Jump to content

mbam_mtbr

Staff
  • Content Count

    860
  • Joined

  • Last visited

Everything posted by mbam_mtbr

  1. Hi @rdell, It sounds like it could be browser related. I would try clearing your history and cache in Firefox. Then also the storage and cache within the App info section of your device (settings>apps). If that doesn't solve it, we can look for Adware on your device. Thanks for reaching out, Nathan
  2. Hi @Ripech, Sounds like it may be Adware. If you could send an Apps Report, I can look further into it. To send an Apps Report with Malwarebytes for Android use the following instructions. 1. Open the Malwarebytes for Android app. 2. Tap the Menu icon. 3. Tap Your apps. 4. Tap three lines icon in upper right corner. 5. Tap Send to support Choose an email app to send Apps Report. Your email app will open with the Apps Report included. At this point, it would be very helpful to mention you are submitting via recommendation from the Malwareybtes
  3. Hi @Bad_Cookie, Most likely if the site had downloaded an APK, you still would have to approve the install. Thus, you're most likely okay. Especially if Malwarebytes for Android didn't detect anything. Nathan
  4. Hi @Artemisia11, Would you mind sending me an apps report? To send an Apps Report with Malwarebytes for Android use the following instructions. 1.Open the Malwarebytes for Android app. 2.Tap the Menu icon. 3. Tap Your apps. 4. Tap three lines icon in upper right corner. 5. Tap Send to support Choose an email app to send Apps Report. Your email app will open with the Apps Report included. At this point, it would be very helpful to mention you are submitting via recommendation from the Malwareybtes forum. This allows our support staff to know wh
  5. Hi @Artemisia11, So the calculator app is/was being detected by Malwarebytes for Android? Do you know what it was being detected as? Nathan
  6. Hi @joeygrimes, You can use this method to uninstall for current user (details in link below): https://forums.malwarebytes.com/topic/216616-removal-instructions-for-adups/ Warning: Make sure to read Restoring apps onto the device (without factory reset) in the rare case you need to revert/restore app. Nathan
  7. Hi @borsan2k, Thanks for bringing this to our attention. This issue has been resolved and will no longer be detected in future database versions. Thanks again, Nathan
  8. Hi @ddog, If you could provide that Goolge PLAY link and/or attached the APK here, I can have a look for you. Nathan
  9. Hi @paxlux, It may want to try clearing the cache of Malwarebytes for Android to see if that helps. Also, an reinstall may help. We let our dev team now about the issue. Nathan
  10. Hi @Grubstake, Is your phone rooted, or have you used a custom ROM? I found this article addressing the error you are getting: https://thedroidguy.com/pixel-device-corrupt-cant-trusted-may-not-work-properly-error-issues-1076400 Seems more like corruption in the OS then malware. Nathan
  11. Hi @Max_from_RUSSCITY, Detection updated to Android/PUP.Monitor.AllTracker.ACT. Nathan
  12. Hi @ettore, If you could send an Apps Report, I can see if there isn't unusual. To send an Apps Report with Malwarebytes for Android use the following instructions. 1.Open the Malwarebytes for Android app. 2.Tap the Menu icon. 3. Tap Your apps. 4. Tap three lines icon in upper right corner. 5. Tap Send to support Choose an email app to send Apps Report. Your email app will open with the Apps Report included. At this point, it would be very helpful to mention you are submitting via recommendation from the Malwareybtes forum. This allows our sup
  13. Hi @HarryZ, If you send me an Apps Report, I can see if I can find any Adware. To send an Apps Report with Malwarebytes for Android use the following instructions. 1.Open the Malwarebytes for Android app. 2.Tap the Menu icon. 3. Tap Your apps. 4. Tap three lines icon in upper right corner. 5. Tap Send to support Choose an email app to send Apps Report. Your email app will open with the Apps Report included. At this point, it would be very helpful to mention you are submitting via recommendation from the Malwareybtes forum. This allows our supp
  14. Hi @TommyR, You can use this method to uninstall com.android.system.ups for current user (details in link below): https://forums.malwarebytes.com/topic/216616-removal-instructions-for-adups/ Warning: Make sure to read Restoring apps onto the device (without factory reset) in the rare case you need to revert/restore app. Use this/these command(s) during step 7 under Uninstalling Adups via ADB command line to remove: adb shell pm uninstall -k --user 0 <com.android.system.ups> @Chamorrogirl No, you do not have to worry about the malware carrying over with the S
  15. Hi @SiddharthDubey, It's a tricky one, but it is indeed in App Info. See the red box below: That floating 14.12 MB with no icon at the bottom of the App Info list is it. If you click on it, you get to it's info page: Thanks for the support! Nathan
