Guys,
Downloaded a few new apps at the weekend. Some were recipe stuff, ringtone editors and also Spotify. Mostly commercial crap of different sorts but mostly recognised stuff all from the Android Market.
Today at lunch on my run I was prompted to sign into my Google account with a warning in the alert bar with a warning exclamation sign. Thought it was mildly suspicious but authenticated anyway. Checked my GMail a few hours later and it was full of spam sh*t, around 40 conversations in total. Luckily no-one had replied and I expect email/spam filters will deal with the majority of it. I changed my password immediately (GMail prompted me for it with a 'suspicious behavior' prompt on first laptop sign in) and all seemed fine after.
I removed a few of the Apps I suspect may have had the spyware, but it's just prompted me again to sign in with the malware looking sign in box
What's the best thing to do next?
Download something like AVG for Android?
If I backup at this stage with the HTC phone backup software, could it take the malware with it once I copy back to a fresh handset?
Handset is a HTC Wildfire running 2.2
Thanks.