mbam_mtbr

Hi @Slobodan, Although I don't believe we can stop the use of other apps from using camera/microphone, we absolutely do detect spyware. Nathan

Hi @Smackus, Malwarebytes for Android is taking a more aggressive stance against stalkerware. Therefore, apps that used to be clean may now be detected as Monitor. Monitor is a subset of Potentially Unwanted Programs (PUPs), thus it’s NOT considered malware. The main purpose of detecting these Monitor apps is to make unsuspecting users aware of their presence. Especially in cases of domestic abuse where abusers have physical access to victims mobile devices. If you are aware of the presence of these apps, you can simply ignore them using this method: Run a scan. On the results screen, below each checkbox is drop-down arrow. Click on the arrow. From the list of options, select “Ignore Always.” Future scans will no longer detect the app as suspicious. If you change your mind and like to stop ignoring, you can do so at any time by: Tap Menu icon Tap Scanner Tap Whitelist (upper right corner) Remove from list We apologize for inconvenience, but due to the extreme outcomes of not letting unsuspecting victims aware of these apps, we will continue to take a hard stance on Monitor apps. Thank you for understanding, Nathan

Hi @CWWorld, You can use this method to uninstall for current user (details in link below): https://forums.malwarebytes.com/topic/216616-removal-instructions-for-adups/ Warning: Make sure to read Restoring apps onto the device (without factory reset) in the rare case you need to revert/restore app. Use this/these command(s) during step 7 under Uninstalling Adups via ADB command line to remove: adb shell pm uninstall -k --user 0 <package name> If you need help with which apps to remove, you can send an Apps Report. To send an Apps Report with Malwarebytes for Android use the following instructions. 1.Open the Malwarebytes for Android app. 2.Tap the Menu icon. 3. Tap Your apps. 4. Tap three lines icon in upper right corner. 5. Tap Send to support Choose an email app to send Apps Report. Your email app will open with the Apps Report included. Send the Apps Report to create a ticket. Private Message (PM) me the email used and/or the ticket number assigned. Nathan

Hi @Mazi I'm guessing it might be a system app, or have admin permissions. If it has admin permission, you can deactivate it through settings>security>Device admin apps, or some variation of that depending on the Android OS. Then uninstall. If it's a system app, it's more work to remove, but doable. You can use this method to uninstall for current user (details in link below): https://forums.malwarebytes.com/topic/216616-removal-instructions-for-adups/ Warning: Make sure to read Restoring apps onto the device (without factory reset) in the rare case you need to revert/restore app. Use this/these command(s) during step 7 under Uninstalling Adups via ADB command line to remove: adb shell pm uninstall -k --user 0 <package name> You can send me an Apps Report if you need help identifying the package name, or want me to verify if it's a system app. To send an Apps Report with Malwarebytes for Android use the following instructions. 1.Open the Malwarebytes for Android app. 2.Tap the Menu icon. 3. Tap Your apps. 4. Tap three lines icon in upper right corner. 5. Tap Send to support Choose an email app to send Apps Report. Your email app will open with the Apps Report included. Send the Apps Report to create a ticket. Private Message (PM) me the email used and/or the ticket number assigned. Nathan

Hi @ridgerunner777, You can disable via Settings > Notifications > Malwarebytes > Disable. However, be aware that you will have no way of knowing if Real Time Protection gets disabled if you turn off notifications. Nathan

Hi @Phuc, Well, we already do have some anti-theft features via our SMS device control. To access: Open the Malwarebytes for Android app Tap the Menu icon Tap Settings Tap Protection Tap SMS device control Toggle the button to 'On' Set pin After that, you will be able to send simple SMS commands to your device. Some features are locking your screen, changing your lock-screen password, sending a siren and vibrate device, and showing a message on the screen. For a full list of commands, use command mb <your pin> ? As far as subscription, Malwarebytes for Android currently does not have a lifetime subscription, nor is it on the road map. I believe yearly is the best we can do. My apologies. Nathan

Hi @Sugar, If you're okay with sending over an Apps Report, I can check on what malware is causing this. To send an Apps Report with Malwarebytes for Android use the following instructions. 1.Open the Malwarebytes for Android app. 2.Tap the Menu icon. 3. Tap Your apps. 4. Tap three lines icon in upper right corner. 5. Tap Send to support Choose an email app to send Apps Report. Your email app will open with the Apps Report included. Send the Apps Report to create a ticket. Private Message (PM) me the email used and/or the ticket number assigned. Nathan

