click to expand...
Click to collapse
I am waiting on rom manager so I can make a back up before I continue removing stuff
I'm posting this here for visibility for Fascinate users and ROM developers. In the following thread you can find all the information, as well as how to download and apply the patch files:
http://forum.xda-developers.com/showthread.php?t=977154
I'm sure it will be incorporated into the major ROM's soon. However, if you install apps from unverified sources, or regularly try out new apps from the market, you shouldn't wait.
Patching via CWM:
imnuts said:
Here are two zips if people want them and don't feel like going to another thread/page/topic/whatever.
DroidDreamMalwarePatch_pre-edify.zip
DroidDreamMalwarePatch_edify.zip
Click to expand...
Click to collapse
Patching via ADB or terminal emulator:
Alternatively, probably the quickest way (and if you copy and paste, the most fool-proof) if you are rooted and know how to use ADB, is to open up a command prompt or a terminal emulator on the phone to access the adb shell. If on a PC, type:
Code:
adb shell su
Then type the following lines, omitting the $ and # (if you are on a terminal emulator, start here):
Code:
$ su
# mount -o rw,remount /dev/block/stl9 /system
# touch /system/bin/profile
# chmod 444 /system/bin/profile
You are now protected from the current iteration of DroidDream Malware. Consider installing a security program like LookOut to protect against future vulnerabilities.
Original Post:
Rodderik said:
[Patch][Rom]Malware Exploit for all pre-Gingerbread phones
Who is affected? All phones pre-gingerbread
Who should act? Users and developers using pre-gingerbread roms
How do I fix? Flash attached .zip at the bottom of this post or use one of the alternate methods down there
What if I think I was infected? Completely wipe your device, format sdard, go back to stock and re-apply rom, then flash the attached .zip (before installing any apps)
Why should I care? read below...
http://www.androidpolice.com/2011/0...your-phone-steal-your-data-and-open-backdoor/
Link to publishers apps here. I just randomly stumbled into one of the apps, recognized it and noticed that the publisher wasn’t who it was supposed to be.
Super Guitar Solo for example is originally Guitar Solo Lite. I downloaded two of the apps and extracted the APK’s, they both contain what seems to be the "rageagainstthecage" root exploit – binary contains string "CVE-2010-EASY Android local root exploit (C) 2010 by 743C". Don’t know what the apps actually do, but can’t be good.
I appreciate being able to publish an update to an app and the update going live instantly, but this is a bit scary. Some sort of moderation, or at least quicker reaction to malware complaints would be nice.
EDIT: After some dexing and jaxing, the apps seem to be at least posting the IMEI and IMSI codes to http://184.105.245.17:8080/GMServer/GMServlet, which seems to be located in Fremont, CA.
I asked our resident hacker to take a look at the code himself, and he’s verified it does indeed root the user’s device via rageagainstthecage or exploid. But that’s just the tip of the iceberg: it does more than just yank IMEI and IMSI. There’s another APK hidden inside the code, and it steals nearly everything it can: product ID, model, partner (provider?), language, country, and userID. But that’s all child’s play; the true pièce de résistance is that it has the ability to download more code. In other words, there’s no way to know what the app does after it’s installed, and the possibilities are nearly endless.
Click to expand...
Click to collapse
The offending apps from publisher Myournet:
* Falling Down
* Super Guitar Solo
* Super History Eraser
* Photo Editor
* Super Ringtone Maker
* Super Sex Positions
* Hot Sexy Videos
* Chess
* ????_Falldown
* Hilton Sex Sound
* Screaming Sexy Japanese Girls
* Falling Ball Dodge
* Scientific Calculator
* Dice Roller
* ????
* Advanced Currency Converter
* App Uninstaller
* ????_PewPew
* Funny Paint
* Spider Man
* ???
Click to expand...
Click to collapse
http://www.androidpolice.com/2011/0...-android-nightmare-and-weve-got-more-details/
Now, on to some more details of the virus. We should point out that this vulnerability was patched with Gingerbread, meaning any device running Android 2.3+ should be fine. In other words, if you’re looking to play the blame game (which I’m not, but having read all the comments on the original post, many people are), then there’s plenty to go around. The hole was fixed by Google, but it’s relatively useless since many phones aren’t yet running a version of Android that is protected. It’s noteworthy that some manufacturers released updates that patched the exploit for devices without updating to Gingerbread; unfortunately, it appears that minority is quite a small one.