  16. Hi @Bigdaddygrant, These types of ads are browser related. This is caused by the way most browsers handle redirections executed by javascript code. Most browsers don't do a great job of preventing these redirects, which also cause ad pop-ups. Advertising affiliates are aware of this, and exploit this weakness. Even if an advertising affiliate is shut down for using this exploit, they just come back with a different affiliate id and are right back at it. The best way to block these pop-ups are to try a different browsers, disable javascript, install a browser with ad blocking
  17. Hi @Facebook123, Fake Facebook accounts are not uncommon. However, they are not created via any malware app. Thus, there is nothing to detect by a malware scanner. If you like to protect your personal Facebook account, it's a good idea to change your password using a strong password and use a password manager. Also, set up two-factor authentication. Nathan
  18. AdvancedSetup is right. My Pixel does the same thing when I authenticate. As long as the location is correct and you know it was 'you' signing in, then nothing to worry about. Nathan
  19. Hi @Coco456, If you're okay with it, lets start with an Apps Report. I'll be able to see if there is anything malicious on your device. To send an Apps Report with Malwarebytes for Android use the following instructions. 1.Open the Malwarebytes for Android app. 2.Tap the Menu icon. 3. Tap Your apps. 4. Tap three lines icon in upper right corner. 5. Tap Send to support Choose an email app to send Apps Report. Your email app will open with the Apps Report included. At this point, it would be very helpful to mention you are submitting via recomme
  20. Hi @Concerned_Citizen, Nice find there! Yes, small.tff appears to be a library to be loaded at runtime. I have seen it in several related malware as well. There is even more obfuscated code in there I noticed. If you are decent with coding, you can sometimes successfully write your own small java program replicating the code found to decompile some of the strings. Also, sometimes it's easier to just run the malware in an emulator and see what it's doing via analysis software. Trust me, I'd love to have the time to dig deeper into things like these. But with new variants of Hidde
  21. Hi @Concerned_Citizen, Thanks for all the info! Not at this time, but I'll look into it. It takes a lot of resources to do deep dives on malware. Also, here are the detections we have in place for mentioned APKs: Android/Trojan.HiddenAds.ForeSpot com.journalism.newspaper-1.apk a7ad96619ff91426b04088d3ca75de24 Android/Trojan.HiddenAds.POT com.hinedey.empoy-1 c6985f3e451912f1b0bafe0078587f79 Android/Trojan.HiddenAds.CIT com.abbreviation.civilization-1 aa87825bfc905965fb1751dd6ac82ab5 Android/Trojan.Dropper.Agent.DBW Plays_com.android.eo.pla
  22. Hi @Concerned_Citizen, Sounds like you've done some deep research on this. Which model was the phone? I assume you had the UMX (Unimax)? Yes, that sounds like the same behavior I observed for "CleanMaster" myself. Base64 and emulator/VM aware is also common among Android/Trojan.HiddenAds variants. These are also HiddenAds: com.concreteroom.thenorthpole-1.apk 26333a6d48deddd3305c07b5ee00bb6e com.democratizing.casualness-1.apk 82ecf170914d360992e230e0929fc0b8 com.spidmes.peaus-1.apk fde7346273d4561b306828615412899d There are many, many variants of Hidde
  23. Hi @cfowler, If you could sen an Apps Report, I can look further into this issue. To send an Apps Report with Malwarebytes for Android use the following instructions. 1.Open the Malwarebytes for Android app. 2.Tap the Menu icon. 3. Tap Your apps. 4. Tap three lines icon in upper right corner. 5. Tap Send to support Choose an email app to send Apps Report. Your email app will open with the Apps Report included. At this point, it would be very helpful to mention you are submitting via recommendation from the Malwareybtes forum. This allows our s
  24. Hi @gero242000, Android/Trojan.Rootnik.sno is a variant of Rootnik which has the ability to root mobile devices without user's permission. If you like to send an Apps report, we can see if your device was rooted and look more into the exact app causing this. To send an Apps Report with Malwarebytes for Android use the following instructions. 1.Open the Malwarebytes for Android app. 2.Tap the Menu icon. 3. Tap Your apps. 4. Tap three lines icon in upper right corner. 5. Tap Send to support Choose an email app to send Apps Report. Your email app wil
  25. Hi @Daboomie, Just looks like a website that is a phone directory in Dutch. Unless you agreed to install something, very low chances you infected yourself with anything. Nathan
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.