Better Mobile App

[ROM][B7610] Official B7610NXXJC2 ROM available

Official GT-B7610_B7610NXXJC2_B7610NXEEJC2_B7610XXJC1_B7610NXEEJC2_XX_XEE available on Samsung Mobile Firmware Downloader
My thread on Modaco - link
*****
Temporary link to fast server: [removed]
(compressed with 7-zip 9.13 - LZMA2)
Link will be removed after reaching transfer limit of my server.
Mirrors: Multiupload by barki82
*****
Date: 22.04.2010
WM version: WM 6.5 build 21889
Free RAM with standard WM today: 71.5 MB
New things:
- updated Settings (like in JDx ROM from Omnia 2)
- updated messaging (different layout)
- updated clock/alarms
- updated .NET Framework
- fixed missing Polish font (used in Youtube, Google Maps etc)
NOT updated (and it should be):
- Microsoft MyPhone
- Microsoft Office
- Opera (it's 9.5)
- Google Maps (3.2.1)
- Samsung's Media Player and Photo Album
- and... WM (we are still waiting for 6.5.3 build)

Thanks a lot for posting buddy. I am from India and my phone uses english language roms. The current rom i have is the stock WM 6.1 with following codes :
PDA: B7610DDIJ3
Phone: B7610XXIJ4
CSC: B7610INUIJ3
Can I use this ROM with my phone, will it be 100% safe and not void my warranty? Sorry, these are n00b questions but even though I am a seasoned WM user, I got my Omnia Pro just a few days back, so still gathering knowledge about it. In India, Samsung hasn't launched WM 6.5 update and they aren't giving any clue about when it will be available, I contacted customer care twice.

It can void your warranty because it's not available in official ways.
The ROM is 100% safe but flashing it is not. There is always some chance of bad flashing (power shortage for example). But flashing PDA and CSC parts of ROM is fairly safe. Omnia has some features to recover from bad flashing of these parts. Eboot and Phone parts are more dangerous.
PS. This ROM has Swedish/Dannish keyboard layout.

Hey thanks for the reply buddy. But I remember seeing it written somewhere that when we upgrade to the 6.5 ROMs (official), the Eboot/CSC gets updated and that is required for the 6.5 ROM to function properly. I am not 100% sure about it but still I have my doubts. Do you know anyone who has done the same ie. upgraded directly from 6.1 to 6.5 with unofficial ROM?
Also I wanted to ask that if I flash the MST file enclosed in the zip file, will it update the Eboot/CSC?
UPDATE: Got it. The MST does have the Eboot part, but not CSC. I extracted pda.nb0 using i900Extractor and used it. Worked absolutely fine, just the free ram is too low as my eboot is still using the 20 MB PP of 6.1. Plus the Widget interface is causing some problem. When I am selecting more widgets in Widet's settings menu, first the entries are being displayed in black (or maybe no text) and selecting any one of them is causing all the Widgets except digital clock to disappear. Will wait for the official update I think.

hay
is this rom german ? and has it a QWERTZ tastatur or not?
i have a csc with the qwertz and can i take my csc and this rom?
the windows icon is it downright?
what is changed to the "older" rom?
thank you
mfg
Ghost-Surfer

Hi
Yes you can select german language after flashing, on your phones screen you can select languages and it will configure it for german use if you like.
But when you flash the CSC your keyboard might be messed up, as said above.
"PS. This ROM has Swedish/Dannish keyboard layout. "
I just kept my CSC from my german winmo 6.5 stock rom B7610NDBTIK5
but flashed everything else(eboot, pda and phone) and till now I have not had any problems and my keyboard is still german layout.
As it is version 6.5 the start icon is in upper left corner as usual.
Changes you can read in first post pretty much everything is said there.
Maybe two more things,
the messaging app has really been improved, you can type a lot faster and don't have to wait so long until the letter is recognized, which is good for people who can type fast.
and if you have a DLink router and had problems using the internet that is solved somehow. I was able to use Opera and open websites for the first time since i have this phone although i still have no real stable connection.

Links at Modaco restricted?!
Hi there,
Do you guys have any idea what is going on with the links at Modaco? I was logged in, yet clicking on any of the 3 links returns: "Sorry, but you do not have permission to use this feature. If you are not logged in, you may do so using the form below if available."
Well, obviously there is no form bellow, it really is a dead end; I even tried using another computer and I got the same error.
It looks like the access had been restricted. I have e-mailed the site administrators but no answer...as expected, otherwise.
I would appreciate posting a mirror or even attaching the documents here.
Thanks a lot.

