How to remove privacy guard, easy tool, monkey test and time service malware from an MTK (Mediatek) Android phone


how to remove android monkey test time service malware virus

Quite a number of fans have complained about encountering this issue either on other peoples MTK Android phones or theirs so we’ll be discussing these malware, how they affect your Android phone and how to permanently remove them.

How did I get infected?

In my previous article on removing Malware from an Android phone (see https://journal.hovatek.com/how-to-remove-adware-from-an-android-phone/), I discussed some methods by which malware infect your Android phone. The easiest point of entry for an Android phone is the application(s) you install. Considering how popular the Android platform is and how many Android apps there are, its not hard to imagine why hackers would exploit this. The most potent carriers of malware are cracked / nulled apps (using malware crypters and binders).

Are they harmful to my Android phone?

If you’ve ever experienced these apps then you would know that they not only auto-update but also install unsolicited applications on your phone (using up your data plan). Adware are just a few steps away from harvesting your personal information so why wouldn’t they go all the way? You will also get a lot of has stopped errors like “unfortunately adobe air has stopped”, “unfortunately measure has stopped” and this could be very frustrating.

Why wont uninstalling / factory resetting remove them?

Uninstalling them under Settings >Apps or doing a factory reset would have been effective if only these apps were fully installed in the /data partition. After uninstalling, all you need to do is reboot your phone and they’re back again like nothing happened.

How then do I remove privacy guard, easy tool, monkey test and time service from my phone?

Consider the following methods:



1. Locate the malicious apks under /system/apps, data/app, vendor/operator/app , system/priv-app, system/preloadapp or anywhere they’re installed to and delete them. For Monkey Test and Time Service, the apks to delete are cameraupdate.apk, providerCertificate.apk, providerdown.apk and themeManags.apk (see https://journal.hovatek.com/how-to-remove-bloatware-on-an-android-phone/ for the Bloatware removal techniques ). The phone needs to be rooted in order to use this method (see https://journal.hovatek.com/how-to-root-android-easily-without-pc/ to know more about rooting an Android phone)

2. Install a good antivirus like 360 security , Stopbadapp , AVG , Ghost Push Trojan Killer, Avast or Malwarebytes and scan the phone.

3. Use the custom recovery backup and restore method:

  • Get a working phone of the same model (without the malware issue)
  • Flash a custom recovery to both phones using the method at https://forum.hovatek.com/thread-455.html and backup the working phone in recovery mode (see https://forum.hovatek.com/thread-479.html for how to boot into recovery mode)
  • Copy the backup folder from the SD card of the working phone to the SD card of the malware infected phone (ensure to maintain the folder structure)
  • Boot the malware infected phone into recovery mode and format System under Mounts & Storage
  • Return to the main menu and restore the backup of the working phone under Backup & Restore > Restore

4. Format then flash using SP Flash Tool

My phone is stuck at brand logo after deleting something wrong in the /system folder. How do I fix my phone?

You need to flash back system.img or system.ext4.tar depending on the format that your /system directory is in the ROM. Please, create a new thread at our forum and our reps will provide free step by step assistance (see https://forum.hovatek.com/thread-514.html for how to create a thread) .

Hovatek….just a button away!

Tags

You might also like

Do you really need userdata.img and cache.img to unbrick?

The Infinix Hot 2 X510 March 2016 update ROMDump is now available

Itel features Android 8.0 Oreo; launches the Itel S42, A44 & A44 Pro

How to install windows 7 with or without the Operating System CD / DVD

Infinix pushes full OTA update to Android Marshmallow 0202 (testing) for the Infinix Hot 2 X510

How to fix an Android phone that automatically goes off or shuts down frequently

74 thoughts on “How to remove privacy guard, easy tool, monkey test and time service malware from an MTK (Mediatek) Android phone

  2. Wow, you don’t know how delighted I am. Your post was very helpful and I finally got rid of the annoying maleware “your ‘app’ has stopped” that continued to terminate my applications and programs.

    After I installed the latest AVG anti-virus and ran a scan, my Tecno Phantom Pad II came back to live.

    Double thumbs up Hovatek!

    Reply

  3. please i need help on how to fix my infinix X507 phone. it has been popping up adobe air and android system is not supported. after flashing it, the problem still continue.

    Reply

  6. pls my tecno H6 is having malware issues such as security plugin and timeservice.pls i need a step by step approach on how to fix this problem,it really affecting my phone as i can no longer enjoy surfing with the phone due to persistent hanging and malfuncting of the phone.

