How to remove a Trojan program from Android. How to remove a Trojan from an Android phone quickly and permanently

Attention! The materials listed above and this post tell about my experience and cannot serve as instructions for use.

Part five. The virus got into the device firmware

One of the smartphones that I use to test applications has stopped working. It didn't break, but it became completely impossible to use.

So what turned out to be. The phone has become infected. If the day before everything was fine with the smartphone, then a day later several applications were discovered: applications for monitoring battery charge, 3 applications with very frivolous icons, several applications that were disguised as system ones. Apparently, I got caught somewhere and clicked on something that shouldn’t have been clicked. I will also say that this virus on Android is not deleted when resetting, but more on that later.

The infection turned out to be really massive. Not only that paid version Dr.Web Security Space missed this entire zoo, because these virus bastards captured all the resources. It is likely that Dr.Web stopped something, but it was unable to neutralize a number of viruses.

What did I do to remove viruses?

1. An attempt to block/stop pest applications or remove them from startup was unsuccessful. Some third-party applications managed to be blocked after a reboot, but the one that got deep into the system simply restarted the system and all the viruses. A minute after loading the smartphone, the response to key presses began to take 1-2 minutes.
2. I downloaded the Kaspersky Internet Security antivirus for Android as an .apk file, installed it, and I even managed to run it. A quick scan showed nothing, a full scan froze at 11%. It took 3 reboots of the smartphone for KIS to scan the entire device. Nothing was found!
3. Getting root seemed very difficult to me on such a device, on which applications and windows are closed and rebooted every now and then. Even in safe mode it is absolutely impossible to work.
4. The only option that seemed to me to be a quick way out of a difficult situation did not work. A factory reset gave me a clean Android with... pre-installed viruses. This virus has installed itself in the very insides!

The phone is practically dead! So what do you think? Would you like this to happen to your smartphone? Please note that I was prohibited from launching applications not from Google Play, paid antivirus and I didn’t climb any dubious sites, and installed applications only from the Google store. How did what happened? Don't know. However, it did me good.

Conclusions I made:

1. Antivirus is not a guarantee against infection! The new virus algorithm is not detected by any antivirus that works with signatures and may not be noticed by heuristic analysis.
2. Always back up your critical data; you never know when you'll need it.
3. Use a separate device for experiments. Everyone has old smartphones and tablets.
4. Root access in skillful hands can provide invaluable assistance in preventing infection and in cleaning the device from malware that may enter the system area.

If the first half of the day was filled with attempts to fully restore the functionality of the smartphone, then the second half was spent trying to somehow turn it on.

Part six. Changing the firmware as a means of fighting viruses on Android

In fact, I just wanted to restore the functionality of the device and, if possible, improve security. I downloaded the latest firmware from the website and launched Smart Phone Flash Tool and reflashed the smartphone.

How I reflashed ZOPO ZP-780. Just a song for 3 hours! The second time this is done in about 15 minutes.

1. Downloaded. Launched Smart Phone Flash Tool.
2. I downloaded and unpacked the archive with the firmware from the official website. Specified the path to the file MT6582_Android_scatter.txt
3. Switched the Firmware Upgrade mode. Clicked the Download button. It is important to press first and then connect the phone! When formatting (Format tab), the same rule applies.
4. Connected with a USB cable turned off smartphone. If it didn’t work, then rebooted the smartphone (turned it off, removed/inserted the battery, connected it to the computer).
5. The download of updates began. After downloading the update, the “OK” button appeared, which means that the files were copied to the device.

When I turned on the smartphone, I realized that I was overjoyed early - the most terrible phantom clicks appeared in the dialer mode. The “back”, “home”, and “menu” sensors stopped working in a number of applications.

I reflashed the ZP-780 not entirely successfully - it crashed IMEI number. Yes, this happens, although not often. It always crashes when formatting. For such cases, all normal people make backups. But the smartphone is a test one, so it’s okay, and the IMEI is restored.

How to check your IMEI?

Type from keyboard *#06# . The IMEI code of your device will be displayed in response. My code was not displayed, but instead a message appeared invalid IMEI.

What's wrong with not having an IMEI code?

You can forget that your smartphone can make calls - you won’t be able to call anyone, use mobile internet Same.

Where can I get the IMEI code or how can I find it?

• The IMEI code is printed on a sticker on the box.
• The smartphone has an IMEI code under the battery.
• You can view the code in your Google account.

To find out IMEI using personal account Google, you need to log into your account and go to . In the list of devices linked to your account, the first line will be the IMEI code.

For the second number I did everything the same, but the code became

AT+ EGMR=1,10,"IMEI_2"

(where IMEI_2 in my case is the same as the first IMEI).

I rebooted and got the smartphone as if I had just turned it on for the first time.

