-
Content Count
997 -
Joined
-
Last visited
Community Reputation
23 ExcellentAbout mbam_mtbr

-
Rank
Staff
Contact Methods
-
Website URL
https://www.malwarebytes.org/
Recent Profile Visitors
-
Hapsotic page redirects in Chrome
mbam_mtbr replied to Tiesys2's topic in Malwarebytes for Android Support Forum
Hi @Tiesys2, Okay, we'll close the ticket. Let me know if you anything else. Nathan -
Hapsotic page redirects in Chrome
mbam_mtbr replied to Tiesys2's topic in Malwarebytes for Android Support Forum
Hi @Tiesys2, I'll ask our forums team to look into way you are being flagged as "spam". If you contact our Malwarebytes Support, I'm sure they could refund your Malwarebytes for Android for Apple. Nathan -
Hapsotic page redirects in Chrome
mbam_mtbr replied to Tiesys2's topic in Malwarebytes for Android Support Forum
Hi @Tiesys2, Actually, I stumbled across your ticket yesterday and was the one that told Rocco to send those instructions. Sorry they are so complicated, but they are the best we have for now. I also wrote a blog about the typical: https://blog.malwarebytes.com/android/2021/04/pre-installed-auto-installer-threat-found-on-android-mobile-devices-in-germany/ If you like to ditch the phone, but keep the costs down I would suggest buying a refurbished/renew phone of a reputable manufacturer. For example, a refurbished/renew Google Pixel 2. Unfortunately, we are seeing a raise in pr -
Hapsotic page redirects in Chrome
mbam_mtbr replied to Tiesys2's topic in Malwarebytes for Android Support Forum
HI @Tiesys2, Okay, lets try this then. Clearing your history and cache within the browser may help stop this from reoccurring. In addition, clearing the Storage & Cache within the browser’s App Info itself also helps: Go to Settings > App Info Go to your browser app icon in App info list (such as Chrome) and click on it Once in your browser’s App info, go to Storage & cache Click Clear Storage Click Clear cache In addition, if you could send an Apps Report I can check for malware. To send an Apps Report with Malwarebytes -
Hi @Kukkatto, I posted a blog on how to resolve yesterday: https://blog.malwarebytes.com/android/2021/04/pre-installed-auto-installer-threat-found-on-android-mobile-devices-in-germany/ We have com.setmktdsings.asmitasmkutapp classified as Android/PUP.Riskware.HiddenAds.mktds. HiddenAds will pop up annoying ads in browser and other locations. Nathan
-
Hapsotic page redirects in Chrome
mbam_mtbr replied to Tiesys2's topic in Malwarebytes for Android Support Forum
Hi @Tiesys2, Let me guess. UMX phone? I assure that you are far from alone: Nathan -
Malware in system partition?
mbam_mtbr replied to Mark-Herzog's topic in Mobile Malware Removal Help & Support
Hi @Mark-Herzog, Gigaset pushing an update to fix the issue would be the most ideal solution. Lets hope that happens sooner than later. I'm writing up a blog to publish about the topic, which should inspire them to find a solution quicker. Nathan -
Hi @Feurtel, Well shoot. That should work. Maybe try typing it out manually just to make sure there are no issues with copy/pasting over weird formatting. Well, at least you are safe from malware being installed. Worse case scenario, a factory reset will re-install com.redstone.ota.ui. Hopefully it doesn't come to that though. Nathan
-
Malware in system partition?
mbam_mtbr replied to Mark-Herzog's topic in Mobile Malware Removal Help & Support
Hi @Mark-Herzog, For the specific variant Android/PUP.Riskware.Autoins.Redstone, you will need to run this command: adb shell pm uninstall -k --user 0 com.redstone.ota.ui It is slightly different then the command listed in step 7 under Uninstalling Adups via ADB command line listed in the tutorial I linked since it's a slightly different variant of Auto Installer. I apologize that this is a complicated method. Unfortunately, it's the best we have at the time. And yes, it appears it is the same malware as found in the article you linked. Nathan -
Hi @Feurtel, Try this: adb shell pm install -r --user 0 /system/app/Rsota/Rsota.apk There could have been an extra space in the last command. Also, try doing this command: adb shell pm list packages -f Notice that this is without the -u which is used to show uninstalled apps. If com.redstone.ota.ui is still in the list of the output then it's installed. Nathan
-
Hi @zealstarwind, See this post to resolve g21news.com homepage: Nathan
-
Malware in system partition?
mbam_mtbr replied to Mark-Herzog's topic in Mobile Malware Removal Help & Support
Hi @Mark-Herzog & @HendrikusE, On some devices, the Update app causes malware apps known as HiddenAds to be auto installed. Because Update is a pre-installed app, you cannot remove using traditional methods. However, we can use the method below to uninstall Update (com.redstone.ota.ui) for current user (details in link below): Use this command during step 7 under Uninstalling Adups via ADB command line to remove: adb shell pm uninstall -k --user 0 com.redstone.ota.ui At this point, run a Malwarebytes for Android scan to remove any remaining HiddenAds malwa -
Hi @Feurtel, The re-install is so you can check for updates since the same app that is an Auto Installer is also the system updater. You must have a slightly different path then the one I posted. No worries though, since this is easy to track down. Run this command: adb shell pm list packages -f -u You can copy/paste the output into a text editor like Notepad and search for com.redstone.ota.ui for the correct path. Just make sure to uninstall for current user again after checking for updates. Nathan