How to Remove Malware from Your Android Phone [Guide]

Has your Android phone started acting strangely lately? Unexplained sluggishness, constant pop-up ads, unusual spikes in data usage, changes to your browser settings, or random crashing apps could all be signs your device has been infected with malware.

Android malware comes in many forms – spyware that tracks your activity, adware that bombards you with pop-ups, sneaky viruses that can steal your personal information, and more. Left unchecked, malware can disrupt and degrade your phone’s performance while compromising your privacy and security.

The good news is that with the right tools and techniques, you can scan your Android device for malware, identify any malicious apps or files, and thoroughly remove any infections to restore performance and security.

This comprehensive malware removal guide provides easy step-by-step instructions that anyone can follow to rid their Android smartphone or tablet of any lurking viruses, spyware, adware, or other malicious programs.

We’ll cover how to spot the warning signs of an infected device, run security scans using reputable antivirus apps to detect malware, identify any suspicious apps or files, safely uninstall infected software, stop malicious processes, and implement security measures to prevent future malware attacks. With these simple DIY solutions, you can clean up malware on your Android device and reclaim peak performance.

Android and Malware 

The open and customizable nature of the Android operating system that makes it so popular also makes it an attractive target for cybercriminals looking to spread malware. Here’s what every Android user needs to understand about the malware landscape:

• Malware targeting Android devices has been steadily rising, with millions of new malware samples discovered each year. The most common types include spyware, adware, ransomware, and banking trojans.
• While Google does screen apps on the Play Store, some malware still manages to get through and infect users. Third-party app stores pose even higher risks.
• “Trojanized” apps disguise malware within useful features. Gaming, personalization, and entertainment apps are common targets.
• Malicious links, files, and network activity can infect Android devices with malware without any user action needed. Phishing is a common tactic.
• Signs of infection include reduced performance, mysterious data usage spikes, disruptive ads, pop-ups, and other irregular device behavior.
• Resetting to factory settings can’t remove pre-installed malware in system files or firmware in some cases.
• Running reputable antivirus apps, avoiding sideloading, scrutinizing permissions, and sticking to the Play Store reduce infection risks.
• Backing up data and being prepared to fully wipe your device is important if infections are severe.

Staying vigilant about malware threats and following best practices will help secure your Android phone or tablet from cybercriminal control and activities.

Can my Android phone get infected with malware?

Android malware is unfortunately a very real threat that all smartphone users need to be aware of. Cybercriminals are constantly developing malicious apps designed to infiltrate Android devices and steal personal information, display unwanted ads, sign users up for expensive subscriptions, and even take control of the device.

While Google does have security measures in place to screen apps before they are published on the Play Store, malicious apps do sometimes slip through the cracks. Apps designed for personalization, gaming, and entertainment tend to be common targets for hackers to compromise. Outside of the Play Store, Android users may unknowingly download infected apps from third-party stores or suspicious websites. Pirated and cracked apps in particular very often contain malware payloads.

Once installed on a device, infected apps can access and transmit sensitive data like banking credentials, contacts lists, location history, and more back to the cybercriminal. Some of the most common actions an infected Android app will carry out include:

• Stealing financial information and login credentials for banking and other services
• Signing the user up for expensive premium texting services
• Activating the device’s mic to record conversations
• Downloading additional malware payloads
• Displaying intrusive pop-up ads across the system interface
• Changing browser settings like the homepage and default search engine
• Tracking and transmitting the device’s location data
• Crashing apps and deteriorating overall system performance

Telltale signs your Android device may be compromised include suddenly draining battery, spikes in data usage, sluggish performance, and apps freezing or force closing. To avoid falling victim to malware, be vigilant about only downloading apps from trustworthy sources like the Play Store, reading reviews and ratings, researching unfamiliar developers, and watching out for apps that ask for unnecessary permissions. Keeping your device updated and using trusted antivirus software can also help keep malware at bay.

How did my phone get infected with malware?

There are a few common ways that malware finds its way onto Android devices unknowingly. While cybercriminals are constantly coming up with new tactics, most malware infections on Android can be traced back to the user installing a malicious app, often without realizing it.

One popular method is disguising malware as a useful or entertaining app and publishing it on the Google Play Store. While Google has screening measures, sometimes these “trojan horse” apps manage to bypass detection. Malicious apps may also get installed from third-party app stores outside of the Play Store that have looser security standards. Another common trick is hiding malware inside “cracked” or pirated versions of premium apps from unofficial sources.

