1. Tämä sivusto käyttää keksejä (cookie). Jatkamalla sivuston käyttämistä hyväksyt keksien käyttämisen. Lue lisää.

Droiddream-virus

Viestiketju Android -keskustelu -osiossa. Ketjun avasi kata13 04.03.2011.

  1. kata13

    kata13 Member

    Liittynyt:
    01.03.2009
    Viestejä:
    26
    Kiitokset:
    0
    Pisteet:
    11
    Hei
    Luin juuri kauhuissani Droiddream-viruksesta. Minulla on Android 2,1. Viidenkymmenen
    listalta kts.http://www.androidpolice.com/2011/03/01/the-mother-of-all-android-malware-has-arrived-stolen-apps-released-to-the-market-that-root-your-phone-steal-your-data-and-open-backdoor/ löytyi Scientific calculator, jonka olen imuroinut helmikuun puolivälissä.

    Minulla on myös AVG-antivirus free puhelimessani, joka koko ajan ilmoittanut, että puhelimeni on "clean".

    1) Mistä nyt tiedän mikä on puhelimeni tila? Poistin nyt tuon ohjelman, mutta sehän ei auta, jos puhelimeni on saastunut.
    2) Jos näin surkeasti on käynyt rakkaalle Galaxy-S:lleni niin mitä minun pitäisi nyt sille tehdä?

    Olen ei-nörtti mummeli, joten jos joku osaa auttaa, niin mahdollisimman helposti pureskeltavassa muodossa please.
     
  2.  
  3. kata13

    kata13 Member

    Liittynyt:
    01.03.2009
    Viestejä:
    26
    Kiitokset:
    0
    Pisteet:
    11
    Jatkoa
    Virusta sisältäneet ohjelmat on jo poistettu Android-marketista? Siellä on edelleen kaksi Scientific calculatoria, joista toinen oli minun. Hyvällä onnella AVG on oikeassa ja puhelimeni on clean. Mutta kuinka sen selvitän?

    Löysin netistä puhdistusohjeen ja on pläkkiselvää, että itse en tuosta selviäisi tuhoamatta puhelimen softapuolta lopullisesti. Mistähän sellaista palvelua olisi ostettavissa, jos tarvitsisi?

    Recover from the DreamDroid virus
    Published on March 3, 2011
    You may have missed the recent news about the DreamDroid virus that is affecting Android phones. This virus is embedded in more than 50 apps, which have since been removed from the Android Market. The DreamDroid virus uploads your personal information to a server, roots your android phone, and downloads to the phone additional software. Read more about DreamDroid on ArsTechnica.


    If you are running Gingerbread (Android 2.3), Android 2.2.2, or a patched ROM, you are safe from infection.

    If you’re not running Gingerbread, 2.2.2, or a patched ROM, and you downloaded and ran one of the 50 infected apps, then you are infected. The only way to recover from the virus is to do a factory reset on your android phone and format the SD card to ensure everything is clean.

    Pre-wipe preparations
    Uninstall any infected software you currently have on your android phone
    Create a new backup of all your apps using Titanium Backup
    In Titanium, be sure to delete backups of all uninstalled apps (including the virus, duh)
    Connect the android phone to your computer and copy everything off of the phone itself. Not the SD Card (yet)
    Make note of your system setup (accounts, screen layouts, etc)
    Reboot into Clockworkmod recovery and do a backup
    Mount the SD Card and copy all of your data off the SD Card to your computer
    Wipe the android phone
    With the SD Card still mounted, in windows format the SD Card as FAT 32. Make sure not to do a quick format as that just deletes the files on the card. This will take a while, especially if you have a large SD card
    Follow Doug Piston’s directions here for going back to stock. You do not need to go S-Off.
    Re-root
    You now have a stock android phone and need to install Clockworkmod and Su. The easiest way to do that is to use Unrevoked Recovery. However, because you’re still S-Off, you can also just download the latest version of Clockworkmod and Su and flash them yourself from HBOOT.

    Be sure to remove the stock PB31IMG.zip file from your SD Card first, before running Unrevoked!

    Once you’re all set with Clockworkmod and Su you can install your favorite ROM. Then, reboot back into Clockworkmod, if you’re not already there, and either apply the zip file found on XDA Forums, or do the following:

    In Clockworkmod mount /system
    Use adb shell to connect to the android phone and run the following commands
    touch /system/bin/profile
    chmod 644 /system/bin/profile
    You’re now protected against the exploit. If your ROM has not taken steps to implement this patch, you will have to do this every time you update your ROM. If you’re using a ROM that isn’t patched you should reach out to the dev and suggest they patch their ROM (or find a new one).

    Restore your android phone

    If you haven’t already done so, go ahead and setup your phone. You now have an android phone, with your favorite ROM, configured just the way you like, patched against the exploit, with no apps. Go ahead and make a new backup in Clockworkmod. Save this backup to your computer somewhere and call it something like DD.MM.YY-RomName-NoApps. This way you can always get back to a virus free base should anything happen to your phone in the future.

    To get your user apps back you’ll want to:

    Install Titanium Backup from the market
    Copy your data back to your SD Card
    Use Titanium Backup to restore ONLY your user Apps – not system apps – just to be on the safe side.
    Once your android phone is back in a working condition, and setup just the way you like it, with your apps, go ahead and make another backup in Clockworkmod. Call this one DD.MM.YY-RomName-WithApps. From this point forward you have two virus free backups – one that is a “stock ROM” backup and one with all your apps.

    Your android phone is now virus free and your android phone should be back to where it was (or close to it) when you started.

    A few things to remember
    Always look at the developer, downloads, and reviews before installing any app
    Always look at the requested permissions of the app before installing it. Some of these apps were requesting permissions they had no need to be requesting (a bowling app that sends SMS?)
    Install an anti-virus app to keep your phone clean
     

Jaa tämä sivu