How to remove viruses from your Android device

Although it is not common for your Android to be infected with viruses, and in fact Google itself has said that it is not necessary to install an antivirus if you only use the Play Store to download your apps (something that is not so true), this is possible. For example, someone can physically or remotely install malware to spy on you, they can be passed from the PC, when you download cracked APKs, open files from unknown sources or visit malicious websites, some that show you «pop-ups» of the type « Warning: Android infected with virus! Clean it up!” to trick you into downloading a real virus.

If your Android has a virus or you think it does, the first thing to do is to scan the computer with the system tools, or a good third-party antivirus. If you find any and it is an installed application, optionally extract its APK to re-analyze it with VirusTotal.com. It is possible that this virus application cannot be uninstalled normally from Settings, Applications, Application Name, Uninstall, so you may have to try the following options to get rid of it.

Contents

Viruses as device manager

It is likely that the malware or virus has administrator permissions on the phone, something that, like other apps, gives it the power to erase data from the computer, change the password, lock the screen, among other things.

If this is the case, you will see a warning that the application cannot be uninstalled. If so, you must first disable it from the device manager (assuming it is visible there) from the same uninstall notification that should appear or go to a path similar to the following: System Settings, Lock Screen and Security, Other Security Settings Device Management Apps. Uncheck the box for the application and proceed to uninstall it.

Safe Mode

 

remove virus safe mode android

While active or running, the virus may not accept the uninstall. Therefore, to force its deactivation and proceed with the uninstallation, you can start the device in safe mode, in which all apps are temporarily deactivated, except those that come pre-installed at the factory.

Once in safe mode, go to Settings, Applications and try to uninstall the malicious application.

To start the safe mode, you must press and hold on the “Turn off” option that appears on the screen when you try to turn off the phone, until the “Restart in safe mode” option appears. On some devices, such as Samsung or Sony Xperia, turn on the phone and as soon as it starts booting, press and hold the Power button until you see the Start screen.

Once you uninstall the virus, restart your phone and everything will go back to normal.

Factory restore

This is the last safe option to get rid of the virus: reset the computer to factory settings and leave it as new. How can you lose your data, be sure to make a backup.

For the restoration you must go to Settings, General Administration, Reset, Reset to factory settings. However, it is recommended to use the wipe data / factory reset option in the recovery mode, which is more effective when deleting data.

This is usually the definitive way to remove malware from your Android, but even after that the device may become infected again. This is rare, but possible due to advanced malware like xHelper , which hosts files on the device that sometimes may not be deleted even after factory reset. In this case, MalwareBytes has given precise removal instructions, including manual deletion of malicious files using a file manager and temporary deactivation of the Play Store.

Forced deactivation

Some devices come with undesirable factory applications, as in the case of Xiaomi and its Analytics app, which works as a back door or backdoor. On devices with Mediatek CPUs there are apps like MTK Android Suite Daemon , whose version 1.1 is harmless according to VirusTotal, but it is not known exactly what it does.

These types of apps cannot be deactivated normally, but some devices may support forced deactivation through the following ADB commands:

adb shell

pm uninstall -k –user 0 packagename

To reverse this change the following command is used:

adb shell cmd package install-existing packagename

Deactivating factory apps in a forced way is really dangerous, because they can be related to the normal operation of other applications or the system. In advance, you must know how to reinstall the firmware of the equipment in case it does not restart.

Remove viruses with ROOT

Another way to disable a virus or even uninstall it is through root permissions. Once you have done that process on your device, you only need an application like Titanium Backup or a root uninstaller to disable or uninstall the infected malware, adware or app.

As in the previous case, deactivating or uninstalling factory pre-installed apps in this way is also a risky procedure because it can prevent the phone from rebooting. If you have root, it will probably be easy for you to install a custom recovery, from which you can create a full backup of the equipment or nandroid backup, which will allow you to restore the phone in case it does not start.

References : SMH, Symantec, TNW, AV-Test, APK Extractor

Receive updates: SUBSCRIBE by email and join 10,000+ readers. Follow this blog on Facebook and Twitter.

Leave a Reply

Your email address will not be published. Required fields are marked *