A Closer Look At Practical Virus Removal For Android
Google Android is a widely used operating system for mobile devices, in fact, it has even surpassed Microsoft Windows as the most used operating system across all computing devices. What comes with a huge market share is greater opportunities for everyone, as many users gained the flexibility of the openness of the Android platform, while cybercriminals can take advantage of the same market share to ‘monetize’ Android at the expense of its legitimate users.
A platform with near monopoly as Android becomes a heavy target of malware, phishing attacks, data mining activities, and other ‘money making’ schemes. As with the experience of Microsoft with Windows, even with many options for an antivirus program – it still remains a heavy target of virus authors and online scammers.
What is the difference between a Windows app from an Android App?
Under Windows, an antivirus app can be successful given the architecture allows system apps to gain administrative privilege without trouble. Windows is developed with the mindset that a user will one way or another shall install an antivirus application, hence the APIs (Application Programming Interface) provided the necessary function for antivirus to operate unhindered by any Windows systems process. To remove malware from a Windows system requires, system-level administrative privileges, that the antivirus program gains when it gets installed in the PC.
Android is a different beast altogether, the apps running on the platform have limited permission to gain by default, as no Android device is ‘rooted’ fresh from the factory. A rooted device is the counterpart of system administrator privilege in Windows, under this privilege all the low-level access and under-the-hood settings can be changed by an app. No Android antivirus can claim as the ‘best antivirus for Android’ since the Android architecture itself prevents apps from gaining root access (besides only advanced Android users have the knowledge, let alone the courage to root their devices). Android since day 1 uses the principle of ‘permissions’ in order to granularly control what an app can do to the hardware. With Android 6.0 Marshmallow released in 2015, the permission system was upgraded to empower the user to grant or remove permissions individually while keeping the app to just gradually degrade functionality, if the user chooses to block needed permission.
With that in mind, what is the best mobile antivirus, more specifically, what is the best antivirus for Android?
The answer is neither Yes or No, as highlighted above, Android apps are not as privileged as Windows apps. The former cannot receive root permissions unless the user went out of his way to root the device first. Hence, the capability of removing malware from the phone using an Android antivirus is severely diminished. Android apps are considered as ‘sandboxed’ from one another, which considerably disables the possibility of them automatically removing another app on their own (the primary function of disinfection seen in a Windows antimalware software). Virus removal for Android can only be typically done by the user, as the Android antivirus can only ‘suggest’ to the user that AppX and AppY contains an embedded virus, hence the ‘user should uninstall these apps’.
As an end-user, how can you perform a virus removal for Android?
There are two ways, first is the manual method:
- Boot the device in Safe Mode, a minimalistic boot option that does not automatically load startup apps.
- Once Android loads uninstall the offending app that contains the malware.
Each individual Android device can be booted into Safe Mode in different ways depending on the make and model of the device. The best way to determine what particular buttons to simultaneously press in order to load Safe Mode is to search your particular device in xda-developers.com forum. Most of the Android device in existence has a special subforum or thread in xda-developers.com discussing its features and procedures in connection with the device, including on how to boot a particular device under Safe Mode.
The second way to perform virus removal for Android is to let Google deal with the problem. Yes, the search giant recognizes that Android having a supermajority market share as a mobile operating system needs an antivirus program and an effective one at that. No other entity in the Android space more knowledgeable of making the best mobile antivirus for Android other than Google.
The company calls it Google Play Protect, and it is automatically installed on all Android devices compliant with the Google Play Store. As with the Play Store itself, Google Play Protect service has access to system-level privileges which no other antivirus for the platform can achieve. The tight integration of Google Play Protect enabled Google to remotely scan 50 million apps per day, without the user even the user realizing that their infected device is being cleaned from malware. Google Play Protect service runs in a small background stub in order to block installation of malicious apps even if it came from sources outside of the Play Store. If there is an antivirus for the mobile platform which can be casually considered as the best antivirus for Android, it is Google Play Protect. Google knows how Android works under-the-hood, only the search giant can produce a hassle-free virus removal tool for Android without causing data corruption and other issues on the device.
As an end-user, how can I keep my Android device secure and in working order?
Cybercriminals and virus authors are genuinely motivated by profit, and user data is synonymous to money in the field of data mining. They are after our data and no other device on the planet as close to being a ‘personal computer’ than our mobile devices. As such, we should practice a few habits of keeping our Android devices secure. Virus removal for Android is for Google Play Protect to perform, but it is much better not to be infected in the first place. Here in Hackercombat.com, we offer the following simple tips:
- Do not immediately attribute to malware if an app is misbehaving. It could be that it is just buggy or the app is already bloated due to a huge cache build-up over a period. Try clearing the app’s cache by navigating to Settings>Apps>name_of_the_app>Storage>Clear Cache button. This will delete the app cache and resets the app; it will then behave the way the developer intended it to be due to the default settings when the cache is cleared.
- Check the app permissions under Settings>Apps and deny permissions based-on practical sense. For example, no legitimate Android game needs access to SMS permission, while a genuine flashlight app does not need camera permissions. Block the permissions that are not needed by the app and see if it still operates as expected, if not, find an alternative app.
- The hardware is underpowered for the Android version it runs. This is true and correct for old devices that gets an upgraded Android version. The hardware may simply be underpowered to make the new Android version operate optimally on the device.
- Only download apps from Google Play Store, or from other trusted sources like the Amazon App Store. Advanced users may choose to sideload apps, especially useful for rooted devices as root-specific apps are usually not found in the Google Play Store. However, only knowledgeable users can perform a successful rooting procedure in the first place; it is not for the faint of heart.
Kevin Jones720 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.