Menu
Is free
registration
home  /  the Internet    / Comp caught the virus what to do. How to distinguish a “healthy" application from a viral one? How to avoid virus infection of Android devices

Comp caught the virus what to do. How to distinguish a “healthy" application from a viral one? How to avoid virus infection of Android devices

Why did your mobile phone suddenly begin to behave differently than usual, or even “heal” it with its “life”? Perhaps because a malicious program has settled in it. Today, the number of viruses and trojans for Android is growing exponentially. Why? Yes, because cunning guys-virus writers know that smartphones and tablets are increasingly used by our fellow citizens as electronic wallets, and they are doing everything to transfer funds from the owners' accounts to their pocket. Let's talk about how to understand that a mobile device has caught an infection, how to remove a virus from Android and protect yourself from repeated infections.

Symptoms of a virus infection of an Android device

  • The gadget turns on longer than usual, slows down or suddenly reboots.
  • In the history of SMS and phone calls, there are outgoing messages and calls that you did not make.
  • Money is debited from your phone account.
  • An ad is displayed on the desktop or browser that is not associated with any application or site.
  • The programs themselves are installed, Wi-Fi, Bluetooth or the camera is turned on.
  • Access to e-wallets, a mobile bank was lost, or for unknown reasons, the amount on the accounts decreased.
  • Someone has taken over your account on social networks or instant messengers (if used on a mobile device).
  • The gadget is locked, and a message is displayed on the screen that you have violated something and must pay a fine or just transfer money to someone to unlock it.
  • Suddenly, applications stopped running, lost access to folders and files, blocked any functions of the device (for example, buttons are not pressed).
  • When programs start, messages pop up, such as "an error occurred in the com.android.systemUI application."
  • Unknown icons appeared in the application list, and unknown processes appeared in the task manager.
  • The anti-virus program informs you about the detection of malicious objects.
  • The antivirus program spontaneously deleted from the device or does not start.
  • The battery on your phone or tablet began to run out faster than ever.

Not all of these symptoms completely indicate a virus, but each is an occasion to immediately scan the device for infection.

The easiest way to remove a mobile virus

If the gadget remains operational, the easiest way is to remove the virus using the antivirus installed on Android. Run a full scan of the phone’s flash memory, if a malicious object is detected, select the “Delete” option, keeping the neutralized copy in quarantine (in case the antivirus has identified itself and accepted something safe for the virus).

Unfortunately, this method helps in about 30-40% of cases, since most malicious objects actively resist their removal. But there is a government on them. Next, we will consider options for action when:

  • the antivirus does not start, does not detect or remove the source of the problem;
  • the malware is restored after removal;
  • the device (or its individual functions) is locked.

Remove malware in safe mode

If you are unable to clean your phone or tablet in normal mode, try to do it in a safe way. The bulk of malware (not only mobile) does not show any activity in safe mode and does not prevent destruction.

To boot the device in safe mode, press the on / off button, set your finger to "Turn off the power" and hold it until the message "Switch to safe mode" appears. After that, click OK.

If you have an older version of Android - 4.0 and below, turn off the gadget in the usual way and turn it on again. When the Android logo appears on the screen, simultaneously press the volume up and down keys. Hold them until the machine boots completely.

In safe mode, scan the device with antivirus. If there is no antivirus, or for some reason it does not start, install (or reinstall) it from Google Play.

In this way, advertising viruses such as Android.Gmobi 1 and Android.Gmobi.3 (according to Dr. Web classification) are successfully removed, which download various programs to the phone (in order to increase the rating), and also display banners and ads on the desktop.

If you have superuser privileges (root) and you know exactly what caused the problem, start the file manager (for example, Root explorer), follow the path to this file and delete it. Most often, mobile viruses and trojans put their bodies (executable files with the extension .apk) into the system / app directory.

To return to normal mode, just reboot the device.

Removing mobile viruses through a computer

Removing viruses on the phone through the computer helps out when the mobile antivirus cannot do its job even in safe mode or the device’s functions are partially blocked.

Removing a virus from a tablet and a phone using a computer is also possible in two ways:

  • using an antivirus installed on a PC;
  • manually through the file manager for Android gadgets, for example, Android Commander.

We use antivirus on the computer

To check the files of the mobile device with the antivirus installed on the computer, connect the phone or tablet to the PC with a USB cable, choosing the method “Like a USB drive”.

Next, turn on the USB.

After that, in the “Computer” folder on the PC, 2 additional “disks” will appear - the internal memory of the phone and the SD card. To start scanning, open the context menu of each disk and click "Scan for viruses."

Remove malware via Android Commander

Android Commander is a program for exchanging files between a mobile android gadget and a PC. Starting on a computer, it gives the owner access to the memory of the tablet or phone, allows you to copy, move and delete any data.

