Dear friends,
i am struggling with a strange APP named "Chromes". It seems to be undocumented (i googled a lot).
The only thing i know is that IT INSTALLS ALONE without any visibile message. After a Factory reset i found it (AGAIN) in the phone.
I couldn't SEEK what / when / Who installs it in my phone.
It gains telephone and archive rights without any ask to me.
I also know that my doogee phone suffers of a vulnerability (never closed) by DOOGEE and i don't know if it'd be related with it.
No clue.
Does anyone have had the same experience? Does anyone have EVER seen it?
Let me know please.
Best Regards.
EDIT: ****warning: I remember to everyone that ROOTING/HACKING/INSTALLING a different ROM in your phone may void the warranty AND can potentially BRICK your phone . Do it ONLY IF YOU KNOW WHAT YOU ARE DOING . I warned you.*****
edit 13/11/2017 *LIST OF REPORTED DEVICE AFFECTED WITH CHROMES (Malware) app *:
----------------------------------------------
Doogee Shoot 1
Gretel A9
UHANS A101
NOMU S10
Leagoo M8
leagoo M8 pro
----------------------------------------------
Report if you have it. Thank you.
i just found it on my phone too and started googling it.. and yours seem to be the only instance ive found so far.. i dont know what it does or where it comes from.. i can close it from the task manager but itll start itself again 3 processes that itself have about 2-3 services.. mostly ChromesService DaemonService and ChromesService2 the main proces seems to be signed from com.appclone.lyhj the second one doesnt have the daemonService and is signed from com.android.qnsettings and the third one had com.yunshi.market listed. again i dont know there they come from or whats their purpose.. and if they have anything to do with the ad popups i get since a few days now that dont seem to be app related since its the same popups for most apps .. apps that dont have those popups natively like whatsapp or facebook. i have since uninstalled pretty much anything and tried some antivirus but i guess its gonna be rooted and gets a custom rom. it is also a china cell called nomu s20 . after googling a bit it seems there are a lot security problems with my device.
edit: ive found something on this link i cant post because i am not a trusted user yet
also after running kaspersky antivirus it did indeed find something (as opposed to the comodo antivirus that kept silent)
it found Trojan.androidOS.Boogr.gsh as the chromesBase.apk and another one i just deleted without writing the name. it seems though this might be related to the Triada-Virus/trojan .. soo.. yeah it might be a good idea to save your stuff and not only try with a factory reset but completely reinstall the whole rom.
edit2: just deinstalling them hasnt solved anything .. the problem sits way deeper meaning it is definitely related to the triada virus. it just reinstalls the software again without anything showing.
edit3: found it.. it is indeed the triada virus on my phone ..
I have been dealing with that damned "Chromes" app for two or three weeks now (BTW, they appear two of them with the same icon and logo.)
MalwareBytes detects it as malware (Avast sometimes does, sometimes does'nt)
I have trie , for sure , uninstalling (completely unuseful) stopping all the apps I can (seems to have an effect in the reinstalling time ), and also keeping them installed but removing the Phone, Storage and SMS permissions, which, surprisingly, remain removed (until you uninstall the app)
I dealed in the past with the virus app on the Shoot 1 firmware, which turnaround solution (disabling the fake app) worked OK for me. But recently there have not been any fw update, so this time is not the firmware the responsible.
Any hint or help will be greatly appreciated.
¡Cheers!
Hi guys!
I'm having the same problem as you two. I can't believe that Doogee has screwed up on this again... (I also have the shoot 1 [nice screen ]) I'm surprised that, as you said, I've not found anything on the internet about this*. In addition, the application consumes a large amount of mobile data!
I hope there is an update soon, and that the problem is solved
Thank you all for your comments! Greetings from Spain!!
*Well, here they have the same problem
https ://android.stackexchange.com/questions/185520/how-to-get-rid-of-a-malware-app-chromes
Don't wait too much from Doogee. In fact don't wait nothing at all. They didn't solved yet the firmware virus that came with the first OTA update. We're alone...
And your GPS signal how is it going? In my case it does not get fixed to any satellite. Has someone managed to root it successfully? The truth is that I do not understand much about this, that's why I'm a bit afraid to do it.
I found this in a spanish forum, look at the last post (#19). (I think you have to translate it )
http: //ww w.htcmania. com/showthread.php?t=1291106
Summing up a bit, he says that Doogee sells mobiles with malware in the system. The fact is that they do it conscientiously. And then put a "solution", which is to install a firewall, so that you can control the internet connection of the applications.
