Jump to content

Recommended Posts

Well, that is clean i think ?!

Please show up the result´s from VT, https://www.virustotal.com/#/file/8c0f4648e87701158e2f52b4d8bf14b446f18de1de7a5fc642c86693932a5d0e/detection

False Positive, or to NEW. Residual risk remains ...

Yes Malwarebytes for Mobile flags this App also as ransomware by me.

If it is the right app I had now times on the fast examined. So the possibly same from the author this posting....

MAM

Edited by MAM
Link to post
Share on other sites

ciliegia

Hello can you provide us the App which downloaded somewhere ?

For example this ,  MyPhoneExplorer   http://www.fjsoft.at/en/

Copy or transver this App to your Pc, and upload this sample here, https://forums.malwarebytes.com/forum/133-newest-mobile-threats/

With a note here to this thread here where you had asked. And by the upload link above, write you by the "Headline" subject Malware or False Positive.

MAM

 

 

 

 

Link to post
Share on other sites

Actually there is nothing now being detected.  At first Malwarebytes stated that "it is possible that there is ransomware..." and left it to me to make the decision as to keep or delete the file.  But as I have updated the database over the past few days, nothing comes up to indicate a problem.  I believe I got it from either https://www.apkmirror.com/apk/oasis-feng/greenify/greenify-3-7-1-release/greenify-3-7-1-android-apk-download/ or http://xdroidzone.blogspot.com/2014/04/greenify-v23-beta-3-donation-apk-mega.html , although to be honest, I don't remember.   But the question remains:  How would we know if there were a "false positive?"

Link to post
Share on other sites
  • Staff

Hi @ciliegia,

This warning is from our advanced ransomware scanner.  Apps that have elevated privileges and that have been installed using side loading (anything installed outside of Google Play) are flagged as potential ransomware.

Installation from outside the Play Store plus elevated privileges are big red flags. Therefore, we warn our customers that a suspicious app was installed that displays ransomware like properties. It’s up to the user to ignore our warnings or not.

Ransomware is particularity dangerous, and this warning gives users the ability to cut it off before it’s too late.

To answer your question, no, this was not a false positive.  Installing from third party sites can be risky, and this warning exists to keep users who choose to take that risk a little safer.

Thanks for reaching out,

Nathan

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.