    Reply

      1. pls i need help my tecno y6 keeps poping up with some apps immediately i on my data and it mkes de phone freeze and presin itself cant even use it wen the data in on

        Reply

  7. Goodday hovatek, i installed an application used for studies and signed in.it immediately wrote unfortunately “unfortunately the specific app has stopped working” i have tested that same app on another android and it worked perfectedly…. Do u suggest i flash the stock rom….

    Reply

  11. please I have some unwanted apps on my techno h7,still there even after factory reset and even erased my memory card.please help

    Reply

  12. My Tecno H6 has been attacked by malicious app called “pro” this goes on downloading other apps like android patch, engrils, engriks and games like “through the gun fire” and others without notice. System apps like adobe air, measure, security plugin go on stopping and my data is used rapidly before I use it. They can’t be removed by a factory reset or flashing.
    What can I do to over come the problem. Thanks

    Reply

      2. Will it work if I download it directly with my H6 and install it?
        And if it’s possible, can’t the file be lost if I perform a factory reset?
        Last but not the least, can I upgrade my android version from 4.4 kitkat to 5.0 lollipop and how?

        Reply

        1. You can download the firmware with any device but need a PC to flash as the guide says.
          No such upgrade for your phone

          Reply

  13. Some time back I visited a software stores to flash but he told me that I had to get another physical H6 phone so he can copy the file to mine, and he continued that if he uses a downloaded file from Internet, that my phone may fail to power on a again. Is there no worry about this file? Thanks

    Reply

  15. Any flashing system like the VOLCANO TOOL can work?. Also I’m seeing H6 variant 1 and H6 variant 2 which one should I download. My H6 is of the second version of an 8GB ROM with a 5GB free space.

    Reply

  16. I have tried many anti viruses including AVG, 360 security,, they could help me to identify them, also directed me to disable and force stop the infected inbuilt apps, lastly I downloaded stubborn Trojan killer which requested me to download king root of which I did and I rooted the phone. On rooting, I was able to uninstall the inbuilt apps completely, King root then changed into a system app, yesterday I restored the phone but king root reappeared as a system app. But all in all, on doing all that, it only stopped downloading the malicious software but it couldn’t save quick data loss and so I had to disable all back ground data of all apps including Google play Store, and this made my phone very slow and some features not working.

    Reply

    1. There are up to 4, possibly more.
      Can’t give an exact estimate for when it’ll get uploaded but usually within a week

      Reply

  19. Last week I took it to a software engineer and gave me a firmware with a build number H6-G325-20140923 But seems to be an older version, with just a 2GB free space and sometimes freezing. Which variant is that.?
    Nway, I have found a certain firmware with a build number of H6-G325-B2-KK-20150707,Is it safe if I download that? Remember the original number is H6-G325-A2-KK-20150122S.
    Then lastly, is there any problem if the IMEI change after flashing?

    Reply

          5. It’s no longer doing that since I changed the ROM, today I used a USB to read my H6, but was read as Tecno J7, why did that happen?

          6. This happens a lot on Tecno phones. Phones use almost the same drivers and parts as other models

  21. There is nothing much, nway u told me that the variant 3 stock ROM will be available in a week’s time, but it now almost 2 weeks now

    Reply

  23. I can’t use my usb anymore, is it a virus or what? It even takes a long tym before it charges.. I use infinix hot note. Pls help

    Reply

      3. If someone downloads an app let’s say a game but when it’s imbibing malwares and his phone becomes infected, if I share such a game from their phone and install it on mine, can I also get infected with the same malwares?

        Reply

  26. my phone model is Techno R7.whenever I switch on the data unwanted apps r downloaded like APUS,GOOGLE SERVICE,TIMES SERVICE etc.Am very annoyed coz I cant use my phone.please help

    Reply

  27. Hi.MY PHONE IS TECHNO R7 AND I HAVED BEEN INVADED BY APPS LIKE TIMES SERVICE,APUS,GOOGLE SERVICES AND OTHERS WHICH ARE REPLICATING THEMSELVES.PLEASE HELP TO SOLVE THIS PUZZLE.I HAVE TRIED TO FORMAT AND ALSO SCANNING THRU ANTI VIRUS AVG BUT ALL FUTILE

    Reply

    1. You can install an antimalware then scan the device.
      If the device is rootedd, I can guide you through another method using LinkSD

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *