Modified Root App (Virus Warning) - Nexus 4 Q&A, Help & Troubleshooting

I m on cataclysm Rom and Semaphore kernel. I was not sure whether tbis issue was kernel or rom related, so thought to put this question in this thread.
On opening trickstermod app, i m getting the following warning (plz see screenshot):
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Is this some generic warning? Coz i never got this b4 (or may b didnt notice it). I dint modify any app.
Thanks in advance.
Sent from my Nexus 4 using Tapatalk

Seems only a trickstermod App issue, got my answer here:
http://forum.xda-developers.com/showthread.php?t=1768315&page=89

omer7 said:
Seems only a trickstermod App issue, got my answer here:
http://forum.xda-developers.com/showthread.php?t=1768315&page=89
Click to expand...
Click to collapse
I'm unsure... even though they say that there, I do not get this warning. Do you have a virus scanner? (I know, horrible bloated things for phones) might be worth getting one and having a poke around just to make sure?

Monotoko said:
I'm unsure... even though they say that there, I do not get this warning. Do you have a virus scanner? (I know, horrible bloated things for phones) might be worth getting one and having a poke around just to make sure?
Click to expand...
Click to collapse
No, don't have any anti virus in my phone.
But after restarting my phone and removing Super SU access from SuperSU (app), I'm not getting this warning again.
I also read in some other thread, that this is false positive (but that post was about a year old), so not sure why did i get that error, but now not getting it.
Lets see how it goes now :cyclops:

omer7 said:
No, don't have any anti virus in my phone.
But after restarting my phone and removing Super SU access from SuperSU (app), I'm not getting this warning again.
I also read in some other thread, that this is false positive (but that post was about a year old), so not sure why did i get that error, but now not getting it.
Lets see how it goes now :cyclops:
Click to expand...
Click to collapse
You removed SuperSU access from the SuperSU app? It's the SuperSU app that was generating the warning, warning you of another app that may have been modified. I don't think root access will work without SuperSU having root...

Monotoko said:
You removed SuperSU access from the SuperSU app? It's the SuperSU app that was generating the warning, warning you of another app that may have been modified. I don't think root access will work without SuperSU having root...
Click to expand...
Click to collapse
I didn't know which app (whether ROM/Kernel) was causing this issue, I read in some other thread where someone said, clear data (and cache) of trickstermod app and restart your phone (in addition, I removed trickstermod root access in SuperSU app as well). Restarted my phone, got that warning once or twice again I think, but checked it again, and this warning was no more there. I am still not sure what this warning is. Coz I didn't modify any app.
In that thread (link posted above) someone said, it is just a warning. Hope it is not an issue. . And I'm checking it, not getting this warning again, so could be it was a false positive.
And tell me is this warning given by SuperSU app? I've SuperSU (by ChainFire) app installed in my phone.

omer7 said:
I didn't know which app (whether ROM/Kernel) was causing this issue, I read in some other thread where someone said, clear data (and cache) of trickstermod app and restart your phone (in addition, I removed trickstermod root access in SuperSU app as well). Restarted my phone, got that warning once or twice again I think, but checked it again, and this warning was no more there. I am still not sure what this warning is. Coz I didn't modify any app.
In that thread (link posted above) someone said, it is just a warning. Hope it is not an issue. . And I'm checking it, not getting this warning again, so could be it was a false positive.
And tell me is this warning given by SuperSU app? I've SuperSU (by ChainFire) app installed in my phone.
Click to expand...
Click to collapse
Ah, yes it certainly looked like a regular SuperSU informational (like "root access was granted") and if I was to hazard a guess I would say that SuperSU noticed something had changed and thus gave you the warning. There will be something that triggers the warning, so your next course of action would be to find out what triggered it. It isn't something that will come up randomly or "for everyone"
You can maybe check the SuperSU logs?

Monotoko said:
Ah, yes it certainly looked like a regular SuperSU informational (like "root access was granted") and if I was to hazard a guess I would say that SuperSU noticed something had changed and thus gave you the warning. There will be something that triggers the warning, so your next course of action would be to find out what triggered it.
You can maybe check the SuperSU logs?
Click to expand...
Click to collapse
Yeah checked the Logs, just found info of app(s) which were granted SuperSU app.
ANyway hope it was just a false positive, but searching some other threads as well to find some more info...

If the rom comes rooted with any build in superuser, you don't have to flash SuperSU anymore. It will only create conflicts.

arffrhn said:
If the rom comes rooted with any build in superuser, you don't have to flash SuperSU anymore. It will only create conflicts.
Click to expand...
Click to collapse
Sorry, can't press thanks button, reached limit :fingers-crossed:
ANd I'm on Cataclysm ROM, and it came with SuperSU (app by ChainFire).

omer7 said:
Sorry, can't press thanks button, reached limit :fingers-crossed:
ANd I'm on Cataclysm ROM, and it came with SuperSU (app by ChainFire).
Click to expand...
Click to collapse
Lol, pro-tip here. XDA app has no thanks limit. Btw, it's good if you have solved your problems.

arffrhn said:
Lol, pro-tip here. XDA app has no thanks limit. Btw, it's good if you have solved your problems.
Click to expand...
Click to collapse
Thanks for the tip, and yeah it works. :fingers-crossed:
ANd problem not really solved, just I'm not getting that warning anymore, and I'm assuming it was a false positive or may be something else. I've done some search on google and XDA, i could only found 2 ppl who got the same warning.
I'm glad I'm the 3rd one. Lol ... (I know there wud b many other, didn't search too many pages)

Related

Preventing the OTA

Hi Folks, just double-checking if I froze the right thing to prevent the OTA since my app for freezing isn't too descriptive and I can't find the apk in my filesystem. See the picture attached (at the bottom, no idea why resolution appears poor but I think it's readable). If it means anything System Update(s/r?) no longer appears in the master app list under Settings/App Management. Thanks.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
DroidApprentice said:
Hi Folks, just double-checking if I froze the right thing to prevent the OTA since my app for freezing isn't too descriptive and I can't find the apk in my filesystem. See the picture attached (at the bottom, no idea why resolution appears poor but I think it's readable). If it means anything System Update(s/r?) no longer appears in the master app list under Settings/App Management. Thanks.
Click to expand...
Click to collapse
Why would you do that
Sent from my SPH-D700 using Tapatalk
xboxfanj said:
Why would you do that
Sent from my SPH-D700 using Tapatalk
Click to expand...
Click to collapse
Because I'm going to have to Odin for the update when the full package is available. And being nagged every 15 minutes by an OTA that won't successfully install because of rooted mods I've done is not my idea of fun. So will this stop it?
I don't even bother freezing it, I uninstall that sum'*****. Lol but that's because Sprint isn't my carrier so being nagged to activate my phone with service is the last thing I need. Plus when there's an update, I just update by Odin.
Sent from my SPH-D700 using XDA App
Shinydude100 said:
I don't even bother freezing it, I uninstall that sum'*****. Lol but that's because Sprint isn't my carrier so being nagged to activate my phone with service is the last thing I need. Plus when there's an update, I just update by Odin.
Sent from my SPH-D700 using XDA App
Click to expand...
Click to collapse
So did I target the right bugger?
DroidApprentice said:
So did I target the right bugger?
Click to expand...
Click to collapse
Systemupdates.apk? Yes.
Sent from my SPH-D700 using XDA App
Unfortunately this didn't help at all. Got the OTA notification this morning and I guess will be annoyed by it until I can actually sit down, prepare, and flash from better sources. Anyone know how to make the nag notification stop? I would just let the install fail if I weren't worried it'll screw things up (read a few reports of that happening).
DroidApprentice said:
Unfortunately this didn't help at all. Got the OTA notification this morning and I guess will be annoyed by it until I can actually sit down, prepare, and flash from better sources. Anyone know how to make the nag notification stop? I would just let the install fail if I weren't worried it'll screw things up (read a few reports of that happening).
