Root Success!!! Bloatware Removed!!!

[BlastGT1]

I would guess because it has a literal rootkit in the zip file.

 

[eljefe0000]

worked great thanks mike

 

[gamekid2k]

I would guess because it has a literal rootkit in the zip file.

I guess it makes sense because we are trying to gain root access

Exploit:Unix/Lotoor

(?)

Encyclopedia entry
Updated: Mar 15, 2011 | Published: Mar 12, 2011

Aliases

• Android.DreamExploid.1 (Dr.Web)
• Exploit.Linux.Lotoor.l (Kaspersky)
• Backdoor.AndroidOS.Rooter.a (Kaspersky)
• Android/DNightmare (McAfee)
• Troj/DroidD-A (Sophos)
• Android.Rootcager (Symantec)
• rageagainstthecage (other)
• exploid (other)

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected. Detection initially created:
Definition: 1.99.460.0
Released: Mar 02, 2011


On this page

Summary|Symptoms|Technical Information|Prevention|Recovery




Summary

Exploit:Unix/Lotoor is a detection for specially-crafted Android programs that attempt to exploit vulnerabilities in the Android operating system to gain root privilege.


Top

Symptoms

There are no common symptoms associated with this threat. Alert notifications from installed antivirus software may be the only symptoms.


Top

Technical Information (Analysis)

Exploit:Unix/Lotoor is a detection for specially-crafted Android programs that attempt to exploit vulnerabilities in the Android operating system to gain root privilege.
Installation

Exploit:Unix/Lotoor is dropped and installed by TrojanSpy:AndroidOS/DroidDream.A. Once installed, the exploit is present as the following names:

• rageagainstthecage
• exploid

Payload

Allows root access
When run, Exploit:Unix/Lotoor allow a remote attacker to gain administrator privilege to the device running Android operation system.

Connects to a remote website
Exploit:Unix/Lotoor decrypts the name of a remote server provided by TrojanSpy:AndroidOS/DroidDream.A such as "184.105.245.17". The server address is used to send user identifiable data from the affected mobile device.
Additional Information

For more information about TrojanSpy:AndroidOS/DroidDream.A, see the description elsewhere in the encyclopedia.

Analysis by Tim Liu


Top

Prevention

Install security software on your device

This malware affects mobile devices. Additional information on how to attain security software for your mobile device can be found here: http://www.microsoft.com/windowsmobile/en-us/totalaccess/columns/mobile-security.mspx​

Additional resources for protecting your mobile phone

Many of the threats to the integrity of data on a mobile phone can be avoided if users take proper precautions. The six tips listed in following link explain how to reduce threats posed by unwelcome access, accidental erasure and corrupted files, phone loss, theft, and damage: Windows Mobile Phones Support | Windows Mobile | Windows Phone 6.5​

Top

Recovery

Install security software on your device

This malware affects mobile devices. Additional information on how to attain security software for your mobile device can be found here: http://www.microsoft.com/windowsmobile/en-us/totalaccess/columns/mobile-security.mspx​

 

[pl0323]

Worked great, many thanks...

 

[MikesTooLz]

Thanks Mike, I can now download the program. Any clue why some Anti Virus (MS Forefront, etc) programs are flagging this file as a virus?

android is linux/Unix based. the rooting process is exploiting linux/unix exploits to gain root access on the phone.

 

[Phonzy]

Could not enable usb debugging after the root process. Anyone else come across this? Also, any way to back up image before root? This phone has connectivity and driver issues and seems to be improperly supported by samsung. Thanks!

 

[dongemus]

Man I can't say thanks enough! This worked great and I feel safer knowing those apps are gone, not to mention the battery savings. Thank you for doing this all and then sharing it with us AND taking requests along the way. Way to be the guy

 

[i3igmind]

Howdy,
First of all I would like to thank you so much for your hard work. now thats off my chest!

i have not notice any different to be honest with you, that battery life is the same, nothing changed! also comparing the size of my internal phone 1.58GB before and after your mod shouldn't it at least free some space???

please help me understand and i could be doing something wrong

p.s: phone stay on charged over night and by 9:00am it is at 35% i don't do any calls txt or nothing !!! i start to hate losing my HTC EVO over this

any suggestions please.

