What kind of steps are recommended when planning to reset malware-infected phone?

Toggle sidebar Toggle sidebar
A

AC Question

Hey guys. I've been planning to do a factory reset on my phone as I suspect it might've gotten infected with malware. It hasn't shown any terribly out of the ordinary behaviors or clear indicators of infection - virus scans from a couple of reputable apps like Malwarebytes or Avast haven't detected anything as well - but I'd still like to take the safe route and be extra sure. I have a couple questions about this process though that I would like to ask you guys:

I've heard that factory resetting is the right method to be pretty much 100% sure anything malicious is gotten rid of on your phone (though it means all personal files on the phone will be deleted). I've also gotten the recommendation to check out certain apps on the google play store that can detect whether your phone has been rooted or not (I guess if it was, then something could potentially survive the reset).

So I wanted to ask you guys, are these pieces of information correct? Are these the correct steps in order to get a phone malware-free, and are such apps that check if you're rooted safe to use? Are there perhaps any other necessary steps to get my phone clean that I'm missing?

Also, how would one normally handle a google-account that's associated with one's phone? I guess deauthorizing any other devices and changing the password would be the most crucial steps. Are there other big dangers one should be aware of? For example, can the google account itself become infected in some way, so that it would re-infect my phone once I logged back in after the reset?

Thanks everybody, I'd greatly appreciate any advice!
 
B. Diddy

B. Diddy

Senior Ambassador
Moderator
Mar 9, 2012
165,541
4,675
113
Visit site
Welcome to Android Central! Root Checker should be safe. It gets high marks, with >200,000 ratings.

A factory reset will work most of the time, as long as the malware wasn't installed to the system root. If the malware persists after the reset, that's probably what happened, and this usually requires a complete reinstallation of the firmware to get rid of it (which is much more involved, and won't be addressed here).

Before the factory reset, go to Settings>Backup & Reset, and uncheck Automatically Restore, just in case any malicious data tries to restore from your Google account. Then after you do the reset and finish the Setup Wizard, go immediately to the Google Play Store and stop any app from installing automatically.

Now that you have a clean slate, start installing your apps one by one. Be wary of shady apps, including (but not limited to):

gambling
"free" mp3 downloaders
porn
ripoffs of well-established games
any "antivirus" or security app that isn't from a very well-established security company

Also, avoid installing apps from any source besides Google Play Store, since 3rd party stores carry a higher risk of malware.
 
F

Flarn

New member
Feb 29, 2016
2
0
0
Visit site
Thread starter here, thanks for the info.

About the Backup & Reset thing for the Google Account though, does that mean I would have to keep it unchecked forever and I would never be able to access that data again, to not risk re-infection? Is this really what people usually do when their phone is infected? Or is there any other option for me to deal with it (except maybe making a new Google Account)?
Wouldn't that also mean I would have to watch out for this if I buy a new phone someday and log into my Google Account (and it might try to synchronize the phone with the backup or something)?

Thanks again for the help so far.
 
B. Diddy

B. Diddy

Senior Ambassador
Moderator
Mar 9, 2012
165,541
4,675
113
Visit site
To be honest, I'm not sure it the Automatically Restore function would really be important to turn off here--I usually recommend it just in case. Malware most likely wouldn't be stored as a piece of app data in your Google account--it'd more likely be hidden in some app that might be automatically installed by the Google Play Store (some malware still slips through Google's scanner every now and then). I don't think apps from 3rd party app stores would automatically reinstall.

Maybe you can skip unchecking Automatically Restore, and follow the rest of the steps. Then see if the problems persist after the reset.
 
F

Flarn

New member
Feb 29, 2016
2
0
0
Visit site
Thanks again for the info you two.

AlphaTango, your guide still leaves me with the question of how to deal with the backed up data that could potentially re-infect me. If Google has data stored for my account that's dangerous, then I would theoretically never be able to check the automatic restore box again - that data would have to stay put forever, right? I would have to consider that everytime I buy a new phone or tablet, and try to sync it up with my Google account, correct? The only way I see out of this would be to make a new Google account and discard the old one :-/

How does one normally deal with this?

EDIT: Or is there possibly a way to delete all the data Google has backed up, and eliminate the risk like that?
 
You must log in or register to reply here.

Similar threads

E
Malware from SD card
Replies
12
Views
1K
General Help and How To
Windroid 2483
Windroid 2483
Z
Help understanding where files are
Replies
3
Views
614
General Help and How To
mustang7757
mustang7757
D
Phone battery drains when unknown device appears on WIFI
Replies
17
Views
955
General Help and How To
davidjuniorsaylor
D
C
  • Question
Question Cancelled Google Workspace account. What should I do on my Android phone?
Replies
0
Views
141
Ask a Question
Calab
C
d4005
Best migration strategy moving to a new phone?
Replies
8
Views
829
General Help and How To
notforhire
notforhire

Latest posts

Members online

Total: 2,325 (members: 19, guests: 2,306)

Trending Posts

Forum statistics

Threads
943,007
Messages
6,916,857
Members
3,158,771
Latest member
planeboy

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom