I have root access in my device, but there is a malware in /system/app/ that I can't delete. This malware installs TimeService, MonkeyTest, and also some other apps like DR battery and privacy guard, and also shows ads.
I'm using ADB shell & I have tried Root Explorer in Android. Dr.Web also can't delete it. When I tried to delete without root access, it gives the following error message:
rm failed for, Permission denied
With root access, I got the following error:
rm failed for, Operation not permitted
Is there a Linux command to delete this kind of files? Should I install BusyBox first?
Answer
Most likely this files attribute is set to "immutable". Which means nobody will be able to edit, rename, move or delete it. (Not even root)
You can check this in linux with the command: lsattr file
If this output shows an "i" my assumption is right.
The immutable attribute can be removed by chattr -i file. After doing this you should be able to delete this file as root again.
As far as I know the android toolbox does not include these binaries. You need to cross compile(your device is ARM based?) busybox for your device and take care that both binaries are included or take a prebuilt busybox binary from a trusted source which includes them.
No comments:
Post a Comment