Click to expand...
Click to collapse
Bump - I'm on SRF 1.2 w/Genocide and I'm getting the notification. My wife is on Midnight and so far no notifications on hers.
I read this: http://forum.xda-developers.com/showthread.php?t=1341859
and tried this: (which was recommended in the first link)
https://github.com/zinx/FOTAKill
But alas - I'm still getting the nagging notification. I don't have the time to play around with a new rom just yet - I want to flash a new rom when I'm ready!!! and I definitely don't want to go back to stock!
Help!!
DroidApprentice said:
Unfortunately this didn't help at all. Got the OTA notification this morning and I guess will be annoyed by it until I can actually sit down, prepare, and flash from better sources. Anyone know how to make the nag notification stop? I would just let the install fail if I weren't worried it'll screw things up (read a few reports of that happening).
Click to expand...
Click to collapse
You have to freeze the service. If you use the superfreeze.zip from randomking, that should do the trick. I am on mobile so I can't attach it. His cwm flashable will enable the command superfreeze in terminal emulator to freeze updates and drm.
Sent from my SPH-D700 using xda premium
Get script manger or terminal emulator for the market.
Get to the console, or what I would call a dos prompt
type:
SU <enter>
pm disable com.samsung <enter>
You have now turned it off. Good luck!!
adamdelozier said:
You have to freeze the service. If you use the superfreeze.zip from randomking, that should do the trick. I am on mobile so I can't attach it. His cwm flashable will enable the command superfreeze in terminal emulator to freeze updates and drm.
Sent from my SPH-D700 using xda premium
Click to expand...
Click to collapse
Had that script running way before the update, and I still got the notification!
socos25 said:
Get script manger or terminal emulator for the market.
Get to the console, or what I would call a dos prompt
type:
SU <enter>
pm disable com.samsung <enter>
You have now turned it off. Good luck!!
Click to expand...
Click to collapse
Yeah that's one of the three included in superfreeze - didn't work for me.
The app I was using (AntTek app mgr) froze the service, but it didn't matter. As people researched it they found out it was something in the Google framework I think. Maybe after a certain number of refusals it'll stop (wishful thinking?).
That is puzzling. With that command in Script terminal if you even try to go into update your PRL or anything it FC's.
I have yet to receive an update notification of any kind, so I will consider myself lucky.
After bugging me all day every 15 minutes, it hasn't been back for a few hours. (The updater is unfrozen now too.) Hope it stays that way and isn't just because I've been on wifi. BTW the safest way to refuse the prompt is just to hit the back key, that way you don't risk hitting the wrong screen button. The nag even happening during youtube videos was just awful.
I couldn't handle the nag. Spent some time last night and ODIN back to stock EC05, then update to Gingerbread, install ACS recovery, root, delete install-recovery.sh, re-install ACS recovery, reinstalled apps and some data, all good. First time I've done all that, wasn't bad at all.
rafareal said:
I couldn't handle the nag. Spent some time last night and ODIN back to stock EC05, then update to Gingerbread, install ACS recovery, root, delete install-recovery.sh, re-install ACS recovery, reinstalled apps and some data, all good. First time I've done all that, wasn't bad at all.
Click to expand...
Click to collapse
THink I'm going to break down this weekend (now that I have time to deal with it) and go through all that as well. Actually went ahead and ordered a 32GB card while I was at it as I was starting to fill up my 16GB.

[Q] "Hello world, PM EasyView!"? Possible malware caught on screenshot?

