Decided to scan roms for viruses - OnePlus 3T Guides, News, & Discussion

I am scanning roms for viruses to see what hits what. After some suspicious activity on Ressurection Remix Official, i got worried.
Method:
1. download rom
2. use python script to extract img
3. extract img file.
4. upload apk files methodically.
5. report results.
I am just starting so will upload images as i make them. please be patient.
Here are some samples until further notice.
OOS
Statementservice.apk:
https://www.virustotal.com/en/file/...08d118f528646c92bea12ee17e068fba1a4/analysis/
TugaPower/RR Official/RR unnoficial
Share the same files so far
Statement Service.apk: https://www.virustotal.com/en/file/...ff6452cf945798e67555e393/analysis/1484682367/
RESULTS so far
OP3T stock 4.0
3 potential threats found. (likely False Flags)
Dedicated Lineage OS Build 1
128 "finds"
126 PUA finds (no biggie)
Shell.apk = Android.gEWPB.GEN12424 (PUP) (no biggie)
HTMLViewer.apk = Android.Lovefraud.A5a1d (PUP) (no biggie)
This rom did not trigger whitearmor. (while running the rom)
Considered Clean

I guess global warming is taking a toll on u...
Bro.. Just take a bottle of beer.. Drink in while u flash a rom.. In case that doesn't suit well just sleep and once u wake up just check if symptoms persist..

geekynoob said:
I guess global warming is taking a toll on u...
Bro.. Just take a bottle of beer.. Drink in while u flash a rom.. In case that doesn't suit well just sleep and once u wake up just check if symptoms persist..
Click to expand...
Click to collapse
A device that holds most of my sensitive data is not something i just "ignore."
If i only find PUA hits, it's likely nothing. but it's a little suspicious.

Then keep your bootloader locked and stay on stock rom.

Firstly, viruses on linux are extremely rare as there isn't a big enough userbase for the devs of these things to bother with, secondly the rom is built from source, which means the developers would have to have intentionally added a virus to it unless you download from an unknown source that might have injected something into the package, this is highly unlikely as many eyes are on the code and it's publicly viewable too and the source links given in the rom threads are from the developers' sites or from AFH.
It's highly unlikely is the gist of this.

djsubterrain said:
this is highly unlikely as many eyes are on the code and it's publicly viewable too and the source links given in the rom threads are from the developers' sites or from AFH.
Click to expand...
Click to collapse
That's why I always recommend to use Roms that have their source code available, people not uploading their sources online can't be trusted in my opinion no matter what they say.
Sent from my "1+2" powered by Unofficial RR 7.x.x
Compiled by myself

I've been searching for information about this Belgian security website but nothing important came up, I wish I could see the security algorithm that is based on, details about how their results came up...
I personally can't take those warnings as serious ones
I may dig a bit more...
Sent from my Darkside of Oneplus 3T

You need to lay of the green if you're so paranoid.

Skwerl23 said:
I am scanning roms for viruses to see what hits what. After some suspicious activity on Ressurection Remix Official, i got worried.
Method:
1. download rom
2. use python script to extract img
3. extract img file.
4. upload apk files methodically.
5. report results.
I am just starting so will upload images as i make them. please be patient.
Here are some samples until further notice.
OOS
Statementservice.apk:
TugaPower/RR Official/RR unnoficial
Share the same files so far
Statement Service.apk:
Click to expand...
Click to collapse
I have alreaydy had security issue while using a custom rom (i won't drop name), i think it's not wanted by mainteners, but there is so much tweaks on some roms like RR that the probability to get a security issue is finally quite hight, virus can come from an apk too.
And the virus scan detect only some virus, but not back doors ....
Keep in ming you won't never be safe using custom rom / root / unlocked bootloaders .... but most of us don't care, i dont know if we are right or wrong....

StatementService.apk is part of Android since MM. If you honestly believe it's malware you need to switch to an iPhone or downgrade to Lollipop.

In all my 7 years dealing with android...I have never ever seen a virus on my phone. I've flashed more ROMs than I've had hot dinners. Like everyone said, if you're that paranoid....Turn off all your electronics and wear the tin hat jokes aside.... You give Google more info than you realise, it should be them you need to worry about.

