Does Apple give malware definitions to AV providers? New analysis suggests no.
Four months after a mysterious group was outed for a digital espionage operation that used novel techniques to target Mac users, its macOS malware samples continued to go undetected by most antivirus providers, a security researcher reported on Thursday.
Windshift is what researchers refer to as an APT—short for "advanced persistent threat"—that surveils individuals in the Middle East. The group operated in the shadows for two years until August, when Taha Karim, a researcher at security firm DarkMatter, profiled it at the Hack in the Box conference in Singapore. Slides, a brief description, and a report from Forbes are here, here and here, respectively.
A few things make Windshift stand out among APTs, Karim reported in August. One is how rarely the group infects its targets with malware. Instead, it relies on links inside phishing emails and SMS text messages to track the locations, online habits, and other traits of the targets. Another unusual characteristic: in the extremely rare cases Windshift uses Mac malware to steal documents or take screenshots of targets' desktops, it relies on a novel technique to bypass macOS security defenses. (The above-linked Forbes article has more on how this technique, known as a custom URL scheme, allows attacker-controlled sites to automatically install their malware on targeted Macs.)
Software is the backbone of any computer setup. Whether you’ve just purchased a new PC or reinstalled Windows, the first task you’ll likely do is install apps. While there are dozens of amazing Windows programs, knowing which are must-have software for Windows 10 makes setting up a new installation easy.
In no particular order, let’s step through 15 must-have Windows programs everyone should install right away, along with some alternatives.
1. Internet Browser: Google Chrome
Unsurprisingly, Google Chrome is our top browser pick. It’s still super-speedy, includes little conveniences like instantly searching Google for an image, and the library of Chrome extensions is vast. Throw in cross-platform syncing that lets you open your desktop tabs on your phone and vice-versa, and you’ve got a fantastic browser for all purposes.
Chrome isn’t without its faults, however. Plenty of people want to avoid Google’s pervasive tracking in Chrome, and it gobbles a lot of RAM. But the good news is that you have plenty of other fantastic browsers to choose from, like Firefox and Opera.
If you only pick one cloud app service, Dropbox is the one you should install. The 2GB of free storage isn’t much, though you can increase that by referring friends. Dropbox offers an app for every major platform, so you can take your files anywhere. It’s also super easy to share files with others.
Whether you use it as part of your backup plan, as a cloud flash drive, or for setting up shared folders with others, you can’t go wrong with Dropbox. Check out our Dropbox tips to get more done with it.
You can take advantage of alternative cloud services in conjunction with Dropbox to get more free space and separate your files logically. Google Drive offers an impressive 15GB for free, making it another great choice.
Years ago, listening to music on your desktop meant painstakingly importing and organizing a collection of MP3s. No longer; music streaming services eliminate the need for buying individual albums physically or digitally.
There are many music streaming services in the market, but we recommend Spotify. Its ad-supported free plan lets you listen to as much music as you like, and the Spotify Premium upgrade is definitely worth it for avid listeners. Spotify also has a dedicated Windows app, while Apple Music requires the bloated iTunes and Google Play Music is web-only.
If you’re invested in either ecosystem, though, the respective music app might be a better choice for you.
Chances are, you’ll need a tool that lets you work with documents, spreadsheets, and presentations at some point. You might think that paying for Microsoft Office is the only way to do this, but that’s far from the truth.
No Windows user should go without LibreOffice. It’s a completely free and powerful office suite that includes alternatives to Microsoft Word, Excel, PowerPoint, Access, and more. Once you get used to a few small aesthetic differences from MS Office, you’ll be flying through your work with LibreOffice.
Note that OpenOffice, a popular alternative, is basically a dead program now. If you don’t want to use LibreOffice, try FreeOffice.
Whether you want to try your hand at image manipulation, need a way to blur sensitive info on screenshots, or want to retouch old photos, everyone should have an image editing program installed. You probably think of Photoshop as the gold standard for this, but there are plenty of free tools that are more accessible.
Paint.NET is our top choice. It’s far more powerful than Microsoft Paint but doesn’t overwhelm you with confusing icons. You can easily blur out parts of an image, auto-level photos to make them look better, and add text and shapes to your pictures in just a few clicks. Plenty of plugins allow you to expand its functionality, too.
If you find Paint.NET too basic, GIMP is a more advanced solution.
With YouTube’s popularity, you probably do most of your video viewing in a browser. However, you should still keep a solid video player around on your desktop for when you need to play media files locally.
For this task, nothing beats VLC Media Player, which packs a ton of features and is capable of playing nearly every video and audio format imaginable. You might not break it out often, but give VLC a download and save yourself the hassle of messing with video codecs or using the awfully insecure QuickTime.
Taking a Windows screenshot is useful for everything from recording funny moments to having a record of information. Windows’s basic Snipping Tool only provides a barebones feature set, so you need something better.