Social engineering is another prime malware tactic – where cybercriminals psychologically manipulate users into installing malware under false pretenses. This can include phishing emails with infected file attachments, malicious links sent via SMS/text messaging that download malware when clicked, misleading pop-up ads and notifications that trick users into downloading fake apps or tools, and more.

Spyware and other malware code can also sometimes be bundled into the firmware or pre-installed apps that come standard on some Android devices, especially cheaper models and those from lesser-known manufacturers.

No matter the infection method, the key thing to remember is that Android malware fundamentally relies on users unknowingly installing malicious apps themselves. The best protection is staying vigilant – only downloading apps from trustworthy sources like the Play Store, reading reviews and permissions, avoiding “cracked” or pirated apps, scrutinizing links and attachments before clicking, and watching out for phishing attempts. Running reputable antivirus software on your Android device provides another layer of defense.

To remove malicious apps and check your phone for other malware, please use the free malware removal guide below.

How To Remove ALL Viruses From Android

This malware removal guide may appear overwhelming due to the number of steps and numerous programs that are being used. We have only written it this way to provide clear, detailed, and easy-to-understand instructions that anyone can use to remove malware for free.
Please perform all the steps in the correct order. If you have any questions or doubts at any point, stop and ask for our assistance.

• STEP 1: Start Android in Safe Mode
• STEP 2: Remove malicious device admin apps
• STEP 3: Uninstall malicious apps
• STEP 4: Reset browsers back to default settings
• STEP 5: Use Malwarebytes for Android to remove malicious apps

STEP 1: Start Android in Safe Mode

In this first step, we will start your phone in Safe Mode to prevent malicious apps to interfere with the next steps. We’re using Safe mode because it starts Android in a basic state, with only the factory apps and settings.

1. Long press the power button.

   Long press the hardware power button (located on the side of your phone) until the power off menu appears.

2. Tap and hold on “Power off”.

   When the power off menu appears, tap and hold on the “Power off” button on your screen until you get the “Safe mode” option.
   

3. Tap on “Safe Mode”.

   When the “Safe mode” option appears on your screen, tap on it to enter safe mode.
   

4. Your phone is in Safe Mode.

   Your Android phone will now restart and enter into safe mode. When your phone is in safe mode, you’ll see the “Safe Mode” text at the bottom left corner of your phone. You can now continue with the next step.
   
   If you can’t find a safe mode on your phone, activate Airplane mode instead, to cut your device off from any networks.

STEP 2: Remove malicious device admin

In this second step, we will check the phone to see if there are any malicious apps with administrator privileges installed on your phone.

The administrator privileges are used by apps to perform legitimate tasks such as device management or for antivirus apps to do a remote wipe. Unfortunately, these elevated privileges are also being used by malicious apps to prevent victims from removing the malicious app from their phone.

1. Open the “Settings” menu.

   Tap on the “Settings” app from your phone menu or home screen.
   

2. Go to “Device admin apps”.

   When the “Settings” menu opens, if you’re using a newer version of Android or a Samsung phone, tap on “Biometrics and Security“, then tap on “Other Security Settings” and then on “Device admin apps“.

   However, because there are phones with different versions of Android the “Device admins apps” settings may be in a different menu, so below we’ve listed other common ways to reach the “Device admin apps” options:

   • Security > Device admin apps
   • Security & privacy > Device admin apps
   • Security > Device Administrators
   • Lock Screen and Security > Other Security Settings > Phone Administrators.

   If you’re having trouble finding the “Device admin apps” settings, you can use your phone’s built-in search function to search through the Settings.

3. Disable administrator privileges for the malicious app.

   Once you’ve accessed the list of device admin apps, disable admin rights by tapping the option to the right of the app. This will remove the checkmark or toggle the button to the off position. Now you can delete the app normally as seen in the below step. On some phones, you can tap the app right there in the admin apps list and then use the Uninstall app link to remove it immediately.

   
   If there is no malicious app with administrator privileges on your phone, then you can continue with the next step from this guide.

STEP 3: Uninstall the malicious apps

In this third step, while the phone is still in Safe Mode, we will check if any malicious apps are installed on your device. Sometimes browser hijackers or adware apps can have usable Uninstall entries that can be used to remove these apps.

1. Open the “Settings” menu.

   Tap on the “Settings” app from your phone menu or home screen.
   

2. Tap on “Apps”.

   When the “Settings” menu opens, tap on “Apps” (or “App Manager”) to see all the installed applications on your phone.
   

3. Find the malicious app.

   The “Apps” screen will be displayed with a list of all the applications that are installed on your phone. Scroll through the list until you find the malicious app.
   Look out for any suspicious app that could be behind all the drama – anything you don’t remember downloading or that doesn’t sound like a genuine program. Most often, cyber criminals hide malware inside video or photo editing apps, weather apps, and camera apps.

   Here are some known malicious apps: ES File Explorer, Xender, Amber Weather Widget, GO Weather Forecast & Widgets, Kitty Play, Touchpal, Z Camera.

   The malicious program will most likely have a different name on your phone. If you cannot find any malicious app on your device, you can exit “Safe mode” (as seen below) and continue with the next step from this guide.

   

4. Uninstall the malicious app

   When you find a suspicious or malicious app, tap on it to uninstall it. This won’t start the app but will open up the app details screen. If the app is currently running press the “Force stop” button, then tap on “Uninstall”.
   

   A confirmation dialog should be displayed to confirm you want to uninstall the app, tap on “OK” to remove the malicious app from your phone.

   

5. Exit “Safe mode”.

   Now that we’ve removed the malicious apps from your phone, we can exit “Safe mode”. To do this, hold the power button on your device until you get the power off menu, then select the restart option from the menu.

   

   Your phone will now be rebooted and exit from the safe mode and boot into the normal mode.

STEP 4: Reset browsers back to default settings

In this next step, we will remove spam notifications, redirects, and change to default any settings that might have been changed by malware.

Resetting the browser settings to their default it’s an easy task on Windows or Mac computers; however, when it comes to Android, this can’t be done directly because it’s not an option built-in into the browser settings. Restoring the browser settings on Android can be done by clearing the application data. This will remove all the cookies, cache, and other site settings that may have been saved. So let’s see how we can restore your browser to its factory settings.

STEP 5: Use Malwarebytes for Android to remove malicious apps

In this final step, we will download, install and run a scan with Malwarebytes for Android to remove adware, browser hijackers, and other malware from your phone.

Malwarebytes for Android automatically detects and removes dangerous threats like malware and ransomware so you don’t have to worry about your most-used device being compromised. Aggressive detection of adware and potentially unwanted programs keeps your Android phone or tablet running smooth.

1. Download Malwarebytes for Android.

   You can download Malwarebytes for Android by clicking the link below.

   

   MALWAREBYTES FOR ANDROID DOWNLOAD LINK
   (The above link will open a new page from where you can download Malwarebytes for Android)

2. Install Malwarebytes for Android on your phone.

   In the Google Play Store, tap “Install” to install Malwarebytes for Android on your device.

   

   When the installation process has finished, tap “Open” to begin using Malwarebytes for Android. You can also open Malwarebytes by tapping on its icon in your phone menu or home screen.
   

3. Follow the on-screen prompts to complete the setup process

   When Malwarebytes will open, you will see the Malwarebytes Setup Wizard which will guide you through a series of permissions and other setup options.
   This is the first of two screens that explain the difference between the Premium and Free versions. Swipe this screen to continue.
   
   Tap on “Got it” to proceed to the next step.
   
   Malwarebytes for Android will now ask for a set of permissions that are required to scan your device and protect it from malware. Tap on “Give permission” to continue.
   
   Tap on “Allow” to permit Malwarebytes to access the files on your phone.
   

4. Update database and run a scan with Malwarebytes for Android

   You will now be prompted to update the Malwarebytes database and run a full system scan.

   

   Click on “Update database” to update the Malwarebytes for Android definitions to the latest version, then click on “Run full scan” to perform a system scan.

   

5. Wait for the Malwarebytes scan to complete.

   Malwarebytes will now start scanning your phone for adware and other malicious apps. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
   

6. Click on “Remove Selected”.

   When the scan has been completed, you will be presented with a screen showing the malware infections that Malwarebytes for Android has detected. To remove the malicious apps that Malwarebytes has found, tap on the “Remove Selected” button.
   

7. Restart your phone.

   Malwarebytes for Android will now remove all the malicious apps that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your device.

Your phone should now be free of browser hijackers, adware, and other malicious apps.

If your current antivirus allowed a malicious app on your phone, you may want to consider purchasing the full-featured version of Malwarebytes to protect against these types of threats in the future.
If you are still having problems with your phone after completing these instructions, then please follow one of the steps:

• Restore your phone to factory settings by going to Settings > General management > Reset > Factory data reset.
• Ask for help in our Mobile Malware Removal Help & Support forum.