Virus On My Samsung S5 Has Practically Completely Erased My SD Card. Now What?
So the inevitable has happened- a viruses infected my phone that my boyfriend soley uses. I knew viruses existed on Android but I didn't know to what extent.
The phone is a Samsung S5. It is NOT rooted.
My boyfriend was watching 'adult' videos and he has his phone set so you can hold your finger over the screen and not actually touch it to select things (IMO i think that feature is stupid! ). Anyway, While watching a video his finger hovered over one of the banner/block videos that are along the side of the actual video you are watching for too long he guessing and inadvertently selected something. He doesn't recall actually seeing anything download though.
Unfortunately because he likes to download some programs that require you to select in your settings to allow downloads from untrusted sources, he just always leaves that option selected. (Not smart).
He took screen shots of what happened next. I've included the screenshots he took in this post.
At this point his phone was frozen on the screens that popped up. He tried turning it off and on again but once back on the screens were still there and were stopping stopping him from doing anything on his phone. He didn't know what was going on and called me at work. Immediately I knew he had infected his phone, a similar type of virus was huge a few years for computers.
I didn't really know what to do so I suggested doing a factory reset. I figured he must have inadvertently downloaded something, and factory reset would get rid of everything.
When I came home from work he told me he did the factory reset like I said and the pop up screens that were preventing use of the phone were gone but he still thought he had a virus because his contacts were all messed up, they were very old and none of his newer contacts exsited (Im not sure where he got the backed up contacts that he did manage to get back...although they are mostly useless.). As well there are a lot of things missing, over 2000 pictures on the SD card have disappeared along with movies, documents, music etc... Almost 32gb of stuff!
I plugged the SD card into my computer thinking maybe his phone just wasn't reading it properly because the phone did show the SD card and you could view what was on it, but almost everything was missing.
All of the photos/videos were backed to his Google photos and they are all gone! The only thing there now is what is left still on his SD card. Checked Google photos trash and it says nothing was deleted.
His SD card is 32gb and use to be almost full, but now it has 27gb free!!!! Where did almost 27gb of data go!!?? And the approx 5gb of data left is just random stuff that I highly doubt would use up even close to 5gb...
(I just learned while typing this, that he was able to get most of his pictures back from Facebook, so nothing was removed from Facebooks backup)
I researched this for hours and I'm pretty sure this is a type of malicious Ransomeware Virus.
I think the virus is gone due to factory reset... Could I be wrong?
As for the missing stuff, my guess is either the missing data has actually been removed by the virus OR its still on the SD card but encrypted by the virus. (Which means it'd also be compacted?)
If it's still there but encrypted how can I find the encrypted files and unencrypted them.
Thanks for reading! Hopefully one of you will have an answer.