Help! Unknown apk install runs SMS restore instead, malware? - Android Q&A, Help & Troubleshooting

1_ Hi. Just downloaded tPacketCapture Pro from the following website, and tapped on installing it.
2_ tapping on the apk opened the Messages app and led to SMS restore page.
3_ I closed it immediately, but I'm worried about it. Was that a malware or virus? Does that mean my messages are in danger or have been uploaded somewhere?
4_ phone settings:
* NOT ROOTED.
* ALLOW UNKNOWN SOURCES = OFF.
* I use NoRootFirewall.
Link of the website I downloaded the apk from:
www .apkmonk. com/app/jp.co.taosoftware.android.packetcapturepro/

Most likely. And the fact that you are rooted is a big issue. Also an app can easily hide from apps like that. Never download anything from sites like this. You are just asking for trouble.

zelendel said:
Most likely. And the fact that you are rooted is a big issue. Also an app can easily hide from apps like that. Never download anything from sites like this. You are just asking for trouble.
Click to expand...
Click to collapse
Thanks, but my phone is NOT rooted. Does that stop the app from accessing Messages app data?

GrOOveD said:
Thanks, but my phone is NOT rooted. Does that stop the app from accessing Messages app data?
Click to expand...
Click to collapse
Oh sorry I read the firewall app wrong. Depends on how it is coded and the permissions you granted it when it installed.

zelendel said:
Oh sorry I read the firewall app wrong. Depends on how it is coded and the permissions you granted it when it installed.
Click to expand...
Click to collapse
It's alright!
Actually it did not install, and never showed the install page.
It just went straight to the backup section in Messages app.
Maybe it's a script disguised as *.apk file? But is there such script out there that can manipulate message data and backup/restore files?

