Database Info

Cerberus In ROM Manager why???

Not been on the forums or even had time to flash any ROM's for a few weeks but tonight I've got a couple of hours free, so just been looking through ROM Manager and came across Cerberus, I thought it was a new ROM at first so I took a look. Only to find out it's an APP not a ROM (weird really).
I was just wondering if anyone had tried it or know anything about it and does it really deserve a place in ROM Manager when its not even a ROM, even if it the best thing since sliced bread I'd still expect it to be in extras anyway.
Sorry If this has been discussed but like I've said Ive had no time so am a little out of touch
Thanks

Never heard of it before but I found out about it just like you did. From what I can tell it's the same as the marketplace app - https://market.android.com/details?id=com.lsdroid.cerberus&hl=en
I will admit I haven't tried either version (ROM manager version or marketplace), but it seems to have decent reviews. I agree though, it seems weird in ROM manager under the normal ROM listing... I expected it to be under Extras too.

UPDATE***
Flashed it through CWM although it can be downloaded from the market as pointed out.
What an amazing piece of kit. you get a weeks free trial but I paid 2.60 or there about.
I can't explain how good it is, if you have ever been concerned about loosing misplacing or having your Nexus slolen, then this most definately for you.
If you buy the full version you can add up to 5 phones.
It enables you to track, wipe take a picture, request call or sms log display a message sound an alarm even record live for up to 5 mins at a time, ether by loging on to there ste online or by sending a text message to your phone.
By far the best security app I've ever seen.
Check it out, its free for a week and if you don't buy it there must be something wrong with you.
And honestly I'm not assosiated with the app or its developers, just know a great app when I see one
https://www.cerberusapp.com/

Hi, I'm Cerberus main developer.
First of all, if you have any questions on Cerberus feel free to ask!
Then, regarding the inclusion in ROM Manager, I'd like to explain how and why it happened.
Cerberus has additional features if you integrate it into the rom. It cannot be uninstalled (I mean, it can only be deleted by flashing a new rom or using adb/terminal emulator, but I don't think a lot of thieves know how to do that), and GPS is automatically enabled when you send a "Start tracking" command. So on the website there is a flashable zip for easy installation in /system/app.
A user, who also maintains the ROM Manager repository, told me if I wanted to publish it there too, so integration into the rom would be even easier. Of course I said "Sure, that'd be great"
Now I don't know if there's a specific category into ROM Manager that is fit for Cerberus or whatever, if someone more expert than me wants to write his opinion I'd like to read it.
P.S. If you installed version 1.9beta, there are some nice new features that you can't see yet in the "official" dashboard. More info here: https://docs.google.com/document/d/1jmPnjs07y7rs9tdsMEzwUTQtV2ncjsYcVsPUbBtZAXM/edit?hl=en_US

It is the best app i have ever downloaded.
EDIT: Wow I just read all the comments in ROM Manager and I want to punch so many people.

So to expand on what ajejee said above:
Previously, Cerberus could only be installed either as a regular app with the "Device Administrator" permissions like any other security app, and the associated flaws (like not being able to turn on GPS on 2.3.3+), or by downloading a separate APK off the website and running it on your phone, which would copy the APK to the system partition.
Long story short, putting Cerberus in ROM Manager is a way to make it easier for users to install Cerberus to /system, since most competent root users have ClockworkMod Recovery and at least know of ROM Manager. While yes, it is "odd" for an app to be in the ROM listing, it's not the only non-ROM in there. I also have radio images for the HTC EVO 4G listed as well.
In regards to placing it in "Extras": Yes, that's a nice idea, but with the way RM's manifests work, it's not really feasible. The "Extras" isn't a separate category, but just another manifest that was hosted on Koush's GitHub, and was only being used by Superuser. This means that any time Superuser had an update, or Cerberus would have an update, the developers would have to send a pull request to Koush, and someone would have to merge it in.
I say was, because Superuser and Cerberus both now have their own separate manifests (meaning no more Extras link), and show up as "ROMs" in the Download ROM menu. I've talked to Koush about making a separate "Download App" menu, but the problem with that is that the Market's ToS prevent having an app that just downloads other apps.
tl;dr, this is so Cerberus can be protected against factory resets, apps can kinda-sorta go in the Download ROM menu, and ROM Manager can't have a separate Download App menu.

