How to solve malware installed automatically in the system directory?

Published on Author Code Father
How to solve malware installed automatically in the system directory?

Note: the following method is risky, you may delete core modules and your device will end up in bootloop or not booting at all. Do it at your own risk.

  • You’ll need to root your device and install BusyBox (from Google Play).
  • Download Minimal ADB and fastboot
  • Enabled USB debugging
  • Install USB drivers

Open Minimal ADB and Fastboot tape the following :

adb shell 
su
mount -o remount, rw /system 
cd /system/app
ls (list all installed apps) 

or even better: lsattr (display all installed apps with their attributes). Then using the rm command, delete any suspicious app, like following : rm com.exemple.malware.apk (tape the exact name displayed with ls command). You may encounter some apps that refuse to be deleted with the rm command :

  • First check their attributes with lsattr + com.app_name.apk i.e: -i-a--A com.app_name.apk
  • Then remove those attributes with chattr -iaA + com.app_name.apk i.e: chattr -iaA com.app_name.apk

Finally you’ll be able to remove them. PS: Disable WiFi or data connection while doing this.

  • You can post the output of installed apps here, and we’ll check out what to remove or not.

 

Comments

comments