Are you registered on the Modaco forum ? If yes, try to clean cookies and browser cashe and try to login again.

TZ- said:
Are you registered on the Modaco forum ? If yes, try to clean cookies and browser cashe and try to login again.
Click to expand...
Click to collapse
Here is what I did and STILL getting the same error when trying to use any download link on Modaco:
1. Cleared IE (deleted cookies, cache, etc)
2. Used a 3rd party cleaner to do the same thing (CCleaner – latest version)
3. Registered a 2nd account with Modaco (different user ID and password)
4. Tried using another computer in my house (connected through a wireless router) to complete the same task + also my phone.
5. Installed Firefox and tried downloading again from Modaco.
...YET, THE SAME ERROR ALWAYS POPS UP.
OS: Windows 7 Ultimate (X64), IE v.8.0.7600.16385 / Firefox v.3.6.3
Is there anybody else stumbling upon this issue or I’m just an odd case? – in which case I really start believing they have something against me, personally (although they wouldn’t have any reason)

nacos said:
Modaco ... returns: "Sorry, but you do not have permission to use this feature. If you are not logged in, you may do so using the form below if available."
....
Is there anybody else stumbling upon this issue
Click to expand...
Click to collapse
Yes I have the same problem
Signed in different accounts registered in different electronic mailboxes. BUTResend Validation Link remains active.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
validation e-mail don't came.... (more than a month has passed since the registration)
who knows how to solve the problem?

NEWS
just received windows 6.5 update officially from samsung service manager after fighting for 10 months

Jiayu G4S TROJAN/MALWARE WARNING for custom and stock ROMs May/June

Hi all Jiayu users,
a recent stock ROM and many custom ROMs based on it, have been reported to have at least 2 trojans integrated.
Organizational:This has already been discussed in this general thread: http://forum.xda-developers.com/showthread.php?t=2746900&page=33
But there it goes out of sight very quickly so we should use this new thread to discuss security concerns with Jiayu ROMs in general.
I will update the thread title as soon as other models are reported to have it, too (that is likely).
I will also update the title if we find it is a false alarm (which I stopped to hope).
Any suggestions to improve this posting, or to move it to a better forum, are very appreciated.
It would be nice, if everyone could try not to clutter this thread with unnecessary things. For example, if you have suggestions what I should edit here, better contact me directly, instead of posting a reply that becomes obsolete quickly.​I've downloaded G4S-20140609-211642-SD.rar and G4SL-20140618-194209-SD.rar from needrom and verified the following facts myself. I did not test the stock ROMs, but in the general thread others reported that they have it, too. I don't know if they really came from an official source. April ROMs seem not to have it.
Many trustworthy virus/malware scanners detect trojans in system/app/ - see a list of reports in the virustotal links:
fonts 6.26
com.lovelyfonts
lovelyfonts_vanzo_noicon_6.26.apk
http://www.avgthreatlabs.com/android-app-reports/app/com.lovelyfonts/
https://www.virustotal.com/en/file/...e90eaa5e9e8a1dec4db0d4ece4a82be1185/analysis/
Unlock 2.144
com.yunlan.syslockmarket
SysMarket_92_NoIcon.apk
https://www.virustotal.com/en/file/...cd75a5543725b049c974735dcc66c526940/analysis/
Maybe one of them seems to download a third one and does it again if I delete it, which is clearly malicious behavior:
com.skymobi.pay.plugin 2.0.0.6
placed here: /storage/sdcard0/Android/data/com.skymobi.pay.app/plugins/com.skymobi.pay.opplugin_V2006.apk 174.95 KB
http://www.avgthreatlabs.com/android-app-reports/app/com.skymobi.pay.opplugin_v2006.apk/
https://www.virustotal.com/en/file/...19bf34f6884fa397f062e9b9e4ee4d9be0a/analysis/​I was able to delete both apps using Titanium Backup. Everything still works and the third app didn't come back anymore.
After deletion of the "fonts" app, without reboot, a chinese menu entry appears under settings/display. It translates to "font settings" and crashes when tapped. Maybe that's interesting.
Both apps caused wakelocks, consumed battery and sent data to the internet. They have lots of rights, and their names alone are suspicious.
Other Jiayu users with ROMs of May or June should check for these apps, too. Please report your results here. You can extract the ROM file on your PC and scan it with a virus scanner, or submit above apk files to virustotal or other online services.
Or, on your device, check for existence of the "fonts" and "Unlock" apps. You can do so under Settings/Apps, or in Titanium Backup, or Wakelockdetector and so on.
-Alex

Can you suggest tools to analyze what goes on on my device? Like a good task manager with lots of features showing useful info.
I would also like to see a list of open connections, and who caused them, is that possible?

I just downloaded and installer titanium to check for that apps, i dont seem to have any of those installed.
The rom i have its the official from jiayu.es, based on the 20140418-120537.
Anyways i wanted to check it manually, should I upload all my rom to virustotal?
Thanks

petete159 said:
I just downloaded and installer titanium to check for that apps, i dont seem to have any of those installed.
The rom i have its the official from jiayu.es, based on the 20140418-120537.
Anyways i wanted to check it manually, should I upload all my rom to virustotal?
Click to expand...
Click to collapse
This is an April ROM, and there are also other reports that they are not affected.
Since a few days, jiayu.es also has the June ROM for download.
No, you can't upload the whole ROM. You can unrar/unzip it on a PC and upload single apk files from /system/app/ - or directly upload from your phone (you can use ES file explorer to access that directory).

This warning is now in multiple forums, but no one seems to really care.
Where should I post to get attention?
Some say, I should just delete the suspicious apps and everything is ok. I did that, but I'm not feeling safe, of course. How can we find out more?

{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
I found this out also.
I've checked the app and it has suspiciously many rights...

mainstreamer said:
I found this out also.
I've checked the app and it has suspiciously many rights...
Click to expand...
Click to collapse
Thanks a lot, can you tell what ROM version you use and where you got it from. And if not G4S, what model?
What about the other 2 apps?

Stock Rom from jiayu.es (the latest). I have the g4s.

mainstreamer said:
Stock Rom from jiayu.es (the latest). I have the g4s.
Click to expand...
Click to collapse
for the records, that is:
(4.2.2)Rom Oficial Jiayu China 20140609-211642
http://www.jiayu.es/software.php?soft&jiayu=G4S

Alex1a said:
for the records, that is:
(4.2.2)Rom Oficial Jiayu China 20140609-211642
http://www.jiayu.es/software.php?soft&jiayu=G4S
Click to expand...
Click to collapse
Indeed. Somehow it's already included in the official rom.
Maybe it's time to contact jiayu directly?

mainstreamer said:
Indeed. Somehow it's already included in the official rom. Maybe it's time to contact jiayu directly?
Click to expand...
Click to collapse
I contacted jiayu.de at 30.6., they think it's harmless, but are looking at it - no further info until now.
I then contacted jiayu.es yesterday, but got no answer at all until now.
The latest official software posted on http://www.ejiayu.com/en/News.html is from April. How do we know, that 0609 and so on is really officially from them? Is there another official source?

I sent a detailed email to ejiayu.com and will post any comments here.

Answer from Jiayu Official Store España:
"Hello. We do not know anything about this issue because it is working right at this moment. Please contact to Jiayu China or ejiayu to talk about this issue with them."
EDIT: I then asked for help contacting Jiayu China and got this reply after some days:
"Hi. This rom is made bu Jiayu China not by us. We do not know anything from that,. Try to keep in contact with them because we can do nothinfg to fix it."

Hmm ok thanks.
Strange that nobody knows what might be going on. Is the latest rom maybe bogus?
Anyone got a good rom alternative for my jiayu g4s?

Here are the details:
http://securelist.com/blog/virus-watch/59356/caution-malware-pre-installed/
Zopo also does this: recent official KitKat has the fonts troyan, and it is embedded into Settings!
This is clearly intentionally done.
We, simple people, think we pay less for decent phones, and in fact, phone sellers and manufacturers sell out secrets to 3rd party without asking us.

Latest info: there's a new official kitkat ROM for this phone, and it has exactly the same 2 trojans
I really wonder why this security thread is that short. Is it the wrong place here, or doesn't anyone care? I don't feel secure after deleting those apps and don't want to use such ROM. So I restored the april stock ROM...
From official sources nothing new about this issue.

answer from german flagship store
Alex1a said:
From official sources nothing new about this issue.
Click to expand...
Click to collapse
I received an answer from the German branch (flagship store in germany: url jiayu dot de).
The applications are designed for remote maintenance.
I hope they are right.

cepria said:
I received an answer from the German branch (flagship store in germany: url jiayu dot de).
The applications are designed for remote maintenance.
I hope they are right.
Click to expand...
Click to collapse
Never ever, german store is more or less just a reseller with the same poor customer service than a chinese one, why should they confirm that the company who they earn the money with is distributing malware, this would kill their Business immediately

any news on this issue?
I'm planning to buy this phone, but only if the malware is 100% removable.
Can someone confirm that simply removing the APKs does the trick?
Are they located in /system/apps/?