I recently took a screenshot that revealed another background window behind a warning message window that says "Hello world, PM EasyView!"
Is this some kind of malware? I tried scanning my phone with Lookout Security and it did not detect anything suspicious.
It all began when all of a sudden my stock 2.2.2 Defy's Task Manager kept showing popup messages telling me that my Hotmail app is running for too long and is consuming memory. This never happened before, ie. Task Manager app showing warning messages about apps running for too long. I suspect a malware infestation. Please advise.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
If you are scared that you are infected by malware the only "safe" thing to do is a full data wipe.
You dont have clockworkmod installed do you? Would be helpfull to have a full copy of the system to analyze it. I think clockworkmod would be a perfekt method to get a copy of the whole system.
sorry i don't know how to solve this. maybe it's time for you to change to some other ROMs...
iRegistry said:
If you are scared that you are infected by malware the only "safe" thing to do is a full data wipe.
You dont have clockworkmod installed do you? Would be helpfull to have a full copy of the system to analyze it. I think clockworkmod would be a perfekt method to get a copy of the whole system.
Click to expand...
Click to collapse
Well not exactly scared but I was just wondering about the origin of that "Hello world" message. "PMEasyView"? I wasn't able to find any app or developer by that name among the apps installed on my phone. Just was wondering if anyone here knew thats all. I rooted my phone using SuperOneClick, does it install Clockworkmod too? Or do I have to do it separately?
tomarsenal said:
sorry i don't know how to solve this. maybe it's time for you to change to some other ROMs...
Click to expand...
Click to collapse
I did install CM 7.1(2.3.7) but I didn't quite like it..I mean don't get me wrong..CM 7.1 is awesome but the ADW launcher kept crashing on me, something was eating up the battery way to fast and this is weird but I found that the sound quality(headphone and speaker) had actually deteriorated..maybe I didn't get some settings right but anyways I decided to roll back to the Motorola stock 2.2.2 froyo JRDNEM_U3_3.4.3-36-1.7 and wait until CM9 was out.
Thanks for the replies guys..really appreciate you taking the time.
Anachronizer said:
CM 7.1 is awesome but the ADW launcher kept crashing on me, something was eating up the battery way to fast and this is weird but I found that the sound quality(headphone and speaker) had actually deteriorated..
Click to expand...
Click to collapse
If adw doesn't work for you, you can download another one from the market. I use go launcher and it works without any problems and damn fast. You should give it a try.
Sent from my MB525 using Tapatalk
Well it's typical behavior of mallware - I dont have information, that stock task manager will inform you, that some process is running more than x minutes ... try wipe to factory settings and you'll be sure.
Rooting doesn't install Clockworkmod. You only get superuser after rooting. Install 2nd-init and you get Clockworkmod.
You should start using Droidwall and AVG antivirus pro. Try limit the data freedom running in the background.
Thanks for the replies guys. I think I'll wait for CM9. I do have Droidwall installed and I've scanned my phone thoroughly with Lookout Security but nothing was detected. Is it possible that the firmware posted here, the 2.2.2 India one is somehow infected?
http://forum.xda-developers.com/showthread.php?t=1093352
I took another screenshot of the supposed malware today, this time without the task manager message. I was able to dismiss the task manager message by pressing the search key somehow.
I have seen exactly that same message today. I thought I have been fairly careful about Malware. However, there was an update that was installed from marketplace today.
I wonder if it is possible to look at an update history.
sailfast said:
I have seen exactly that same message today. I thought I have been fairly careful about Malware. However, there was an update that was installed from marketplace today.
I wonder if it is possible to look at an update history.
Click to expand...
Click to collapse
Is the message window in your case appearing under the exact same circumstances as mine? Which ROM are you using? And also if its possible could you do an inventory of the all the apps installed on your phone, then perhaps we can pinpoint the source. Thanks for the reply.

[INFO] Kindle Fire 6.2 Software Update (29Nov11)

