Jump to content

mbam_mtbr

Staff
  • Content Count

    997
  • Joined

  • Last visited

Community Reputation

23 Excellent

3 Followers

About mbam_mtbr

  • Rank
    Staff

Contact Methods

  • Website URL
    https://www.malwarebytes.org/

Recent Profile Visitors

9,720 profile views
  1. HI @DaNewFixer, Do you know what Android OS version nVidia Shield TV? Currently, Malwarebytes for Android works on Android OS 6.0 and above. Can you install apps from stores outside of Google PLAY on your nVidia Shield TV? Nathan
  2. Hi @Tiesys2, Okay, we'll close the ticket. Let me know if you anything else. Nathan
  3. Hi @Tiesys2, I'll ask our forums team to look into way you are being flagged as "spam". If you contact our Malwarebytes Support, I'm sure they could refund your Malwarebytes for Android for Apple. Nathan
  4. Hi @Tiesys2, Actually, I stumbled across your ticket yesterday and was the one that told Rocco to send those instructions. Sorry they are so complicated, but they are the best we have for now. I also wrote a blog about the typical: https://blog.malwarebytes.com/android/2021/04/pre-installed-auto-installer-threat-found-on-android-mobile-devices-in-germany/ If you like to ditch the phone, but keep the costs down I would suggest buying a refurbished/renew phone of a reputable manufacturer. For example, a refurbished/renew Google Pixel 2. Unfortunately, we are seeing a raise in pr
  5. HI @Tiesys2, Okay, lets try this then. Clearing your history and cache within the browser may help stop this from reoccurring. In addition, clearing the Storage & Cache within the browser’s App Info itself also helps: Go to Settings > App Info Go to your browser app icon in App info list (such as Chrome) and click on it Once in your browser’s App info, go to Storage & cache Click Clear Storage Click Clear cache In addition, if you could send an Apps Report I can check for malware. To send an Apps Report with Malwarebytes
  6. Hi @Kukkatto, I posted a blog on how to resolve yesterday: https://blog.malwarebytes.com/android/2021/04/pre-installed-auto-installer-threat-found-on-android-mobile-devices-in-germany/ We have com.setmktdsings.asmitasmkutapp classified as Android/PUP.Riskware.HiddenAds.mktds. HiddenAds will pop up annoying ads in browser and other locations. Nathan
  7. Hi @Feurtel, With the command adb shell pm disable, it has a high probability of re-enabling itself. We have seen this in the past with other Auto Installers. I would strongly recommend the uninstall. However, you can check it after a couple of days to see if the disable stuck. Nathan
  8. Hi @Tiesys2, Let me guess. UMX phone? I assure that you are far from alone: Nathan
  9. Hi @Mark-Herzog, Gigaset pushing an update to fix the issue would be the most ideal solution. Lets hope that happens sooner than later. I'm writing up a blog to publish about the topic, which should inspire them to find a solution quicker. Nathan
  10. Hi @Feurtel, Well shoot. That should work. Maybe try typing it out manually just to make sure there are no issues with copy/pasting over weird formatting. Well, at least you are safe from malware being installed. Worse case scenario, a factory reset will re-install com.redstone.ota.ui. Hopefully it doesn't come to that though. Nathan
  11. Hi @Mark-Herzog, For the specific variant Android/PUP.Riskware.Autoins.Redstone, you will need to run this command: adb shell pm uninstall -k --user 0 com.redstone.ota.ui It is slightly different then the command listed in step 7 under Uninstalling Adups via ADB command line listed in the tutorial I linked since it's a slightly different variant of Auto Installer. I apologize that this is a complicated method. Unfortunately, it's the best we have at the time. And yes, it appears it is the same malware as found in the article you linked. Nathan
  12. Hi @Feurtel, Try this: adb shell pm install -r --user 0 /system/app/Rsota/Rsota.apk There could have been an extra space in the last command. Also, try doing this command: adb shell pm list packages -f Notice that this is without the -u which is used to show uninstalled apps. If com.redstone.ota.ui is still in the list of the output then it's installed. Nathan
  13. Hi @zealstarwind, See this post to resolve g21news.com homepage: Nathan
  14. Hi @Mark-Herzog & @HendrikusE, On some devices, the Update app causes malware apps known as HiddenAds to be auto installed. Because Update is a pre-installed app, you cannot remove using traditional methods. However, we can use the method below to uninstall Update (com.redstone.ota.ui) for current user (details in link below): Use this command during step 7 under Uninstalling Adups via ADB command line to remove: adb shell pm uninstall -k --user 0 com.redstone.ota.ui At this point, run a Malwarebytes for Android scan to remove any remaining HiddenAds malwa
  15. Hi @Feurtel, The re-install is so you can check for updates since the same app that is an Auto Installer is also the system updater. You must have a slightly different path then the one I posted. No worries though, since this is easy to track down. Run this command: adb shell pm list packages -f -u You can copy/paste the output into a text editor like Notepad and search for com.redstone.ota.ui for the correct path. Just make sure to uninstall for current user again after checking for updates. Nathan
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.