Confirmed, or just flash a different rom, can suggest borx rom gold v3

S7-931w - Failed to update modem - S7-931u

So I'm the owner of the infamous MediaPad 7 Lite [WiFi only] or S7-931w and there is hacking challenge ahead.
As Huawei rarely updates FW for S7-931w and original FW is buggy, I decided to experiment in some way: I put S7-931u FW on S7-931w tablet.
That should work perfectly as both tablets are same by hardware, except that S7-931u have 3G modem.
So after flashing and tablet boot, everything is perfect but there is annoying message on the screen: "Failed to update modem" that will sit on the screen and not go away.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Now, I seeking for a way to remove that message. As I'm not very experienced android developer, I have no idea how to remove it. Maybe to remove modem driver? Or some modifications on firmware before flashing?
I would like to stay on this firmware as it's seems to be more stable and faster than one for S7-931w.
Thanks in advance.

Well I'm not sure that removing modem driver is an easy task.. because the firmware of this tablet is a real mess - but you can try.. because you said you are experimenting. That probably includes rooting of the device, and/or maybe even custom ROM-ing
I own S7-931U with SP19 firmware version and it is not stable at all - at least on my tablet
Wifi version that you have has only reached SP01 version as you can see on this link.
But if you really want to experiment (and don't mind translating from russian) do check 4PDA forum.. they also have some stuff for MediaPad 7 Lite tablets.
Good luck.

prometej-zg said:
Well I'm not sure that removing modem driver is an easy task.. because the firmware of this tablet is a real mess - but you can try.. because you said you are experimenting. That probably includes rooting of the device, and/or maybe even custom ROM-ing
I own S7-931U with SP19 firmware version and it is not stable at all - at least on my tablet
Wifi version that you have has only reached SP01 version as you can see on this link.
But if you really want to experiment (and don't mind translating from russian) do check 4PDA forum.. they also have some stuff for MediaPad 7 Lite tablets.
Good luck.
Click to expand...
Click to collapse
It's already rooted. But I do not have experience with removing drivers on android, so yes, it will be tricky.
Ohh I see that you are also from Croatia, that explains why we both have MediaPad 7 Lite. This tablet is pure crap, but for basic task can be a bit frustrating because of it's "awesome speed". Maybe it can be less useless with better firmware.
I'll check that Russian stuff, it may help.
EDIT: I checked but I don't see anything useful. I would like to know how to edit Huawei firmware by my self like Russian guy did. I managed to open update.app with 7-zip and check all 3 archives (931U.zip, 932U.zip, 933U.zip) contained in it.
Each archive contains 2 files:
- MOBILE_CONNECT.BIN
- UpdateWizard (No extension) - File seems to be an ELF file determined by header.
I have no idea how I should edit anything of that.
This firmware is become open source but I don't know how to edit it either.
I would appreciate if someone can explain me or provide me some tutorial for such, If I get involved and done something, I'll publish it so others may also enjoy the benefits.

Well most of us got this tablet for an "T-Contract"
I don't have enough experience with customizing ROM-s, so I'm not much of a help, but here are two links which may help you disassemble original ROM.
[GUIDE] How to extract Huawei firmware (update.app)
[TOOL] Huawei Update Extractor [UPDATED: v0.9.8.0]
App on the second link is a believe easier to setup if you are on windows platform.
Btw.. you are probably on your own on this experiment, because I've search for some answers on the subject of this tablet, and got none (even nothing from Huawei!)... That is why a gave up trying.. Only thing I've seen new is open source stuff on Huawei pages.
I guess people (or even worse Huawei) are just not interested to create something better for this tablet.
At least some users on this forum and Freaktab.com, helped with rooting and TWRP custom recovery... I can only thank them for their effort