I was just going to ignore, but I have to ask because you specifically mention my rom. What exactly was the "suspicious activity “ that you encountered on my ROM, Resurrection Remix?
After you make a statement like that I hope that you have something more to say than all those " security " scans that you keep posting.
Again the only reason I'm responding is to ask specifically what was the "suspicious activity “.

apascual89 said:
I was just going to ignore, but I have to ask because you specifically mention my rom. What exactly was the "suspicious activity “ that you encountered on my ROM, Resurrection Remix?
After you make a statement like that I hope that you have something more to say than all those " security " scans that you keep posting.
Again the only reason I'm responding is to ask specifically what was the "suspicious activity “.
Click to expand...
Click to collapse
I wouldn't worry dude, hes probably getting false positives (And isnt fully educated on custom roms etc) - we all know rr sources are online so people can check themselves....plus we all know that none of the rom makers on xda would willingly add viruses into their work.:good:

apascual89 said:
I was just going to ignore, but I have to ask because you specifically mention my rom. What exactly was the "suspicious activity “ that you encountered on my ROM, Resurrection Remix?
After you make a statement like that I hope that you have something more to say than all those " security " scans that you keep posting.
Again the only reason I'm responding is to ask specifically what was the "suspicious activity “.
Click to expand...
Click to collapse
virus's don't always show "suspicious activity"
I am not trying to cause any rom to be ignored, or not used. My point is trying to figure out security. I HAVE NO DOUBT that you would NEVER put a virus in there. Since roms are open source, anyone could commit a virus and no one would know it.
I'm only doing scans, as ive never seen virus's pop up in android before, and just want to get the truth for all of us.

djsubterrain said:
Firstly, viruses on linux are extremely rare as there isn't a big enough userbase for the devs of these things to bother with, secondly the rom is built from source, which means the developers would have to have intentionally added a virus to it unless you download from an unknown source that might have injected something into the package, this is highly unlikely as many eyes are on the code and it's publicly viewable too and the source links given in the rom threads are from the developers' sites or from AFH.
It's highly unlikely is the gist of this.
Click to expand...
Click to collapse
agreed on the linux bit, however android is the most popular used portable OS in the world. and china builds half or more of their roms.
To think that android virus's don't exist is just naive.

The real question is not whether there is a virus, but rather why some rom apk's flag as a virus, and another nearly identical rom doesnt?

Skwerl23 said:
The real question is not whether there is a virus, but rather why some rom apk's flag as a virus, and another nearly identical rom doesnt?
Click to expand...
Click to collapse
The real question actually is, as long as you are so concerned and eager to find an answer, why don't you just contact the experts of that website and keep us updated?

Skwerl23 said:
virus's don't always show "suspicious activity"
I am not trying to cause any rom to be ignored, or not used. My point is trying to figure out security. I HAVE NO DOUBT that you would NEVER put a virus in there. Since roms are open source, anyone could commit a virus and no one would know it.
I'm only doing scans, as ive never seen virus's pop up in android before, and just want to get the truth for all of us.
Click to expand...
Click to collapse
I was just using your words from the OP

apascual89 said:
I was just using your words from the OP
Click to expand...
Click to collapse
The suspicious activity was system level apps asking me for root priveleges. NEVER have i ever seen that.

Skwerl23 said:
The suspicious activity was system level apps asking me for root priveleges. NEVER have i ever seen that.
Click to expand...
Click to collapse
Isn't that a good thing that apps are asking for root privileges ? Rather than having full privileges !!!
Apart from that, you should stay on stock ROM with locked BL as that might give you some peace of mind.

Related

Cannot Update to Froyo because of Rooted Wildfire, How I Unroot? Cant use RUU?

