mbam_mtbr
Honorary Members-
Posts
1,457 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by mbam_mtbr
-
Hi @ScciVcci, If you could send me an Apps Report, I can look further into this for you. To send an Apps Report with Malwarebytes for Android use the following instructions. 1. Open the Malwarebytes for Android app. 2. Tap the Menu icon. 3. Tap Your apps. 4. Tap three lines icon in upper right corner. 5. Tap Send to support Choose an email app to send Apps Report. Your email app will open with the Apps Report included. At this point, it would be very helpful to mention you are submitting via recommendation from the Malwareybtes forum. This allows our support staff to know where to direct it. By sending the Apps Report, you will create a ticket in our support system. Private Message (PM) me the email used and/or the ticket number assigned. Nathan
-
Hi @GLStevenson, Great to hear! We also created a detection for this (Android/PUP.Riskware.HiddenAds.GGAX) last week, so anyone else experiencing issues are covered. Nathan
-
Hi @Ryzu, I would try once again clearing cache, and also an uninstall/re-install. Let me know if that works, Nathan
-
Hi @GLStevenson, In the case of @Ripech, this was the culprit: org.myklos.btautoconnect Bluetooth Auto Connect If this doesn't fix your issue too, then just send me an Apps Report. Nathan
-
Firefox for android seems corrupted
mbam_mtbr replied to rdell's topic in Mobile Malware Removal Help & Support
Hi @rdell, I can check for adware if you like. All you need to do is send me an Apps Report. To send an Apps Report with Malwarebytes for Android use the following instructions. 1. Open the Malwarebytes for Android app. 2. Tap the Menu icon. 3. Tap Your apps. 4. Tap three lines icon in upper right corner. 5. Tap Send to support Choose an email app to send Apps Report. Your email app will open with the Apps Report included. At this point, it would be very helpful to mention you are submitting via recommendation from the Malwareybtes forum. This allows our support staff to know where to direct it. By sending the Apps Report, you will create a ticket in our support system. Private Message (PM) me the email used and/or the ticket number assigned. Nathan -
Firefox for android seems corrupted
mbam_mtbr replied to rdell's topic in Mobile Malware Removal Help & Support
Hi @rdell, It sounds like it could be browser related. I would try clearing your history and cache in Firefox. Then also the storage and cache within the App info section of your device (settings>apps). If that doesn't solve it, we can look for Adware on your device. Thanks for reaching out, Nathan -
Hi @Ripech, Sounds like it may be Adware. If you could send an Apps Report, I can look further into it. To send an Apps Report with Malwarebytes for Android use the following instructions. 1. Open the Malwarebytes for Android app. 2. Tap the Menu icon. 3. Tap Your apps. 4. Tap three lines icon in upper right corner. 5. Tap Send to support Choose an email app to send Apps Report. Your email app will open with the Apps Report included. At this point, it would be very helpful to mention you are submitting via recommendation from the Malwareybtes forum. This allows our support staff to know where to direct it. By sending the Apps Report, you will create a ticket in our support system. Private Message (PM) me the email used and/or the ticket number assigned. Nathan
-
Android/Trojan.Fadeb.j on system apps
mbam_mtbr replied to DBonebrake's topic in Mobile Malware Removal Help & Support
Hi @Artemisia11, Would you mind sending me an apps report? To send an Apps Report with Malwarebytes for Android use the following instructions. 1.Open the Malwarebytes for Android app. 2.Tap the Menu icon. 3. Tap Your apps. 4. Tap three lines icon in upper right corner. 5. Tap Send to support Choose an email app to send Apps Report. Your email app will open with the Apps Report included. At this point, it would be very helpful to mention you are submitting via recommendation from the Malwareybtes forum. This allows our support staff to know where to direct it. By sending the Apps Report, you will create a ticket in our support system. Private Message (PM) me the email used and/or the ticket number assigned. Nathan -
Android/Trojan.Fadeb.j on system apps
mbam_mtbr replied to DBonebrake's topic in Mobile Malware Removal Help & Support
Hi @Artemisia11, So the calculator app is/was being detected by Malwarebytes for Android? Do you know what it was being detected as? Nathan -
Hi @joeygrimes, You can use this method to uninstall for current user (details in link below): https://forums.malwarebytes.com/topic/216616-removal-instructions-for-adups/ Warning: Make sure to read Restoring apps onto the device (without factory reset) in the rare case you need to revert/restore app. Nathan
-
My app is marked as malware by Malwarebytes
mbam_mtbr replied to ddog's topic in Malwarebytes for Android Support Forum
Hi @ddog, If you could provide that Goolge PLAY link and/or attached the APK here, I can have a look for you. Nathan -
unwanted lockscreen with ads
mbam_mtbr replied to ettore's topic in Malwarebytes for Android Support Forum
Hi @ettore, If you could send an Apps Report, I can see if there isn't unusual. To send an Apps Report with Malwarebytes for Android use the following instructions. 1.Open the Malwarebytes for Android app. 2.Tap the Menu icon. 3. Tap Your apps. 4. Tap three lines icon in upper right corner. 5. Tap Send to support Choose an email app to send Apps Report. Your email app will open with the Apps Report included. At this point, it would be very helpful to mention you are submitting via recommendation from the Malwareybtes forum. This allows our support staff to know where to direct it. By sending the Apps Report, you will create a ticket in our support system. Private Message (PM) me the email used and/or the ticket number assigned. Nathan -