Perhaps most important is the question of what infected users can do about their situation; unfortunately, the answer is not much of anything. Because the virus opens up a backdoor and can bring in new code at any time, the only way to really rid an infected device of any damage is to completely wipe the device – not exactly the optimal solution, but it looks like the only one available, at least for now.
Finally, Justin notes that ROM developers working with pre-Gingerbread versions of Android can prevent the virus from backdooring in code by putting a dummy file at /system/bin/profile.
Click to expand...
Click to collapse
As you can see androidpolice.com reports on this backdoor and roots and steals personal information. The apps are removed from the market but that doesn't mean they got them all. Attached is a flashable fix as suggested by androidpolice.com
So users can flash this .zip or simply create a blank file called profile and place it in /system/bin/ (developers are encouraged to include this file in future releases. A blank file is not going to affect performance at all)
Alternate methods:
Using 'adb shell' or terminal emulator (should work on any ROOTED phone) as suggest by xaueious here
Code:
$ su
su
# remount rw
Remounting /system (/dev/stl9) in read/write mode
# touch /system/bin/profile
# chmod 644 /system/bin/profile
#
Alternate 2:
Download blank profile file from here (or create one and name it profile)
Use a program like Root Explorer to copy it to /system/bin/
Then longpress on it and check the permissions should be read/write for user, read for group, and read for others.
Alternate 3:
cyansmoker has put together an apk for the patch here https://market.android.com/details?id=com.voilaweb.mobile.droiddreamkiller
Thanks for pointing this out photoframd and androidpolice.com for investigating and reporting!
UPDATE: I renamed the .zip file and reuploaded it (350 hits wow). Also in the edify scripted version I added 644 permissions to the file (but if you already flashed it then it should have defaulted to that). I also added a pre-edify version of the patch thanks to xaueious for people using a recovery that does not yet understand edify.
Click to expand...
Click to collapse
Thanks
Sent from my Rocking dj05, themed superdark w/o swype mod, voodoo 5, with custom boot and shutdown.. With premium xda app.
I would also recommend installing the free Lookout Mobile Security app. I find it to be very non-intrusive on my phone, no negligible battery drain or performance issues. Just scans any app you install, looking for bad stuff. Also does weekly full system scans, contact backup, and provides phone lock/alarm/location tracking features in case you lose it. Premium version has even more bells and whistles.
Posted from my EB01 SuperClean Fascinate with Voodoo
This has been stuck for the time being as it seems to be affected a BOATLOAD of users. Thanks for the linkage!
Here are two zips if people want them and don't feel like going to another thread/page/topic/whatever.
adb shell busybox touch /system/bin/profile
is all you need. Most fascinate kernels (of recent) have a bug, and /system is mounted as r/w.
So everyone should flash this no matter what rom you are using? Should we flash the new cwr also?
sorry delete
jcase said:
adb shell busybox touch /system/bin/profile
is all you need. Most fascinate kernels (of recent) have a bug, and /system is mounted as r/w.
Click to expand...
Click to collapse
adb shell chmod 644 /system/bin/profile
also?
NOsquid said:
adb shell chmod 644 /system/bin/profile
also?
Click to expand...
Click to collapse
This would probably be a good thing. Basically locks the file from being written to, right? Should I add it to the first post?
lasportsfan said:
So everyone should flash this no matter what rom you are using? Should we flash the new cwr also?
Click to expand...
Click to collapse
Yes.
All this is is a quick fix that will create a blank file. The current iteration of the malware checks to see if it already exists. This file fools it into thinking it already exists, so it moves on.
As you might guess, the author needs to only update his code to bypass this, in order for this to be an issue again.
And now that this is out, someone else will probably try it. Someone who is a little more thorough.
Moral of the story?
Be careful.
Consider running something like LookOut.
Backup your important data regularly.
As far as CWM goes, is there some kind of connection to the malware thing? Or just in general?
(If just in general, it's better to ask elsewhere as to not derail the thread).
Otherwise, I don't believe the newest (orange) clockwork recovery from ROM manager is fully compatible yet. Last I heard, it still had some bad binaries and 1 bad mounting point. Stick with the Red from JT's thread (which is the same bundled into SuperClean). Other than a couple superficial bugs that don't hurt anything, it works wonderfully and has more features than the orange CWM currently has.
GizmoDroid said:
This would probably be a good thing. Basically locks the file from being written to, right? Should I add it to the first post?
Click to expand...
Click to collapse
I dunno, it was in Rodderik's post but jcase didn't mention it. He's smarter than me, that's why I asked...