Related

[Q] 2 easy questions, little problems

okay here is my problem. If i remember, i took Adfree program or another similar ad blocker (for what i remember, its was simple to install)
My life was nice, no more ads in my free version of angry birds etc...BUT
am an hockey fan and i go on a site to view videos report of my team. The problem is when i try to watch thoses vids streaming, normaly theres a 15sec ad vid before the one i wanna see, but cause of that adfree program, i cant see the vid anymore, it is just loading and nothing is happening. Here is a screenshot
For your information, i tryed with my desktop computer and it work fine, i tryed uninstall and reinstall flash and it runs perfect on other sites.
So i wanted to remove the adfree program but it is not showing anywhere in my apps running or installed.
1- Anyone have a clue?
One more thing, i did rooted my tab with success, i can use rom manager but yesterday i tryed to open Titanium backup and it told me my tab wasnt rooted...
i see the superuser icon in my apps so..
2- Any clues on that one too?
Thanks for ur help
if you have cwr then install a custom rom on your tab, I recommended one of task's they come with internet ads blocked and flash view work fine, and are just better than stock roms in every way
Nainconpetant said:
okay here is my problem. If i remember, i took Adfree program or another similar ad blocker (for what i remember, its was simple to install)
My life was nice, no more ads in my free version of angry birds etc...BUT
am an hockey fan and i go on a site to view videos report of my team. The problem is when i try to watch thoses vids streaming, normaly theres a 15sec ad vid before the one i wanna see, but cause of that adfree program, i cant see the vid anymore, it is just loading and nothing is happening. Here is a screenshot
For your information, i tryed with my desktop computer and it work fine, i tryed uninstall and reinstall flash and it runs perfect on other sites.
So i wanted to remove the adfree program but it is not showing anywhere in my apps running or installed.
1- Anyone have a clue?
One more thing, i did rooted my tab with success, i can use rom manager but yesterday i tryed to open Titanium backup and it told me my tab wasnt rooted...
i see the superuser icon in my apps so..
2- Any clues on that one too?
Thanks for ur help
Click to expand...
Click to collapse
reboot the device,
1. check for the adfree or adblock app in the application manager.
2. try to reload the titanium backup couple of times or check in the superuser whether titanium backup is allowed for root access.
To Beta : i dont want to install any custom rom for now, but thanks for ur advice
kmaq said:
reboot the device,
1. check for the adfree or adblock app in the application manager.
2. try to reload the titanium backup couple of times or check in the superuser whether titanium backup is allowed for root access.
Click to expand...
Click to collapse
1- i closed and started device like 10 times since i got this problem, i checked in app manager installed, running, all, cant find any track of an ad blocker program. i also checked with file manager HD
2- Fixed for titanium
please help me for #1
I think you granted temporary root permissions to Titanium Backup, so if you close the app, and open it again, you have to grant root again. You should click on "remember" checkbox.
Another thing you can do, is to open update SuperUser app from the Market, and then, open it, and go to Settings ---> Check binary SU updates, so you have the latest SU binary version.
About the flash thing, i have no idea, but.. have you tried with another Browser?? (Personally, i use Opera. Works like a charm. Really fast & smooth).
Hope i helped,g ood luck bro!
lubopenerz said:
I think you granted temporary root permissions to Titanium Backup, so if you close the app, and open it again, you have to grant root again. You should click on "remember" checkbox.
Another thing you can do, is to open update SuperUser app from the Market, and then, open it, and go to Settings ---> Check binary SU updates, so you have the latest SU binary version.
About the flash thing, i have no idea, but.. have you tried with another Browser?? (Personally, i use Opera. Works like a charm. Really fast & smooth).
Hope i helped,g ood luck bro!
Click to expand...
Click to collapse
As i stated in post #4, problem is fixed for Titanium backup
My Main Problem is still there though.
Its not a question of using a diff browser, i want to delete/uninstall the adfree app from my tab dot.
The thing is that i cant find it anywhere, i even tryed to open titanium to see if adfree apps is showing so i cant delete data, but its not showing.
So i really need help now because i dont know where to look to find this freaking app and remove it.
Adfree or adblocker or whatever the name is, is not showing :
In app manager (running, installed, all)
In Titanium backup
In file manage HD (well i dont know exactly where to search but havent find anything with a similar name)
plz help
EDIT:
More info
usually when u install an app and u go back to the market, its say "open" instead of "install" well for adfree it still tell me "install"
Now i also searched a bit on the forum and i found some ad blocker program can be use without installing anything but by replacing an Host files.
I dont remember if it was my case, maybe since it doesnt seem that a have any adfree app installed BUT
I usually keep a copy of everything i put on my tab, and been around computer world for long enough to do a "backup" of any file i would replace.
I've looked on my pc, no sign of any host files that i dl or backuped.
So im totally out of anwsers.
One thing for sure, i did install something to removes ads and it work.
For the love of god, please help me !!
Nainconpetant said:
As i stated in post #4, problem is fixed for Titanium backup