So, it appears my Kindle Fire just updated itself on it's own! No warning, it just did it! I caught it as the progress bar was about 50% across the screen.
Confirmed 6.2 Software Update via Amazon Support Site
Here is what I know:
1. It removes root functionality, including the SuperUser.apk
2. It removes the Google Market app (some people say theirs is still working after update, so it could be how it was added/installed) and some of the other Google sync apk's that reside in /system/app (probably because that whole directory gets overwritten).
3. It overwrites the framework-res.apk file, so any customizations that were made to it (battery charge icon, custom wallpaper etc.), will be wiped out.
4. If you removed built-in apps like Facebook and IMDB before the update, they will have re-appeared again.
With some testing from Veritass (someone brave enough to try re-rooting again after the update), it is now pretty much back to normal. The steps I took to get there were:
1. Re-root using the standard SuperOneClick method we are all used to
2. Re-added the following apks in /system/app and applied the correct permissions:
- Vending.apk
- GoogleCalendarSyncAdapter.apk
- GoogleContactsSyncAdapter.apk
Everything else was still working BEFORE I re-rooted, as the GoogleServicesFramework.apk remains intact and running. This includes, but is not limited to Gmail, Maps, Calendar, YouTube, Translate, Finance.
So, all is well again, and it didn't really mess up too much (that I can see). A minor inconvenience for no particular gain as far as I can see.
NOTE:
1. Amazon Video still doesn't work when rooted
2. The stock Carousel app still won't allow you to remove apps (not that I care about that myself, but you'd figure that a fix was imminent as this was a major gripe for a lot of users!)
3. Auto brightness is still not enabled
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Thanks: Veritass
same here. without any question it runs the update.
I just went and checked mine, didn't update... still 6.1.
6.1 here as well; although, I will not be surprised if there are a lot of updates over the next couple months. It's interesting it auto updates because of the rooting implications, though.
I left mine alone for about 10 minutes after i checked earlier for the update. Now its been auto-updated. I lost root access and i keep getting android market has quit errors. Great.
Can i just reroot? or what now?
mdizzle9 said:
6.1 here as well; although, I will not be surprised if there are a lot of updates over the next couple months. It's interesting it auto updates because of the rooting implications, though.
Click to expand...
Click to collapse
6.2 is coming, it's confirmed on their website (I updated my OP). But, yes it's worrying to those who have rooted (especially as it breaks it). I can't see any particular reason for the update either. The much touted Carosel fix (i.e being able to delete items from it) is not present.
I'll do some more digging....
As far as i can tell the updated did nothing except kill the root...
Mherder said:
I left mine alone for about 10 minutes after i checked earlier for the update. Now its been auto-updated. I lost root access and i keep getting android market has quit errors. Great.
Can i just reroot? or what now?
Click to expand...
Click to collapse
If you are brave! Personally, I would wait for some of the more experienced devs to give it the once over first.
idk if mine updated yet but if it did ill try SOC(super1click) to re root it when i get home (in about 30 min) Idc if i ruin my fire i payed 15$ for it
Veritass said:
idk if mine updated yet but if it did ill try SOC(super1click) to re root it when i get home (in about 30 min) Idc if i ruin my fire i payed 15$ for it
Click to expand...
Click to collapse
Thanks for being the guinea pig! Let us know how it goes. I'm not quite as brave, although if someone else confirms it works, I'll be the first one to do it afterwards!
Same here, locked the screen and then noticed the progress bar appear after a few moments. That's frustrating to say the least!
im on my way home right now. Will Post when Im done testing SUPER1CLICK
I haven't tried to reroot, but I have checked, all my extra apps and the Android Market Place are working fine. I actually had root switched off so I could use the Amazon Video service so it's not a big loss for me. Hopefully it still works for anyone rooting for the first time.
I wonder if anyone had OTA rootkeeper on then updated and could reroot.
Mine is still 6.1 however.
update is installing will attempt root.
From what I'm seeing, it pretty much did a rip and replace of /system/app (and probably a ton of other stuff). So, all the customization and Google apps that were installed in /system/app are now gone (this includes the market).
I'm hoping that it will all be replaceable!
Someone may want to figure out how to block updates as the Fire is set to automatically download an OTA update and apply it if the device goes to sleep.
this just irks me....
Scared to connect mine to wifi now! I just did a temp unroot, but if the update is stripping Google apps, then maybe I need an backup of them too.
Now would be a great time to get a working recovery with backup capability ..
sent from phone, sorry for typos.
rooted with S1C it worked for me. No problems i tested root explorer super user and a screen shot app all of them got Root access. mounted root as rw. must reboot after root. for access to SD card. Installed Market no problem I say its a GO!
Installed all Google apps no problem No force closes no nothing

Verizon support and protection - Software on this device has been modified?