 

[dongemus]

p.s: phone stay on charged over night and by 9:00am it is at 35%.

Do you turn off LTE with anycut? That helped a lot as well. Do you have Advanced Task Killer or similar running?

 

[wb1960]

I am using a notebook running windows 7 with 64 bit. I CANNOT get the USB drivers to successfully install. It says it has failed. I have tried 4 times and rebooting to install doesnt work either??

 

[tiede]

Which drivers are you talking about/using?

Are you following the first post to the letter? I have win7 as well and everything was fine...

 

[gamekid2k]

It worked but had to do it twice. BTW I forgot I clicked Yes or NO on the last question "one that gives all apps root access". How can I do a test to see which version of su I got?

 

[wb1960]

I cant even download the samsung usb drivers to my notebook to begin this process

 

[tiede]

I just tried downloading again and it works just fine diagnosing from my phone. Make sure you are using the android invasion link provided by the OP. I can't see a reason why you wouldn't be able to download it when everyone else can... If all else fails, you can always test if the site is up for you by going to IsUp.Me -> Check if your website is down or up? and entering androidinvasion.us in the test field.

 

[i3igmind]

Do you turn off LTE with anycut? That helped a lot as well. Do you have Advanced Task Killer or similar running?

anycut just turns off the LTE for 5 min then its backup again! (or atleast thats whats happening in my case!!)
i read somewhere in the forums that you don't need task killer if you are 2.+ android OS?

please advice
Thank you

 

[rjsweesy]

anycut just turns off the LTE for 5 min then its backup again! (or atleast thats whats happening in my case!!)
i read somewhere in the forums that you don't need task killer if you are 2.+ android OS?

please advice
Thank you

2.1 yes

the indulge has a built in task killer but on my optimus running 2.2 the task killer actually slowed the phone down

 

[i3igmind]

2.1 yes

the indulge has a built in task killer but on my optimus running 2.2 the task killer actually slowed the phone down

so any solution for the battery, i just hate to keep it plug in all day, F*@#k if i wanted that i would 've got a landline phone

 

[gus4269]

so any solution for the battery, i just hate to keep it plug in all day, F*@#k if i wanted that i would 've got a landline phone

c'mon this is a very cool landline phone.

 

[surfratz]

Thanks Mike your script worked flawlessly. Took me less than 3 minutes to do it.

 

[MikesTooLz]

c'mon this is a very cool landline phone.

Yeah, this is the first land line phone that runs android!!!
It also becomes a "Car Phone" like they had in the 80's once you plug it into your car.

 

[betsuni78]

Yeah, this is the first land line phone that runs android!!!
It also becomes a "Car Phone" like they had in the 80's once you plug it into your car.

it's a really great deal... it's 3 phones in one... the third being a cellphone... but it doesn't really work that well as one.

 

[betsuni78]

Yeah, this is the first land line phone that runs android!!!
It also becomes a "Car Phone" like they had in the 80's once you plug it into your car.

it's a really great deal... it's 3 phones in one... the third being a cellphone... but it doesn't really work that well as one.

 

[pl0323]

factory reset should wipe off the root but the bloatware apps would still be gone. To add the bloatware apps back again you would need to just download them again from the metro App store. I left the Metro App Store in tackt so that you can add back the stock apps from metro if you ever decided you wanted them again.

I wanted to try metronavigator, so I downloaded it, it's a zip file, how do I install it???

 

[TRS-80]

c'mon this is a very cool landline phone.

Yeah, this is the first land line phone that runs android!!!
It also becomes a "Car Phone" like they had in the 80's once you plug it into your car.

it's a really great deal... it's 3 phones in one... the third being a cellphone... but it doesn't really work that well as one.

Funny, because true (unfortunately)!

Still love the phone though... but I am in/near my truck and/or office most of the time with power supplies a plenty at hand (power inverter, truck mounted laptop, etc.) so it's not an issue for me personally. Now if I ever need to be away from my truck for an extended period... I dunno, guess I will eventually get a spare battery for that...

 

[MikesTooLz]

I wanted to try metronavigator, so I downloaded it, it's a zip file, how do I install it???

just install it from the metro app store app.


TRS-80 - at least that thing has a big battery.



I need to get a big battery bag for my phone like the one "the Dude" carried around in the big Lebowski.