You won’t find a better free screenshot tool than ShareX. With tons of capture methods, a powerful built-in editor, automated steps after you take a screenshot, and extra tools like a color grabber and ruler, ShareX has an impressive feature set for no cost.
Try Greenshot if ShareX overwhelms you and you’d like something simpler.
Windows includes native support for simple zipped files, but anything beyond the basics requires a more powerful tool. While these aren’t the most exciting type of software, they’re important for working with any kind of archived files you might encounter.
Chances are that you use at least one messaging service to stay in touch with your friends during the day. With so many options to choose from, there’s no way we could pick the best messaging service because it all depends on what your friends use. So why not pick all of them?
Franz is our pick for the best messaging app on Windows. It lets you add accounts from dozens of popular messaging services, including WhatsApp, Facebook Messenger, Skype, Telegram, GroupMe, Hangouts, Discord, and many more.
Franz simply adds a new tab for every service you use, letting you keep up with every group in one window. It’s easier on battery than using browser windows for these apps, and you can close it when it’s time to focus.
As a bonus, here are five other programs we think everyone should install. These don’t fit into any of the above categories, so we’ll mention them briefly here.
Unchecky automatically watches check boxes during software installation and makes sure you don’t install any third-party junk. Everyone misses these sometimes, so it helps to have a second set of eyes.
Ditto Clipboard Manager increases the usefulness of the Windows clipboard many times over. With it, you can keep dozens of copied entries close at hand and search through your clipboard history.
F.lux automatically filters blue light from your PC’s screen when the sun goes down, allowing you to continue working at night without a blinding light in your face. Windows 10 has a similar Night Light function built-in, but F.lux offers more customization.
Everything provides near-instant search to your entire Windows system. If you need to locate a file and the default search isn’t doing the job, Everything can find it.
TreeSize Free allows you to quickly analyze your storage usage and see which folders are taking up the most space.
Windows 10 Essential Apps and Programs: Installed!
Now you know which apps to install right away on a new computer—and they’re all free! If you don’t prefer one of our favorites, you’ll find a suitable alternative without much trouble. We think most people will get plenty of use out of these programs.
Just like human viruses, computer viruses come in many forms and can affect your machine in different ways. Obviously, your computer isn’t going to spend a week in bed and need a course of antibiotics, but a severe infection can wreak havoc on your system. They can delete your files, steal your data, and easily spread to other devices on your network. Here are seven types of computer virus you should watch out for. 1. Boot Sector Virus From a user perspective, boot sector viruses are some of the most dangerous. Because they infect the master boot record, they are…
Just like human viruses, computer viruses come in many forms and can affect your machine in different ways.
Obviously, your computer isn’t going to spend a week in bed and need a course of antibiotics, but a severe infection can wreak havoc on your system. They can delete your files, steal your data, and easily spread to other devices on your network.
Here are seven types of computer virus you should watch out for.
1. Boot Sector Virus
From a user perspective, boot sector viruses are some of the most dangerous. Because they infect the master boot record, they are notoriously difficult to remove, often requiring a full system format. This is especially true if the virus has encrypted the boot sector or excessively damaged the code.
They typically spread via removable media. They reached a peak in the 1990s when floppy disks were the norm, but you can still find them on USB drives and in email attachments. Luckily, improvements in BIOS architecture have reduced their prevalence in the last few years.
2. Direct Action Virus
A direct action virus is one of the two main types of file infector viruses (the other being a resident virus). The virus is considered “non-resident”; it doesn’t install itself or remain hidden in your computer’s memory.
It works by attaching itself to a particular type of file (typically EXE or COM files). When someone executes the file, it springs into life, looking for other similar files in the directory for it to spread to.
On a positive note, the virus does not typically delete files nor hinder your system’s performance. Aside from some files becoming inaccessible, it has a minimal impact on a user and can be easily removed with an anti-virus program.
3. Resident Virus
Resident viruses are the other primary type of file infectors. Unlike direct action viruses, they install themselves on a computer. It allows them to work even when the original source of the infection has been eradicated. As such, experts consider them to be more dangerous than their direct action cousin.
Depending on the programming of the virus, they can be tricky to spot and even trickier to remove. You can split resident viruses into two areas; fast infectors and slow infectors. Fast infectors cause as much damage as quickly as possible and are thus easier to spot; slow infectors are harder to recognize because their symptoms develop slowly.
In a worst-case scenario, they can even attach themselves to your anti-virus software, infecting every file the software scans. You often need a unique tool—such as an operating system patch—for their total removal. An anti-malware app will not be enough to protect you.
4. Multipartite Virus
While some viruses are happy to spread via one method or deliver a single payload, multipartite viruses want it all. A virus of this type may spread in multiple ways, and it may take different actions on an infected computer depending on variables, such as the operating system installed or the existence of certain files.
They can simultaneously infect both the boot sector and executable files, allowing them to act quickly and spread rapidly.