Pretty cool app!!!!!!!!
Sent from my Nexus S 4G using xda premium

Awesome app and there are even way to get it for free !

Well, you translated the app into Bosnian/Croatian/Serbian so you earned a couple free licenses
There are not many languages left to localize Cerberus into: Korean, Finnish, Arabic, Farsi, Indonesian and Thai.
So if anyone wants to help with some of these translations please let us know!
rijads said:
Awesome app and there are even way to get it for free !
Click to expand...
Click to collapse

Thanks "ajejee" for this nice application.
I can localize Cerberus into Arabic language if you want !

That would be great! Can you please contact me at [email protected] ?
Thanks a lot!

I rooted my LG G2 and I want to install Cerberus in the system, but im new to this, i didnt understand the instructions at their website. Can anybody help me with this?:good:

Thanks
This app is awesome,
my girlfriend's phone (nexus 5) has been stolen twice and i have found it twice! The first time i found it with the front camera photo feature when you fail your password and that person did herself a nice selfie. 10 minuts later y found her and got the phone back. The second time the thief turned it off when she just found it, this time i only could wait her to put her sim in the phone...and it happened, the phone send me her phone number and i found a lot of information (photos,adresses, student,career,year....) called her and again got it back.
But i don't understand one thing, i had bootloader locked and adb not enabled. Even with password for the phone the girl managed to install a different factory image (killing cerberus forever) and i don't know how she did it, i though the phone was completely locked. Anyway i was lucky because she put his card in to the phone before doing that but i'm still confused about that. I'll try to fix that security hole somehow.
Finally i want to thank the developer for make this app, with 3€ my girlfriend saved 700 and who nows in the future maybe more.

cant help you

Cerberus on rom
NexusCrazy said:
Not been on the forums or even had time to flash any ROM's for a few weeks but tonight I've got a couple of hours free, so just been looking through ROM Manager and came across Cerberus, I thought it was a new ROM at first so I took a look. Only to find out it's an APP not a ROM (weird really).
I was just wondering if anyone had tried it or know anything about it and does it really deserve a place in ROM Manager when its not even a ROM, even if it the best thing since sliced bread I'd still expect it to be in extras anyway.
Sorry If this has been discussed but like I've said Ive had no time so am a little out of touch
Thanks
Click to expand...
Click to collapse
Hello, I got this email from Cerbus asking the question would Cerberus survive a hard rest?
reply
Only if you integrate Cerberus into the ROM of the device.
--
Chiara
Cerberus support