prometej-zg said:
Well most of us got this tablet for an "T-Contract"
I don't have enough experience with customizing ROM-s, so I'm not much of a help, but here are two links which may help you disassemble original ROM.
[GUIDE] How to extract Huawei firmware (update.app)
[TOOL] Huawei Update Extractor [UPDATED: v0.9.8.0]
App on the second link is a believe easier to setup if you are on windows platform.
Btw.. you are probably on your own on this experiment, because I've search for some answers on the subject of this tablet, and got none (even nothing from Huawei!)... That is why a gave up trying.. Only thing I've seen new is open source stuff on Huawei pages.
I guess people (or even worse Huawei) are just not interested to create something better for this tablet.
At least some users on this forum and Freaktab.com, helped with rooting and TWRP custom recovery... I can only thank them for their effort
Click to expand...
Click to collapse
Yeah "T-Contract", as 80% of Croats, me included.
But you helped me a lot, you bring me things I didn't even known that are exist for this tablet.
If I make some success, I'll post about it.
And yes, Huawei have NO interest for it - They even removed S7-931w support from their site - SHAME.
It's a bad tablet, slow and as you said with messy firmware, that's probable reason why almost nobody works on it, or maybe nobody have enough courage to challenge Huawei MediaPad 7 Lite? Who knows

Some update, I used extractor to extract the firmware, after extraction I extracted system.img and under bin directory found guilty script:
modem_update
The problem is that this script is probably called by another, so how to stop that chain....

I have attached recovery log file from mine S7-931u model using SP19 firmware.
Maybe it can be helpful to you, because it contains some stuff near the end of the file related to modem installation and partitions (?!)
EDIT: I forgot to mention... as I understand (not excatly sure about details!) rild is command/daemon that helps communication between modem device and Android code (I believe there is something about that on Stackoverflow forum).. so maybe this may also be your point of interest.?

As I see by viewing the log you shared, it even creates special "modem" partition.
This maybe even complicates the things, maybe I could change creating modem partition.
As experimenting with Android partitions is never good idea, I need to be extremely careful as there is possibility of bricking device.
Do you maybe know where I can find script which handles installation process?

Sorry I haven't investigate Android very deep so I don't know what is the script in charge of installation procedure.
Maybe if you check init.rc and/or init.<machine_name>.rc scripts/service or maybe even updater_script... maybe you can find some more clues, about what is going on during boot procedure and/or installation.

Okay, I'll look into it when I got some time, and I'll keep updated.

Success!
After a while, I finally managed to get some time and will to work on our poor S7-931w, and I comming with a good news!
I finally managed to remove permanent "Failed to update modem" message.
Message is caused by system application HuaweiInit.apk which I found safe to remove after message appears, as after removal there is no annoying message nor bugs.
Also, now all telephony apps could be removed since S7-931w doesn't have any way to use it.
Now we can have S7-931u firmware on our S7-931w. For me, it seems that u firmware is more responsive.
Using S7-931u firmware also brings back USB Mass storage mode which was removed in latest S7-931w firmware.
However, it's still a lot of thing to done, there is annoying empty(gray) GSM signal icon next to the battery, and we should do something more serious with it like optimizing it.
Later I'll post brief tutorial, and maybe release modded S7-931u rom for S7-931w.

Trojan on Gretel A9 smart phone

Hello, I have been having trouble for months with a Gretel A9 smart phone provided by my employer.
The thing seems to be infected by a Trojan which cannot be removed by Factory Restore, or any virus program I have been able to find. (Malwarebytes will detect and clear it, but it comes back straight away).
Here are the symptoms:
-Horrendous pop-ups advertising games
Such as "Grumpy Gorrilla", "Oh No", "99 Balls", and "Sticky Glue). These pop ups are difficult to remove and require scrolling on the advert to find the X to remove, which often leads to clicking on the pop up itself.
This ended up with the phone being subscribed to "Demon Games", running up a £50 phone bill with the network provider.
-Constant browser pop ups to a website called "Aiboo.cc" which I am sure has something to do with it.
-An app called "Magic" which comes up as a virus on malware bytes, and keeps reappearing on the phone, with a little picture of a blue Octopus.
-Constantly tells me I have a new Whatsapp message, but when clicked on, something called "H5 Games" comes up.
-Lake worth ISD is another dodgy app that keeps appearing.
The phone is running Android 6.0.1
Please, help me if you can. I have tried resetting numerous times, and I've researched everything I have found but there's no information online about any of these things.

If it's provided by your employer than return it to him and refuse to use it until fixed or received new one.
To remove any files from system you need a root access. You have to root your device first but you lose warranty

If I return it, they will only provide me with a tiny 'Alcatel Pixi' phone, which is just awful to use.