Hi @HarryZ, If you send me an Apps Report, I can see if I can find any Adware. To send an Apps Report with Malwarebytes for Android use the following instructions. 1.Open the Malwarebytes for Android app. 2.Tap the Menu icon. 3. Tap Your apps. 4. Tap three lines icon in upper right corner. 5. Tap Send to support Choose an email app to send Apps Report. Your email app will open with the Apps Report included. At this point, it would be very helpful to mention you are submitting via recommendation from the Malwareybtes forum. This allows our support staff to know where to direct it. By sending the Apps Report, you will create a ticket in our support system. Private Message (PM) me the email used and/or the ticket number assigned. Nathan
-
Android/Trojan.Fadeb.j on system apps
mbam_mtbr replied to DBonebrake's topic in Mobile Malware Removal Help & Support
Hi @TommyR, You can use this method to uninstall com.android.system.ups for current user (details in link below): https://forums.malwarebytes.com/topic/216616-removal-instructions-for-adups/ Warning: Make sure to read Restoring apps onto the device (without factory reset) in the rare case you need to revert/restore app. Use this/these command(s) during step 7 under Uninstalling Adups via ADB command line to remove: adb shell pm uninstall -k --user 0 <com.android.system.ups> @Chamorrogirl No, you do not have to worry about the malware carrying over with the SIM card. It's only an issue with the device itself. If you considering buying a new phone, I'd personally suggest a refurbished/renewed Google phone. I personally bought a renewed Pixel 2 off of Amazon a couple of weeks ago, and it works great. Just make sure it will work with your carrier. Nathan -
Mobidash has now evolved
mbam_mtbr replied to SiddharthDubey's topic in Malwarebytes for Android Support Forum
Hi @SiddharthDubey, It's a tricky one, but it is indeed in App Info. See the red box below: That floating 14.12 MB with no icon at the bottom of the App Info list is it. If you click on it, you get to it's info page: Thanks for the support! Nathan -
Can't remove remove belombrea.com
mbam_mtbr replied to Bigdaddygrant's topic in Mobile Malware Removal Help & Support
Hi @Bigdaddygrant, These types of ads are browser related. This is caused by the way most browsers handle redirections executed by javascript code. Most browsers don't do a great job of preventing these redirects, which also cause ad pop-ups. Advertising affiliates are aware of this, and exploit this weakness. Even if an advertising affiliate is shut down for using this exploit, they just come back with a different affiliate id and are right back at it. The best way to block these pop-ups are to try a different browsers, disable javascript, install a browser with ad blocking (like Opera), and/or install Ad-block Plus. If you encounter these pop-ups again, back out of them using Android's back key. Also, clearing your history and cache will help stop the ads from reoccurring. Thanks for reaching out, Nathan -
Hi @Facebook123, Fake Facebook accounts are not uncommon. However, they are not created via any malware app. Thus, there is nothing to detect by a malware scanner. If you like to protect your personal Facebook account, it's a good idea to change your password using a strong password and use a password manager. Also, set up two-factor authentication. Nathan
-
I think my phone was hacked??
mbam_mtbr replied to Coco456's topic in Mobile Malware Removal Help & Support
Hi @Coco456, If you're okay with it, lets start with an Apps Report. I'll be able to see if there is anything malicious on your device. To send an Apps Report with Malwarebytes for Android use the following instructions. 1.Open the Malwarebytes for Android app. 2.Tap the Menu icon. 3. Tap Your apps. 4. Tap three lines icon in upper right corner. 5. Tap Send to support Choose an email app to send Apps Report. Your email app will open with the Apps Report included. At this point, it would be very helpful to mention you are submitting via recommendation from the Malwareybtes forum. This allows our support staff to know where to direct it. By sending the Apps Report, you will create a ticket in our support system. Private Message (PM) me the email used and/or the ticket number assigned. Nathan -
Hi @Concerned_Citizen, Nice find there! Yes, small.tff appears to be a library to be loaded at runtime. I have seen it in several related malware as well. There is even more obfuscated code in there I noticed. If you are decent with coding, you can sometimes successfully write your own small java program replicating the code found to decompile some of the strings. Also, sometimes it's easier to just run the malware in an emulator and see what it's doing via analysis software. Trust me, I'd love to have the time to dig deeper into things like these. But with new variants of HiddenAds coming in daily along with thousands of other mobile malware the higher priority is to get these detected by our client. You find anything else, keep them coming! com.fota.wirelessupdate.apk is a tough one as there are clean variants as well. You have to remember that it's sole purpose is to update the mobile device. Thus, it needs quite a bit of privileges to due so. But yes, you are probably right that it could be called blatant malware with Trojan categorization. I've nearly changed the name several times. Once again though, users are still reliant on it to update the OS with critical updates. Thus, we keep it as a PUP Riskware. You have to realize that most users don't know that PUP isn't straight malware anyway. Once again, thanks for all the feedback, Nathan