For full access to all the contents of the android gadget, you must obtain root rights in advance and enable USB debugging. The latter is activated through the service application “Parameters” - “System” - “Developer Parameters”.

Next, connect the gadget to the PC as a USB drive and run with administrator privileges Android Commander. In it, unlike Windows Explorer, protected Android system files and directories are displayed in the same way as, for example, in Root Explorer, the file manager for root users.

The right half of the Android Commander window shows the directories of the mobile device. Locate the executable file of the application (with the extension .apk) that causes the problem, and delete it. Alternatively, copy the suspicious folders from the phone to the computer and scan each of them with antivirus.

What to do if the virus is not removed

If the above operations do not lead to anything, the malicious program still makes itself felt, and if the operating system ceases to function normally after cleaning, you will have to resort to one of the radical measures:

  • reset with factory default settings through the system menu;
  • hard reset via Recovery menu;
  • flashing the device.

Any of these methods will lead the device to the state as after the purchase - it will not have any user programs, personal settings, files or other information (data on SMS, calls, etc.). Your Google account will also be deleted. Therefore, if possible, transfer the phone book to the SIM card and copy paid applications and other valuable objects to external media. It is advisable to do this manually - without using special programs, so as not to accidentally copy the virus. Then proceed to the "treatment".

Restore factory settings through the system menu

This option is the easiest. It can be used when the functions of the operating system and the device itself are not blocked.

Go to the “Settings” application, open the “Personal” - “Backup” section and select “Reset with factory default settings”.

Hard reset via Recovery menu

A “hard” reset of the settings will help to cope with the malware if it is not deleted by any of the listed methods or blocked the login to the system. To our joy, access to the Recovery menu is preserved.

Logging into Recovery on different phones and tablets is done in its own way. On some, for this, you need to hold the “Volume +” key while turning on, on others - “Volume-“, on the third - press the special recessed button, etc. The exact information is contained in the instructions for the device.

In the Recovery menu, select the option “wipe data / factory reset” or just “factory reset”.

Flashing

Re-flashing is essentially a reinstallation of the Android OS, the same extreme measure as reinstalling Windows on a computer. They resort to it in exceptional cases, for example, when a certain Chinese virus is embedded directly in the firmware and has been living on the device since its "birth". One of these malware is the android spy 128 origin spyware.

To upgrade the phone or tablet, you will need root-rights, a distribution kit (firmware itself), an installation program, a computer with a USB cable or an SD card. Remember that for each model of the gadget its own, individual versions of firmware are released. Installation instructions are usually found with them.

How to avoid virus infection of Android devices

  • Install mobile applications only from trusted sources, refuse hacked programs.
  • Update the device as the system updates are released - in them developers close the vulnerabilities that use viruses and trojans.
  • Install mobile antivirus and keep it always on.
  • If the gadget serves as your wallet, do not let other people access the Internet from it or open unverified files on it.

Do you have a smartphone or tablet on an android on which the virus does not know how to remove it? This article has some simple tips. how to clean a virus from an Android phone or tablet.

Attention! In no case do you pay scammers if the virus has blocked the screen with a banner and requires unlocking to transfer money or to top up your phone number to unlock it. Even if you fulfill the requirements, they will not unlock your tablet or smartphone by any means and you will simply lose your money.

If your android caught a virus, then you can try to remove it from your device yourself and if you can’t succeed or you don’t understand Android devices at all or you are afraid to damage the device, then it is better to show it to a specialist who will clean it from the virus. If you are sure that there is a virus on your Android and noticed that money is missing somewhere from the account, then it is better to remove the SIM card so that all the money from the number is not debited.

Have you noticed that the phone or tablet is infected? try to download one of the antivirus programs for android and scan the device for viruses and, if detected, delete them. You can download an antivirus with a trial period of validity, that is, free for a certain time of use, for example, for a month, and if you do not like it, then you can delete it. You can choose a mobile antivirus by first reading the reviews on the Internet. You need to download antivirus for your phone from trusted sources, for example, Play Store, you can use the Internet through a Wi-Fi access point. You can, for certainty, install several antiviruses on the android in turn, but first uninstall the previously installed one, since two simultaneously installed antivirus applications can conflict with each other.

You can look at installed applications and remove those that are not known to you. If you can’t remove applications from the android, then in the "Device Administrators" you need to uncheck.

If the above did not help remove virus from android, then you can try to reset the settings in Android through the settings. Be sure to save the contacts from the phone and other important files before resetting. In most cases, a factory reset clears the virus.