My Main Problem is still there though.
Its not a question of using a diff browser, i want to delete/uninstall the adfree app from my tab dot.
The thing is that i cant find it anywhere, i even tryed to open titanium to see if adfree apps is showing so i cant delete data, but its not showing.
So i really need help now because i dont know where to look to find this freaking app and remove it.
Adfree or adblocker or whatever the name is, is not showing :
In app manager (running, installed, all)
In Titanium backup
In file manage HD (well i dont know exactly where to search but havent find anything with a similar name)
plz help
Click to expand...
Click to collapse
Try to uninstall it with titanium. Or use a file manager, navigate to /data/app, find the apk and delete it!
sent from my CM7 nokia 3210
Panos_dm said:
Try to uninstall it with titanium. Or use a file manager, navigate to /data/app, find the apk and delete it!
sent from my CM7 nokia 3210
Click to expand...
Click to collapse
Guys, i appreciate your help but please READ,
the app is not showing anywhere, so how can i uninstall something that i cant see.
please go back to this link http://forum.xda-developers.com/showpost.php?p=19412507&postcount=6
i really need help with the host files
i want to get back to default (ads allowed)
where to go ?
What you have to do is manually edit/replace the host file with a stock one.
Go to /system/etc/ and remove all the entries from the file named 'hosts' except the following one
127.0.0.1 localhost
OR
flash this zip in CWM
Nainconpetant said:
Guys, i appreciate your help but please READ,
the app is not showing anywhere, so how can i uninstall something that i cant see.
please go back to this link http://forum.xda-developers.com/showpost.php?p=19412507&postcount=6
Click to expand...
Click to collapse
you can try updating the /system/etc/hosts file with
127.0.0.1 localhost
then reboot it.
kmaq said:
you can try updating the /system/etc/hosts file with
127.0.0.1 localhost
then reboot it.
Click to expand...
Click to collapse
Finally an anwser that seem to be helpfull.
Okay so i guess i was stupid but i didnt backup this file before replacing it
Here is a screenshot of what it look like now
what u ask me to type seems to be already here.
I actually want to get rid of it to see vids on one particular site.
the site is www.rds.ca
is there a way to add an exception or something like that for this site only?
so far i saw that its the only site that have a problem with the ad blocking.
please i need some help with this problem
am sure someone has the solution
Nainconpetant said:
please i need some help with this problem
am sure someone has the solution
Click to expand...
Click to collapse
Just a wild guess, but what browser are you using? Is it possible you installed the adblocker not as an app, but as a browser add-on extension? If so, you should be able to remove it from within the browser or make an exception rule for that one site.
Maris_ said:
Just a wild guess, but what browser are you using? Is it possible you installed the adblocker not as an app, but as a browser add-on extension? If so, you should be able to remove it from within the browser or make an exception rule for that one site.
Click to expand...
Click to collapse
am using the default web browser and like i wrote before.
I changed the hosts file following this thread http://forum.xda-developers.com/showthread.php?t=509997
the hosts file i changed is the one located in /system/etc/hosts
the problem is that i didnt backup this file before replacing it, i never do that but it seem this time i did it.
So im looking for either the original host file or a way to put an exception for the site i want.
ansonantonym said:
What you have to do is manually edit/replace the host file with a stock one.
Go to /system/etc/ and remove all the entries from the file named 'hosts' except the following one
127.0.0.1 localhost
OR
flash this zip in CWM
Click to expand...
Click to collapse
Didn't this work for you?
You can get the original host file from the zip
Sent from my GT-P7510
ansonantonym said:
Didn't this work for you?
You can get the original host file from the zip
Sent from my GT-P7510
Click to expand...
Click to collapse
oh dude, am sorry i didnt saw ur post
this is exactly what i wanted.
let me just recall to make sure i understand.
i unzip ur file, then i can just copy/paste over the one i have now right?
and what if i want to keep the ads blocked, but want to add an exception for a particular site, do you know if its possible ?
thank you so much for this
it doesnt work,
i cant just replace one file by the other, file manager hd is not doing it
when i try to manually edit the file, i erase everything then i type 127.0.0.1 localhost
and then press save, i keep getting "error while saving"
i tryed 3 times,
about flashing, im not quite comfortable with this yet, well i did it for the rooting part, but i was reading step by step, i dont want to brick my tab
any solution ?
Nainconpetant said:
it doesnt work,
i cant just replace one file by the other, file manager hd is not doing it
when i try to manually edit the file, i erase everything then i type 127.0.0.1 localhost
and then press save, i keep getting "error while saving"
i tryed 3 times,
about flashing, im not quite comfortable with this yet, well i did it for the rooting part, but i was reading step by step, i dont want to brick my tab
any solution ?
Click to expand...
Click to collapse
try using ES Explorer or Root Explorer.
kmaq said:
try using ES Explorer or Root Explorer.
Click to expand...
Click to collapse
file manager Hd give me access to the system files
i found a way with the root setting to make the systems files writable but
file manager hd doesnt want to paste when i ask for it
any other solution ?
or please give me the step by step way of doing it by flashing