I rooted my HTC Wildfire using Unrevoked (latest version) couple days ago, just found out Froyo avalible but cannot update because of this.
I am in UK on Vodaphone Wildfire (Unlocked to use o2 sim)
I cannot find the factory RUU for Vodaphone UK?
I tried some 2.2 update RUU but come up with customer ID error
Have I lost out on froyo?
I got my vodaphone_buzz ota downloaded (50mb avg) but cant use it
Any help would be very much appriciated
*** Im not fussed if i lose root, infact i rather not have it tbh the hassle it gave***
Flash it with Wildpuzzle?
You could flash it with a new ROM like wildpuzzle or similar if you want sence. You can see this thread for available ROM's:
http://forum.xda-developers.com/showthread.php?t=822181
I followed this guide to flash the ROM:
http://forum.xda-developers.com/showthread.php?t=824396
Hope it helps
howzit bud!
it's going to suck heavy for you if you download the actual froyo update, because you wont be able to root your phone again (unrevoked hasn't come out with an update that works on froyo)
Flash the SUnaAaBh v1.1.. it's basically the same and it's getting great results
http://forum.xda-developers.com/showthread.php?t=879032
Thanks for the info guys, I like the sound of Sunaabh froyo + root
eragon44111 said:
howzit bud!
it's going to suck heavy for you if you download the actual froyo update, because you wont be able to root your phone again (unrevoked hasn't come out with an update that works on froyo)
Flash the SUnaAaBh v1.1.. it's basically the same and it's getting great results
http://forum.xda-developers.com/showthread.php?t=879032
Click to expand...
Click to collapse
SUnaAaBh v1.1 is just as unstable as every other custom ROMs. It crashed everytime I ran it. Its just publicised incorrectly by the guy as best ROM. If you actually read the post you might find the self-praise disgusting, maybe.
Its up to you in the wild puzzle thread there is an un touched froyo update. Just flash it like any other custom rom.
Sent with love from f0xy while mobile!
bynge said:
SUnaAaBh v1.1 is just as unstable as every other custom ROMs. It crashed everytime I ran it. Its just publicised incorrectly by the guy as best ROM. If you actually read the post you might find the self-praise disgusting, maybe.
Click to expand...
Click to collapse
I am pretty sure you are doing something seriously wrong. I have tested most of the custom ROM's out there (Currently on WildPuzzle coz I kinda prefer LWP and Sense), and, they have never (hardly, if ever), crashed on me.
Besides, I just checked the Sunnabh thread, it hardly looks like self praise. Most of them have just said the exact thing the ROM author claims his ROM does, that it is stable. That said, if you are not satisfied, kindly move on, and, dont bad mouth the ROM author. He is not obliged to provide you with "stable" (as per your definiton) ROMs.
Get the OTA FroYo update, and enjoy your Wildfire.
Cheers
bynge said:
SUnaAaBh v1.1 is just as unstable as every other custom ROMs. It crashed everytime I ran it. Its just publicised incorrectly by the guy as best ROM. If you actually read the post you might find the self-praise disgusting, maybe.
Click to expand...
Click to collapse
You dont tell the problem you just keep bad mouthing.. SUnAaBh = Stability PERIOD.
warriorvibhu said:
You dont tell the problem you just keep bad mouthing.. SUnAaBh = Stability PERIOD.
Click to expand...
Click to collapse
Then what's all the patches for, mate ?
You picked the "works perfect" posts and quote it in first page.
How about I quote all the "not working" posts and "do you have a patch" posts ?
Your work should speak not the keyboard. Its totally unwarranted from your side to do anything like that. I have never seen any other developer design such a page.
PERIOD? Ya, period.
bynge said:
Then what's all the patches for, mate ?
Click to expand...
Click to collapse
If I read the thread correctly, I think it is written as "ADDON PACKAGES and INSTALLERS". And, I guess, the name should be enough for you to know the meaning and the reason for the "patches", i.e., they are not bugfix packages or anything, but, additional functionalities which are upto the end user whether they want to install it or not.
It's not that if you dont get the patches, the ROM will crash on you a thousand times (If you do everything properly ,which, most of them have).
That apart, patch requests are again requests to improve the functionality and add convenience features, not bugfixes, which I came across the thread.
bynge said:
Then what's all the patches for, mate ?
You picked the "works perfect" posts and quote it in first page.
How about I quote all the "not working" posts and "do you have a patch" posts ?
Your work should speak not the keyboard. Its totally unwarranted from your side to do anything like that. I have never seen any other developer design such a page.
PERIOD? Ya, period.
Click to expand...
Click to collapse
You Please do that show me all the non working posts.. but make sure those posts were there coz of the ROM and not because someone did an error in installing if you have guts find all the non working posts and show me.. and for your info most posts are requests for addons .. Now dont make me angry i am not forcing you to use it..
you have not seen any other developers design such a page ..hmm thanks i know i am a pioneering person .. Huh have you seen alpha centuari ? does that mean it does not exist .. And Learn some etiquette please..
3xeno said:
If I read the thread correctly, I think it is written as "ADDON PACKAGES and INSTALLERS". And, I guess, the name should be enough for you to know the meaning and the reason for the "patches", i.e., they are not bugfix packages or anything, but, additional functionalities which are upto the end user whether they want to install it or not.
It's not that if you dont get the patches, the ROM will crash on you a thousand times (If you do everything properly ,which, most of them have).
That apart, patch requests are again requests to improve the functionality and add convenience features, not bugfixes, which I came across the thread.
Click to expand...
Click to collapse
Thnx mate.. I dont understand what is his problem..
ANYWAY BACK ON TOPIC:
I noticed that the app called "SuperOneClickv1.5.5-ShortFuse" (google it) has an option for unrooting...I haven't personally tried it (ended up using Unrevoked Linux LIVECD to root).
Let us know how it goes.
I noticed everyone is just focusing on flashing the wildfire with custom rom. Isn't there other ways like faking the signature so the update can still be installed?
I have the same problem, when I tried the OTA update it fails with message "invalid signature". I guess the rom installer is checking the signature of the currently installed OS.
Maybe one solutions is to restore the original HTC 2.1-update1 rom then run the OTA froyo update. Then in the near future, there will be root solutions for Wildfire froyo.
Flash with goldcard
Sent from my HTC Wildfire using XDA App

