Quite a number of fans have complained about encountering this issue either on other peoples MTK Android phones or theirs so we’ll be discussing these malware, how they affect your Android phone and how to permanently remove them.
How did I get infected?
In my previous article on removing Malware from an Android phone (see https://journal.hovatek.com/how-to-remove-adware-from-an-android-phone/), I discussed some methods by which malware infect your Android phone. The easiest point of entry for an Android phone is the application(s) you install. Considering how popular the Android platform is and how many Android apps there are, its not hard to imagine why hackers would exploit this. The most potent carriers of malware are cracked / nulled apps (using malware crypters and binders).
Are they harmful to my Android phone?
If you’ve ever experienced these apps then you would know that they not only auto-update but also install unsolicited applications on your phone (using up your data plan). Adware are just a few steps away from harvesting your personal information so why wouldn’t they go all the way? You will also get a lot of has stopped errors like “unfortunately adobe air has stopped”, “unfortunately measure has stopped” and this could be very frustrating.
Why wont uninstalling / factory resetting remove them?
Uninstalling them under Settings >Apps or doing a factory reset would have been effective if only these apps were fully installed in the /data partition. After uninstalling, all you need to do is reboot your phone and they’re back again like nothing happened.
How then do I remove privacy guard, easy tool, monkey test and time service from my phone?
Consider the following methods:
1. Locate the malicious apks under /system/apps, data/app, vendor/operator/app , system/priv-app, system/preloadapp or anywhere they’re installed to and delete them. For Monkey Test and Time Service, the apks to delete are cameraupdate.apk, providerCertificate.apk, providerdown.apk and themeManags.apk (see https://journal.hovatek.com/how-to-remove-bloatware-on-an-android-phone/ for the Bloatware removal techniques ). The phone needs to be rooted in order to use this method (see https://journal.hovatek.com/how-to-root-android-easily-without-pc/ to know more about rooting an Android phone)
2. Install a good antivirus like 360 security , Stopbadapp , AVG , Ghost Push Trojan Killer, Avast or Malwarebytes and scan the phone.
3. Use the custom recovery backup and restore method:
- Get a working phone of the same model (without the malware issue)
- Flash a custom recovery to both phones using the method at https://forum.hovatek.com/thread-455.html and backup the working phone in recovery mode (see https://forum.hovatek.com/thread-479.html for how to boot into recovery mode)
- Copy the backup folder from the SD card of the working phone to the SD card of the malware infected phone (ensure to maintain the folder structure)
- Boot the malware infected phone into recovery mode and format System under Mounts & Storage
- Return to the main menu and restore the backup of the working phone under Backup & Restore > Restore
4. Format then flash using SP Flash Tool
- Get a clean working phone of the same model and back it up using the method described at https://forum.hovatek.com/thread-468.html (you’ll then have a stock / MTK backup)
- Format then flash the malware infected phone using SP Flash Tool at https://forum.hovatek.com/thread-159.html and the stock MTK backup obtained from the step above
My phone is stuck at brand logo after deleting something wrong in the /system folder. How do I fix my phone?
You need to flash back system.img or system.ext4.tar depending on the format that your /system directory is in the ROM. Please, create a new thread at our forum and our reps will provide free step by step assistance (see https://forum.hovatek.com/thread-514.html for how to create a thread) .
Hovatek….just a button away!
Pls I need you to grant me access to download stock ROM for my injoo f2 which has been affected virus. Thank you
granted! download @ https://forum.hovatek.com/thread-1242.html and flash using WiseLink tool @ https://forum.hovatek.com/thread-5603.html
Wow, you don’t know how delighted I am. Your post was very helpful and I finally got rid of the annoying maleware “your ‘app’ has stopped” that continued to terminate my applications and programs.
After I installed the latest AVG anti-virus and ran a scan, my Tecno Phantom Pad II came back to live.
Double thumbs up Hovatek!
please i need help on how to fix my infinix X507 phone. it has been popping up adobe air and android system is not supported. after flashing it, the problem still continue.
download the stock backup @ https://forum.hovatek.com/thread-533.html
format and flash using Sp flash tool @ https://forum.hovatek.com/thread-159.html
Pls I need a permission to download tecno N9 stock rom which keep on showing sales tracker has stopped.. My Gmail is [email protected]
Follow the guide @ https://forum.hovatek.com/thread-1254.html
Please I need stock tecno j7 rom. Thank you…
pls my tecno H6 is having malware issues such as security plugin and timeservice.pls i need a step by step approach on how to fix this problem,it really affecting my phone as i can no longer enjoy surfing with the phone due to persistent hanging and malfuncting of the phone.
Download the mtk backup at https://forum.hovatek.com/thread-311.html then follow the guide above
pls i need help my tecno y6 keeps poping up with some apps immediately i on my data and it mkes de phone freeze and presin itself cant even use it wen the data in on
Have you downloaded the firmware?
Goodday hovatek, i installed an application used for studies and signed in.it immediately wrote unfortunately “unfortunately the specific app has stopped working” i have tested that same app on another android and it worked perfectedly…. Do u suggest i flash the stock rom….
no, no need to do that. just uninstall and re-install the app. read https://forum.hovatek.com/thread-162.html
my phone is showing adobe air has unfortunately uninstall,how can i fixed that
What’s the phone model?
nice of u people. i need u to send me sure website to download android files like tecno, itel, sonny
https://forum.hovatek.com/forum-89.html
kindly assist with getting rid of privacy password problem on infinix.
please I have some unwanted apps on my techno h7,still there even after factory reset and even erased my memory card.please help
What are the apps exactly?