I updated a few days ago to mje and had to Reroot my phone. Anyways since then I've been getting this alert in the notification bar. It appears to be a legit vzw app. When I click it, it asks me to scan my phone for malicious stuff. I froze it yesterday and it stopped but I wasn't sure if it's something worth keeping. Anybody else getting this?
MJC
Wow am I the only one?
I had un froze it last night and scanned with it. But last night I had some major battery drain, I look at the stats and this app was at the top with 53%. So I froze it again and won't be un freezing.
MJC
Yeah, if your rooted you definitely need to get rid of that program. Because superuser is a system modification, and it is detecting it as such.
♢NoteIII♢
I've been getting this nonstop since I rooted about an 3 hours ago. I wanted to avoid freezing any apps (cuz I forget later when OTAs come up and don't want to flash/wipe jus to fix it) is there any other ways to fix it? I'm sure other people are getting this when rooting.
Actually, there is. there's a new xposed mod called RootCloak. It's available in the xposed installer download section. What happens is once you activate it, you choose which APK's you want to hide superuser from. It keeps that app from knowing your phone is rooted. I use it for Flixster , because currently Flixster will not stream movies onto a rooted phone. I just found it and it works like a champ!
♢NoteIII♢
I installed root cloak but I don't see that app listed on it, at least not under the same name. Anyone know what I should select to cloak it?
MJC
Do you have tibu? I'll answer as if you just said yes. (I'm sure there are other ways to do this, but this is what I got)
I don't have this app, so I will use Backup Assistant plus as an example. In titanium backup go to the app, and click on it
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
In the window that pops up, click here
Another window will pop up, giving you the package name. This is what you will add
♢NoteIII♢
LeftyGR said:
Do you have tibu? I'll answer as if you just said yes. (I'm sure there are other ways to do this, but this is what I got)
I don't have this app, so I will use Backup Assistant plus as an example. In titanium backup go to the app, and click on it
♢NoteIII♢
Click to expand...
Click to collapse
Never had this issues but I still learned something from the way you explained this. Thanks bud!!
Take a sec and hit thanks if I helped or if you're in a good mood!
Thanks
Com.asurion.android.verizon.vms
I set it up and restarted phone but it still showed modified. I closed it and opened it again and now it's shows device is working normal.
MJC
Chillout2010 said:
I updated a few days ago to mje and had to Reroot my phone. Anyways since then I've been getting this alert in the notification bar. It appears to be a legit vzw app. When I click it, it asks me to scan my phone for malicious stuff. I froze it yesterday and it stopped but I wasn't sure if it's something worth keeping. Anybody else getting this?
MJC
Click to expand...
Click to collapse
That happened to me also just uninstall as long as Knox still says 0×0 your OK.
Retail N3
Chillout2010 said:
I updated a few days ago to mje and had to Reroot my phone. Anyways since then I've been getting this alert in the notification bar. It appears to be a legit vzw app. When I click it, it asks me to scan my phone for malicious stuff. I froze it yesterday and it stopped but I wasn't sure if it's something worth keeping. Anybody else getting this?
MJC
Click to expand...
Click to collapse
I got this last night too, hasn't popped up since, I'm 100% stock (for now) and unrooted
Sent from my SM-N900V using Tapatalk

Android 7.0 & Systemless Root (CTS fail)