On Android, a ransomware virus that locks the screen and requires money to unlock? In no case do this, do not transfer money to the specified account or phone number. You just lose money, and the screen remains locked. Fraudsters are now very cunning and know how to influence the user and on the locked screen they can display a message with threats from the security services or they can say that you watched the porn site and if you don’t send them the money, they will tell your loved ones from the phone book. If this happened and the screen blocked the virus, then try downloading the android in safe mode. In safe mode, only system applications and programs work.

It remains to add that scammers are finding more and more new ways and will improve viruses to rip money from users of android smartphones or tablets. Do not download applications from unknown or dubious sources. Do not accept or open multimedia messages and e-mails from strangers. If possible, install a normal antivirus.

You know more ways to get rid of the virus? Be sure to add and help advice to other Android users. Perhaps your review will be the most important in the fight against viruses!

  • I hope that the article helped you and you were able to clean the virus from your Android smartphone or tablet.
  • If you have any additions or useful tips, then you can add them below in the reviews.
  • A big request is to provide mutual assistance, help with useful tips and solutions to problems.
  • Thank you for your responsiveness, mutual assistance and useful tips !!!

No matter how users swear that the Android operating system is vulnerable to various viruses, the main cause of infection is the illiteracy of the person himself. How does a threat get into a phone or tablet? For example, a user wanted to download a broken version of a paid game. Such manipulation in 80% of cases threatens infection with the virus. Another common situation: a message arrives on any social network with a link. Few would resist the temptation to follow it. At this stage, the threat penetrates directly into the phone. We will talk about what to do and how to protect ourselves from such a situation in this article.

Fakes

Often, the virus on Android can hide under completely harmless applications: browsers, navigators, games, players, books and, most interestingly, antiviruses.

There are two types of threats. One of them is called "fake." It got its name not by chance. Such a component may look like a well-known application, but inside it has malicious code. A similar program (viruses on Android can be disguised as your favorite VKontakte, Odnoklassniki, and so on) when it starts, it starts to act actively.

"Trojan horse"

The second type of threat has received a generalized name - “Trojan horse”. Such viruses are more harmful, they are difficult to calculate, respectively, it is almost impossible to remove if the user is a novice. They are embedded in any frequently launched application on the phone or tablet, changing its source code.

We'll talk about ways to remove such threats below, but you need to know that most of them are located in the Downloads folder.

Than

The virus on Android can perform many actions. Consider the most popular below.


How to distinguish a “healthy" application from a viral one?

The vast majority of viruses that are quickly and easily installed on devices are written by unprofessional programmers. They are necessary for easy money making. That is why calculating such threats is quite simple - just look at the list of permissions of the installed application. As soon as this virus appears on Android (on a phone or tablet) and the consumer activates it in the system, it will immediately start sending messages to paid numbers or calling them.

Not all applications work this way. However, these are the most common and, by the way, easily eliminated.

What to look for when installing applications from third-party resources? The first call is if the program makes obscure requests about:

  • access to the camera - it means that the developer wanted to shoot something;
  • access to memory and Internet connection - files from the phone are needed;
  • administrator rights - needed in order to advertise.

The quality virus on Android is more difficult to identify. But you need to be wary if the application is downloaded from an incomprehensible resource and asks for the right to perform paid functions - such software is 99% virus.

How if there is access to the menu?

Public and one of the easiest ways to get rid of viruses is described in this section. If the consumer understands that a threat has “settled” in his phone or tablet, it’s worth taking action:

  1. To get started, you must immediately remove the SIM card. This step will help protect the owner’s account from unpredictable expenses.
  2. After that, you should download any antivirus via Wi-Fi. It is impossible to recommend something special, since most of the well-known defenders are updated every time, so they are all highly effective. The most popular are Doctor Web, Kaspersky.
  3. You must run a detailed scan and remove all existing threats.
  4. After the entire procedure, you should eliminate the antivirus.
  5. You need to download a second antivirus. The first one needs to be deleted for the reason that sometimes two similar applications cannot work simultaneously on the same device.
  6. After checking the device and removing all suspicious programs, it is necessary to disable access to administrator rights for all installed software. If suddenly one of the programs does not allow to do this (which already makes you think), you need to load the device in safe mode and perform this manipulation from it.
  7. After that, you need to go into the installed applications and remove from the device those that are not familiar to the owner.
  8. The last step is to reboot the device.

For those who did not help the above method, you can recommend resetting to factory settings. This usually erases all viruses that have been installed. But this option will not be useful for components embedded in the system itself. So, the easiest way to remove the virus from the Android phone has already been described in detail and will help most consumers. If, nevertheless, it did not work out on your own, one thing remains - to contact a service center.

How to eliminate a virus from a phone or tablet if there is no access to the menu?

As a rule, there is no access to the menu if the screen is “captured” by a banner requiring to replenish the account of a phone number or bank card. What to do in this situation?

Attention! In no case do you need to transfer money to the specified details. Fraudsters do not unlock the phone.