[Research] Stock Samsung Apps Catalog & Documentation

Hey guys, as part of my current work on producing a nice modified version of the "stock" firmware for the T-Mobile variant of the GT PLus, the SGH-T869, I have taken the approach of producing what I hope is decent documentation of my entire build process. Part of that has been cataloging all apps included with the "stock" ROM. I've got a very good start in finding at least a cursory explanation of what each app does and what effect removing the app has on the device.
I've been able to remove an alarming number of apps with no apparent ill effects, so at this point I'm turning to you, the XDA community, for assistance in figuring out what the remaining items do.
I have a publicly-viewable Google Docs spreadsheet here.
This spreadsheet is basically a list of every APK present in /system/app on the SGH-T869_TMB_T869UVLG7_T869TMBLG7 firmware, which appears to be the most recent ICS firmware for the USA T-Mobile version. I have backed up all files to an account I set up on Android File Host, and begun the process of linking them into the spreadsheet for easier reference.
As of now the following items are basically a mystery:
-ClipboardSaveService.apk
-CSC.apk
-DSMForwarding.apk
-DSMLawmo.apk
-FTC.apk
-FTM.apk
-FTS.apk
-Keychain.apk
-MobileTrackerEngineTwo.apk
-OmaCP.apk
-OmaDrmPopup.apk
-PanningTryActually.apk
-PCWClientS.apk
-Personalization.apk
-Phone_Util.apk
-PopupuiReceiver.apk
-PRUI.apk
-SecOmaDownloadProvider.apk
-etc
The intent with this document is to serve as a reference for people working with the "stock" Samsung firmware.
If you have any info you'd like to contribute, post to this thread or PM me
Also, I'll need "alpha" testers of my ROM in probably a week.
My initial release is planned to be simply a fully "optimized" copy of the stock ROM, with about 400MB of stock bloat removed, all remaining system apps deodexed and zipaligned, su and SuperSu, and probably some minor aesthetic mods added (1% battery and a themed notification bar).
The primary goal is to produce a nice stock-based ROM for the T869 (which doesn't have a lot of ROM options at present) and also to give the community a nicely documented guide on what I did, which may prove helpful to other would-be ROM makers.

a lot of these are 0MB or 0kb in size, or very small... eg.100kb or so.
You could always decompile these apks, would help you figure it out.
CSC.apk is Customer Service Configuration, or Country Code eg. KOR, XME, EUR
MobileTrackerEngineTwo is reponsible for tracking the device.. Samsung Dive, etc.. I believe.
Panningtryactually.apk involves tilting the device to scroll, etc. this .apk is just for thatwith pop up messages, etc.
Personalization.apk is directly related to CSC. This is the apk that will let you change your CSC I believe.
clipboard save service is obvious, I would keep that.
The others Im sure we could figure out.
I disabled a lot of stock apks and removed readers hub, and my device is pretty fluid as it is.

Awesome, thank you for the information!
I was planning on adding a column for file size into the spreadsheet next, so that bit should become obvious.
I'm pretty sure the ClipboardSaverService is actually a supplemental thing that allows you to "save" clipboard items so you can have multiple items in a stack, because the stock Android clipboard functionality has been working perfectly fine on its own with ClipboardSaver removed.
The more I get to know how the Samsung stuff is built, the less impressed I am by it. Almost all of the "new" stuff they add to their ROMs seems like solutions to problems that don't actually exist. The tilt-to-scroll thing was cool for about an hour, until I tried to use the tab on a bus and kept accidentally triggering it.
So far, with all the stuff uninstalled, I am getting really good battery life from my tab.I'm at 77% after 13 hours of discharging. Now, that's light internet use for a few hours and then sleeping for like 5 hours, but still. It's basically just as good as anything I was seeing from CM10. Work was crazy yesterday cuz we had some people missing, but today should be much less busy so I'll have time to chug away on the spreadsheet some more.
Anyone have any solid idea what Keychain.apk actually does? The name would imply that its some sort of secure storage manager that holds user credentials, like Keychain in Ubuntu and Mac OS X. However, I'm not entirely sure what that would mean in the context of Android. Maybe to manage passwords saved in the browser? I'm gonna have to probe a bit more to find out what it does, probably.

Scratch that theory about the ClipboardSaverService. That special GUI is only present on the stock "Internet" browser, and is present & working even with ClipboardSaverService removed.
Got a few bits of helpful info over here http://www4.gsmspain.com/foros/attachment.php?postid=12686608

there was a few good lists here on xda... also if you have time, learn to decompile these have a peek at some images and .xmls, you should be able to figure them out.
cheers.

FWIW, whenever I see FTM, I think Factory Test Mode.

