Jump to content


  • Posts

  • Joined

  • Last visited

Everything posted by stvvv

  1. There are multiple sources of virus on the UMX. Eventually an update will take them all away and the phone will be virus free for awhile until after another update something like g21news appears. I hadn't had g21news since last year, but I've seen other people on here reporting it. Make sure your phone is updated to the latest, you have to manually check for updates, it doesn't just go to the latest. "News" is a virus that has always been on the phone. The other viruses appear in vital system apps which can make ADB uninstalling something you may not want to do. My phone seems virus free at the moment as it started acting up again over a month ago with another Chrome hijacker and Topic so I ADB uninstalled the following: news com.huub.instantnews topicnews com.android.part.iinews hidden menu com.teleepoch.hiddenmenu Does anyone know what hidden menu is. I uninstalled it because Malwarebytes recommended I uninstall it in the past. EXAMPLE: adb shell pm uninstall -k --user 0 com.teleepoch.hiddenmenu
  2. The UMX phones from Assurance (mine too) have had viruses on and off for the past couple years that are usually factory installed in system apps that can be disabled but not removed. If you disable, you will lose functionality of that part of the system which may or may not be an issue. Several times UMX cleared the viruses off the phones with an update, but after a few months a new virus appeared. I had the g21news.com virus in Dec/Jan, but then an update took it away so it seems that my phone has been virus free for the past few months. If you get a new phone or do a factory reset the phone will update, but it may be several updates behind so you may have to go through the update process to manually check for updates and let them install two or three times until it says that you have the most current version. I think you may need to get to the most current update and then your phone will be virus free at least for now. We've been working on the UMX U693CL viruses in this thread:
  3. IT was actually the Customizations app. I didn't bother do disable it at the time because I didn't know what that would do.
  4. I think it's in the settings app. I had the G21news virus last year, but later updates got rid of it. When you get a new phone it may be several updates behind so you have to go through the update process several times until it says that you have the most up to date.
  5. There have been a variety of issues like this for our UMX phones the past couple years. Assurance is well aware and they do nothing. Usually the problem persists for awhile and then UMX fixes it with an update so the phone will be fine for months, but then another one pops up. There is nothing you can do about it unless you use ADB to disable the system app that the virus is factory installed in. For example I disabled Wireless Update a couple years ago and then my phone and nothing on it ever updated until I knew the virus had been fixed by UMX and reset my phone. The virus you have didn't seem as bad. I cant remember which system app it is in. But I don't have the G21 news virus anymore because I think a later update had fixed it. Go through the update routine again to see that you have the latest update installed. With the last update that I have I don't see any virus activity.
  6. In 2019 when the lifeline phones had Adups malware factory installed I called them a week after I got my phone and told them that it had a factory installed virus. They didn't say anything about it and tried routine troubleshooting like a factory reset which I told them already didn't work. So they volunteered to send me a new phone and it had the exact same viruses preinstalled on it.
  7. I replaced my UMX phone a few months ago and it's the same model, but a slightly newer version. I'm looking at the "Device Info" app that I got from Play Store and it says that the CPU hardware is Qualcomm Technologies, Inc: QM215. Nothing says Mediatek anywhere.
  8. The problems I had with the factory installed viruses on my Assurance UMX phone where less extensive than what you have been describing so you may have some other malware on your phone. A year ago I had Adups that was factory installed in Wireless Update that launched Chrome toward ad websites, six months later UMX cleaned it up with an update and the phone was malware free for a period of time. Recently there is another, less aggressive version installed in Customizations and all it does is change the Chrome homepage to g21news.com which seems to be negated by adding my own choice of custom homepage in the space provided. I haven't experienced any other abnormal behaviors or malfunctioning with my Assaurance, UMX phone.
  9. I uninstalled Wireless Update last year during the first round of Adups and it did work, but my phone operating system and apps never updated after that. It was fine since I only used my phone for basic services. When I read that UMX removed the PUPS, I reset my phone and it was fine. Thank you for your work on that! It looks like they are back at it though. A week or so ago I replaced the g21news in the homepage section and haven't noticed any abnormal behavior.
  10. Hi, I'm experiencing a chrome hijacker on my android phone that remains after factory reset. Malwarebytes does not detect any malware. I only have Play store apps and nothing else fancy. It directs to g21news.com and changes chrome custom homepage to this unless I take the space with another site, but it still redirects occasionally. When I first factory reset my phone I think it initially redirected to firstly.com. Thank you, I haven't been able to find any information about this on the web.
  11. It's a UMX U683CL gov't issue phone. I believe that that it had come with ADups & whatever else preinstalled as the only apps I have installed came from some of the standard major software companies and I have never really used it to surf the web. They sent me a replacement phone a few weeks ago and it has the same issues. I don't know too much about Android, but I was wondering if it was possible to get a new ROM and install it myself. I assume my phone number and service is on the sim card. If this is possible, where can I get a clean ROM?
  12. Malwarebytes has detected Trojan.Agent.BHB in the settings app. It is saying that it is in com.android.settings. I'm not sure if com.android.settings is a real system app or if it is a fake app containing the virus. As it is a system app I can't uninstall it nor can I disable the app even temporarily. Can you tell me how to disable or remove this virus using ADB?
  13. It actually looks like the result of malware in and of itself. Malwarebytes, please look at this. Code to the left after posting from yahoo mail. ecp.yusercontent.com.
  14. Sorry, I just pasted that in from email and it looks like there is a vertical line of code to the left, if your seeing that too just ignore.
  15. I worked with Malwarebytes on this problem and at the time Malwarebytes wasn't detecting it, but I knew that I had Adups because of the browser hijack. If you look at your apps list you should see a green icon with a yellow center with an arrow or something called "Wireless Update" and within it is another app called "Hidden Menu" I tried to remove it by following the "How to remove adups" above, but it didn't work. They figured out the "real names" of the app. When I first went through the removal, I think the browser hijack came back, but I reset my phone to factory settings and immediately went through the procedure and the past few days I haven't seen any sign of it. You need to use a pc, mac or linux computer to execute the commands over USB to your phone after setting it all up in developer mode as described in the memo above. But the important thing was knowing what to target. So if you have ADB on your computer and your phone all ready to go, these are the commands that I entered: Hi @stvvv, Okay, I got: com.dtinfo.tools Wireless Update To remove, you would use this command: adb shell pm uninstall -k --user 0 com.dtinfo.tools As far as HiddenMenu, use this: adb shell pm uninstall -k --user 0 com.teleepoch.hiddenmenu Apparently if you reset your phone, it will all come back since they are system apps so if you ever factory reset your phone you will have to do this again. Once you uninstall it, it will still appear in your apps list but it will say uninstalled for this user.
  16. I'm new to Android and I believe I have the "Wireless Update" malware and within the app is another app called "Hidden Menu". The only symptom that I have observed is that it is a browser hijacker and causes Chrome to pop up randomly, especially after charging and it directs to cheesy websites that offer to sell or play videogames. I can disable the app, but it reactivates by itself. Clearing histories etc does not stop it and I've done a factory reset twice to no avail. One problem I'm facing is that neither Malwarebytes or Sophos find any malware on the phone so I may be having difficulty targeting the problem on my own. I have followed instructions to use ADB to uninstall what I think is the package from both a PC and a Linux and it says not installed for this user. (user 0) the path is: /system/priv-app/SystemFota/SystemFota.apk I considered just deleting the package through the Android Studio gui, but was in doubt that it would actually uninstall the app. Any help is greatly appreciated.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.