  1. The first thing to do is remove the SIM card from the device. Otherwise, the virus can empty it in a short time.
  2. You should boot the phone in safe mode. No need to worry: the banner will not appear in this case, since only the basic applications necessary for the functioning of the operating system will work.
  3. You should go to the menu and disable administrator rights for all programs.
  4. Uninstall unknown applications.
  5. Next, reboot the device.

If that doesn’t help, a standard reset method would be a smart solution.

Firmware change

The question of how to remove the virus from the "Android", which is deeply "embedded" in the firmware, is of interest to many people. Let's consider some effective ways.

It is immediately necessary to say that a banal reset will not help. Such viruses are embedded in the operating system and receive root rights, which (by standard) are not even available to the user.

The most effective and perhaps the easiest solution for experienced owners is to change the firmware. If you care about the safety of all the files that are on the device, then you can always make a "backup". However, some devices have a similar function in the public domain, while others require administrator rights for this. Firmware is best downloaded from the official resource. If you want, you can install any other, not necessarily the one that is factory. Just use the search engine and find the right version for your phone.

Any user of the global network is familiar with the term Internet viruses. And even a schoolboy understands the variety of such applications: offers or its components, incomprehensible toolbars, the same pop-up ads, no matter which site they visit. A lot of questions immediately appear, like: “Where did it come from?”, “Why didn't the antivirus respond?”. A common and, in most cases, the only way to penetrate such malicious software is through an Internet browser. Attackers are well acquainted with the holes in its security, in problems with the security of common browser plug-ins and, perhaps, the credulity of users. In the article, we will consider effective methods to catch a virus in a computer through a browser.

Viruses can get into the computer in different ways, you should pay attention to all the suspicious moments of the browser

Social engineering

Social engineering is the art of intercepting control of human behavior without applying the achievements of the technocratic world. This science is used in order to obtain the necessary information from people and to perform certain actions by them. Social engineering is gaining popularity in light of the increasing role of social networks, instant messengers and email in society. Cybercriminals and hackers who have mastered the basics of this exercise know in what form and what information to provide the user so that he is most likely to miss the virus program on the computer.

Methods for infecting a user's PC through a browser: false links and more

Many sites are tailored for search queries, for example, download content for free and at high speed. Once on a page that is in the first search results, the user will see a large number of links. They lead to the download of viruses, often with the name of the desired content, but with the extension “exe”. Where is the link to download the desired file - it is very difficult to determine, even if one of them is not malicious.

   False links one of the most common ways to get a virus

Multiple Malicious Links

Similar to the previous method, a beautiful window appears on the site offering to install additional software, such as agents for social networks, Amigo program, Mail.ru defender, toolbars. In this case, try to ignore such offers or leave this site.

False PC infection messages

In order not to catch the virus in the browser window, try to ignore the pop-up alerts that the anti-virus scanner has detected malware on the computer. Naturally, no antivirus built into the site searched for threats on your computer. The suggestion to fix the problem hides a link to download spam, a trojan, or a keyboard interceptor.

Messages about Obsolete Internet Browser Components

Pop-ups with captions: "attention to your browser is out of date", "refresh flash", etc. also ignore. After all, a click on such a window will lead to the download of the virus.

If you want to make sure of this without jeopardizing your system, update your browser by downloading the new version from the official site, install it and visit the site again - the message with the offer will not go anywhere. The same applies to windows with information about obsolete plug-ins and other system components.

   Be careful if your browser warns of an outdated version; often this method infects a virus

What to do if the browser is really outdated, you know - go to its official page on the Internet and download a new edition or download the update through the program menu.

Internet Browser Security Issues

The program is the result of the work of a person or group of people, but does not represent the ideal product. Hackers and Internet fraudsters instantly get acquainted with flaws in the application code and use these flaws, and sometimes serious security holes, to infect and / or hack the computers of future victims. In this case, there is no ideal solution, but following the advice minimizes the risk of infection.

  • Use only the latest software revisions. Updating an outdated browser for free and without disastrous consequences for the user is possible only on the official resource.
  • Be sure to install an antivirus program with an integrated firewall or antivirus and, separately from it, a trustworthy firewall.
  • Avoid pop-up advertising windows on unfamiliar sites and do not run executable files downloaded from such resources without checking them with antivirus software.

WATCH THE VIDEO

Deficiencies in add-on code for browsers

Plugins, like other software, are the result of people’s activities and have numerous flaws, which the user can’t remove by himself. Regular updating of plugins (for this, do not turn off the automatic check and download function) minimizes the possibility of infecting the computer using shortcomings in the source code. It is also recommended that you turn off rarely used add-ons when they are not needed, and delete completely unused add-ons.

Now you know how to catch the virus.