I ended up "re-stocking" my GT-P7510. which apparently shares roughly 95% of the same APKs.
I have also finally found some actual negative consequences from removing "all" the Samsung stuff, attempting a download in my stock browser currently causes the app to crash.
This should help determine what at least one of the "mystery" APKs actually does

I don t know what the above mentioned "mysterious" apks are, but what I know is that I removed all of them already a while ago, and my p6210 works like a charm. But it s a wifi only model, for 3g models apks that are phone related shouldn t be removed, for obvious reasons...

[Completed] Customizing Cubot X9's rom(replacing apps issues)

Hello everyone
i think this is my first post or one of the first on this forum, i'm a videogame modder(vice-boss at VStanced.com) who for fun also mods/dismounts/analyzes everything that slips in his hands(like, seriously every single thing). I have a semi-good knowledge of java and from some years i'm learning more and more about android, yet(as you can see) i still need help from time to time to figure out some stuff.
So, enough of presentation, time to talk about what i came here for.
I've been gifted a Cubot X9 some days ago, so the first thing i did was rooting(Kingroot -> Supersu-me) and applying a custom recovery(TWRP), i backed up rom and nvram with sp flash tool and the base rom(just rooted and recovery-ed) from recovery to make sure that in case i f**kd up something i could restore it without issues.
After that i restored all the additional apps and a couple gapps(Google Play Store, Google Play Services, Google Account Manager, Google Latin Keyboard) from a backup(Titanium Backup) of my old phone, a LG P990(Optimus Dual/X2/Star/Speed) and it all worked straight at first try. As soon as i finished restoring these i got myself a new recovery backup to prevent having to redo everything once again.
At the moment there are still 4 things that "bother" me, i've not been able to install Dialer, Contacts and Messaging apps from that same backup(they're a lot more comfortable than Cubot's original ones) because they just f**k up the whole thing, after a restart(either with or without cache/dalvik cleanup) System starts flickering/turning on and off and with it the background and the SIM control(it stop receiving any signal/recognizing the sim and wont allow me to open the sim selector/editor - for dual sim mode).
I've installed the first two apps(Dialer and Contacts) flawlessly with a root explorer(ES file explorer) and after deleting all odex files related to the old apps they worked well, cant say the same for Messaging(Mms.apk), it works but as soon as i press either on a received message, on the "new message" button or on "setup" it crashes to desktop.
Moreover, i'm not able to install the data backup(i'm mainly interested in contacts and messages but also the calls history) from Titanium Backup otherwise i'll get those issues i said above.
Mind both phones are 4.4.4 and so are their apps, on the LG P990 i had installed Slimroms' Slimkat but those apps i named should all be stock Google KitKat's ones(correct me if i'm wrong) and thus should work 1:1 on any 4.4.4 OS. Should.
You may ask me why i dont simply use google's backup system, so here's the answer, it is because i just dislike uploading my personal data and i honestly prefer figuring out how to do stuff manually.
I tried moving the *.db files from the old phone but they either cause to not show any messages(mmssms.db) or to not receive signal/not recognize the sim(telephony.db).
I have also installed an app called WAPPushManager.apk(com.android.smspush) from the old phone because i thought it could be somehow connected with the crash from clicking on the new message button but nothing changed.
So now i'm kinda lost, i have no clue if i'm missing to delete/add some files, or replace/add some apps.
Here's a few pics of the apps of which i'm speaking
I hope someone will be able to help me out on this, thanks a lot everyone for even bothering reading all this drama. hahaha
Also, yeah, you noticed well, i said that there are 4 things that bother me but i talked only about 3 things so here's the 4th:
this is more like a random question than a real issue or anything else(since i didnt even try yet). I would like to get the system bar and options/setup menu from the old phone(LG P990 Slimkat) to the new one(Cubot X9) but i have no clue if it is doable or not and what it eventually implies.
I'm looking forward for some magic to happen, thanks again
- BB93

Alright, i've been able to transfer all my contacts, calls and messages using an app called Super Backup, it did the trick quite quickly.
I still cant figure out why the Mms.apk wont work, i sent it over to a couple friends and all of them installed and used it right away. I am now almost sure the Cubot wont work correctly with it because it's dual-sim... in case there's anything(scripting wise) that can be done to make it work properly?

