that's the joke that I follow all the precautions - I do not install applications from extraneous sources

this is not a sufficient condition.
That is, the rule “do not drag cats from the garbage dump home” is a useful practice so that fleas do not start up, but from apartment thieves, from a fire or from noisy neighbors, it does not protect against the word “at all”.
List of vulnerabilities: https://source.android.com/security/bulletin/
Here, for example, for February: https://source.android.com/security/bulletin/2018-...
The holes are unmeasured. Now try to check how long ago updates were released to your phone, and whether all the listed holes are closed there. But there is also 0-day (fresh, which simply has not yet managed to get into any lists, even closed ones).
About the root, everything is right pfg21 wrote.

1) there are many, different ones, see the appropriate section of googleplay or 4pda :) I generally sometimes use top from busybox.
2) if the antivirus acts like a virus, then all sorts of programs will take it for a virus (for example, an antivirus program on Googleplay servers). But why does he need it, if there is an opportunity to officially register himself in the root program.
option A: put the same root on the phone and clean the / system partition from the left executable files. long time to think.
Option B: take it to the craftsman and reflash the phone (often requires root). fast and think ninada.
kament: the presence of a root on the phone has nothing to do with any hole in the protection (as most people think for some reason). virus and other filth is not calculated on the rootedness of the phone :)

The virus - fits where it can, where it can not - does not fit. Antivirus - should work everywhere.
In general, similar to auto-thieves - they climb into different cars and they don’t feel sorry for breaking glass, tearing off tidy, breaking the steering lock, etc. For them, this is normal behavior. For signaling, frequent failures or false auto locks are not good.