[Dev] easy way to update Roms

soo as some of you might have seen on the homepage of xda someone has made an app that allows anyone to update their roms through their PHONE! of course the developer must follow a couple of easy steps to set it up. it would be great for people like me that dont always have access to their computer. it's basically OTA updates for your Rom
http://forum.xda-developers.com/showthread.php?t=1590170
it would be great if devs at least read this post
Looks cool. I second the request but it does mean that the devs setup some kind of server to check it instead of just uploading the ROM. It also means more testing for the ROM's before you can simply put it up to prevent bricks, so I guess it would not work for all beta's

all custom roms sucks...as much you gain from them you loose more

I tried every rom posible and all have the biggest bug ever ...at least for me it is but nobody is talking about ...there is something i don't know ? there is no need to be mean to my question but why all roms have this problem with keeping the playstore apps updated ...why the apps revert to previous versions and why this is hapening only to custom roms ?.. if then i ask you what is the use of custom roms? ...
these days even a five years child can root install a custom cwm , a custom kernel a viper4 sound mod and debloat a original stock rom
Lol.
I haven't experience anything like that, in any Roms i have flashed.
Throw your s4 and buy some updated android device.
Sent from my GT-I9505 using Tapatalk
1. You opened a thread in wrong place Kiddo
2. be gratefull for what you have , youre problem is very original UNIC maybe congrats for being UNIC
3. Some moder delete this
What kind of gapps are you running? I've been using opengapps for every custom ROM I've used and had no issue what so ever.
Sent from my GT-I9505 using Tapatalk
stafiejulien said:
I tried every rom posible and all have the biggest bug ever ...at least for me it is but nobody is talking about ...there is something i don't know ? there is no need to be mean to my question but why all roms have this problem with keeping the playstore apps updated ...why the apps revert to previous versions and why this is hapening only to custom roms ?.. if then i ask you what is the use of custom roms? ...
Click to expand...
Click to collapse
maybe you are not clever enough
stafiejulien said:
I tried every rom posible and all have the biggest bug ever ...at least for me it is but nobody is talking about ...there is something i don't know ? there is no need to be mean to my question but why all roms have this problem with keeping the playstore apps updated ...why the apps revert to previous versions and why this is hapening only to custom roms ?.. if then i ask you what is the use of custom roms? ...
Click to expand...
Click to collapse
a custom rom is exactly what it says it is, a customised version of the original android operating system that somebody has, in their own precious time, played around with to try & give us something a little different for this ageing device. Chances are that if you went out tomorrow & bought an S7 edge & fired it up you would have to update some gapps, whichever you may use. I think you need to take a deep breath & have a little more appreciation & understanding for the things that go on here. If a 5 yr old is able to do what you claim then maybe you should turn your hand to contributing to the community................... but thats just my opinion......no offence intended
Is this guy for real? Apps simply don't revert to previous version after you update them. There's a simple setting in the playstore that allows auto update of your installed apps to the latest version when they become available. And is this how you lose from custom Roms? Lololololol I thought your device blew up or melted.
Buy an IPhone and explain us how cool is it. You'll enjoy it, for sure
Pls close delete this thread its useless.
Sent from my GT-I9505 using Tapatalk
droidblitz said:
Lol.
I haven't experience anything like that, in any Roms i have flashed.
Throw your s4 and buy some updated android device.
Sent from my GT-I9505 using Tapatalk
Click to expand...
Click to collapse
The problem isn't the phone, it's the user.
Just close this.
scanferr said:
The problem isn't the phone, it's the user.
Just close this.
Click to expand...
Click to collapse
+1
and dude who started thread. It is simple. Don't use custom roms...
Sent from my S4 via NSA's wifi
Believe it or not, but I have seen similar behavior with some of my apps.
I update it dl today and tomorrow I have to update again, but there doesn't seem to be any changes in the changelog.
But this happens rarely.
So I believe the OP exaggerates. This also started happening only recently, so it's either something related to the new Android updates - which means older ROMs (5.1 and below) should be safe - or something related to gapps.
To everyone who asked for this thread to be closed and/or brought up the fact it's in the wrong place, why did you not click on the little triangle at the bottom left of the post and report it? Mods can't do anything about it if they don't know there is an issue.
As to the OP, I actually tried keeping an Android 2.3.3 ROM's Google apps up to date - one of the features of the ROM I offered. To do that I didn't include anything but the Play Store. Today, such a task would be difficult. If you like, you can download a GApps package from OpenGApps on a daily basis and flash it yourself.
GDReaper said:
Believe it or not, but I have seen similar behavior with some of my apps.
I update it dl today and tomorrow I have to update again, but there doesn't seem to be any changes in the changelog.
But this happens rarely.
So I believe the OP exaggerates. This also started happening only recently, so it's either something related to the new Android updates - which means older ROMs (5.1 and below) should be safe - or something related to gapps.
Click to expand...
Click to collapse
This ^^^
Strephon Alkhalikoi said:
To everyone who asked for this thread to be closed and/or brought up the fact it's in the wrong place, why did you not click on the little triangle at the bottom left of the post and report it? Mods can't do anything about it if they don't know there is an issue.
Click to expand...
Click to collapse
And this one ^^^
@OP, please be carefully when you start a thread. Development is for development not for discussions and questions.
Thread closed,
Razvan
Forum Moderator

