How to remove privacy guard, easy tool, monkey test and time service malware from an MTK (Mediatek) Android phone

Android Tutorials September 6, 2015

how to remove android monkey test time service malware virus

Quite a number of fans have complained about encountering this issue either on other peoples MTK Android phones or theirs so we’ll be discussing these malware, how they affect your Android phone and how to permanently remove them.

How did I get infected?

In my previous article on removing Malware from an Android phone (see https://journal.hovatek.com/how-to-remove-adware-from-an-android-phone/), I discussed some methods by which malware infect your Android phone. The easiest point of entry for an Android phone is the application(s) you install. Considering how popular the Android platform is and how many Android apps there are, its not hard to imagine why hackers would exploit this. The most potent carriers of malware are cracked / nulled apps (using malware crypters and binders).

Are they harmful to my Android phone?

If you’ve ever experienced these apps then you would know that they not only auto-update but also install unsolicited applications on your phone (using up your data plan). Adware are just a few steps away from harvesting your personal information so why wouldn’t they go all the way? You will also get a lot of has stopped errors like “unfortunately adobe air has stopped”, “unfortunately measure has stopped” and this could be very frustrating.

Why wont uninstalling / factory resetting remove them?

Uninstalling them under Settings >Apps or doing a factory reset would have been effective if only these apps were fully installed in the /data partition. After uninstalling, all you need to do is reboot your phone and they’re back again like nothing happened.

How then do I remove privacy guard, easy tool, monkey test and time service from my phone?

Consider the following methods:

1. Locate the malicious apks under /system/apps, data/app, vendor/operator/app , system/priv-app, system/preloadapp or anywhere they’re installed to and delete them. For Monkey Test and Time Service, the apks to delete are cameraupdate.apk, providerCertificate.apk, providerdown.apk and themeManags.apk (see https://journal.hovatek.com/how-to-remove-bloatware-on-an-android-phone/ for the Bloatware removal techniques ). The phone needs to be rooted in order to use this method (see https://journal.hovatek.com/how-to-root-android-easily-without-pc/ to know more about rooting an Android phone)

2. Install a good antivirus like 360 security , Stopbadapp , AVG , Ghost Push Trojan Killer, Avast or Malwarebytes and scan the phone.

3. Use the custom recovery backup and restore method:

  • Get a working phone of the same model (without the malware issue)
  • Flash a custom recovery to both phones using the method at https://forum.hovatek.com/thread-455.html and backup the working phone in recovery mode (see https://forum.hovatek.com/thread-479.html for how to boot into recovery mode)
  • Copy the backup folder from the SD card of the working phone to the SD card of the malware infected phone (ensure to maintain the folder structure)
  • Boot the malware infected phone into recovery mode and format System under Mounts & Storage
  • Return to the main menu and restore the backup of the working phone under Backup & Restore > Restore

4. Format then flash using SP Flash Tool

My phone is stuck at brand logo after deleting something wrong in the /system folder. How do I fix my phone?

You need to flash back system.img or system.ext4.tar depending on the format that your /system directory is in the ROM. Please, create a new thread at our forum and our reps will provide free step by step assistance (see https://forum.hovatek.com/thread-514.html for how to create a thread) .

Hovatek….just a button away!

Have any Question or Comment?

74 comments on “How to remove privacy guard, easy tool, monkey test and time service malware from an MTK (Mediatek) Android phone

Hakeem

Pls I need you to grant me access to download stock ROM for my injoo f2 which has been affected virus. Thank you

Reply
Churchill

Wow, you don’t know how delighted I am. Your post was very helpful and I finally got rid of the annoying maleware “your ‘app’ has stopped” that continued to terminate my applications and programs.

After I installed the latest AVG anti-virus and ran a scan, my Tecno Phantom Pad II came back to live.

Double thumbs up Hovatek!

Reply
austin

please i need help on how to fix my infinix X507 phone. it has been popping up adobe air and android system is not supported. after flashing it, the problem still continue.