missing market apps on nook tablet

I rooted my nook tablet with the SnowballMod root and everything is working fine, but some of the apps in the android market are missing. I have tried editing the build.prop file and clearing the market data and cache to spoof the market, but it still wont work. does anybody have ANY ideas?
theres not some, more like a lot and thats normal cuz its happening to everyone. apps that dont appear on the market have to be downloaded as .apk files and then transferred to your nooks sd card i use drop box and es file explorer for this procedure
how would i do this? how close are the people to fixing this and being able to install custom roms? i need facebook.
sideloading if it is not working from market.
Tcollins412 said:
how would i do this?
Click to expand...
Click to collapse
Copy the .apk to the device and select it in a file explorer program.
Tcollins412 said:
how close are the people to fixing this and being able to install custom roms?
Click to expand...
Click to collapse
It's not technically broken. The market should not show you apps for which your device does not meet the requirements. That doesn't meet they don't work, but that you have to install them another way. After updating my phone to ICS, I had to sideload Tapatalk, since it is not "technically" compatible with ICS, even though it does work.
Tcollins412 said:
i need facebook.
Click to expand...
Click to collapse
1) Use the web app (it's pretty good, and doesn't have any background processes)
2) Look for the thread in the App section titled "[download] Facebook, Twitter and Google+ apk"

[Q] Deleted App with Titanium

My Buddy wanted me to debloat his T-Mobile S5 so I went ahead and did the usual but I accidentally uninstalled an antivirus app that had administrative rights and now there is a ghost app in his drawer. I did not bother creating a backup as I had no intentions of reinstalling it. I know I can hide the app using xposed framework but wanted to delete it entirely.
Thanks.
have u tried to reinstall the app?
Fanaticalism said:
I did not bother creating a backup
Click to expand...
Click to collapse
Always make a backup. Taking shortcuts like that put your friend's data at unnecessary risk and caused your current problem.
You didn't give is any details of whether Titanium is able to cleanup the mess? If not, then try fixing it by reinstalling the antivirus so that it is then stable enough to uninstall in the conventional manner.
.
koolboyztn said:
have u tried to reinstall the app?
Click to expand...
Click to collapse
The play store recognizes the app as still installed and only gives me the option to deactivate the app. When I do that it force closes.
fffft said:
Always make a backup. Taking shortcuts like that put your friend's data at unnecessary risk and caused your current problem.
You didn't give is any details of whether Titanium is able to cleanup the mess? If not, then try fixing it by reinstalling the antivirus so that it is then stable enough to ininstall in the conventional manner.
.
Click to expand...
Click to collapse
Agreed on the shortcuts.
I was not aware that titanium may be able to clean it up. I'll research it. As far as the app goes, I responded to that above.
Thanks to the both of you
Fanaticalism said:
The play store recognizes the app as still installed and only gives me the option to deactivate the app. When I do that it force closes
Click to expand...
Click to collapse
If the phone is rooted or if you temporarily root it, you can delete the antivirus app with a file explorer (or from the commamd line).
.
fffft said:
If the phone is rooted or if you temporarily root it, you can delete the antivirus app with a file explorer (or from the commamd line).
.
Click to expand...
Click to collapse
I'll install es file explorer and take care of it that way. Thank you
Fanaticalism said:
I'll install es file explorer and take care of it that way.
Click to expand...
Click to collapse
You should find the antivirus app in one of these directories:
/data/app/name.apk
/system/app/name.apk
/system/priv-app/name.apk
.