My Tecno H6 has been attacked by malicious app called “pro” this goes on downloading other apps like android patch, engrils, engriks and games like “through the gun fire” and others without notice. System apps like adobe air, measure, security plugin go on stopping and my data is used rapidly before I use it. They can’t be removed by a factory reset or flashing.
What can I do to over come the problem. Thanks
Just follow the guide above
There is no way I can get the stock ROM?
It’s at https://forum.hovatek.com/thread-311.html
Will it work if I download it directly with my H6 and install it?
And if it’s possible, can’t the file be lost if I perform a factory reset?
Last but not the least, can I upgrade my android version from 4.4 kitkat to 5.0 lollipop and how?
You can download the firmware with any device but need a PC to flash as the guide says.
No such upgrade for your phone
Some time back I visited a software stores to flash but he told me that I had to get another physical H6 phone so he can copy the file to mine, and he continued that if he uses a downloaded file from Internet, that my phone may fail to power on a again. Is there no worry about this file? Thanks
Is your phone an original or a clone?
An original
Then you should have no problem with our firmware
Any flashing system like the VOLCANO TOOL can work?. Also I’m seeing H6 variant 1 and H6 variant 2 which one should I download. My H6 is of the second version of an 8GB ROM with a 5GB free space.
Before considering flashing, had you already tried the antivirus method?
I have tried many anti viruses including AVG, 360 security,, they could help me to identify them, also directed me to disable and force stop the infected inbuilt apps, lastly I downloaded stubborn Trojan killer which requested me to download king root of which I did and I rooted the phone. On rooting, I was able to uninstall the inbuilt apps completely, King root then changed into a system app, yesterday I restored the phone but king root reappeared as a system app. But all in all, on doing all that, it only stopped downloading the malicious software but it couldn’t save quick data loss and so I had to disable all back ground data of all apps including Google play Store, and this made my phone very slow and some features not working.
Ok.
Go to Settings > About > Build number and tell me what you have there
H6-G325-A2-KK-20150122S
Yours is variant 3. We’ll upload the firmware soon
For how long should I wait, and how many variants are there for H6?
There are up to 4, possibly more.
Can’t give an exact estimate for when it’ll get uploaded but usually within a week
Last week I took it to a software engineer and gave me a firmware with a build number H6-G325-20140923 But seems to be an older version, with just a 2GB free space and sometimes freezing. Which variant is that.?
Nway, I have found a certain firmware with a build number of H6-G325-B2-KK-20150707,Is it safe if I download that? Remember the original number is H6-G325-A2-KK-20150122S.
Then lastly, is there any problem if the IMEI change after flashing?
The second firmware isn’t for your variant, it might not work properly.
For the IMEI, there’s no problem
H6-G325-B2-KK-20150707, is the one which will not work and so I should not bother download it?
You need the firmware for your build number
Hw about G325-20140923, which was flashed in? Nway it’s working but sometimes freezing
Does it freeze in safe mode?
What do you mean by safe mode
There’s a way to boot your phone into safe mode
Will that help? And how should I do that?
See https://forum.hovatek.com/thread-572.html
It’s no longer doing that since I changed the ROM, today I used a USB to read my H6, but was read as Tecno J7, why did that happen?
This happens a lot on Tecno phones. Phones use almost the same drivers and parts as other models
There is nothing much, nway u told me that the variant 3 stock ROM will be available in a week’s time, but it now almost 2 weeks now
The server we save files to is having problems. We’re working on fixing it
So when will that be done
I can’t use my usb anymore, is it a virus or what? It even takes a long tym before it charges.. I use infinix hot note. Pls help
Does the phone download or update apps without your permission?
So the server is still down?
We’re currently uploading another H6 firmware to Google drive
OK then I will be waiting
http://hovatek.com/redirect.php?link=https://docs.google.com/uc?id=0B_-waNKLvNRcMWphQXBjdXllcEU&export=download
Thanks my dear friend, I will flash tomorrow
Ok
If someone downloads an app let’s say a game but when it’s imbibing malwares and his phone becomes infected, if I share such a game from their phone and install it on mine, can I also get infected with the same malwares?
Very likely
OK then
Alright.
What’s the importance of rooting a phone? And what’ are the side effects?
See http://blog.hovatek.com/how-to-root-android-easily-without-pc
my phone model is Techno R7.whenever I switch on the data unwanted apps r downloaded like APUS,GOOGLE SERVICE,TIMES SERVICE etc.Am very annoyed coz I cant use my phone.please help
have you followed the guide above?
Hi.MY PHONE IS TECHNO R7 AND I HAVED BEEN INVADED BY APPS LIKE TIMES SERVICE,APUS,GOOGLE SERVICES AND OTHERS WHICH ARE REPLICATING THEMSELVES.PLEASE HELP TO SOLVE THIS PUZZLE.I HAVE TRIED TO FORMAT AND ALSO SCANNING THRU ANTI VIRUS AVG BUT ALL FUTILE
Thats weird. How exactly did you format the phone? did you use the SP Flash Tool method above?
Pls, how can i remove monkey virus on my tecno r7 without using pc?
You can install an antimalware then scan the device.
If the device is rootedd, I can guide you through another method using LinkSD