Hi @Baldape, Okay. Well, there is no known issues we are aware of. At this point, the best thing to do is to submit an official support ticket with as much information about the issue. Malwarebytes Support Sorry I don't have a better answer for you, Nathan

Hi @GammaRayBurst, Glad you figured out the install issue. As far as ransomware detection, yes, we require device admin rights. Luckily, ransomware is on the decline as of recently. However, as nasty as it is, it's worth protecting against. Please note that Malwarebytes for Android does not use device administration rights for erasing mobile devices, nor any other drastic actions. Ransomware is particularity dangerous, and if given device administration rights (accidentally), it can render the device unusable. By giving Malwarebytes for Android device administration rights, we can remediate ransomware even after it is given privileged rights. For example, some ransomware may change the device’s user pin. We can remediate this if given device admin rights to reset the pin (via SMS commands). Also, device admin rights protect Malwarebytes for Android from being uninstalled by malware. If you would prefer to not give Malwarebytes for Android device administration rights and forgo protection from ransomware, our application will continue to run without those rights. As far as a password for lockscreen goes, yes it is pain, but not a bad idea to have it locked. You can just use a simple pin/pattern. You can adjust how long it takes the screen to lock separately from the time it powers off the screen. It should be in your security settings. Nathan

HI @Baldape, Is it perhaps getting stuck on scanning for ransomware? This is our advanced rasonware scanner. A screenshot would be very helpful. Nathan

Hi @deep_logic, Besides the Google Calendar issues you are having, you may also be experiencing Broswer related ads. . This is caused by the way most browsers handle redirections executed by javascript code. Most browsers don't do a great job of preventing these redirects, which also cause ad pop-ups. Advertising affiliates are aware of this, and exploit this weakness. Even if an advertising affiliate is shut down for using this exploit, they just come back with a different affiliate id and are right back at it. The best way to block these pop-ups are to try a different browsers, disable javascript, install a browser with ad blocking (like Opera), and/or install Ad-block Plus. If you encounter these pop-ups again, back out of them using Android's back key. Also, clearing your history and cache will help stop the ads from reoccurring. If this doesn't solve the issue, feel free to send us an Apps Report and we can double check there is no Adware installed. To send an Apps Report with Malwarebytes for Android use the following instructions. 1.Open the Malwarebytes for Android app. 2.Tap the Menu icon. 3. Tap Your apps. 4. Tap three lines icon in upper right corner. 5. Tap Send to support Choose an email app to send Apps Report. Your email app will open with the Apps Report included. Send the Apps Report to create a ticket. Private Message (PM) me the email used and/or the ticket number assigned. Nathan

Hi @GammaRayBurst, To start, the pop up was most likely browser related. This is caused by the way most browsers handle redirections executed by javascript code. Most browsers don't do a great job of preventing these redirects, which also cause ad pop-ups. Advertising affiliates are aware of this, and exploit this weakness. Even if an advertising affiliate is shut down for using this exploit, they just come back with a different affiliate id and are right back at it. If you encounter these pop-ups again, back out of them using Android's back key. Also, clearing your history and cache will help stop the ads from reoccurring. Next, as far as the installation of Malwarebytes for Android, are you able to open the app? Your best bet is to send a ticket to your support staff -> Malwarebytes Support Nathan

Hi @Marcus911, I doubt Google PLAY will stop working, so I wouldn't worry about that too much. Nathan

Hi @Avocado, In short, yes. We detect as Monitor/Spyware. This is also referred to as "stalkerware". Warnings: If you suspect someone is using such an app on your device, and you are at risk of abuse, don't just uninstall after detection. Many of these apps send an email to abuser's when uninstalled. Many of these apps can monitor web activity, so even Googling keywords about stalkerware could trigger abuser. If you suspect your device is being monitor, I would find a safe device (perhaps a library PC) and follow the advice here: https://blog.malwarebytes.com/stalkerware/2019/07/helping-survivors-of-domestic-abuse-what-to-do-when-you-find-stalkerware/ Nathan

Hi @Marcus911, If your Chromebook has Google PLAY and can install Android apps, then we have you covered -> Malwarebytes for Chromebook. Hope that answers your question, Nathan