How to solve malware installed automatically in the system directory?
Note: the following method is risky, you may delete core modules and your device will end up in bootloop or not booting at all. Do it at your own risk.
- You’ll need to root your device and install BusyBox (from Google Play).
- Download Minimal ADB and fastboot
- Enabled USB debugging
- Install USB drivers
Open Minimal ADB and Fastboot tape the following :
adb shell su mount -o remount, rw /system cd /system/app ls (list all installed apps)
or even better:
lsattr (display all installed apps with their attributes). Then using the
rm command, delete any suspicious app, like following :
rm com.exemple.malware.apk (tape the exact name displayed with ls command). You may encounter some apps that refuse to be deleted with the rm command :
- First check their attributes with
lsattr + com.app_name.apki.e:
- Then remove those attributes with
chattr -iaA + com.app_name.apki.e:
chattr -iaA com.app_name.apk
Finally you’ll be able to remove them. PS: Disable WiFi or data connection while doing this.
- You can post the output of installed apps here, and we’ll check out what to remove or not.