Q&A

This a noob friendly thread to help people with some common questions. If the mods don't like this I apologize just trying to contribute.
Q... What is the first step in flashing a rom.
A... Backup of your boot.img or everything so you can safely return if a problem occurs.
Q... How do you flash a ROM?
A... ROM>gapps>kernel>root or alternatively if issues occur ROM>gapps>root>kernel
Q... Is a kernel/root necessary?
A... No on both I know one ROM that requires a kernel most don't reading the first page you will know. Root is only required if the ROM has force encryption and you don't want it or need root.
Q... How to unlock bootloader?
A... I'll link I'm a second post to motos website it has a detailed guide to do it through a few simple command promos.
Q... Where do I find all the features a ROM/kernel has?
A... The front page typically where the download button is at.
Q... How do I report a bug or problem?
A... Depends on the problem downloading a logcat app from the play store and sending the xml (text) is a good start. If more the bug isn't found there the dev is more then likely willing to help direct you to the files he needs.
Q... What tweaks do you use to get great battery life?
A... Honestly the phone has plenty but if you need that extra little juice the safest option would be using ex kernels power saving mode to dial down the core frequencies.
Q... Is the key n/a normal?
A... At first I thought I did something wrong but no need to fear a simple warning saying there is something custom ie twrp.
Q... My phones encrypted help!
A... A backup could save the phone if put on an SD card. You'll need to format and lose all data stored on the phone other then SD card so be warned.
Q... What's the best ROM?
A... Only you can answer this each ROM is unique and has custom featured tailored to different people. Need bare bones los has it need more aokp among many others have it. You get the point honestly just try it and see backups help here too.
Q... Was this phone a good purchase?
A... Thanks to the devs yes it is. Moto has skimped on updates lately but we still have 7.1.X because of them.
Q... Why is this X ROM unstable?
A... The devs are working hard some phones need to have six months to get los to even work so patience none of these roms are really unstable. The htc 10 didn't have BT for months and on los the dialer didn't even work but now fully functioning. So rest assured every darn bug will be squashed in time.
Q... Is the above mention stuff risky?
A... If it voids warranty yes then it is. Android has come a long way and it is however much safer now then every before to flash and root phones if there's a problem there is typically a fix. I do recommend new users to read as much as possible on risks and how tos first this is only a brief guide to the world of customs.
Q... Where do I find an answer to a problem I have?
A... While I'll support as many questions as I can in here I'd like you to do something's first. Search a thread that has some relative info say a twrp issue search the twrp thread. If that doesn't help google it and see then. Spend just five or so minutes and if no luck then come ask away in here.
Q... Why research when I can ask a question?
A... This is mainly because the people helping don't want to repeat too many times. However a response from someone can take time and it may not even be the answer you need so to save you time a little research ahead of asking the question could speed up fixing the problem.
Q... If I flash a kernel will it mess with twrp or firmware?
A... Twrp has its own kernel it runs on so kernel shouldn't mess it up. However it does mess with boot imagines so it could potentially do that rho highly unlikely. Firmware nope nothing you do really messes with that
This is by no means a complete list of things. This is tailored to our device so please keep it on such so I can help with device specific questions. If more needs to be added pm and I'll add it including suggestions and request for frequently asked questions I may have missed. Good luck on your journey cheers.
Links...
A detailed guide on the brief things I talked about this dude did good credit to him
https://forum.xda-developers.com/g5-plus/how-to/howto-ultimate-g5-plus-guide-unlocking-t3593531
This method is the one I talked about above and is linked in the above thread. Great work by the community again credit goes to this guy much more thorough then I could have done...
https://forum.xda-developers.com/g5-plus/how-to/unlock-bootloader-lenovo-motorola-moto-t3581133