Thanks again!
Some updates...
let me give you some updates :
1) the Shoot 1 phone is not easy to root with standard tools (kingroot & others: i tried a lot of them);
1) i successfully installed twrp with the FLASHTOOL and a specific recovery image TWRP + SU (if needed i can help about it);
2) I backupped everything (included malware of course) just to be sure i could go back in case of brick;
*** 3) I downloaded and installed the FANTASTIC lineage OS without any STUPID bloatware. ***
My phone is secure and fast NOW.
i warmly RECOMMEND all of you to root and update to lineage OS 7.1.2 (ver 14). Thankx to the lineage team! **they deserve a donation!!****
* about Shoot1 GPS *
i still didn't test it with the new LINEAGE and i will update you
Before i discovered the malware inside the GPS was not fixing correctly and in general not working like my previous LG or HTC
I was using an external BLUETOOTH antenna by using a middleware driver named Bluetooth GPS. Once you configured the driveer it works like a charm with tomtom and all GPS software ( i tested a lot). The external GPS solution lets the phone cold and free to charge during long gps travel session.
I will test anyway with the internal GPS again with the new LINEAGE ROM.
For any test or info write here and send me a PV message.
UPDATE: the lineage team is releasing the version 15 (development) with OREO. Anyway i will not install it soon. I am SOOOO SOLID now!
jmam said:
Any hint or help will be greatly appreciated.
¡Cheers!
Click to expand...
Click to collapse
Unfortunately you can't get rid of it. No one knows if there is another fake app or background service that loads it again. It seems to appear (after a factory reset) some days later (i.e. just the time to download from whoknowswhere).
The fact is that I CAN'T TRUST ANYMORE the Doogee and the entire ROM so i warmly suggest you to ROOT (via TWRP + SU) , backup all, and install a LINEAGE fresh n° 14 release for shoot 1.
i did it and it worked like a charm.
Chromes
I have phone that is not rooted or changed firmware. Antivirus said that i have chomes and facebook apps that are not safe, but i do not have facebook installed. I tried factory reseting the phone twice, but it still comes back....
Have got the same "Chromes" problem on Gretel A9 mobile. Not rooted, only used Google Playstore for few apps. So frustrated and so little information on how to solve it for a non techie like me. Tried to contact Gretel who never reply. Still under an AliExpress warranty but not sure if malware stuff is covered. Needrom have the official stock rom for the A9. Do I have to root the phone to reinstall a clean stock rom? Can anyone point me to instructions on how to replace the stock rom? Thanks for any help.
I am really sorry to say that. The SUPPORT from some of these Chinese Supplier is really poor. I can't help you with your GRETEL . Please search on this XDA forum is anyone can do .
Root it and install a reliable distro. Be careful: when you root your phone you loose your WARRANTY and (sometime) some functions of your phone is not available or not available at 100%.
Custom ROMs should be considered ALWAYS as "bleeding" and "in development".
As i said i will never buy anymore low cost China phones DUE to this lack of support and this (unbelievable) disattention to release malwared firmware.
Deki-bg said:
I have phone that is not rooted or changed firmware. Antivirus said that i have chomes and facebook apps that are not safe, but i do not have facebook installed. I tried factory reseting the phone twice, but it still comes back....
Click to expand...
Click to collapse
I struggled a lot to remove it with normal antivirus and antimalware.
It seems to BE NOT POSSIBLE without a rooted phone.
In my phone there were 2 problems:
1) the malware CHROMES
2) the injected system library (dunno what it does).
So , once i removed the CHROMES %$£"%$£% app....i could not know if it was related (or somehow connected) with the malware injected system library. So i couldn't trust anymore that factory o.s. and i replaced it with LINEAGE (atm something not working 100% like GPS) but at least it's clean and works.
I hope LINEAGE could support more chinaphones to get rid of the buggy malwared firmware from Doogee, Gretel and others Chinamakers
UHANS A101 affected as well!
CHROMES and
fake FACEBOOK app
garibald75 said:
I am really sorry to say that. The SUPPORT from some of these Chinese Supplier is really poor. I can't help you with your GRETEL . Please search on this XDA forum is anyone can do .
Root it and install a reliable distro. Be careful: when you root your phone you loose your WARRANTY and (sometime) some functions of your phone is not available or not available at 100%.
Custom ROMs should be considered ALWAYS as "bleeding" and "in development".
As i said i will never buy anymore low cost China phones DUE to this lack of support and this (unbelievable) disattention to release malwared firmware.
Click to expand...