can't install facebook messenger because code -505

Hello I have Xperia Z5 compact with Nougat. I have been very happy with it since Nougat but lately I noticed fb messenger could not be updated because code -505. I tried deleting it's cache and data but that did not help. Uninstalled it but can't install it again because -505. Then I tried deleting app data for play store and google play services but this did not help either! Now I am just without facebook messenger which is not very cool
Any ideas what to do?
VitasLoWang said:
Hello I have Xperia Z5 compact with Nougat. I have been very happy with it since Nougat but lately I noticed fb messenger could not be updated because code -505. I tried deleting it's cache and data but that did not help. Uninstalled it but can't install it again because -505. Then I tried deleting app data for play store and google play services but this did not help either! Now I am just without facebook messenger which is not very cool
Any ideas what to do?
Click to expand...
Click to collapse
Download the latest messenger app from apkmirror, and install it as a normal apk, that's it, problem solved
==If I Helped You, Support Me And Press The Thanks Button....just for support ? ===
I have same problem sony z5 compact
Did not help for me I received a message something like package is in conflict with current package with the same name. (sorry, translating from Czech). But messenger is NOT installed so what package can conflict with it?
VitasLoWang said:
Did not help for me I received a message something like package is in conflict with current package with the same name. (sorry, translating from Czech). But messenger is NOT installed so what package can conflict with it?
Click to expand...
Click to collapse
Seems like the messenger data is still in the system although the app is uninstalled, you can't help it, you have to reset data
MigoMujahid said:
Seems like the messenger data is still in the system although the app is uninstalled, you can't help it, you have to reset data
Click to expand...
Click to collapse
Please be more specific. I just want to fix this, so what do you mean by "you have to reset data"? Do you I go to filesystem, look for some messenger related folder and delete it? If yes then which one would it be?
VitasLoWang said:
Please be more specific. I just want to fix this, so what do you mean by "you have to reset data"? Do you I go to filesystem, look for some messenger related folder and delete it? If yes then which one would it be?
Click to expand...
Click to collapse
You can't go inside the data of apps unless you're rooted, so your only choice is to factory reset your phone to delete all data...
MigoMujahid said:
You can't go inside the data of apps unless you're rooted, so your only choice is to factory reset your phone to delete all data...
Click to expand...
Click to collapse
You gotta be kidding me Why can't I just delete the obb file if there is one?
VitasLoWang said:
You gotta be kidding me Why can't I just delete the obb file if there is one?
Click to expand...
Click to collapse
It's not the obb file ?
I meant the Data inside the data partition which exist In:
../data/data/ and it's hidden from user by default, you can't access it unless you're rooted.
Oh my... I don't want to go through factory reset and set up of everything again so soon How easy you think would be the rooting and is there a chance that my current setup would survive that?
VitasLoWang said:
Oh my... I don't want to go through factory reset and set up of everything again so soon How easy you think would be the rooting and is there a chance that my current setup would survive that?
Click to expand...
Click to collapse
Not sure you can root, you have android 7, there is no temp rooting for it yet, and also if root failed then that might lead to a software brick, which can be solved by re flashing stock rom which is a bigger thing
So I'd vote for the "reset data"

[Serious Help needed!] Pls tell me if its a virus or not!