Spyware on Custom ROM

Dear All,
This morning when i tried to restore deleted photos from my A2017G (AEX 5.8 nFound Latest Treble ROM) because i accidentally deleted some important photos yesterday.
These are my spec:
- A2017G 4/64
- AEX 5.8 Treble by NFound build date 20180812
- Kernel Schwifty vR3+
- Magisk v16.7 (1671)
-- GL Tools Module
-- Magic Charging Switch Module
File recovery app:
- Disk Digger Pro File Recovery build date 20180805
I found some recovered photos which i never took with my camera or screenshot, and by the look of them indicated that they were taken silently by system (please notice there is no statusbar on the pics).
Can anyone else confirm my findings? Is it possible that the custom ROM itself does this or other software? I never installed any malicious or unknown apks on my phone but XDA Labs Apk and Magisk Modules.
Attached are some of my proofs (recovered with Disk Digger Pro), there are more but some of them are private whatsapp chat session and my contact lists.
Please be advised, this is a pure Q&A post, i never intended to accuse any developer of any ROM or Software regarding my findings posted in this post.
Any chance that recovery app showed original location?
do you need the file recovery app pro version to check? Root or standard scan?
docentore said:
Any chance that recovery app showed original location?
Click to expand...
Click to collapse
No way, even the original name is gone.
Infy_AsiX said:
do you need the file recovery app pro version to check? Root or standard scan?
Click to expand...
Click to collapse
Root Scan, thus im using pro version of the app.
taufikthexfader said:
Root Scan, thus im using pro version of the app.
Click to expand...
Click to collapse
Does the free root scan work? Or is there a free alternative that works? Don't think people will buy the app just to test this.
Can you tell us in which folder these screenshot files were placed?
taufikthexfader said:
No way, even the original name is gone.
Root Scan, thus im using pro version of the app.
Click to expand...
Click to collapse
Infy_AsiX said:
Does the free root scan work? Or is there a free alternative that works? Don't think people will buy the app just to test this.
Click to expand...
Click to collapse
free version is working perfectly for photos/videos, as long as you gave it root access.
SilentEYE said:
Can you tell us in which folder these screenshot files were placed?
Click to expand...
Click to collapse
they were "deleted" and the recovered files show no original name/loc.
For the time being, I move to PixelExperience Treble GSI.
I just hope and pray everyone else's data and privacy is safe using any custom rom out there.
Seeing similar screenshots here on Kranoner's last RR-O. My system has a lot of mods, but yours is clean right so it's not likely our apps or mods. I checked there's nothing similar on my Sony Z3C L14.1. Could be from custom bootstack or recovery. More likely it could be from closed ZTE code in drivers or bootstack. Easy way to narrow the cause to being proprietary ZTE code is running complete stock with root for awhile to check if it occurs. My ROM is B32 Nougat source with it too (though I think it has some Chinese B10 source mixed in looking at github), so can run B32 stock to check. Some screenshots are saved as 1440 while some as 720 resolution.
It will not look weird if this is true.ROMS from axon7 are maintained by someone from an "unfriendly state"
Moderator Edit: Please avoid being TOO explicit in your opinion on fellow earth-dwellers... I've edited the above. Thanks
Well this is strange then. Someone else mentioned the same Disk Digger discovered screenshots thing in the Moto G5S Plus forums earlier this month. Lluvia ROM. Wonder what's going on here.
I reckon it's time I examine my stuff on both phones.
---------- Post added at 06:05 ---------- Previous post was at 05:47 ----------
Predatorhaze said:
It will not look weird if this is true.ROMS from axon7 are maintained by someone from an "unfriendly state"
Click to expand...
Click to collapse