Well i kinda solved all my problems, for some reason that app just dont want to work on this phone, i downloaded another "kitkat 4.4 stock messaging app" from google play and it worked straight on... or almost, because for some reason that Super Backup program was messing my messages in a way that i had two threads for each person, one with sent and the other with received messages. Analyzing the *.xml file created by that tool i realized that it was using spaces between the numbers only for either received or sent messages(i didnt bother checking which of the two was it).
A basic example:
<sms address="+391234567890" time="22/gen/2016 09:18:58" date="1453450738028" type="1" body="THIS IS MY TEXT" read="1" service_center="+291234567890" name="" />
versus
<sms address="+39 123 45 67 890" time="22/gen/2016 09:18:58" date="1453450738028" type="1" body="THIS IS MY TEXT" read="1" service_center="+29 123 45 67 890" name="" />
Click to expand...
Click to collapse
It made so that the phone recognized those as different numbers and thus create the issue i said above.
I hope this little self-research thread will help someone else too in the future, thanks for reading.
- BB93

Bigg Boss93 said:
Well i kinda solved all my problems, for some reason that app just dont want to work on this phone, i downloaded another "kitkat 4.4 stock messaging app" from google play and it worked straight on... or almost, because for some reason that Super Backup program was messing my messages in a way that i had two threads for each person, one with sent and the other with received messages. Analyzing the *.xml file created by that tool i realized that it was using spaces between the numbers only for either received or sent messages(i didnt bother checking which of the two was it).
A basic example:
It made so that the phone recognized those as different numbers and thus create the issue i said above.
I hope this little self-research thread will help someone else too in the future, thanks for reading.
- BB93
Click to expand...
Click to collapse
Hi,
Thanks for using xda assist.
I see you've solved your problem. Thanks for being so thorough with your post. This should help others with the same problem. Enjoy the site :good:
Thread closed.

BLU STUDIO X5 (S390U) Stock ROM infected.

Hello guys, as you probably see I'm new at this forums, there's only one reason I joined and is because I own the BLU STUDIO X5 (S390U) since while ago.
I noticed that this phone has built-in somewhat thing of malware on the system APKs of it. What do I mean? Don't matter how many times you do a clean, use anti-malware apps, hard-reset, even flashing to a new stock ROM or a CROM made from the original one: The problem is going to persist.
So... Tell us, which would be the solution? Well I was analysing all the possibilities, even evolving a CROM of it, however this infection it seems to be part of other APKs components, as it is visible through Anti-MalwareBytes, that Settings.APK is corrupted with it.
The solution it seems to be easy but it could be complex, even knowing that other APKs could be infected but are not listed on the scanns: Erasing Settings.APK and try to replace it with a non-infected one, but this is complex as I said.
Before I continue I need to explain what this infection does: After you use the smartphone for first time (counting resets, flashes, etc.) the smartphone is just good, even if your not using internet.
After sometime you will notice some new apps installed on your smartphone, what this infection does is to install them under what it could be called a "Silence mode", PlayStore is not needed to download such apps, either a Web Browser.
But, hey, this doesn't sound bad as it just sounds annoying lad... Aye, this sounds as if the problem is only something redundantly annoying, but not is only that, this malware is found as a Hijack and doesn't sound bad too, however, if someone with enough knowledge knows how to manage a Hijack it can even steal info from your smartphone.
But probably you're thinking, well you can fix it not allowing Unknown Sources APKs to install on it, well...
This is what it takes me to the second point of it: This malware changes the settings of your smartphone whatever the times it wants by itself, don't matter which app you use to not allow this change by itself, it is going to do it anyway.
But why? It seems that the infection has Root Access, what this mean is that it has a higher level access (is running under an Administrator mode).
And we're back again to the solution, you'll think: Maybe if I root it and replace the Settings.APK is going to be fixed, well is not that easy, apart of wasting your time, the smartphone can be even more vulnerable and unstable.
The best solution that is going to work and that's why I posted this here:
To fix this the Stock ROM must be re-built from zero. I'd do this on my own, the problem is that I'm not an advanced user, and I still learning programming and coding at my degree, every help with this would be flawlessly.