Why did I tell you this? Moreover, it took the whole day to restore the smartphone’s functionality. It’s a rather expensive pleasure to press all sorts of buttons on websites and install dubious applications. How do you think?

Take care of yourself, your devices and good mood! Good luck!

Upd: If you experiment with the Format tab in the Smart Phone Flash Tool, you will start formatting and get a brick with errors like s_dl_read_pt_fail (5073) when reformatting or PRO_INFO: Failed to get PMT info When I tried to download the firmware, turning on the mode helped me Advanced Mode in Smart Phone Flash Tool. It turns on by pressing Ctrl + Alt + V on the keyboard. The firmware was downloaded immediately.

Text from the forum

i think this is the same problem on other Mt6571/Mt6572 device here on Ph.. when you try to flash the phone even it is completed on Volcano the result is still dead set.. And when you try to flash on Sptool it stop on 4 %.. Or even the flashing is completed the phone is still dead. But there is some Co-tech here in the Ph found the Solution to make it continue on Flashing in Sptool and dont stop in 4%.. In Sptool there is what so Called Advanced mode Settings.. NOTE: NOT All Mt6571/mt6572 Chipset Support by Sptool on Format All + Download yuore device will Brick on this Method of Flashing.. Much better to use Donwload only or the Firmware Uprade settings this settings will not killl youre phone.. Here is the trick of Sptool Mt6571 to make it countiue again in flashing. Open Sptool and go to Format Tab and press on keyboard Ctrl Alt V and choose format whole flash and forecedly Erase (Bad blocks mark is erased) Go to options and choose Download and put check PhysicalFormat/readback And back to Format Tab and Click start and after erasing flash youre phone and Set Sptool on Download only Big Credits to to those Tech here in Ph who discovered and share this trick to us: rievax VIOLA…. Took it

Today, viruses have gone beyond PCs and are increasingly appearing on smartphones. Unlike Apple products and WindowsMobile, which the developers have equipped with reliable protection against attacks from third-party malicious applications, Android phones have a significant vulnerability to viruses. Therefore, in case of infection, you need to know how to remove the Trojan.

The user learns about the infection problem quite late, when the device begins to independently turn on various functions, call numbers in the phone book, download and delete information, programs, media files, etc.

You may notice that funds from your bank card disappear without a trace, access codes and passwords change. If you are faced with this kind of situation, you need to remember whether you have received a suspicious message on your phone or email, or installed incomprehensible applications.

You may have picked up a Trojan. This is a virus that copies itself and quickly spreads through the files of the device. Its main goal is to harm you. The Trojan has several ways through which it infects phones:

• pirated software;
• landing pages that appear when viewing information on the Internet;
• suspicious SMS messages from recipients unknown to you;
• certain blind spots in the phone software.

All these infection options very often turn out to be quite effective, and the user is faced with the question: how to remove the Trojan? After all, you don’t want to lose the information that is stored in the phone’s memory, but it’s also not possible to continue using an infected device.

How to remove Trojan virus from your phone

So, you are faced with a malicious program and are looking for ways to resolve the issue. As an experienced user, are you interested in how to remove Trojan from Android without damaging existing information? There are several ways in which you can remove the Trojan without losing data.

Method 1: Using special antivirus software

There are many programs that ensure complete safety and security of all data on the phone. This category includes antiviruses Doctor Web, Kaspersky, you can download a special Anti-Malware program, which is designed to search for and neutralize all kinds of Trojans and spyware. In the question of how to remove the Trojan virus on Android, a specially developed Trojan Killer tool by CM, known to many users through the Clean Master program, helps. Very convenient applications that allow you to remove the Trojan on the first try. In addition, it is possible to deal with viruses using free versions of antiviruses such as Avast, NOD32, etc.

Let's look at the procedure for removing a virus from a device using anti-virus software, using the Lookout program as an example:

• look for and install the Lookout program from PlayMarket;

• the app will automatically prompt you to upgrade to a premium level. You will need to click “No, thanks” and continue with the installation;
• To start scanning for viruses, select Security;

• Do not close the scanning window until it is finished. This way you can find out exactly where the malware is located and what data was infected.

In the future, Lookout will automatically scan all installed and downloaded files for viruses.

Method 2: how to remove Trojan from Android manually.

This method is used in cases where your antivirus sees an infected file, but cannot do anything with it except identify it.

To remove the Trojan manually you will need a little free time, persistence and presence of Root rights to carry out such an action.

Open the file manager on your phone and go to the parent folder. Go to the data/app folder and delete all unnecessary files.

Root right is the ability, on behalf of the device administrator, to delete infected system files of the phone, to which there is usually no free access.

To do this, you can use various programs that are available on the Internet, install them on your phone and, after going through a step-by-step installation, get the entire system working.

You can find another way to remove Trojans. This is a complete flashing of the phone. In this case, you lose all the data that is important to you. This operation costs money and requires the approach of a qualified specialist.

