How To Remove Adware, Pop-up Ads & Malware from Android (Guide)

The number of Android apps infected with malware in Google’s Play store nearly quadrupled in the last years. Make no mistake about it, there is such a thing as Android malware, cyber criminals create malware-spreading apps in devious attempts to steal personal details and advertisers use it as a marketing channel by bundling pushy ads with apps. In the first case, the users’ mobile security is clearly compromised. In the second one, the ad-app bundle is seldom mentioned, so users who download it unknowingly face a mobile privacy threat.

[Image: Android pop-up virus]

Can my Android phone get a “virus”?

So what about malware? Should we be worried? The key thing to remember about malware on Android is that you have to actually install the malicious app. Malware writers will use increasingly clever techniques to try and trick you into doing just that.
As malware writers try to earn money for their bad deeds, they continually look for new ways to get their malicious software installed on your devices. The best recommendation is still to think twice before installing untrusted software or clicking on strange-looking links.

Apps designed to personalize people’s Android-based phones are most susceptible to be compromised, as well as entertainment and gaming apps. Some of the most malicious apps in the Google Play store downloaded since 2012 were Wallpaper Dragon Ball, a wallpaper app, and the games Finger Hockey and Subway Surfers Free Tips.
Both Wallpaper Dragon Ball and Finger Hockey, have malware that steals confidential information such as device IDs from infected devices. Subway Surfers Free Tips, meanwhile, uses a Trojan called Air Push to bypass a device’s security settings and subscribe infected phones to premium services

When downloading apps it’s imperative that you only do so from a legitimate app store; that means from companies like Google Playstore, Amazon, Samsung, or another major manufacturer or carrier.
These marketplaces are monitored and scanned for potentially dangerous or fraudulent programs. On occasion, however, malicious apps sometimes slip through the cracks, often disguised as legitimate ones. A fake BBM app recently appeared in the Google Play store and managed to secure more than 100,000 downloads before being removed. The app itself was nothing more than a spamming service.

Pirated or cracked apps are another way that cybercriminals use to infected Android phone with malware. They get legitimate Android application package (APK) file and binding it with a malicious program is a relatively simple process to infect the Android phones. Most pirated or cracked apps usually contain some form of malware so we advise you not to install such apps.

What can an Android malicious app do?

The vast majority of malware on Android is focused on stealing your information, which is obviously a major concern. Perhaps the worst case scenario at the moment is malware that sends SMS messages to premium rate numbers.

Android Premium SMS virus

Unfortunately, as we mentioned before, malware writers are employing ever more sophisticated techniques to fool you. There are apps that clone legitimate apps to fool you into downloading them and apps that are malware free when you first install them, but download malware through the update system.

As a way to make revenue, advertising companies are getting more and more aggressive by including functionality in their apps to display ads in the notification bar, adding bookmarks, or creating search engine shortcuts to the home screen. These advertising apps can also send off personal data pertaining to your device or account and will often require more permissions to access functionality of your device than the free app you downloaded requires.

Android malware

The most common Android malicious apps will do at least one of the following:

  • Collect and send GPS coordinates, contact lists, e-mail addresses etc. to third parties
  • Send SMSs to premium-rate numbers
  • Subscribe infected phones to premium services
  • Record phone conversations and send them to attackers
  • Take control over the infected phone
  • Download other malware onto infected phones
  • “Push notifications ads” delivering alerts to a phone’s notification bar – when the user swipes to pull down the notification bar from the top of the screen, an ad shows up under Notifications.
  • “Icon ads” inserted onto a phone’s start screen – when the user touches the icon, it usually launches a search engine or a web service.

How to remove malware from Android devices (Removal Guide)

This page is a comprehensive guide which will remove redirect and pop-up ads from your Android device. Please perform all the steps in the correct order. If you have any questions or doubt at any point, STOP and ask for our assistance.

To remove Pop-up Ads, Redirects or Virus from Android Phone, follow these steps:

If your Android smart phone is locked, and you are seeing an “ATTENTION! Your phone has been blocked up for safety reasons” notification from a law enforcement agency (FBI, Australian Federal Police, Metropolitan Police, U.S. Department of Justice) asking you to pay a fine, then you will need to follow our Remove Police or FBI virus from Android phone (Removal Guide).

STEP 1: Uninstall the malicious apps from Android

Android phone will get infected with viruses from a malicious app that is installed on the smartphones. In this first step, we will try to identify and uninstall any malicious app that might be installed on your Android phone.

  1. Open your device’s “Settings” app, then click on “Apps”

    To uninstall the malicious app from your Android device, go to the Settings menu, then click on Apps or Application manager (this may differ depending on your device).
    [Image: Go to Settings and select Apps]

  2. Find the malicious app and uninstall it.

    The “Apps” screen will be displayed with a list of all the apps installed on your device. Scroll through the list until you find the malicious app.

    In our case the malicious app is “BaDoink” however this will most likely be different in your case. These are some known malicious apps: BaDoink, Porn-player, Browser update 1.0, Flash Player, Porn Droid or System Update.

    Other apps which are not malicious, however are known to display unwanted ads are: Peel Smart Remote, ES File Explorer, Xender, Amber Weather Widget, GO Weather Forecast & Widgets, Kitty Play, Touchpal, Z Camera.

    If you see any of the above apps, you should uninstall them.

    If you cannot find the malicious app, we advise you to uninstall all the recently installed applications.

    [Image: Search for the malicious app that is locking your Android phone]

  3. Click on “Uninstall”

    Tap on the app you’d like to uninstall.This won’t start the app, but will open up the program’s App Info screen. If the app is currently running press the Force stop button. Next we will clear the cache and data, and we will uninstall the unwanted app.

    1. First tap on the Clear cache button to remove the cache.
    2. Next, tap on the  Clear data button to remove the app data from your Android phone.
    3. And finally tap on the Uninstall button to remove the malicious app.

    [Image: Touch the app you’d like to uninstall]

    If the Uninstall button is grayed out (this may happen if your phone is infected with the Android Screen Locker malware) then go to:
    1. Settings > Security > Device administrators.
    2. Tap the app that you cannot uninstall.
    3. Choose “Deactivate” > “OK” and immediately shutdown your device.
    4. Start your device again and then uninstall the malicious app.
  4. Click on “OK”.

    A confirmation dialog should be displayed for the malicious app, click on “OK” to remove the malicious app from your Android phone.
    [Image: Remove malicious app from Android phone]

  5. Restart your phone.

    Restart your Android device to complete the removal process.

STEP 2: Use Malwarebytes for Android to remove adware and unwanted apps

Malwarebytes is one of the most popular and most used anti-malware app, and for good reasons. It is able to destroy many types of malware that other software tends to miss, without costing you absolutely nothing. When it comes to cleaning up an infected device, Malwarebytes has always been free and we recommend it as an essential tool in the fight against malware.

The first time you install Malwarebytes, you’re given a free 30-day trial of the premium edition, which includes preventative tools like real-time scanning and anti-theft features. After 30 days, it automatically reverts to the basic free version that will detect and clean up malware infections only when you run a scan.

  1. Download Malwarebytes.

    You can download Malwarebytes by clicking the link below.

    (The above link open a the Google Play Store from where you can download Malwarebytes)
  2. Install Malwarebytes on your device

    In the Google Play Store, tap “Install” to install Malwarebytes on your device.

    Malwarebytes for Android - Google Play App

    When the installation process has finished, tap “Open” to begin using Malwarebytes for Android.
    Malwarebytes for Android - Open App

  3. Follow the on-screen prompts to complete the setup process

    When the Malwarebytes will open, you will see the Malwarebytes Setup Wizard which will guide you through the Malwarebytes for Android takes you through a series of permissions and other setup options.
    This is the first of two screens which explains the difference between the Premium and Free version. Swipe this screen to continue.

    Click on “Got it” to proceed to the next step.

    Malwarebytes for Android will now ask  for a set of permissions which are required to scan your device and protect it from malware. Tap on “Give permission” to continue.

    Tap on “Allow” to give permission to Malwarebytes to access the files on your device.
    Malwarebytes for Android - Setup Wizard 5

  4. Update database and run a scan with Malwarebytes

    You will now be prompted to update the database and run a full system scan.

    Malwarebytes for Android - Fix Issues

    Click on “Update database” to update the Malwarebytes anti-malware definitions to the latest version, then click on “Run full scan” to perform a system scan.

    Update databsased then Run a full scan with Malwarebytes

  5. Wait for the Malwarebytes scan to complete.

    Malwarebytes will now start scanning your devices for adware and other malicious app. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
    Malwarebytes for Android - Scanning for Malware

    Malwarebytes for Android - Scanning for Malware 2

  6. Click on “Remove Selected”.

    When the scan has completed, you will be presented with a screen showing the malware infections that Malwarebytes has detected. To remove the malicious apps that Malwarebytes has found, click on the “Remove Selected” button.
    Malwarebytes for Android - Removing Malware

  7. Restart your devie.

    Malwarebytes will now remove all the malicious apps that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your device.
    When the malware removal process is complete, you can close Malwarebytes and continue with the rest of the instructions.

STEP 3: Clean-up the junk files from Android with Ccleaner

In this step we will clean the cache of your device with the Ccleaner application. CCleaner is a free app, which will help us clean up your device from junk files.

  1. Download Ccleaner.

    You can download Ccleaner by clicking the link below.

    (The above link will open a new page from where you can download Ccleaner)
  2. Install Ccleaner on your device

    Click on the “Install” button, and when the app permissions will be displayed click on “Accept” to install Ccleaner on your device.
    Install the Ccleaner app
    Ccleaner will be installed on your phone, this will only take a few seconds. When Ccleaner has finished installing, open the app

  3. Click on “Analyze”

    To perform a system scan with Ccleaner, click on the “ANALYZE” button .
    Ccleaner Analyze button

  4. Clean your device from junk files

    Ccleaner will now start scanning your device for junk files. The scan may take a few minutes depending on how many apps you have installed.
    When analysis is completed, tap to mark the check-boxes next to “History” & “Cache”. You may also want check any other application that your want to delete its cached content.

    Ccleaner remove junk files

    Tap on the “CLEAN” button remove all the junk files from your Android device.

(OPTIONAL) STEP 4: Reset your router to the factory settings

This step is optional, and is recommended only if you suspect that you router might be infected with malware.

In recent attacks, cyber criminals are infecting the router to redirect the Android devices to different websites. Resetting the router to the default settings may remove the malicious redirects, however you will need to reconfigure all the settings.

When you reset your router the following settings are changed:

  • Router username and password
  • Wi-Fi username and password
  • ISP username and password
  • Any port-forwards you have set up
  • Any firewall settings you have made
  • Basically, any configuration changes that you have made to your router.
As you can probably tell from the list above, resetting your router is serious business. Proceed with caution.
If you do not know how to configure a router, you should not perform this step.
  1. Press the “Reset” button for 30 seconds

    To reset your router find the tiny reset button usually located at the back of the router. While the router is on, use a pin or the end of a paper clip to press and hold the reset button. You will need to hold if for about 30 seconds.

  2. Reconfigure your router settings

    Reconfigure all the settings of your router (example: ISP username and password, Router username and password)

Your Android device should now be malware free.
If you are still experiencing problems while trying to remove malware from your Android device, please do one of the following: