Hi there! I extract all the roms, configs, images, gamelists, themes, etc... and build a new sd card now with Stretch. Now, scraper work properly. You can close the thread. Thank you very much!

@GreenHawk84 I'd definitely back things up every now and then (I do it more or less once a month, but it's more because of my lack of availability than anything else), and keep at least two historical backups (in case you backup something that's already broken, you can always revert to a previous safe backup). I don't update packages nor emulators unless I need to - if it's working and there's nothing new that I really need there, then I don't risk breaking things. The latest thing I've wanted to update for (but still didn't) was several months back when RetroArch launched the lookahead features to reduce input lag. That's one of the key things I'd be looking for. Still, then you read that the latest RA and lr-fbalpha can cause slight frame drops on CPS3 games in certain setups and you struggle to revert those changes if needed. So, my preference: unless there's a meaningful new feature for you or a critical security patch, I'd stay with what you have that's working for you. Also, I am a big supporter of keeping the ROMs in a USB drive and the OS in the SD Card. Easier to backup, transfer roms, and also to set up fresh in a worst case scenario.

To keep files off the SD card I changed the .emulationstation to link else where. I did the update all option and saw it changed the symbolic link too. I guess the reasoning is to recreate a clean slate for those who have broken their existing setup.

Retropie4.4 's support of Xbox 360 controllers is broken Xpad works just fine. Xboxdrv has known issues with multiple controllers but that isn't something the retropie project maintains.

I would love this since I use mame2003-plus and there's no binary for that, so updating everything will take quite a bit of time.

@billyh said in help: Malware and/or backdoors in Retropie??: It's probably me but to me it looks like @Clyde and @cyperghost are saying two different things? Not really, we more of complemented each other. @cyperghost's comment about open ports in the router's firewall are valid, though they should be closed in the router's initial factory setup. It doesn't hurt to check a router's setup for open ports, though, especially if multiple people have admin access to it, or the device was bought pre-owned. It also doesn't hurt to read the tech news about vulnerabilites in common routers, or an occational web search for one's own router model in that regard. Finally, the advice to set strong passwords also applies to one's router, of course, lest it may be manipulated like @cyperghost said. ]:} ... So, in the end, I guess, the main problem with the OP was that the Pi with unchanged credentials was connected to a compromised internet connection? The way I read it as first was that the unchanged credentials was exactly what made the connection an unsafe one but it seems now that there must've been a step or two before that that went awry. Supposedly yes, but without more details from @RikFlorence, we can only suspect that much.

@dankcushions oh, I was just looking at the core information when you go into the Retroarch GUI. It's listed as 1.6.7 - FB Alpha v0.2.97.42 928a4d6.

Anyone able to help me with this at all?

It's from within, via the RetroPie menu. EDIT Looks like it got past the stall by exiting ES and running the setup manually. Might be something to add to the setup script when updating ES to say something like "This must be ran outside of ES."