[Doogee Shoot 1 ] App Android "Chromes". what's it? [TRIADA Malware]

Dear friends,
i am struggling with a strange APP named "Chromes". It seems to be undocumented (i googled a lot).
The only thing i know is that IT INSTALLS ALONE without any visibile message. After a Factory reset i found it (AGAIN) in the phone.
I couldn't SEEK what / when / Who installs it in my phone.
It gains telephone and archive rights without any ask to me.
I also know that my doogee phone suffers of a vulnerability (never closed) by DOOGEE and i don't know if it'd be related with it.
No clue.
Does anyone have had the same experience? Does anyone have EVER seen it?
Let me know please.
Best Regards.
EDIT: ****warning: I remember to everyone that ROOTING/HACKING/INSTALLING a different ROM in your phone may void the warranty AND can potentially BRICK your phone . Do it ONLY IF YOU KNOW WHAT YOU ARE DOING . I warned you.*****
edit 13/11/2017 *LIST OF REPORTED DEVICE AFFECTED WITH CHROMES (Malware) app *:
----------------------------------------------
Doogee Shoot 1
Gretel A9
UHANS A101
NOMU S10
Leagoo M8
leagoo M8 pro
----------------------------------------------
Report if you have it. Thank you.

i just found it on my phone too and started googling it.. and yours seem to be the only instance ive found so far.. i dont know what it does or where it comes from.. i can close it from the task manager but itll start itself again 3 processes that itself have about 2-3 services.. mostly ChromesService DaemonService and ChromesService2 the main proces seems to be signed from com.appclone.lyhj the second one doesnt have the daemonService and is signed from com.android.qnsettings and the third one had com.yunshi.market listed. again i dont know there they come from or whats their purpose.. and if they have anything to do with the ad popups i get since a few days now that dont seem to be app related since its the same popups for most apps .. apps that dont have those popups natively like whatsapp or facebook. i have since uninstalled pretty much anything and tried some antivirus but i guess its gonna be rooted and gets a custom rom. it is also a china cell called nomu s20 . after googling a bit it seems there are a lot security problems with my device.
edit: ive found something on this link i cant post because i am not a trusted user yet
also after running kaspersky antivirus it did indeed find something (as opposed to the comodo antivirus that kept silent)
it found Trojan.androidOS.Boogr.gsh as the chromesBase.apk and another one i just deleted without writing the name. it seems though this might be related to the Triada-Virus/trojan .. soo.. yeah it might be a good idea to save your stuff and not only try with a factory reset but completely reinstall the whole rom.
edit2: just deinstalling them hasnt solved anything .. the problem sits way deeper meaning it is definitely related to the triada virus. it just reinstalls the software again without anything showing.
edit3: found it.. it is indeed the triada virus on my phone ..

I have been dealing with that damned "Chromes" app for two or three weeks now (BTW, they appear two of them with the same icon and logo.)
MalwareBytes detects it as malware (Avast sometimes does, sometimes does'nt)
I have trie , for sure , uninstalling (completely unuseful) stopping all the apps I can (seems to have an effect in the reinstalling time ), and also keeping them installed but removing the Phone, Storage and SMS permissions, which, surprisingly, remain removed (until you uninstall the app)
I dealed in the past with the virus app on the Shoot 1 firmware, which turnaround solution (disabling the fake app) worked OK for me. But recently there have not been any fw update, so this time is not the firmware the responsible.
Any hint or help will be greatly appreciated.
¡Cheers!