SOLVED - Flashed suhide (linked in post 2) leaving this here for anyone else that struggles
Hi all, I'm trying to get Systemless root working with Android 7.0.
In the developer previews it was still passing CTS, as Android Pay was fully working; however now that "full" android 7.0 has been released my device is failing CTS profile match as soon as I flash SuperSU (2.77 or 2.78).
I've even tried the old ways of using the old commands in TWRP terminal
Code:
echo SYSTEMLESS=true>>/data/.supersu
echo BINDSYSTEMXBIN=false>>/data/.supersu
I'd like to be able to use Android Pay on 7.0, but still have root functionality for things like Tasker.
Is there any way to get it working currently?
(other than Magisk, I don't want to have to open an app, disable root, use android pay, go back to Magisk, enable root every single time.. Kinda defeats the point of android pay being easy to use)
Have you checked out suhide by Chainfire? I'm still on 6.0.1 but it passes safetynet now. Google has changed the detection so even systemless root fails now. I haven't had s chance to use AP for a purchase though. Others state in this thread that it works.
http://forum.xda-developers.com/apps/supersu/suhide-t3450396
Sent from my Nexus 6P using XDA Labs
swallowingled said:
Have you checked out suhide by Chainfire? I'm still on 6.0.1 but it passes safetynet now. Google has changed the detection so even systemless root fails now. I haven't had s chance to use AP for a purchase though. Others state in this thread that it works.
http://forum.xda-developers.com/apps/supersu/suhide-t3450396
Sent from my Nexus 6P using XDA Labs
Click to expand...
Click to collapse
Success! Thank you, I'll give AndroidPay a try and edit this to let you know
pk92 said:
Success! Thank you, I'll give AndroidPay a try and edit this to let you know
Click to expand...
Click to collapse
I'm very curious as well, let us know either way!
It was all working well for a couple of days by now SafetyNet has a "Response payload validation failed"
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
I've been unsuccessful in googling, and AndroidPay is no longer functioning.
pk92 said:
It was all working well for a couple of days by now SafetyNet has a "Response payload validation failed"
I've been unsuccessful in googling, and AndroidPay is no longer functioning.
Click to expand...
Click to collapse
Yeah sadly everyone is getting that now with suhide. Like chainfire said, it'll be a never ending cat and mouse game. Have you tried Magisk by any chance yet? http://forum.xda-developers.com/android/software/mod-magisk-v1-universal-systemless-t3432382
I have not but it looks like people have been able to get it to work using that. With it you can unmount root temporarily and supposedly Android Pay works at that point.
DanRyb said:
Yeah sadly everyone is getting that now with suhide. Like chainfire said, it'll be a never ending cat and mouse game. Have you tried Magisk by any chance yet? http://forum.xda-developers.com/android/software/mod-magisk-v1-universal-systemless-t3432382
I have not but it looks like people have been able to get it to work using that. With it you can unmount root temporarily and supposedly Android Pay works at that point.
Click to expand...
Click to collapse
Magisk is really a last resort, I'd rather not have to open the app, unroot, use AP, open magisk, and reroot every time I need to make a payment. It kind of defeats the point of the convenience of Android Pay
pk92 said:
Magisk is really a last resort, I'd rather not have to open the app, unroot, use AP, open magisk, and reroot every time I need to make a payment. It kind of defeats the point of the convenience of Android Pay
Click to expand...
Click to collapse
I hear ya but I think this is going to be the norm. It won't be easy to have root AND Android Pay play nicely side by side. Not when big banks are involved. Google has to do all they can to stop it.
May I ask what you use root for? Only reason is because I too like to use Android Pay but like making a few modifications to my system, namely the Emoji font file, system font file, custom ad-blocking hosts file and an overlay file. I manually make all my changes to /system in TWRP and none of them trip up SafetyNet/Android Pay.
Of course if you're using actual apps that require root, my solution won't work for you.
DanRyb said:
I hear ya but I think this is going to be the norm. It won't be easy to have root AND Android Pay play nicely side by side. Not when big banks are involved. Google has to do all they can to stop it.
May I ask what you use root for? Only reason is because I too like to use Android Pay but like making a few modifications to my system, namely the Emoji font file, system font file, custom ad-blocking hosts file and an overlay file. I manually make all my changes to /system in TWRP and none of them trip up SafetyNet/Android Pay.
Of course if you're using actual apps that require root, my solution won't work for you.
Click to expand...
Click to collapse
+DanRyb would mind telling me how you use TWRP to install say system fonts, etc? While I generally root, I'm enjoying Pay on stock for now, but would like to make a few mods also. Thanks.
jackpollard said:
+DanRyb would mind telling me how you use TWRP to install say system fonts, etc? While I generally root, I'm enjoying Pay on stock for now, but would like to make a few mods also. Thanks.
Click to expand...
Click to collapse
I do it manually through adb command line but you could use a flashable zip too if you find one with the font you like. If making manual changes through adb, just boot into TWRP, go to Mount and make sure you check off /system. Fonts are all in /system/fonts. I replace a bunch of the Roboto*.ttf ones with a font I found like over a year ago. I also replace the emoji font with a custom one of my own which is NotoColorEmoji.ttf.
I'm not sure exactly WHY yet but it seems a custom kernel is needed to respect the changes I made. I attempted last night with just a simple modified boot image that removed the force encryption but all the changes I made in /system I couldn't see once booted. After I installed a custom kernel (I use ElementalX), I was able to make my changes and actually see them. I'm not sure if it has to do with dm-verity or not but I'm still learning as I go. Obviously I can't tweak any of the custom kernel settings using an app (since I don't have root installed) but for me that's OK.
DanRyb said:
I do it manually through adb command ....
Click to expand...
Click to collapse
Thanks for the details, I think I will make a nandriod and play a bit. Again, thanks!
I use root for Tasker, TiBu, AdAway, SDMaid, Nova Launcher (for quicker pull down)

Categories

Resources