Click to collapse
Thanks for the reply.
Do warranties usually cover an infected Rom (I'd need to send it to a Poland service centre)
Is it hard to flash a new clean stock rom over an infected stock rom?
owlsman said:
Thanks for the reply.
Do warranties usually cover an infected Rom (I'd need to send it to a Poland service centre)
Is it hard to flash a new clean stock rom over an infected stock rom?
Click to expand...
Click to collapse
If you can't ROOT it, try to open RMA or open a ticket, try (at least). I hope we can MOUNT CASE and create a bit of hype around this CRAZY THINGS .
In my case it doesn worth. The DOOGEE has a really poor website and we yellew there a lot about this malware.
No way to return. IT doesn't worth.
However tell them and try to have it swapped.
Hey guys, I just got the apk. If a dev can make it "peaceful", I will really appreciate that. Just rename the chromes(blablabla).txt to chromes(blablabla).apk
jimmy1235 said:
Hey guys, I just got the apk. If a dev can make it "peaceful", I will really appreciate that. Just rename the chromes(blablabla).txt to chromes(blablabla).apk
Click to expand...
Click to collapse
WARNING for all the users: THIS APK IS FOR DEVELOPERS. This apk CONTAINS a malware. it's *ONLY* FOR RESEARCH purposes. so Don't try to install it!!
the really interesting THING would be to know if it RECALLS some system service or other RESIDENT modules to complete the cleaning and to allow US to use the original firmware again.
Let's see if anyone can help us.
Well... This is getting REALLY deeply...
https://www.kaspersky.com/blog/triada-trojan/11481/
i tested KAV and other antivirus and malware removal tools.
KAV was not able to remove and to detect it.
the 1st (maybe not the only one) that warned me has been DR WEB ANTIVIRUS and it (also) couldn't remove it without rooting.
It's impossibile, though, to know WHAT / WHICH process is linked in memory or injected in the original ROM since the Chinese CRAPPYPHONES are full of bloatware and "weirdware" .
The trust is ZERO for them ATM.
Related
Hi,
i don't have a android phone yet. But i'm still a little bit frightened about data security there.
I read this article:
hxxp://w ww.theregister.co.uk/2010/06/28/google_remote_android_application_install/
I think normally you should decide yourself what to uninstall and what not.
So my question is - would it be possible to prevent Google from Accessing your phone, means prevent them from Installing / Uninstalling Applications.
Cause i hate this. My phone is my phone and they aren't allowed to play the "admin"
Regards
eagle
fear not
If you read further into this they are talking about malicious apps and it is done for the malicious app or apps only they are actually protecting your phone from being crippled and it is done systewide for those that use the market
APK's installed from SD can't be touched by Google. Only ones installed from the market can be removed. AFAIK so far they have only removed malicious apps(so far), but Googles definition of malicious is different to mine.
Hi,
thank you for your answers ! I know that they removed only a malicious app...but like mercianary already said: this time they only removed a malicious app ...
They could instead (of remote uninstall) just release a "fix" that you can download over the android market and this fix then cleans your mobile phone...
At least they can't remove stuff that you installed from SD ... this is good ...
But is there a way to modify the rom, so they won't have any access any more ?
Or can u disable this if you got root rights ?
Regards
eagle
P.S.
What else can google do with your phone ? What do they log ?
They take your soul. Piece by piece. Slowly over the years. Just like they do with every other product they give you for "free"
But that's another thread...
Sounds like humor but it's probably right :-/
The fact is ..:
I waited all time for Windows Phone 7. Thought that they would make it a good OS .. but now ... no Multitasking, ugly Menu ... it seems to me worse like the iOS (subjective opinion =) ) .
You don't have enough options/ settings and so on. It looks to me, like they try to copy Apple now, and they don't try to make it better =(
And now Android comes with tethering, Hotspot-Ability, a nice menu ... a "free" market , and so on.
Wouldn't i be afraid of Google i would choose it without hesitation.
You got any Pro Points for Win7 Phone ?
----
Don't get me started on Microsoft...
It's certainly possible to mod Market to disable this feature. Ofc you would need root to do this.
well with custom roms and rom specific apps you shouldn't have to worry because essentially you are loading and update zip so i think you'll be OK there and they would be morons to start randomly messing with peoples phones
Hi,
nice answers =) I like you I already got some
New Questions :
- Are there already such modified ROMS ?
- If not - will there be some ?
- @mercianary why i shouldn't get you started on Microsoft? Start please
What is your Fav OS ? Are you scared of google, too ?
Not been on the forums or even had time to flash any ROM's for a few weeks but tonight I've got a couple of hours free, so just been looking through ROM Manager and came across Cerberus, I thought it was a new ROM at first so I took a look. Only to find out it's an APP not a ROM (weird really).
I was just wondering if anyone had tried it or know anything about it and does it really deserve a place in ROM Manager when its not even a ROM, even if it the best thing since sliced bread I'd still expect it to be in extras anyway.
Sorry If this has been discussed but like I've said Ive had no time so am a little out of touch
Thanks
Never heard of it before but I found out about it just like you did. From what I can tell it's the same as the marketplace app - https://market.android.com/details?id=com.lsdroid.cerberus&hl=en
I will admit I haven't tried either version (ROM manager version or marketplace), but it seems to have decent reviews. I agree though, it seems weird in ROM manager under the normal ROM listing... I expected it to be under Extras too.
UPDATE***
Flashed it through CWM although it can be downloaded from the market as pointed out.
What an amazing piece of kit. you get a weeks free trial but I paid 2.60 or there about.
I can't explain how good it is, if you have ever been concerned about loosing misplacing or having your Nexus slolen, then this most definately for you.
If you buy the full version you can add up to 5 phones.
It enables you to track, wipe take a picture, request call or sms log display a message sound an alarm even record live for up to 5 mins at a time, ether by loging on to there ste online or by sending a text message to your phone.
By far the best security app I've ever seen.
Check it out, its free for a week and if you don't buy it there must be something wrong with you.
And honestly I'm not assosiated with the app or its developers, just know a great app when I see one
https://www.cerberusapp.com/
Hi, I'm Cerberus main developer.
First of all, if you have any questions on Cerberus feel free to ask!
Then, regarding the inclusion in ROM Manager, I'd like to explain how and why it happened.
Cerberus has additional features if you integrate it into the rom. It cannot be uninstalled (I mean, it can only be deleted by flashing a new rom or using adb/terminal emulator, but I don't think a lot of thieves know how to do that), and GPS is automatically enabled when you send a "Start tracking" command. So on the website there is a flashable zip for easy installation in /system/app.
A user, who also maintains the ROM Manager repository, told me if I wanted to publish it there too, so integration into the rom would be even easier. Of course I said "Sure, that'd be great"
Now I don't know if there's a specific category into ROM Manager that is fit for Cerberus or whatever, if someone more expert than me wants to write his opinion I'd like to read it.
P.S. If you installed version 1.9beta, there are some nice new features that you can't see yet in the "official" dashboard. More info here: https://docs.google.com/document/d/1jmPnjs07y7rs9tdsMEzwUTQtV2ncjsYcVsPUbBtZAXM/edit?hl=en_US
It is the best app i have ever downloaded.
EDIT: Wow I just read all the comments in ROM Manager and I want to punch so many people.
So to expand on what ajejee said above:
Previously, Cerberus could only be installed either as a regular app with the "Device Administrator" permissions like any other security app, and the associated flaws (like not being able to turn on GPS on 2.3.3+), or by downloading a separate APK off the website and running it on your phone, which would copy the APK to the system partition.
Long story short, putting Cerberus in ROM Manager is a way to make it easier for users to install Cerberus to /system, since most competent root users have ClockworkMod Recovery and at least know of ROM Manager. While yes, it is "odd" for an app to be in the ROM listing, it's not the only non-ROM in there. I also have radio images for the HTC EVO 4G listed as well.
In regards to placing it in "Extras": Yes, that's a nice idea, but with the way RM's manifests work, it's not really feasible. The "Extras" isn't a separate category, but just another manifest that was hosted on Koush's GitHub, and was only being used by Superuser. This means that any time Superuser had an update, or Cerberus would have an update, the developers would have to send a pull request to Koush, and someone would have to merge it in.
I say was, because Superuser and Cerberus both now have their own separate manifests (meaning no more Extras link), and show up as "ROMs" in the Download ROM menu. I've talked to Koush about making a separate "Download App" menu, but the problem with that is that the Market's ToS prevent having an app that just downloads other apps.
tl;dr, this is so Cerberus can be protected against factory resets, apps can kinda-sorta go in the Download ROM menu, and ROM Manager can't have a separate Download App menu.
Pretty cool app!!!!!!!!
Sent from my Nexus S 4G using xda premium
Awesome app and there are even way to get it for free !
Well, you translated the app into Bosnian/Croatian/Serbian so you earned a couple free licenses
There are not many languages left to localize Cerberus into: Korean, Finnish, Arabic, Farsi, Indonesian and Thai.