Hi guys!
I'm having the same problem as you two. I can't believe that Doogee has screwed up on this again... (I also have the shoot 1 [nice screen ]) I'm surprised that, as you said, I've not found anything on the internet about this*. In addition, the application consumes a large amount of mobile data!
I hope there is an update soon, and that the problem is solved
Thank you all for your comments! Greetings from Spain!!
*Well, here they have the same problem
https ://android.stackexchange.com/questions/185520/how-to-get-rid-of-a-malware-app-chromes

Don't wait too much from Doogee. In fact don't wait nothing at all. They didn't solved yet the firmware virus that came with the first OTA update. We're alone...

And your GPS signal how is it going? In my case it does not get fixed to any satellite. Has someone managed to root it successfully? The truth is that I do not understand much about this, that's why I'm a bit afraid to do it.
I found this in a spanish forum, look at the last post (#19). (I think you have to translate it )
http: //ww w.htcmania. com/showthread.php?t=1291106
Summing up a bit, he says that Doogee sells mobiles with malware in the system. The fact is that they do it conscientiously. And then put a "solution", which is to install a firewall, so that you can control the internet connection of the applications.
Thanks again!

Some updates...
let me give you some updates :
1) the Shoot 1 phone is not easy to root with standard tools (kingroot & others: i tried a lot of them);
1) i successfully installed twrp with the FLASHTOOL and a specific recovery image TWRP + SU (if needed i can help about it);
2) I backupped everything (included malware of course) just to be sure i could go back in case of brick;
*** 3) I downloaded and installed the FANTASTIC lineage OS without any STUPID bloatware. ***
My phone is secure and fast NOW.
i warmly RECOMMEND all of you to root and update to lineage OS 7.1.2 (ver 14). Thankx to the lineage team! **they deserve a donation!!****
* about Shoot1 GPS *
i still didn't test it with the new LINEAGE and i will update you
Before i discovered the malware inside the GPS was not fixing correctly and in general not working like my previous LG or HTC
I was using an external BLUETOOTH antenna by using a middleware driver named Bluetooth GPS. Once you configured the driveer it works like a charm with tomtom and all GPS software ( i tested a lot). The external GPS solution lets the phone cold and free to charge during long gps travel session.
I will test anyway with the internal GPS again with the new LINEAGE ROM.
For any test or info write here and send me a PV message.
UPDATE: the lineage team is releasing the version 15 (development) with OREO. Anyway i will not install it soon. I am SOOOO SOLID now!

jmam said:
Any hint or help will be greatly appreciated.
¡Cheers!
Click to expand...
Click to collapse
Unfortunately you can't get rid of it. No one knows if there is another fake app or background service that loads it again. It seems to appear (after a factory reset) some days later (i.e. just the time to download from whoknowswhere).
The fact is that I CAN'T TRUST ANYMORE the Doogee and the entire ROM so i warmly suggest you to ROOT (via TWRP + SU) , backup all, and install a LINEAGE fresh n° 14 release for shoot 1.
i did it and it worked like a charm.

Chromes
I have phone that is not rooted or changed firmware. Antivirus said that i have chomes and facebook apps that are not safe, but i do not have facebook installed. I tried factory reseting the phone twice, but it still comes back....

Have got the same "Chromes" problem on Gretel A9 mobile. Not rooted, only used Google Playstore for few apps. So frustrated and so little information on how to solve it for a non techie like me. Tried to contact Gretel who never reply. Still under an AliExpress warranty but not sure if malware stuff is covered. Needrom have the official stock rom for the A9. Do I have to root the phone to reinstall a clean stock rom? Can anyone point me to instructions on how to replace the stock rom? Thanks for any help.

I am really sorry to say that. The SUPPORT from some of these Chinese Supplier is really poor. I can't help you with your GRETEL . Please search on this XDA forum is anyone can do .
Root it and install a reliable distro. Be careful: when you root your phone you loose your WARRANTY and (sometime) some functions of your phone is not available or not available at 100%.
Custom ROMs should be considered ALWAYS as "bleeding" and "in development".
As i said i will never buy anymore low cost China phones DUE to this lack of support and this (unbelievable) disattention to release malwared firmware.

Deki-bg said:
I have phone that is not rooted or changed firmware. Antivirus said that i have chomes and facebook apps that are not safe, but i do not have facebook installed. I tried factory reseting the phone twice, but it still comes back....
Click to expand...
Click to collapse
I struggled a lot to remove it with normal antivirus and antimalware.
It seems to BE NOT POSSIBLE without a rooted phone.
In my phone there were 2 problems:
1) the malware CHROMES
2) the injected system library (dunno what it does).
So , once i removed the CHROMES %$£"%$£% app....i could not know if it was related (or somehow connected) with the malware injected system library. So i couldn't trust anymore that factory o.s. and i replaced it with LINEAGE (atm something not working 100% like GPS) but at least it's clean and works.
I hope LINEAGE could support more chinaphones to get rid of the buggy malwared firmware from Doogee, Gretel and others Chinamakers

UHANS A101 affected as well!
CHROMES and
fake FACEBOOK app

garibald75 said:
I am really sorry to say that. The SUPPORT from some of these Chinese Supplier is really poor. I can't help you with your GRETEL . Please search on this XDA forum is anyone can do .
Root it and install a reliable distro. Be careful: when you root your phone you loose your WARRANTY and (sometime) some functions of your phone is not available or not available at 100%.
Custom ROMs should be considered ALWAYS as "bleeding" and "in development".
As i said i will never buy anymore low cost China phones DUE to this lack of support and this (unbelievable) disattention to release malwared firmware.
Click to expand...
Click to collapse
Thanks for the reply.
Do warranties usually cover an infected Rom (I'd need to send it to a Poland service centre)
Is it hard to flash a new clean stock rom over an infected stock rom?

owlsman said:
Thanks for the reply.
Do warranties usually cover an infected Rom (I'd need to send it to a Poland service centre)
Is it hard to flash a new clean stock rom over an infected stock rom?
Click to expand...
Click to collapse
If you can't ROOT it, try to open RMA or open a ticket, try (at least). I hope we can MOUNT CASE and create a bit of hype around this CRAZY THINGS .
In my case it doesn worth. The DOOGEE has a really poor website and we yellew there a lot about this malware.
No way to return. IT doesn't worth.
However tell them and try to have it swapped.

Hey guys, I just got the apk. If a dev can make it "peaceful", I will really appreciate that. Just rename the chromes(blablabla).txt to chromes(blablabla).apk

jimmy1235 said:
Hey guys, I just got the apk. If a dev can make it "peaceful", I will really appreciate that. Just rename the chromes(blablabla).txt to chromes(blablabla).apk
Click to expand...
Click to collapse
WARNING for all the users: THIS APK IS FOR DEVELOPERS. This apk CONTAINS a malware. it's *ONLY* FOR RESEARCH purposes. so Don't try to install it!!

the really interesting THING would be to know if it RECALLS some system service or other RESIDENT modules to complete the cleaning and to allow US to use the original firmware again.
Let's see if anyone can help us.

Well... This is getting REALLY deeply...
https://www.kaspersky.com/blog/triada-trojan/11481/

i tested KAV and other antivirus and malware removal tools.
KAV was not able to remove and to detect it.
the 1st (maybe not the only one) that warned me has been DR WEB ANTIVIRUS and it (also) couldn't remove it without rooting.
It's impossibile, though, to know WHAT / WHICH process is linked in memory or injected in the original ROM since the Chinese CRAPPYPHONES are full of bloatware and "weirdware" .
The trust is ZERO for them ATM.