You can reset the settings to factory defaults:

Be careful! Save all data on a PC or other device in advance, otherwise you will lose absolutely all the information stored on the phone.

In conclusion, I would like to say that to prevent your phone from becoming infected with viruses, it is recommended to conduct a deep scan of all existing files and applications at least once a week, not to download suspicious software, even from trusted sites, and not to read incomprehensible SMS.

If your device starts to work poorly and take on a life of its own, then most likely your phone has caught a virus.

The main “symptoms” of an Android device being infected with a virus:

• The phone turns on longer than usual;
• there are numbers in the call list that are unfamiliar to you;
• excess funds are debited from the account;
• you are unable to use your electronic wallets and other financial management systems;

• your pages in in social networks used for the purpose of sending prohibited materials or spam.
• The battery will discharge much faster, because the virus program consumes a lot of energy.

Removing viruses with 360 Security Lite

The easiest way to “treat” an Android device from malicious files and programs is to clean it using an antivirus program.

360 Security Lite is one of the most popular antivirus programs for Android devices. To clean your device or ensure future protection, you should:

1. Install.

2. After installing the application, click on the icon on the desktop and launch the program.
3. In the Antivirus tab, click the Scan button.

4. The application will begin scanning your device for viruses.

5. The next step is to remove the malware software. If you find something - no quarantine is needed - immediately set the switch to the delete position for everyone.

Note: I think it’s obvious to everyone that this method only works if the Android device is fully functional. The same applies to other antivirus programs.

We use Avast Mobile

Another good antivirus application is Mobile Security& Antivirus Avast. Read below for exactly how to use it.

1) Download the application from the official website or install.
2) Please note that you have read the license agreement and privacy policy.

3) Go to Smart check - Check device.

4) The antivirus will immediately begin updating the virus database.

5. Once the scan is complete, you will be asked to select actions in relation to the threats. Now the antivirus will monitor your device.

Treatment in safe mode

The thing is that the vast majority of virus programs do not work in safe mode. This means that if you run the device in this mode, the virus simply will not work, so it can be easily removed.

To start Safe Mode, follow these steps:
1. Press and hold the device's power button.
2. Hold your finger on "Disable device" until you see this message:

Once your Android device is in safe mode, scan it with an antivirus and remove malware. If the antivirus program does not start, reinstall it by downloading it again from Google Play Market.

How to avoid catching the virus again - prevention

To prevent viruses from infecting your device, follow these tips:

• install applications of any kind only from trusted sources, for example, from Google Play Market, here administrators carefully check their content;
• install from sites you trust - for example: site :-)
• Always update your device's OS;
• Do not visit suspicious sites and do not click on links like “Your Android device is blocked” or “Viruses have been detected on your phone”; if you click on such messages, you will definitely acquire a virus.

Brief summary

In this article, I told you how to solve the problem of viruses on Android devices. I hope it will be useful to you, and you can easily get rid of unwanted and extraneous programs. Good luck!

This information will allow you to keep your phone in working order even if it is infected with virus software. Also, timely removal of the virus will protect user files from infection.

Rice. No. 1. Viruses on Android

1. What is a virus in Android OS?

Over the past two years, viruses for the Android platform have been introduced into 80 percent of devices. Even special antivirus software cannot always detect a new type of malware.

Looking for an antivirus program for your smartphone? List and description of the best antiviruses

There are several types of viruses that users may encounter:

• Trojan. This type of virus can distribute or collect information. Also, some Trojans have the ability to gain unauthorized access even to encrypted user data;
• Viruses that spread advertising. Banners offering you products or services may appear at any time, even if there is no Internet connection;
• Viruses that block the functionality of the operating system. This type of malware is the most dangerous. The virus restricts the user's access to the device's functions, requiring the user to restore operation by sending a paid SMS message;
• Third-party software that binds to the browser installed on the device. As a result, users will constantly be redirected to advertising pages.

Malicious software on Android can be easily removed from a tablet or smartphone. This can be done even by a user whose phone does not have root rights. All you need is to recognize the virus in time, determine its type and remove it.

Rice. No. 2. Viruses on mobile devices are not at all harmless

2. How to recognize and remove a Trojan using an antivirus?

The user may not even be aware that a Trojan or spyware is installed on his phone. As a rule, these types of software are installed on the device along with other programs that are downloaded from unofficial sources.

Symptoms of device infection may include excessive usage bills mobile communications, abnormal consumption of Internet traffic, installed third-party programs, slowdown and freezing of the device. The battery can also drain very quickly.

You can identify and remove a virus as follows:

• Scan your phone memory with special antivirus software. The most popular antiviruses for Android are Dr. Web, CM Security, Mobile Security, Avast, 360 Security;

Rice. No. 3. Antiviruses on Google Play

Remember! You must download the antivirus only from the official Google Play store. Otherwise, you may end up with an additional Trojan on your phone.