So if anyone wants to help with some of these translations please let us know!
rijads said:
Awesome app and there are even way to get it for free !
Click to expand...
Click to collapse
Thanks "ajejee" for this nice application.
I can localize Cerberus into Arabic language if you want !
That would be great! Can you please contact me at [email protected] ?
Thanks a lot!
I rooted my LG G2 and I want to install Cerberus in the system, but im new to this, i didnt understand the instructions at their website. Can anybody help me with this?:good:
Thanks
This app is awesome,
my girlfriend's phone (nexus 5) has been stolen twice and i have found it twice! The first time i found it with the front camera photo feature when you fail your password and that person did herself a nice selfie. 10 minuts later y found her and got the phone back. The second time the thief turned it off when she just found it, this time i only could wait her to put her sim in the phone...and it happened, the phone send me her phone number and i found a lot of information (photos,adresses, student,career,year....) called her and again got it back.
But i don't understand one thing, i had bootloader locked and adb not enabled. Even with password for the phone the girl managed to install a different factory image (killing cerberus forever) and i don't know how she did it, i though the phone was completely locked. Anyway i was lucky because she put his card in to the phone before doing that but i'm still confused about that. I'll try to fix that security hole somehow.
Finally i want to thank the developer for make this app, with 3€ my girlfriend saved 700 and who nows in the future maybe more.
cant help you
Cerberus on rom
NexusCrazy said:
Not been on the forums or even had time to flash any ROM's for a few weeks but tonight I've got a couple of hours free, so just been looking through ROM Manager and came across Cerberus, I thought it was a new ROM at first so I took a look. Only to find out it's an APP not a ROM (weird really).
I was just wondering if anyone had tried it or know anything about it and does it really deserve a place in ROM Manager when its not even a ROM, even if it the best thing since sliced bread I'd still expect it to be in extras anyway.
Sorry If this has been discussed but like I've said Ive had no time so am a little out of touch
Thanks
Click to expand...
Click to collapse
Hello, I got this email from Cerbus asking the question would Cerberus survive a hard rest?
reply
Only if you integrate Cerberus into the ROM of the device.
--
Chiara
Cerberus support
This is gonna be long, so please bear with me.
New Android user here, since December and never looked back.
But I have a big problem that just started two days ago, and coincided with the installation of Vonage for Android.
My N7100 is rooted and I also installed a new kernel (Perseus), but kept the stock ROM for the time being, but I'm getting closer to installing CyanogenMod ROM through ROManager Premium.
I just read the article posted here by Will Verduzco on Android security which led me to a bunch of articles on VOIP and it's scary.
My problem is that my N7100 will kind of do a half-baked reset without my doing anything... and then after watching the download light blinking on my router here in the house, Airport is downloading for about five minutes and then, BANG!!!, up comes the screen asking me for my language, and to set up a Google acct, Samsung acct, and I have to re-enter the passwords for my WiFi, etc, etc... you know the drill.
What's causing this?
I've been on XDA hundreds of times doing research on one thing or another, and I've removed all the Google bloatware possible except for the few things that I want to keep, and I got that comprehensive list from the XDA site... but after my device gets done doing it's thing, everything is back with dozens of notifications... AND Titanium Backup, ROM Manager, Triangle Away, SuperSu, Root Explorer, ES File Explorer/Task manager, etc are all missing and no backups on the SD card. WHAT!!!
One more thing which might be peripheral to my problem.
A couple of days ago I installed the new OS for my Mac... 10.9.
With my prior OS, I uninstalled almost all of anything that said "Google" from my computer but have to go through it again and repeat.
This morning, I do a search for anything Google on my drive, and came up with files with executable update files that all had "Android/GT-N7100 in the path.
Yes, I did connect to Kies by USB just once to check things out there but I don't think that's the underlying problem. Maybe it is.
I've seen some REAL genius help on this site, and hope that somebody that has a grasp on my problem can help.
I joined this site a few minutes ago just to ask this question, by the way.
If I went off track as to the posting guidelines on the site, just tell me.
Hey, I'm pushing 70 and the mind wanders. Haha!
Thanks in advance, guys!
Official_Noob said:
This is gonna be long, so please bear with me.
New Android user here, since December and never looked back.
But I have a big problem that just started two days ago, and coincided with the installation of Vonage for Android.
My N7100 is rooted and I also installed a new kernel (Perseus), but kept the stock ROM for the time being, but I'm getting closer to installing CyanogenMod ROM through ROManager Premium.
