Cleaning Samsung S3 with Koler Trojan via USB Connection?

[AtotehZ]

Hey guys,

My S3 with Android 4.3 Jellybean is infected with a Koler trojan. As soon as the it is booted up I'm greeted with a screen that blocks the phone.

I have tried booting the phone in safe mode and I've searched for the common apps that could cause the infection to no avail. The only way to get real access is to start in safe mode, and when I do I can't run the MalwareBytes app I have since safe mode disables it.

My question is. Is it possible to connect my smartphone to my computer and have the computer scan it for malware? I've tried booting up MalwareBytes on my PC with the phone connected, but it doesn't appear in the list of drives that can be scanned.

If not this one, do you have another solution?

Some external links to fill you in:
https/www.f-secure.com/v-descs/trojan_android_koler.shtml
https/malwaretips.com/blogs/dansk-rigspolitiet-virus/ (mine is the android version)

Hope you can help me out.

 

[SBMfromLA]

"The bad news is that by the time you see the message, the bad guys already have your IMEI on file," said BitDefender's chief security strategist Catalin Cosoi, who also noted that Koler.A doesn't have the necessary permissions to actually encrypt victims' files.

The good news is that Koler.A can be easily removed by either pressing the home screen and navigating to the app, then dragging it on the top of the screen where the uninstall control is located, or by booting the device in safe mode and then uninstalling the app."

http/www.theguardian.com/technology/2014/may/08/android-porn-koler-a-ransomware

 

[AtotehZ]

"The bad news is that by the time you see the message, the bad guys already have your IMEI on file," said BitDefender's chief security strategist Catalin Cosoi, who also noted that Koler.A doesn't have the necessary permissions to actually encrypt victims' files.

The good news is that Koler.A can be easily removed by either pressing the home screen and navigating to the app, then dragging it on the top of the screen where the uninstall control is located, or by booting the device in safe mode and then uninstalling the app."

http/www.theguardian.com/technology/2014/may/08/android-porn-koler-a-ransomware

"The app" I need to know what that is. That's the whole point with the scan. As I said in the parent post "I've searched for the common apps that could cause the infection to no avail"

I need to know how to run a scan. Also pressing home does nothing. The only button that works is the power button. Please read the parent post again.

 

[SBMfromLA]

"The bad news is that by the time you see the message, the bad guys already have your IMEI on file," said BitDefender's chief security strategist Catalin Cosoi, who also noted that Koler.A doesn't have the necessary permissions to actually encrypt victims' files.

The good news is that Koler.A can be easily removed by either pressing the home screen and navigating to the app, then dragging it on the top of the screen where the uninstall control is located, or by booting the device in safe mode and then uninstalling the app."

http/www.theguardian.com/technology/2014/may/08/android-porn-koler-a-ransomware

"The app" I need to know what that is. That's the whole point with the scan. As I said in the parent post "I've searched for the common apps that could cause the infection to no avail"

I need to know how to run a scan. Also pressing home does nothing. The only button that works is the power button. Please read the parent post again.

As for the app... only YOU would know that answer. You either side-loaded an infected app or browsed to a website that infected your phone. If you don't know which app, start UNINSTALLING all your side loaded apps that installed recently... and then work on your browser... uninstall that. If you had a rooted phone, things would be much easier for you.

If push comes to shove... you could always do a factory reset. Some users have said that resolved their problem. If you do get it resolved... be careful of apps you side load. I've never had any problems with my phones or tablet... but I when I do need to sideload something... I always double check to make sure it's from a good site and always check the "comments" from other users regarding that app. If it's malware... someone would say something.

I also read that many people are tricked into installing these trojans. If you visit a website, they will present a Dialog Box saying your Video Player needs to be updated or your version of Flash is out of date... click here to update or some mess like that. Every time I see that... I say "Hasta la Vista" to the website because I know everything on my computer is up-2-date already... and recognize that as being a fake message.

 

[AtotehZ]

So you can't help me with a way to scan the phone? I've already done all the things you're mentioning.

 

[AtotehZ]

Ok... I managed to remove screen block. The Koler Trojan.

It's kind of embarrassing though because the name of the app that caused it was staring in my face and it's not something I have downloaded.

The name of the app was "System Malware". Are you kidding me? Have you ever seen anything like that?

I'm wondering if MalwareBytes is to blame for it, I was doing a full system scan with the app when it popped up the first time. Maybe MalwareBytes planted a dummy it couldn't remove?