444 or 000 would be safer as that would prevent the file from being overwritten at all. 444 for read-only, 000 for no access.
If I never downloaded any of the apps in the list and have lookout on my phone is this neccesary to download or should i not be worried?
italysfinest327 said:
If I never downloaded any of the apps in the list and have lookout on my phone is this neccesary to download or should i not be worried?
Click to expand...
Click to collapse
Who should act? Users and developers using pre-gingerbread roms
Click to expand...
Click to collapse
I'd say that means you should be worried. Those apps listed are just the ones that were found on the market with them from one publisher. Just how virus's can get put into any application on a PC, the same can be done on phones.
Remember folks, our phones are just as exploitable as any other computer, so be careful!
good thing the patch came out!
imnuts said:
444 or 000 would be safer as that would prevent the file from being overwritten at all. 444 for read-only, 000 for no access.
Click to expand...
Click to collapse
Not sure whether Android interprets permissions differently from desktop Linux, but even if a file is 000 the owner can delete it on Debian. And root definitely can. If the file needs to be there for the root exploit to work, then this prevents it, but if they can run the root exploit and get root while this file is there then changing permissions on it will do nothing.
iofthestorm said:
Not sure whether Android interprets permissions differently from desktop Linux, but even if a file is 000 the owner can delete it on Debian. And root definitely can. If the file needs to be there for the root exploit to work, then this prevents it, but if they can run the root exploit and get root while this file is there then changing permissions on it will do nothing.
Click to expand...
Click to collapse
This is just another reason why I see this as a quick fix for what will need to have a much better one in the future.
If anyone hears of a more robust solution (besides using LookOut), let us know!
I navigated through Root Explorer to system/bin/profile and found a file there that reports
"01 Aug 08 06:00:00 rwxr-xr-x 0 bytes".
The 2008 date has me worried, although the 0 bytes means it is empty. Does anybody know if this is put there by FrankenClean 2.8 as a fix for this issue, or am I the only one on SuperClean seeing this (which would be bad!)
SupraLance said:
I navigated through Root Explorer to system/bin/profile and found a file there that reports
"01 Aug 08 06:00:00 rwxr-xr-x 0 bytes".
The 2008 date has me worried, although the 0 bytes means it is empty. Does anybody know if this is put there by FrankenClean 2.8 as a fix for this issue, or am I the only one on SuperClean seeing this (which would be bad!)
Click to expand...
Click to collapse
It is included in SC2.8. The 0 bytes is the best indicator that you are clean, since this patch is merely an empty file.
If you were infected, that file would actually have code in it.
For CWM 2.5.x.x DJ05, which one do you flash? or both?
DroidDreamMalwarePatch_pre-edify.zip
DroidDreamMalwarePatch_edify.zip
Thanks and sorry for the trouble, just wanted to be sure.
G'day.
I have a Desire with it's fantastically small /data partition (~147mb - and no a hboot switch won't fix anything with my current rom). Running ICS and hence also have chrome installed except it has about 36mb of junk in /data/data which is not traditionally moved to SD for performance reasons.
You'll have to excuse me here - because this is where I get stupid - but I beleive what I'm trying to do is symlink /data/data/com.android.chrome to somewhere convenient in sd-ext.
Can someone clever please point me in the direction of the exact line I need and the best way to implement it?
Cheers!
M.
Just edit the manifest, add installLocation="auto" (I think, look at my patched version, it's in there) and it will enable moving to sd, and leave bugger all on internal.
Haven't updated the patched version because they removed the device check.
Edit:
Or if you don't wanna resign the apk, just type the following in the terminal (making sure chrome is closed beforehand)
mkdir -p /sd-ext/data
mv -f /data/data/com.android.chrome /sd-ext/data
ln -s /sd-ext/data/com.android.chrome /data/data/com.android.chrome
Thanks, I'll have a look at the install location options
As you've probably guessed I'm not a coder But happy to tinker and see what happens...
M.
Should ask, what do you use to decompile/compile? (if on windows)
APK Manager decompiles, found the line you mentioned and added that just fine, however it fails on compiling...
M.
I use autoapktool, using apktool v1.4.3
ICS apks can be a pain.
Had a couple requests via pm so I'll put out an update sometime soonish with move to sd enabled (follow link in sig)
http://www.mediafire.com/?uyjta1swtp0w459 should work
Thanks.
I'm going to continue trying to get it working myself for future releases / personal education.... but this works great for right now
M.
Sent from my HTC Desire using xda premium