I just read the article posted here by Will Verduzco on Android security which led me to a bunch of articles on VOIP and it's scary.
My problem is that my N7100 will kind of do a half-baked reset without my doing anything... and then after watching the download light blinking on my router here in the house, Airport is downloading for about five minutes and then, BANG!!!, up comes the screen asking me for my language, and to set up a Google acct, Samsung acct, and I have to re-enter the passwords for my WiFi, etc, etc... you know the drill.
What's causing this?
I've been on XDA hundreds of times doing research on one thing or another, and I've removed all the Google bloatware possible except for the few things that I want to keep, and I got that comprehensive list from the XDA site... but after my device gets done doing it's thing, everything is back with dozens of notifications... AND Titanium Backup, ROM Manager, Triangle Away, SuperSu, Root Explorer, ES File Explorer/Task manager, etc are all missing and no backups on the SD card. WHAT!!!
One more thing which might be peripheral to my problem.
A couple of days ago I installed the new OS for my Mac... 10.9.
With my prior OS, I uninstalled almost all of anything that said "Google" from my computer but have to go through it again and repeat.
This morning, I do a search for anything Google on my drive, and came up with files with executable update files that all had "Android/GT-N7100 in the path.
Yes, I did connect to Kies by USB just once to check things out there but I don't think that's the underlying problem. Maybe it is.
I've seen some REAL genius help on this site, and hope that somebody that has a grasp on my problem can help.
I joined this site a few minutes ago just to ask this question, by the way.
If I went off track as to the posting guidelines on the site, just tell me.
Hey, I'm pushing 70 and the mind wanders. Haha!
Thanks in advance, guys!
Click to expand...
Click to collapse
as for your note 2 problem, so your saying you flashed Cyangenmod on it correct? if so did you flash a the current gapps for whatever version you flashed? im thinking that's the problem, otherwise another flash of the cyangenmod ROM might fix it.
Trozzul said:
as for your note 2 problem, so your saying you flashed Cyangenmod on it correct? if so did you flash a the current gapps for whatever version you flashed? im thinking that's the problem, otherwise another flash of the cyangenmod ROM might fix it.
Click to expand...
Click to collapse
^^^
No, I haven't flashed CM yet, but as I said, I'm moving in that direction after looking a a bunch of ROMs.
This is gonna sound kind of dumb, but the reason that I'm holding on to the stock rooted ROM is just because of one active screen saver, and that's Windy Weather. Like when it's raining here, you get rain drops sliding down the inside of the glass. HA!
And believe it or not, I agonize over the small stuff... like whether or not I want to go with an AOSP or AOKP ROM.
Believe it or not, when I got done with massaging the stock ROM today, all of the junk that I had formerly removed through Titanium Backup were still gone even though it showed that it was all re-downloaded in the Notifications.
I just have a sneaking hunch that the Vonage VOIP App that I installed had "something" to do with my problem, so I have not reinstalled it, and I also destroyed all of the Play Store links with Titanium Backup and still no problem.
I'm still running the stock 4.1.2 stock ROM.
Even if I do go with CM, I'm a little worried that if I download Gapps, something in there just might want to gain control and zap my device again.
Anywhooo... for the last several hours, I'm not having any problems.
Thanks for your reply.
Official_Noob said:
^^^
No, I haven't flashed CM yet, but as I said, I'm moving in that direction after looking a a bunch of ROMs.
This is gonna sound kind of dumb, but the reason that I'm holding on to the stock rooted ROM is just because of one active screen saver, and that's Windy Weather. Like when it's raining here, you get rain drops sliding down the inside of the glass. HA!
And believe it or not, I agonize over the small stuff... like whether or not I want to go with an AOSP or AOKP ROM.
Believe it or not, when I got done with massaging the stock ROM today, all of the junk that I had formerly removed through Titanium Backup were still gone even though it showed that it was all re-downloaded in the Notifications.
I just have a sneaking hunch that the Vonage VOIP App that I installed had "something" to do with my problem, so I have not reinstalled it, and I also destroyed all of the Play Store links with Titanium Backup and still no problem.
I'm still running the stock 4.1.2 stock ROM.
Even if I do go with CM, I'm a little worried that if I download Gapps, something in there just might want to gain control and zap my device again.
Anywhooo... for the last several hours, I'm not having any problems.
Thanks for your reply.
Click to expand...
Click to collapse
yeah anytime man thanks for explaining a little bit, well if you want to stay on stock like ROM i would recommend jedi mind trick, its pretty much stock but just removes the carrier bloatware and puts in a few custom goodies and should have your rain drop effect you want xD, i have been trying to find a link for you but i dont know what carrier you have, its a note 2 right? also, it rains in las vegas? lol come over to washington and see the difference.
Hello!
I would like to ask for help installing either a new Cubot X6 Android or a linux based system. Until recently I wasn't aware of what kind of aggressive trojans for Android happen to compromise a phone to a degree where the solution is to buy a new one. I do not want to accept that. Therefor I am here to ask for help.
WLAN enabled - the phone runs nutts. It causes unknown apps to be installed, ruining the function of the phone completely. I bought it via ebay, a used Cubot X6. I had the device years ago until i sat on it which happened to break the display, but I liked it and bought it again, used. (The used one cost 60 bucks, a replace-display would have cost 35, so I ran with the used one - big mistake as it turned out).
Now, it's root-system is compromised. I set it to only allow apps from trusted sources. I did not download any apps beside well known trust-worthy ones, like google-maps, WhatsApp, all together.
When I first enabled WLAN, it suddenly started to display a message of the shutting down of "org.rain.ball.update" and also "ssCleaner ("suc", "chengele") is trying to obtain your current position", "ymm" cancelled, and several others. If I allow WLAN it automatically downloads 10-20 apps, some of which correlate with my laptop visited websites (alibaba), others apps from sites I have never visited ("sexy videos"). Basically the phone gets so busy that it needs to be restarted to allow any control of the phone.
I tried to fix it with Avaast, Avira, and Malewarebytes without success. With Avaast it also displays: "/storage/sdcard0/.androidsdata/is.jar", but is unable to fix it. I guess I would have to erase the SD-Card too, if I were to have the system replaced, once. None of the above things can be fixed with the tools at hand. The deletions are always interrupted, nothing gets improved permanently.
I immediately did a "Reset to factory condition", but when I enabled WLAN I didn't even install an app - it all started again, as described above.
So, a quick Google-Research turned out, there are trojan-horses, that cover themselves by pretending to be system applications, so that it would be nearly impossible to get rid of the trojan - only solution: buy a new one (See this article wwwDOTblog.lookout.com/blog/2015/11/04/trojanized-adware/).
Now, while I have a broken device and a trojan device, one solution would be to mount the display of the compromised one onto the broken one. I know it's easy to break the display during this. That's why I am here to ask, if someone might have suggestions of what else could be done to have this fixed?
Maybe it would be possible to get an uncompromised mirror-image of a Cubot X6 from the internet that would replace every data on mine? Would it fix it, if I were to install this: "Ubuntu Touch - Version 15.04 Phone"?
Any help would be appreciated. If I were to take a wild guess, I'ld say the trojan horses might have been developed by Apple...... So what am I to do now? Buy a new one?
EDIT: If you were to not believe this to be true, I could shoot a video of it with my laptop. It's really strange, but it is as it is. EDIT 2: Avaast displays a message, the phone has been rooted.
Please help!! Thank you so much!!
You won't get the virus to YOUR phone from replying ...
Am I here at the right forum for this technical problem?
Thanks
Do a search for your rom and instructions on how to flash. It will replace system partition and problem should then be gone.
tys0n said:
Do a search for your rom and instructions on how to flash. It will replace system partition and problem should then be gone.
Click to expand...
Click to collapse
I will try that. Im total newb to smartphone software. any linking would be appreciated. thanks so far!
CubotX6 said:
I will try that. Im total newb to smartphone software. any linking would be appreciated. thanks so far!
Click to expand...
Click to collapse
A google search for "cubot x6 firmware" will give you some good results.
Here's also Cubot forums, with link to downloads.
Hope that will help, and be sure to read up on the subject on how to flash before you start
So many Thanks! You linked me to the perfect spot! Thank you!
While i will redo my laptop with linux soon, you got experience with having linux on the phone? If i wee to try and mes up, it still were possible to go bac to the original cubot files u linked to, correct?
Thank you!!
Hi
A friend bought a UMI diamond X a month ago.
From yesterday he stars to have some commercials each time that he takes his phone.
Did the put something in the stock rom that activate after a little time of use ?
Someone knows something?
thanks
I don't know if there is a delay or not before adds start but Chinese phones are known to have quite aggressive ad network even with stock apps & they have weak privacy often, so it could be a stock app. Some Chinese phones have also been shown to do silent upgrades, so you don't know when they update something (can't recall if Umi is one) which is why is may only start a month later.
However it could be due to malware/adware downloaded from a website or if he has used one of the Chinese app stores to get an app or any store that is not Google you are increasing your risks, those stores are not well regulated and many apps have had adware/malware inserted into legitimate looking apps like youtube etc. Did he recently download some apps from an app store that was NOT Google?
see eg
http://blog.teamleadnet.com/2015/06/how-to-remove-adware-browser-hijack-or.html
or
https://www.youtube.com/watch?v=zfi6N10ARFA
(also lookout for Chinese apps (or any other unusual apps) with western alphabet like Baidu, which this guy seems to ignore)
IronRoo said:
I don't know if there is a delay or not before adds start but Chinese phones are known to have quite aggressive ad network even with stock apps & they have weak privacy often, so it could be a stock app. Some Chinese phones have also been shown to do silent upgrades, so you don't know when they update something (can't recall if Umi is one) which is why is may only start a month later.
However it could be due to malware/adware downloaded from a website or if he has used one of the Chinese app stores to get an app or any store that is not Google you are increasing your risks, those stores are not well regulated and many apps have had adware/malware inserted into legitimate looking apps like youtube etc. Did he recently download some apps from an app store that was NOT Google?
see eg
http://blog.teamleadnet.com/2015/06/how-to-remove-adware-browser-hijack-or.html
or
https://www.youtube.com/watch?v=zfi6N10ARFA
(also lookout for Chinese apps (or any other unusual apps) with western alphabet like Baidu, which this guy seems to ignore)
Click to expand...
Click to collapse
Thanks.
As far as I know he didn't install something for a while and on the umi diamond X there is no parallel app store.
He did a factory reset but if there are new commercial pop up i'll try your links , thank you again
Android 5.0 and above, just download, install DNS66 from Fdroid. Update all hosts file.
Cedric1127 said:
Hi
A friend bought a UMI diamond X a month ago.
From yesterday he stars to have some commercials each time that he takes his phone.
Did the put something in the stock rom that activate after a little time of use ?
Someone knows something?
thanks
Click to expand...
Click to collapse
I have the same problem, couple days ago commercials started shows all time, i tried use DNS66 and it doesn't help.
Do anybody know how to root this phone?
I can tell that on UMI Super apart from the battery additions and MediaTek apps there is no of that, very little bloat.. alost AOSP.
This also should help you identify some MTK apps http://bitlog.it/re/dissecting-an-android-chinaphone/
Bringing this up .
I have exactly the same problem. Ad starts showing up on lock screen and every few day some fake app installs out of nowhere. What can I do?
Wrote about it here on xda
The only thing I haven't tried yet is going to stock but now I found this topic and not sure if even that would help. Did OP had any luck with this?
Cedric1127 said:
Thanks.
As far as I know he didn't install something for a while and on the umi diamond X there is no parallel app store.
He did a factory reset but if there are new commercial pop up i'll try your links , thank you again
Click to expand...
Click to collapse
cyryl85 said:
I have the same problem, couple days ago commercials started shows all time, i tried use DNS66 and it doesn't help.
Do anybody know how to root this phone?
Click to expand...
Click to collapse
AbelardM said:
I can tell that on UMI Super apart from the battery additions and MediaTek apps there is no of that, very little bloat.. alost AOSP.
This also should help you identify some MTK apps http://bitlog.it/re/dissecting-an-android-chinaphone/
Click to expand...
Click to collapse
the_bulk said:
Bringing this up .
I have exactly the same problem. Ad starts showing up on lock screen and every few day some fake app installs out of nowhere. What can I do?
Wrote about it here on xda
The only thing I haven't tried yet is going to stock but now I found this topic and not sure if even that would help. Did OP had any luck with this?
Click to expand...
Click to collapse
I saw another forum where someone says you need to freeze the "super cleaner" app (can't be uninstalled) that comes with the phone to stop this & maybe any of the DU branded apps also if they
(edit: on other phone eg Zuji they have another app "battery saver " that seems to work similarly and serve ads or/or push apps to your phone in the same way that needed to be frozen)
I am having lots of problems with my umi diamond x screen keeps jumping and goes into the black screen with all your settings on like wifi aeroplane mode screen brightness etc it locks up the phone, I am also getting lots of adds and the phone is getting hot and using up the battery too, I have taken the sim out and sd card and it still does this so the issues are not sd or sim so it must be the operating system on the phone or something, I have tried everything but cant fix can anyone help or should I just buy a new phone
you can try a factory reset or you can flash the phone with an original room or a custom room but as far as I remember there are very few custom ROMs for this phone