I think I may try to Root it, but I have no experience doing this

Huscarl said:
I think I may try to Root it, but I have no experience doing this
Click to expand...
Click to collapse
Please post a screenshot of 'About phone' and also run Anti-virus Dr.Web Light (https://play.google.com/store/apps/details?id=com.drweb&hl=en) and post the results. Feel free to post the results from Malwarebytes as well.

Palm Trees said:
Please post a screenshot of 'About phone' and also run Anti-virus Dr.Web Light (https://play.google.com/store/apps/details?id=com.drweb&hl=en) and post the results. Feel free to post the results from Malwarebytes as well.
Click to expand...
Click to collapse
Ok, I will figure out how to get this done and post it tomorrow night (it's late here now and I need to figure out how to do it).
I will also keep a log of what appears on the phone during the day, as I get various messages and pop-ups.
Really do appreciate any help on this, as it has me and my work stumped. It would be a decent phone to use were it not for this terrible virus/trojan.

A quick scan on Malwarebytes came up with this:
2 Malware found
-Android/Trojan.Agent.ASH
(Installed Application - Settings) [I repeatedly get a fake application called Settings]
--------------
-Android/Trojan.Dropper.Agent.CKA
(Installed Application - Magic) [This is the app with the Octopus Icon which I mention earlier]
Tried wiping these off the phone numerous times, both manually and using Malware bytes and other virus apps, but they persistently come back.

Huscarl said:
Really do appreciate any help on this, as it has me and my work stumped. It would be a decent phone to use were it not for this terrible virus/trojan.
Click to expand...
Click to collapse
Did my own research. A number of phones came pre-installed with the Triada malware/virus, which is a well-known case. Unfortunately, Gretel A9 was one of those.
I downloaded the stock rom 3.04 and 3.02 both are infected and the only solution I see is replacing the lib which is causing this and deleting the .apk that is also causing this (based on what I could tell). However, I need to know specifically which version you are running and also what the result of the Dr. Web scan is (please post a screenshot). We could try to repack the cleaned system.img and then you can flash that. However, there are no guarantees it'll work.
TWRP and a few custom roms are available for your phone + general discussion here: https://4pda.ru/forum/index.php?showtopic=807386.

I have posted a Dropbox link to a screenshot of my About Phone..
https://www.dropbox.com/s/lie3868wcrquchg/LongShot_20190415_092503.png?dl=0
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}

Currently running a full scan with Dr Web Lite and it has detected 20 threats so far, that's far more than malware bytes or any other virus scanner I have used.
Once that's done I will post the results

Huscarl said:
Currently running a full scan with Dr Web Lite and it has detected 20 threats so far, that's far more than malware bytes or any other virus scanner I have used.
Once that's done I will post the results
Click to expand...
Click to collapse
Sounds good! Did some more research, Alberto96 posted this in 2017 (huge thanks for providing both TWRP + the K10 and A9 firmware) https://forum.xda-developers.com/showpost.php?p=77545922&postcount=7 and I've succesfully compared the firmware. My thinking here is - replace the clean files from the Oshiyama K10 stock firmware with the infected ones from the Gretel A9. Repack system.img and then you can try flashing the new system.img via SP Flash Tools. Alternatively, flash TWRP and we'll have to figure out how to create a new flashable system.img script.

I'm having a hard time getting it onto one screenshot despite trying to save it as a long shot, but here is some of the Dr Web diagnosis..
https://www.dropbox.com/s/na47qmq9ek4fvs0/LongShot_20190416_084021.png?dl=0

Palm Trees said:
Sounds good! Did some more research, Alberto96 posted this in 2017 (huge thanks for providing both TWRP + the K10 and A9 firmware) https://forum.xda-developers.com/showpost.php?p=77545922&postcount=7 and I've succesfully compared the firmware. My thinking here is - replace the clean files from the Oshiyama K10 stock firmware with the infected ones from the Gretel A9. Repack system.img and then you can try flashing the new system.img via SP Flash Tools. Alternatively, flash TWRP and we'll have to figure out how to create a new flashable system.img script.
Click to expand...
Click to collapse
Just looked through this thread and I can confirm they were getting the exact same symptoms. Everything they described is what is happening with my phone.

