Jump to content

Mark-Herzog

Members
  • Posts

    10
  • Joined

  • Last visited

Everything posted by Mark-Herzog

  1. This seems VERY complicated. I found this : https://www.borncity.com/blog/2021/04/04/neues-zum-gigaset-android-smartphone-malware-befall/ Please check, if you after reading (German) still stick to this advice...
  2. Ich habe bereits diese Funktionen beide ausgeführt, das Virus hat danach erneut mein Whatsapp gekapert.
  3. In der Anleitung ist davon die rede Android/PUP.Riskware.Autoins.Fota zu deinstallieren. Malwarebytes zeigt jedoch auf PUP.Riskware.Autoins.Redstone. Welche muss ich deinstallieren?
  4. New detection: If I activate my google account in my phone, immediately my whatsapp account will be blocked because of violation rules. It seems that the activation o google play app leads to spam, spread by my google account with my phone number.
  5. This is the status of the scan, started this morning at 5 am after charging battery:
  6. Also Malwarebytes was now able to detect some malware in the "update" app. As before manually Malwarebytes deactivated this app and I decides to choose "forcingly stop app". However as soon as the phone is booted - because for example the battery was empty - this "update" app is again started. For Malewarebytes automatically also starts scanning after restart of the phone, it direktly finds again one of the malware-apps, that have been deleted already. So it is obvious, that this "update" app is downloading them again and again. Therefore I think clearing Storage & Cash again will not help. I very much want to avoid this too, because it also means that I have to renew all credentials on all portals I am using and this takes a loooooong time, because then phone is so slow. What I need is a tool, to replace this "update" app to what it was before.
  7. @ mbam_mtbr I did not find time to follow all your advises as clear the Storage & Cache yet, because my phone is now extremely slow. But I want to let you know this:
  8. Is it possible to catch malware insite SMS? Just received an SMS with only numbers an signs insite and after click on it xiaoan was found by Malwarebytes again.
  9. Phone carrier E-Plus (Alditalk) Phone brand and model (i.e. Samsung Galaxy S8+) Siemens GS270 Which Android operating system you are running 8.1.0 ScUpD: 05 Okt 2019 kernel 3.18.79+ (gcc version 6.3.1.20170109) Update run today If your phone is rooted I dont know If you are running any other security software Not it seems I caught malware, malwarebytes can not find. What does it do and why do I think I have it, even, if malwarebytes says "you are clean"? It started with a hijacking of my Whatsapp. I recognized, because I was blocked for spamming. After re - verifying my number I saw, that several people from Singapore, who I don't know, answered to a message, I did not send. Also every 3 to 4 hours, my browsers (first BBQ, now Firefox) where hijacked: New tabs are automatically opened and lead me to game - websites. Also my "SMS - receive" function was deactivated. This may have been the reason, why Whatsapp first did not accept my phone number for verifying. I run 3 different free antivirus programs, that all where de-installed after. All of them found malware and removed it. However all 3 to 4 hours the malware will be installed and found again. 2 of these programs told me, that there was found a piece of software called "Update" (with version number) inside my system partition, that cannot be removed. They recommended to deactivate it with the Androit System function,- witch I tried. However it can not be deactivated,- the button was gray. Later I found a way inside malwarebytes to deactivate it. I also removed some games and some Chinese Software, that I can not remember to have installed and that I found suspicions. The situation did not change: Still after a few hours my browser pops up and shows websites for curious games. Of course I never click there and close the tab asap. Also malwerbytes keeps finding Apps like xiaoan, gem, Tayase, and it shows for example an app com.yhn4621.ujm0317 that I find syspicious, but can not find to remove (not in my settings, nor in malwarebytes) I cleaned the cash of the browser with no success of getting rid of this. I cleaned my data storage. Of cause I could install some firefox add on to block these websites, however my system is already very slow and I am afraid, that this would slow down my sytem even more. Maybe I should remove this "update" Sotware (it has a white cloud on blue background as symbol) with malwarebytes? Does anyone know it? In other reports I read, that I will have to change the libc.so-file. However I don t know how and I don't know if this advice is valid for my system.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.