Android. Operating system. Multimedia. Social media. Tools. Codecs. Graphic arts
Are you here: » »

What to do if the virus on android is not removed by reset

This is another part of the posts about virus activity on Android and how I dealt with viruses. The first four are here:

Attention! The materials listed above and this post talk about my experience and cannot serve as instructions for use.

Part five. The virus got into the firmware of the device

One of the smartphones that I use to test applications has stopped working. It didn't break, but it became completely unusable.

So what turned out. The phone has been infected. If the day before, everything was in order with the smartphone, then a day later several applications were discovered: applications for monitoring battery charge, 3 applications with very frivolous icons, several applications that were disguised as system ones. Apparently, I got caught somewhere and clicked on something that was not necessary to click on. I will also say that this virus on Android is not deleted during a reset, but more on that later.

The infection turned out to be really massive. Not only did the paid version of Dr.Web Security Space miss all this zoo, but these viruses have captured all the resources. It is likely that Dr.Web stopped something, but it could not neutralize a number of viruses.

What did I do to remove viruses?

  1. An attempt to block/stop malware applications or remove them from startup has not been successful. Some third-party applications managed to block after a reboot, but the one that crawled deep into the system simply restarted the system and all viruses. A minute after loading the smartphone, the reaction to keystrokes began to be 1-2 minutes.
  2. I downloaded Kaspersky Internet Security antivirus for Android as an .apk file, installed it, and I even managed to run it. A quick check showed nothing, a full check hung at 11%. It took 3 reboots of the smartphone for KIS to scan the entire device. Nothing found!
  3. Getting the root seemed to me on such a device, on which applications and windows are closed and restarted every now and then, a very difficult task. Even in safe mode, it is completely impossible to work.
  4. The only option that seemed to me a quick way out of a predicament did not work. Resetting to factory settings gave me a clean android with ... pre-installed viruses. This virus has been installed in the very core!

The phone is almost dead! Well, how do you like it? Would you like it to happen with your smartphone? Please note that I had a ban on running applications not from Google Play, a paid antivirus, and I did not climb any dubious sites, and installed applications only from the Google store. How did what happened happen? Don't know. However, it did me good.

Conclusions I made:

  1. Antivirus is not a guarantee against infection! The new virus algorithm is not detected by any antivirus that works with signatures and may not be noticed by heuristic analysis.
  2. Always back up your critical data, no matter when you need it.
  3. Use a separate device for experiments. Everyone has old smartphones and tablets.
  4. Root access in the right hands can be invaluable in preventing infection and cleaning the device of malware that can enter the system area.

If the first half of the day was filled with attempts to fully restore the smartphone's performance, then the second half was spent on somehow turning it on.

Part six. Changing the firmware as a means of combating viruses on Android

In fact, I just wanted to restore the device to working capacity and, if possible, improve security. I downloaded the latest firmware on the site, launched the Smart Phone Flash Tool and reflashed the smartphone.

How did I reflash ZOPO ZP-780. Just a song for 3 hours! The second time it is done in 15 minutes.

  1. Downloaded . Launched Smart Phone Flash Tool.
  2. I downloaded and unpacked the archive with the firmware from the official site. Specified the path to the file MT6582_Android_scatter.txt
  3. Switched the Firmware Upgrade mode. Clicked the Download button. It is important to press first, and then connect the phone! When formatting (Format tab) the same rule.
  4. Connected with USB cable off smartphone. If I didn’t pick it up, then I rebooted the smartphone (turned it off, removed / inserted the battery, connected it to the computer).
  5. Updates are being downloaded. After the update is downloaded, the “OK” button appears, which means that the files have been copied to the device.

When I turned on the smartphone, I realized that I was delighted early - in the dialer mode, terrible phantom clicks appeared. Sensors "back", "home", "menu" stopped working in a number of applications.

The ZP-780 was flashed not entirely successfully - the IMEI number flew off. Yes, this happens, although not often. When formatting, it always flies. For such cases, all normal people make a backup. But the smartphone is a test, so it's okay, but IMEI is being restored.

How to check your IMEI?

Type from the keyboard *#06# . In response, the IMEI code of your device will be displayed. I did not see the code, but instead a message appeared invalidIMEI.

What's wrong with not having an IMEI code?

You can forget that your smartphone can make calls - you won’t be able to call anyone, you can also use the mobile Internet.

Where to get the IMEI code or how to find it?
  • The IMEI code is printed on the sticker on the box.
  • The smartphone has an IMEI code under the battery.
  • You can see the code in your Google account.

In order to find out IMEI using your Google personal account, you need to log into your account and go to. In the list of devices linked to your account, the first line will be the IMEI code.


Heading: Android
Share