It’s quite interesting. I would never think that non-rooted Android could become a victim of rooted adware, viruses or Trojans. Well, but the things changed a bit. Some vulnerabilities which might be used for a rooting tool can be used also for another purpose – to infect with viruses and adware.
One of my family members managed to infect his Sony Xperia with a virus. Initially, I thought that it wasn’t a big deal, I just need to do the factory reset and this should fix the problem.
However, it appeared that the problems continued after the factory reset. Some app downloads were starting etc. and the hunt for viruses started 😉
Finding the right antivirus
If you open Google Play Store, it looks that it is full of different antiviruses. All that creates the image there should not be any problem to find well working antivirus.
I tried different apps for that and it appeared that all are quipped only with the scanner functionality. From that number, only Sophos antivirus was able to detect all three Trojan horses and stop (but not heal) their bad behavior. But I agree it works as a temporal solution because the auto-downloader is stopped and each time you will see only a warning asking to allow or disallow some suspicious app.
1st healing solution
After browsing Internet, it appears that each newer Sony Xperia Android phone has a safe mode, which is accessible by pressing the power button a bit longer for a few seconds.
Once you reach the safe mode, you might be able to just uninstall a bad app. This is the way I got rid of one Trojan horse, however it appeared that other two cannot be uninstalled so easily.
The reason for that is those two guys belong to called “auto rooting Android adware”. Practically speaking, they just became a part of the firmware of the Android phone after exploiting some vulnerability. So, when I tried to do the factory reset they were successfully restored and started again. In this case the factory restore is almost worthless.
What you really need to do is either to a) heal current firmware or b) just to re-flash the factory firmware.
The first option is quite complicated to do for home users, let’s stick to second.
2nd option – reflashing Sony Xperia factory software
Luckily, Sony allows the end-user to perform the Sony Xperia firmware re-flashing.
First, you need install software. The assumption is that you have not done anything else with your phone before (rooting etc.). Once you connect your mobile to an USB port and open the companion software, you should click on “Your phone/tablet is up to date” in top left part of the screen.
In next screen, you should choose “Repair my phone/ tablet”and follow the instructions on the screen.
Here is one of the screenshots during the re-flashing process.
At the end of the process, you should see the message about successfully re-flashed firmware 😉