Reply
Hovatek

download the stock backup @ https://forum.hovatek.com/thread-533.html
format and flash using Sp flash tool @ https://forum.hovatek.com/thread-159.html

Reply
olamilekan

Pls I need a permission to download tecno N9 stock rom which keep on showing sales tracker has stopped.. My Gmail is [email protected]

Reply

Please I need stock tecno j7 rom. Thank you…

Reply
holyland umude

pls my tecno H6 is having malware issues such as security plugin and timeservice.pls i need a step by step approach on how to fix this problem,it really affecting my phone as i can no longer enjoy surfing with the phone due to persistent hanging and malfuncting of the phone.

Reply
Hovatek

Download the mtk backup at https://forum.hovatek.com/thread-311.html then follow the guide above

Reply

pls i need help my tecno y6 keeps poping up with some apps immediately i on my data and it mkes de phone freeze and presin itself cant even use it wen the data in on

Reply
Hovatek

Have you downloaded the firmware?

Reply
marshal

Goodday hovatek, i installed an application used for studies and signed in.it immediately wrote unfortunately “unfortunately the specific app has stopped working” i have tested that same app on another android and it worked perfectedly…. Do u suggest i flash the stock rom….

Reply
Hovatek

no, no need to do that. just uninstall and re-install the app. read https://forum.hovatek.com/thread-162.html

Reply

my phone is showing adobe air has unfortunately uninstall,how can i fixed that

Reply
Hovatek

What’s the phone model?

Reply
TEJID

nice of u people. i need u to send me sure website to download android files like tecno, itel, sonny

Reply
eliud

kindly assist with getting rid of privacy password problem on infinix.

Reply
Banke

please I have some unwanted apps on my techno h7,still there even after factory reset and even erased my memory card.please help

Reply
Hovatek

What are the apps exactly?

Reply
Wajja Richard

My Tecno H6 has been attacked by malicious app called “pro” this goes on downloading other apps like android patch, engrils, engriks and games like “through the gun fire” and others without notice. System apps like adobe air, measure, security plugin go on stopping and my data is used rapidly before I use it. They can’t be removed by a factory reset or flashing.
What can I do to over come the problem. Thanks

Reply
Hovatek

Just follow the guide above

Reply
Wajja Richard

There is no way I can get the stock ROM?

Reply
wajja Richard

Will it work if I download it directly with my H6 and install it?
And if it’s possible, can’t the file be lost if I perform a factory reset?
Last but not the least, can I upgrade my android version from 4.4 kitkat to 5.0 lollipop and how?

Reply
Hovatek

You can download the firmware with any device but need a PC to flash as the guide says.
No such upgrade for your phone

Reply
wajja Richard

Some time back I visited a software stores to flash but he told me that I had to get another physical H6 phone so he can copy the file to mine, and he continued that if he uses a downloaded file from Internet, that my phone may fail to power on a again. Is there no worry about this file? Thanks

Reply
Hovatek

Is your phone an original or a clone?

Reply
wajja Richard

An original

Reply
Hovatek

Then you should have no problem with our firmware

Reply
wajja Richard

Any flashing system like the VOLCANO TOOL can work?. Also I’m seeing H6 variant 1 and H6 variant 2 which one should I download. My H6 is of the second version of an 8GB ROM with a 5GB free space.

Reply
Hovatek

Before considering flashing, had you already tried the antivirus method?

Reply
wajja Richard

I have tried many anti viruses including AVG, 360 security,, they could help me to identify them, also directed me to disable and force stop the infected inbuilt apps, lastly I downloaded stubborn Trojan killer which requested me to download king root of which I did and I rooted the phone. On rooting, I was able to uninstall the inbuilt apps completely, King root then changed into a system app, yesterday I restored the phone but king root reappeared as a system app. But all in all, on doing all that, it only stopped downloading the malicious software but it couldn’t save quick data loss and so I had to disable all back ground data of all apps including Google play Store, and this made my phone very slow and some features not working.