Hello all.
I wanted to hide xposed from certain apps, so made a recent search about hide xposed. and found this site:
https://www.xda.im/apk/com.yaerin.xposed.hide
And downloaded the app with full stress!
After launching the app, it looked so normal! so activated it in xposed installer and rebooted. but this app didnt hide xposed from safetynet. so tried to unistall it and it said unistall was unsuccessful, but the app wasnt in list anymore!
I tried to access the /data file with es explorer but there was no file showing, so I noticed that es explorer is not finding root. My magisk manager supersu menu, doesnt load up and it crashes.
I accessed the /data folder from twrp file manager and installed every folder I didnt recognize.
But after restartung the phone, I still cant access the /data with es explorer and the supersu menu in Magisk.
I uploaded the file in virustotal and this is the result:
https://www.virustotal.com/gui/file...685b65bf26b187ece0127cd1436ee4d3dbb/detection
The scan result is: PUP.HighConfidence
What danger have I sticked my head into it?!
Should I factory reset? Is it a virus?
Is it safe?
Guys help me pls.
Thanks!
Ill upload the file for more info to be given.
Edit:
Superuser menu in Magisk worked also the es explorer root detection.
But im still afraid to be infected with that virus which I dont know what is it!
Pls help!
Xda doesn't own that domain. Uninstall it and do a factory reset.
joluke said:
Xda doesn't own that domain. Uninstall it and do a factory reset.
Click to expand...
Click to collapse
I know xda doesnt own it.
it isnt easy for me to factory reset.
I just wanna know if Im already in danger or not. if not, why to factory reset?
What does that detected line mean as a virus?
Is it dangerous? or its just because xposed its used in it?
Aaazv said:
I know xda doesnt own it.
it isnt easy for me to factory reset.
I just wanna know if Im already in danger or not. if not, why to factory reset?
What does that detected line mean as a virus?
Is it dangerous? or its just because xposed its used in it?
Click to expand...
Click to collapse
That warning doesn't mean it's a virus. Most likely a false positive. Unless you root you should be good to go.
A PUP means it's a Possible Unwanted Program nothing else. Doesn't mean you are infected and most likely it's a false positive. Just uninstall and install from this forum
joluke said:
That warning doesn't mean it's a virus. Most likely a false positive. Unless you root you should be good to go.
A PUP means it's a Possible Unwanted Program nothing else. Doesn't mean you are infected and most likely it's a false positive. Just uninstall and install from this forum
Click to expand...
Click to collapse
Thanks. Youre like water on fire.
Im rooted with xposed installed.
But whats the reason that it didnt unistall and said unistalling was unsuccessful?
Should I be afraid of this happening?
Aaazv said:
Thanks. Youre like water on fire.
Im rooted with xposed installed.
But whats the reason that it didnt unistall and said unistalling was unsuccessful?
Should I be afraid of this happening?
Click to expand...
Click to collapse
Nah. Can be a defective apk and fails to install at some point and needs to be compiled correctly
Aaazv said:
Hello all. I wanted to hide xposed from certain apps, so made a recent search about hide xposed. and found this site: https://www.xda.im/apk/com.yaerin.xposed.hide.........
Click to expand...
Click to collapse
That may be one of those "Metadata" type of websites that seems to be popping up reflecting various websites and such.
Just keep in mind...
If the URL(s) doesn't begin with either:
https://forum.xda-developers.com
~ OR ~
https://www.xda-developers.com
(I could be missing one or two other URL's as well)
Then it's likely a fake/spoof website.
I'm thinking that this should be brought to the attention of @MikeChannon to investigate and/or refer to the appropriate Administrator.
~~~~~~~~~~~~~~~
Unless asked to do so, PLEASE don't PM me regarding support. Sent using The ClaRetoX Forum App on my Apple Macintosh.
Ibuprophen said:
That may be one of those "Metadata" type of websites that seems to be popping up reflecting various websites and such.
Just keep in mind...
If the URL(s) doesn't begin with either:
https://forum.xda-developers.com
~ OR ~
https://www.xda-developers.com
(I could be missing one or two other URL's as well)
Then it's likely a fake/spoof website.
I'm thinking that this should be brought to the attention of @MikeChannon to investigate and/or refer to the appropriate Administrator.
~~~~~~~~~~~~~~~
Unless asked to do so, PLEASE don't PM me regarding support. Sent using The ClaRetoX Forum App on my Apple Macintosh.
Click to expand...
Click to collapse
Yup, that's not an official XDA-Developers url.
As said lots of these sorts of tools/apps can trigger virus checkers because they access system files that normally apps shouldn't access. That's true of many apps you'll find here too BUT that's not to say it's safe. You install such a thing at your own risk. At least with things on xda-developers you generally have the chance to read a thread about the app or even question the developer about it.... things from obscure websites carry a higher risk.
Mike

Categories

Resources