• Perform manual removal. Using the phone itself.

Let's take a closer look at how to scan a device using the example of the most popular antivirus in the app store - Dr. Web. To get started, download and install the utility on your device.

Then follow the instructions below:

• Launch the application. Open the “Scanner” window;
• Next, select “Full device scan”;
• Wait for the process to complete;
• If viruses are found, their number will be displayed next to the “Threats detected:...” field.
• Open the window with the detected malware and remove each component separately by clicking on the additional options button (picture below).

Check for viruses regularly. 1-2 scans per week will be enough.

It is also recommended to check programs immediately after installing them. Using an antivirus, you can remove Trojans, banner viruses and software that binds to the browser and other applications on your phone or tablet.

About others antivirus programs for devices on the Android platform can be read in our article.

Here is the list good antiviruses which we recommend for use:

• Security Master - Antivirus, VPN, AppLock, Booster (in addition to antivirus functions, this program also has a VPN and a device accelerator);

3. Several ways to manually remove a virus from a device

If you encounter a more serious type of malicious utility and cannot fix the problem using a regular antivirus, you must remove it manually. After removing the pest using an antivirus, do advertising banners still appear?

In this case, follow following instructions by deletion:

• Turn off wifi and data transfer over the mobile network on your phone;
• Take out the SIM card;
• Remove all previously installed programs;
• Uninstall the browser and install it again. Use only the version of the application that is available in the Play Store;
• Also format the connected memory cards;
• Reboot your device.

To remove a ransomware virus that has blocked all actions, use the following instructions:

• Turn off your smartphone;
• Remove the card from the device mobile operator. Do this immediately after you discover the ransomware virus. Otherwise, a large amount of money may be debited from the account;
• Do not remove the memory card from your phone; it may also be infected with a virus. To completely remove ransomware, you will have to clear all information, including installed programs and personal user data;
• Reset your device to factory settings using the Volume Up, Power button, and Home button combination. Hold them down for 5-10 seconds until a window appears with the text as shown in the figure below.

Rice. No. 5. Text indicating that the reset has begun

• Move the cursor down the list using the side volume keys. Stop the cursor at the Factory reset line, as shown in the figure below;

Rice. No. 6. The line "Factory reset"

• Press the power key to begin the reset process.

Rice. No. 7. Reset process

• Select the recovery option, which will delete all user data;

Rice. No. 8. Recovery options

• The procedure can take from 3 to 20 minutes. After it is completed, the device will start on its own. You will be prompted to set up your device again (the normal settings process as after purchase).

Rice. No. 9. Suggestion to reconfigure the device

Read about removing viruses from different operating systems.

Thematic video:

Recently, the question of how to remove a virus from an Android phone has become relevant for users.

This article provides examples of the most common malware and ways to quickly and safely neutralize them.

Each type of malware has its own characteristics and properties.

Let's look at the main types of pest programs that users encounter and effective ways to remove them.

Advice! Regularly scan your device for malware and spyware with programs like 360 ​​Security. Dr. Web, Kaspersky, Lookout. They have the most extensive database of Android malware.

Trojan Removal

This type of malware is the most popular. You can find Trojans in almost any device, their number is so great.

It can encrypt its actions under the guise of another program and at the same time send invisible mode paid SMS to third-party numbers.

The Trojan can also steal your credit card numbers and passwords recorded anywhere on the device: in SMS messages, notes, special programs for storing data.

To get rid of the Trojan, follow these steps:

1. Scan your device for spyware and malware, for example using Lookout, as shown in the figure.

1. Remove any suspicious programs found. These two simple steps are enough to neutralize and remove the Trojan from Android.

Removing adware

This type of malicious software is also very common, however, unlike a Trojan, it is not aimed at harming the device or extorting Money, but to earn money through advertising.

It is not necessary to uninstall the application that is causing the ads to appear.

Several ways to solve the problem:

1. Turn on Airplane mode. IN this mode The Internet and other types of connections are turned off, so advertising is not loaded or displayed. This solution to the problem is suitable for games and applications that do not require the Internet to work with.
   To enable the mode, hold down the power button and in the window that appears, select the required type of action, as shown in the figure;

1. Removal by scanning. Scan your phone for threats; adware ones are almost always detected, so removing them will not be difficult.

Removing a malicious banner

This type of malicious software blocks all phone functions and extorts the user to pay money to disable the blocker banner.

This type of malware is often found on all phones.

Advice! If your phone or tablet has been infected with this type of malware, immediately take out your SIM cards before a large amount is withdrawn from your account.

An infected program can be easily eliminated in a few steps:

1. Turn off the device and fully charge it;
2. Turn on your device. All subsequent actions must be done as quickly as possible before the ransomware banner appears;
3. Go to settings (section for developers);

1. Enable USB debugging mode;