Huscarl said:
I'm having a hard time getting it onto one screenshot despite trying to save it as a long shot, but here is some of the Dr Web diagnosis..
https://www.dropbox.com/s/na47qmq9ek4fvs0/LongShot_20190416_084021.png?dl=0
Click to expand...
Click to collapse
Thanks. If you can pull the full detection list that would be great.
I need to know what some of the detections are associated with, so can you run 'adb shell' and then 'pm list packages –f' like this example:
Then copy the list and post it here as .txt preferably.
Currently decompiling the rest of the 3.04 firmware to see if they've hidden malware in the other partitions as well. If not, we're all set to have you flash a test cleaned test rom if you're up for it.
deleted: \system\priv-app\SecurityService\
https://www.virustotal.com/#/file/1...2b95f86b37e1fd65d495ec4f7782a1df5b8/detection
replaced: system\lib\libandroid_runtime.so with the clean libandroid_runtime.so from the Oshiyama K10 (the device Alberto was referring to).
https://www.virustotal.com/#/file/4...63a1eaca0329162e1d5bd6a6205c1ce78ab/detection
Furthermore, I've removed these vendor apps (pre-installed bloat).
\system\vendor\operator\app\FaceBook
\system\vendor\operator\app\Gmail2
\system\vendor\operator\app\Instagram
\system\vendor\operator\app\Maps
\system\vendor\operator\app\Twitter
\system\vendor\operator\app\YouTube

Here is everything I am getting from Dr Web:
https://www.dropbox.com/s/4a8xw8838vizxul/OneShot_20190416_164440.png?dl=0
https://www.dropbox.com/s/gvl5it7ucfo0s01/OneShot_20190416_164541.png?dl=0
https://www.dropbox.com/s/04am7g7mdw1vlk1/OneShot_20190416_164604.png?dl=0
https://www.dropbox.com/s/04am7g7mdw1vlk1/OneShot_20190416_164604.png?dl=0
https://www.dropbox.com/s/e987ajlgp3hjriz/OneShot_20190416_164612.png?dl=0
Sorry about the format, I'm not so tech savvy, I'm sure that's the lot. I'll now start working on the other instructions you gave me (abd)

Still trying to figure out how to use ABD.
I am following the instructions on here:
https://www.howtogeek.com/125769/how-to-install-and-use-abd-the-android-debug-bridge-utility/
I have download the SDK tools, and unzipped them to a new folder, but I do not see the SDK Manager EXE

I think that it would be easier to flash new rom from the link few posts above - xda site

a602820922 said:
I think that it would be easier to flash new rom from the link few posts above - xda site
Click to expand...
Click to collapse
The problem is, it won't boot. You need to flash the system.img only - but the K10 system.img needs to have the required libs from the A9, e.g. fingerprint, cam libs. Though there's no indication hereof, the K10 may pack malware as well. But like I said, I can repack the K10 system.img with the required A9 files and Huscarl can test it. This can likely be omitted, if we can repack the stock rom with the clean files from the K10 system.img. That's why I need to know what packages are linked to the Dr. Web detections aside from SecurityService and libandroid_runtime.so.
An alternative quick fix: flash TWRP, root the phone, run Dr. Web and let it remove the malware. However, as research indicates, the problem still persists for some users.

Question [CLOSED] The latest drivers for Windows 11 (and previous releases) at FirstEver.eu [CLOSED]

Hello,
I decided to expand my website and add a section with drivers for Windows OS.
Why I am doing this?
Other driver pages (that I know) have an archaic look
They often do not have the latest driver versions
They are difficult to navigate, no obvious categories, require multiple clicks
Drivers are mixed with program updates - one big mess
They collect all versions of the driver, and the most recent one is often at the very end of the list
They usually don't post beta or development drivers
They often contain links to free hosting that have bandwidth limitations
The sites are filled with advertisements and often redirect to other unsafe sites
They don't educate users
What is the difference?
Modern interface, only important information about the driver
Always the latest driver versions
Easy navigation, main categories and most popular drivers
This page contains only drivers and driver-related topics
Drivers available in stable, beta, development and legacy versions
Direct links to the producer's servers, in a few cases I host the files myself
No ads or other crap
I will post useful driver tutorials in the future
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Website: Mod edit: DL link removed.​
If you have any suggestions, write them in the comments - cheers!

