Support Will factory reset remove viruses?

Discussion in 'Android Devices' started by androidvisitor, May 1, 2011.

  1. androidvisitor

    androidvisitor New Member
    5

    May 1, 2011
    3
    0
    5
    Hi, I have an LG Optimus T with T-Mobile, after downloading and installing 2 SNES emulators (Snes9x EX and Snesoid Lite), I noticed that when I go to secure websites for example wlm.com (msn messenger) and citicards.com, it keeps telling me the website certificate is not to be trusted. When I check the certificates, it shows the website was assigned to completely unrelated organizations? e.g. for citi, it's assigned to d.xp1.ru4.com signed by geotrust. I checked the same page on my computer, and it's correctly assigned to citibank by verisign. I thought I was infected by a virus, so I removed and formatted my SD card, and did a factory reset, but the problem has not gone away, I am still getting the non-trusted certificates problem. This had not happened before... What are my options? my phone is not rooted and not unlocked yet. I downloaded and scanned with Lookout AV, and returned negative, too. thanks!

     

    Advertisement
  2. sitlet

    0

    Apr 11, 2010
    5,867
    633
    0
    If you did a factory reset, that would have removed any viruses that were on your phone. It must be a problem with their website.
     
  3. androidvisitor

    androidvisitor New Member
    5

    May 1, 2011
    3
    0
    5
    thank you, I guess it could be my phone software too, I ran a software update recently as well. Or could a SIM card harbor any sort of virus, since it can flash contact info, it must have some memory? (though I doubt it). This unsettles me though when I go to citicards.com and it tells me the certificate is from d.xp1.ru4.com. If I wanted to correct it, what other options do I have? thx
     
  4. EarlyMon

    EarlyMon The PearlyMon
    Moderator
    10,118

    Jun 10, 2010
    57,623
    70,354
    10,118
    New Mexico, USA
    Verify this anomaly on a clean desktop browser before proceeding further.

    Contact CitiBank immediately and report the hijacking to their fraud dept, state both results, phone and desktop.
     
  5. A.Nonymous

    A.Nonymous Well-Known Member
    213

    Jun 7, 2010
    7,061
    965
    213
    It's likely not an issue with your phone and is an issue with the website. They're probably using a certificate that requires an intermediate certificate be installed and it's not configured properly.

    FWIW, I went to citicards.com on the mobile browser on my Galaxy Tab (which I'm fairly certain is not infected) and got the same message you're getting. It's a problem with the implementation of security certificates on the server side, not client side. Phones are dumb devices when it comes to reading certificates and if it's not set up just right on the server side, they don't read them correctly.
     
  6. androidvisitor

    androidvisitor New Member
    5

    May 1, 2011
    3
    0
    5
    Thank you A.Nonymous, hopefully that's the case. I just pulled my SD card and SIM card out, and factory reset the phone, still the same, so what you said is likely true. thanks

    I also tried chase credit card website, the certificate presented is that of *.doubleclick.net as well, signed by "google internet authority".
     
  7. A.Nonymous

    A.Nonymous Well-Known Member
    213

    Jun 7, 2010
    7,061
    965
    213
    I'd bet money that if anyone here went to citicards.com on their phone's browser, they'd see the same thing.
     
  8. novox77

    novox77 Leeeroy Jennnkinnns!
    VIP Member
    313

    Jul 7, 2010
    3,965
    3,256
    313
    CM7.0.2.1. Don't see any problems. even after logging in. (gingerbread-based ROM; might have something to do with it?)
     
  9. dylo22

    dylo22 Well-Known Member
    93

    Apr 19, 2010
    743
    119
    93
    Yeah no problems here with log in. I have stock thunderbolt.
     
  10. GrenW

    GrenW Well-Known Member
    93

    Apr 16, 2010
    799
    130
    93
    UK
    I've had 2 or 3 instances of invalid certificates in the past week. All with sites I trust. Never had any problems.
     
  11. Matransh

    Matransh New Member
    5

    Jan 2, 2016
    3
    0
    5
    Male
    I have a coolpad dazen 1. I got some viruses and need to remove them. I need to do flash for removing them. Instead of doing flash, will factory reset remove the virus ? Pls tell me. I'm in safe mode now. Should I do factory reset or flash ?
     
  12. mikedt

    mikedt 你好
    Guide
    7,028

    Sep 22, 2010
    20,138
    10,393
    7,028
    Teachaaa
    Jinan, China
    If the malware is in system, i.e. root. You'll have to re-flash it. Try a factory reset first, and if that doesn't clear it, then flashing with a clean manufacturer's ROM is definitely required.
     
  13. Matransh

    Matransh New Member
    5

    Jan 2, 2016
    3
    0
    5
    Male
    Ok thx bro
     
  14. Matransh

    Matransh New Member
    5

    Jan 2, 2016
    3
    0
    5
    Male
    I can do factory reset and I've done it too but it didn't worked. I don't know how to flash my phone. Can u pls tell me how to remove the virus by doing flash. Pls tell me if u know. Thank You.
     
  15. mikedt

    mikedt 你好
    Guide
    7,028

    Sep 22, 2010
    20,138
    10,393
    7,028
    Teachaaa
    Jinan, China

    Main task is, you got to find an appropriate ROM for it, i.e. a ROM for Coolpad Dazen 1. And once you've got it, should be able to do it via recovery. Unfortunately Coolpad don't have anything you can download. You might have to contact them about it I think.
    http://www.coolpad.com/us/support
    http://www.coolpad.cn/
     
    #15 mikedt, Jan 2, 2016
    Last edited: Jan 2, 2016
  16. laphunhon

    laphunhon New Member
    5

    Dec 4, 2016
    1
    0
    5
    Male
    To del virus in case:
    1. Del but when reboot it auto reinstall when boot
    2. Factory reset , it still reinstall
    3. Flash room, it still there
    How to fix: Formation partition USRDATA by SP_Flash_Tool V3 + factory reset after format
    Step 1: Open Phone normally, Set USB debug mode and connect with PC by USB Cable
    Step 2: Get Android_scatter.txt by MTKdroidTools (google search pls)
    Information need in file .txt:
    - partition_index: SYS17
    partition_name: USRDATA
    linear_start_addr: 0x65100000
    partition_size: 0x168320000
    Step 3: Run SP_Flash_Tool V3 chose Scatter-loading-> file .txt in step 2
    Step 4: Chose formation->Manual Format=> Input BeginAddress(hex) = linear_start_addr và Format Length (hex) = partition_size then OK
    Step 5: NO REMOVE CABLE USB between Phone and PC,unlock screen phone, hole Phone Power Button chose reboot (Phone will reboot and when it turn on power, it will into mode PreLoader (switch-off) for SP_Flash_Tool excute formation.
    Step 6: After format , Remove cable USB , put phone into Recovery Mode then Factory Reset
    Step 7: after Factory Reset , reboot into System and your Virus should be clean.
    In case you not lucky, virus still there, you need download room of your phone. After Formation partition USRDATA, you must flash room (to safe, should only flash : [ system.img or boot.img+system.img ] and + userdata.img (if have) )
     
    #16 laphunhon, Dec 4, 2016
    Last edited: Dec 4, 2016
Tags:

Share This Page

Loading...