That has got to be the most idiotic thing. So you're saying "they" (Kranoner, NFound, WesTD, et al) are subversives? Secretly and purposely grabbing goodies from our phones for some nefarious purpose? LMFAO.
Sure it's not beyond possibility but still...
That can be the case with anyone, whether they're flying the Red, White & Blue or the sickle and hammer.
Since a big chunk of ROMs are built by folks from around the world what are you gonna do. Start vetting devs to find out what their views are regarding the US/West before flashing ROMs. We really don't need that kind of thinking.
ZTE Axon 7 A2017U, AospExtended v4.6 ROM, LlamaSweet 0.5 Kernel, microG (NoGapps), Multiboot, XDA Legacy
Predatorhaze said:
It will not look weird if this is true.ROMS from axon7 are maintained by someone from an "unfriendly state"
Click to expand...
Click to collapse
ZTE, a government audited company from China recently got whipped by the USA for breeching privacy laws and providing equipment to Iran and you are worried about Russian and Turkish developers?
Do you realise that the Turks are big allies of the west? They fight with the west against trouble in the middle east.
And what connection would a developer have with any politics anyway?
Who says developers dont work in secret for the government? but i say crazy things fast lol,but not impossible.What else can the problem be?Google sources?
Predatorhaze said:
It will not look weird if this is true.ROMS from axon7 are maintained by someone from an "unfriendly state"
Click to expand...
Click to collapse
Predatorhaze said:
Who says developers dont work in secret for the government? but i say crazy things fast lol,but not impossible.What else can the problem be?Google sources?
Click to expand...
Click to collapse
Please stop posting, unless you have something on topic to contribute. You're embarrassing yourself. Perhaps ZTE, please learn to read and get a basic understanding before spewing your filth.
https://economictimes.indiatimes.co...nshots-of-activities/articleshow/64896557.cms
I would try that recovery app but how could I trust that app, not being malicious?
Can't find anything helpful about that app dev.
SilentEYE said:
I would try that recovery app but how could I trust that app, not being malicious?
Can't find anything helpful about that app dev.
Click to expand...
Click to collapse
You can twrp backup first, test and restore after. Keep net turned off all the while or use a firewall.
edit: to external card to not lose deleted recoverable images
Im not saying the developers are,but ther governments.But probably im wrong lol
Infy_AsiX said:
Seeing similar screenshots here on Kranoner's last RR-O. My system has a lot of mods, but yours is clean right so it's not likely our apps or mods. I checked there's nothing similar on my Sony Z3C L14.1. Could be from custom bootstack or recovery. More likely it could be from closed ZTE code in drivers or bootstack. Easy way to narrow the cause to being proprietary ZTE code is running complete stock with root for awhile to check if it occurs. My ROM is B32 Nougat source with it too (though I think it has some Chinese B10 source mixed in looking at github), so can run B32 stock to check. Some screenshots are saved as 1440 while some as 720 resolution.
Click to expand...
Click to collapse
What directory did you find these in?
I got one better, was trying to download one of the HellsGate Kernels on my computer and Chrome won't let me download it due to a Virus detected and MSE quarantined it. I tried two different mirrors and same thing. Could be a false postive after reading about it but just want to let people know about it.
greencartim said:
I got one better, was trying to download one of the HellsGate Kernels on my computer and Chrome won't let me download it due to a Virus detected and MSE quarantined it. I tried two different mirrors and same thing. Could be a false postive after reading about it but just want to let people know about it.
Click to expand...
Click to collapse
Report says it's a Win32 trojan. Don't think that applies to an Android kernel build file. Probably false positive

Resources