UPDATE / 30 November 2022​
Some drivers that you won't find on other sites:
Intel Iris/Xe / 11th-13th Gen driver version 31.0.101.3889:
EXE: https://firstever.eu/download/gfx_win_101.3889.exe
NVIDIA GeForce Game Ready Driver (Insider) version 530.04:
EXE: https://www.firstever.eu/download/530.04-desktop-win11-64bit-international-dch-whql.exe

FirstEver said:
UPDATE / 30 November 2022​
Some drivers that you won't find on other sites:
Intel Iris/Xe / 11th-13th Gen driver version 31.0.101.3889:
EXE: https://firstever.eu/download/gfx_win_101.3889.exe
NVIDIA GeForce Game Ready Driver (Insider) version 530.04:
EXE: https://www.firstever.eu/download/530.04-desktop-win11-64bit-international-dch-whql.exe
Click to expand...
Click to collapse
great to hear this .. anyhow to get Intel Centrino Wireless N-1000 driver for my Windows 11? I tried many ways but failed .. the rest is fine, just the onboard wireless fails ..
thanks in advance ..

Xploit Machine said:
great to hear this .. anyhow to get Intel Centrino Wireless N-1000 driver for my Windows 11? I tried many ways but failed .. the rest is fine, just the onboard wireless fails ..
thanks in advance ..
Click to expand...
Click to collapse
Start+X -> Device Manager -> Find your Wifi Card (probably in Network adapters) -> Right Click -> Properties -> Details Tab -> Property (choose Hardware IDs) -> Selet the shortest from the list (copy and paste your Hardware ID here).

FirstEver said:
Start+X -> Device Manager -> Find your Wifi Card (probably in Network adapters) -> Right Click -> Properties -> Details Tab -> Property (choose Hardware IDs) -> Selet the shortest from the list (copy and paste your Hardware ID here).
Click to expand...
Click to collapse
thanks, here's mine ..

Xploit Machine said:
thanks, here's mine ..
View attachment 5783005​
Click to expand...
Click to collapse
The latest driver what I found for this card is 15.11.0.9 (from 30 April 2015) - you can download it HERE.

UPDATE / 12 December 2022​
Changes:
We provide information whether the file is downloaded from the official server (Direct Link) or from our FirstEver.eu server (External Link)
We scanned all the files we host using VirusTotal.com - and they're all safe.

FirstEver said:
The latest driver what I found for this card is 15.11.0.9 (from 30 April 2015) - you can download it HERE.
Click to expand...
Click to collapse
yes, I have tried before this version but still no luck

Personally use IOBit's DriverBooster Free
Needs One Click to Update Drivers for Optimal PC Performance:
Scan and update 8,500,000+ Drivers, all from official and signed by WHQL
Fix crashing, slow browsing, and bad graphics. Fewer device errors
Install drivers offline to keep the system faster and functioning smoothly
Clean invalid device data fully. Optimize your gaming experience

jwoegerbauer said:
Personally use IOBit's DriverBooster Free
Needs One Click to Update Drivers for Optimal PC Performance:
Scan and update 8,500,000+ Drivers, all from official and signed by WHQL
Fix crashing, slow browsing, and bad graphics. Fewer device errors
Install drivers offline to keep the system faster and functioning smoothly
Clean invalid device data fully. Optimize your gaming experience
Click to expand...
Click to collapse
Are you an IOBit employee?
Aside from using OP's thread to promote another software, at least choose a free one.
Snappy Driver Installer Origin would be one of those alternatives not claming to "optimize your gaming experience" by "cleaning invalid device data" to fool people into installing it.

IOBit's DriverBooster Free is crap ..

nazfalas said:
Are you an IOBit employee?
Aside from using OP's thread to promote another software, at least choose a free one.
Snappy Driver Installer Origin would be one of those alternatives not claming to "optimize your gaming experience" by "cleaning invalid device data" to fool people into installing it.
Click to expand...
Click to collapse
Thread is ( originally ) flagged as "QUESTION" hence I allowed me to answer a question.

Xploit Machine said:
IOBit's DriverBooster Free is crap ..
Click to expand...
Click to collapse
If you say so ... For me its best feature is the
Driver roll back feature - Easily restore drivers to previous version once unexpected happens
Yes, Driver Booster automatically backs up your current drivers and creates a system restore point before updating, allowing you to roll back if you have problems.
BTW:
At time of this writing it was downloaded 1,423,105 times

jwoegerbauer said:
If you say so ... For me its best feature is the
Driver roll back feature - Easily restore drivers to previous version once unexpected happens
Yes, Driver Booster automatically backs up your current drivers and creates a system restore point before updating, allowing you to roll back if you have problems.
BTW:
At time of this writing it was downloaded 1,423,105 times
Click to expand...
Click to collapse
I mean the FREE version, I have PRO / PREMIUM version

You're serious? How is this not flagged?

Thread closed.
@FirstEver Please check your PM inbox. Thank you.
-Regards: Badger50