Reply
Hovatek

Ok.
Go to Settings > About > Build number and tell me what you have there

Reply
wajja Richard

H6-G325-A2-KK-20150122S

Reply
Hovatek

Yours is variant 3. We’ll upload the firmware soon

Reply
wajja Richard

For how long should I wait, and how many variants are there for H6?

Reply
Hovatek

There are up to 4, possibly more.
Can’t give an exact estimate for when it’ll get uploaded but usually within a week

Reply
Wajja Richard

Last week I took it to a software engineer and gave me a firmware with a build number H6-G325-20140923 But seems to be an older version, with just a 2GB free space and sometimes freezing. Which variant is that.?
Nway, I have found a certain firmware with a build number of H6-G325-B2-KK-20150707,Is it safe if I download that? Remember the original number is H6-G325-A2-KK-20150122S.
Then lastly, is there any problem if the IMEI change after flashing?

Reply
Hovatek

The second firmware isn’t for your variant, it might not work properly.
For the IMEI, there’s no problem

Reply
Wajja Richard

H6-G325-B2-KK-20150707, is the one which will not work and so I should not bother download it?

Reply
Hovatek

You need the firmware for your build number

Reply
Wajja Richard

Hw about G325-20140923, which was flashed in? Nway it’s working but sometimes freezing

Reply
Hovatek

Does it freeze in safe mode?

Reply
Wajja Richard

What do you mean by safe mode

Hovatek

There’s a way to boot your phone into safe mode

Wajja Richard

Will that help? And how should I do that?

Wajja Richard

It’s no longer doing that since I changed the ROM, today I used a USB to read my H6, but was read as Tecno J7, why did that happen?

Hovatek

This happens a lot on Tecno phones. Phones use almost the same drivers and parts as other models

Wajja Richard

There is nothing much, nway u told me that the variant 3 stock ROM will be available in a week’s time, but it now almost 2 weeks now

Reply
Hovatek

The server we save files to is having problems. We’re working on fixing it

Reply
Wajja Richard

So when will that be done

Reply
Ruthie

I can’t use my usb anymore, is it a virus or what? It even takes a long tym before it charges.. I use infinix hot note. Pls help

Reply
Hovatek

Does the phone download or update apps without your permission?

Reply
Wajja Richard

So the server is still down?

Reply
Hovatek

We’re currently uploading another H6 firmware to Google drive

Reply
Wajja Richard

OK then I will be waiting

Reply
Wajja Richard

Thanks my dear friend, I will flash tomorrow

Reply
Wajja Richard

If someone downloads an app let’s say a game but when it’s imbibing malwares and his phone becomes infected, if I share such a game from their phone and install it on mine, can I also get infected with the same malwares?

Reply
Hovatek

Very likely

Reply
Wajja Richard

OK then

Hovatek

Alright.

Wajja Richard

What’s the importance of rooting a phone? And what’ are the side effects?

Reply
EL MWAI

my phone model is Techno R7.whenever I switch on the data unwanted apps r downloaded like APUS,GOOGLE SERVICE,TIMES SERVICE etc.Am very annoyed coz I cant use my phone.please help

Reply
Hovatek

have you followed the guide above?

Reply
EL.MWAI

Hi.MY PHONE IS TECHNO R7 AND I HAVED BEEN INVADED BY APPS LIKE TIMES SERVICE,APUS,GOOGLE SERVICES AND OTHERS WHICH ARE REPLICATING THEMSELVES.PLEASE HELP TO SOLVE THIS PUZZLE.I HAVE TRIED TO FORMAT AND ALSO SCANNING THRU ANTI VIRUS AVG BUT ALL FUTILE

Reply
Hovatek

Thats weird. How exactly did you format the phone? did you use the SP Flash Tool method above?

Reply
Adelowo

Pls, how can i remove monkey virus on my tecno r7 without using pc?

Reply
Hovatek

You can install an antimalware then scan the device.
If the device is rootedd, I can guide you through another method using LinkSD

Reply

Leave a Reply

Your email address will not be published. Required fields are marked *


Hovatek™

ADDRESS
Lagos, Nigeria.