The two-pronged attack makes them tough to remove. Even if you clean a machine’s program files, if the virus remains in the boot sector, it will immediately reproduce once you turn on the computer again.
But why are they so hard to protect against? The clue is in the name. Anti-virus software can only blacklist one variant of a virus—but a polymorphic virus changes its signature (binary pattern) every time it replicates. To an anti-virus program, it looks like an entirely different piece of software, and can, therefore, elude the blacklist.
6. Overwrite Virus
To an end-user, an overwrite virus is one of the most frustrating, even if it’s not particularly dangerous for your system as a whole.
That’s because it will delete the contents of any file which it infects; the only way to remove the virus is to delete the file, and consequently, lose its contents. It can infect both standalone files and entire pieces of software.
Overwrite viruses typically have low visibility and are spread via email, making them hard to identify for an average PC user. They enjoyed a heyday in the early 2000s with Windows 2000 and Windows NT, but you can still find them in the wild.
7. Spacefiller Virus
Also known as “Cavity Viruses”, spacefiller viruses are more intelligent than most of their counterparts. A typical modus operandi for a virus is to simply attach itself to a file, but spacefillers try to get into the empty space which can sometimes be found within the file itself.
This method allows it to infect a program without damaging the code or increasing its size, thus enabling it to bypass the need for the stealthy anti-detection techniques other viruses rely on.
Luckily, this type of virus is relatively rare, though the growth of Windows Portable Executable files is giving them a new lease of life.
Malware Prevention Is Better Than Malware Removal
As always, taking sensible steps to protect yourself is preferable to dealing with the potentially crippling fallout if you’re unlucky enough to get infected.
For starters, you need to use a highly-regarded antivirus suite. Also, don’t open emails from unrecognized sources, don’t trust free USB sticks from conferences and expos, don’t let strangers use your system, and don’t install software from random websites!
Windows Defender has improved over the years. For the majority of Windows 10 users, it offers more-than-adequate protection. However, there are lots of options out there. How can you decide which is the best antivirus for Windows 10? Here are our eight picks. The Best Free Antivirus for Windows 10 If you want to stick to free options, consider one of the programs below. Before installing any of them make sure you pay particular attention to avoid installing bundled toolbars—they are now commonplace as the developers look to monetize their products. 1. Windows Defender Windows Defender isn’t as bad as…
Windows Defender has improved over the years. For the majority of Windows 10 users, it offers more-than-adequate protection.
However, there are lots of options out there. How can you decide which is the best antivirus for Windows 10? Here are our eight picks.
The Best Free Antivirus for Windows 10
If you want to stick to free options, consider one of the programs below. Before installing any of them make sure you pay particular attention to avoid installing bundled toolbars—they are now commonplace as the developers look to monetize their products.
Yet the app still suffers from its old reputation. Back in 2015, it was given just 0.5/6 in a study on AV-TEST. However, it’s now one of the site’s recommended products. In June 2018, it scored 6/6 for protection, 6/6 for usability, and 5.5/6 for Performance.
Windows Defender also has some non-security benefits:
It works straight out of the box; there is no need for you to enable anything, set anything up, or register for anything. For people who are less computer literate, this is a huge positive.
There are no nag screens. Many free antivirus suites now pester you once a day (if not more) to upgrade, or add features. Some of them are on the verge of becoming malware in their own right. With Windows Defender you won’t even know it’s running unless it finds a problem.
It’s not going to monitor your browsing history. Some of the free options have now started harvesting your data in an attempt to make a profit. For example, in 2014 Avast was found to be tracking what sites you are visiting and using that data to insert their own adverts into pages.
In Windows 10 it’s not easy to turn off Windows Defender manually—it requires a registry hack or a Group Policy tweak. This is intentional and comes back to Microsoft’s policy of attempting to make sure you always have some basic cover.
If you install a third-party antivirus program, Windows Defender will be disabled automatically.
That wasn’t always the case. Back in 2014 and 2015, the app struggled in AV-TEST’s performance tests. It frequently struggled to score more than 10/18.
However, in mid-2016 the suite was given an overhaul. Ever since, it has been one of the best performing products. The latest release saw the app earn 5.5 for protection and perfect sixes in the other two categories.
It now holds AV-TEST’s top product award, so you can be sure you’re in safe hands.
Avast is arguably AVG’s biggest rival. The basic scan feature is solid, fast, and lightweight. But be warned, the app has introduced a phenomenal number of nag screens and pop-ups in recent releases.
The app offers several “shields” that protect you against specific types of threat. Perhaps the most impressive is the behavior shield. It monitors the other apps on your machine in case they “go rogue.”
Avast also includes a game mode. When activated, Avast won’t eat up system resources nor show popups.
Avira makes up the final leg of the free antivirus triumvirate. It’s a halfway house between the other two, more lightweight than AVG, but with better detection rates than Avast. It also has pop-ups, but not as many as Avast.
The free version even includes a VPN. It’ll keep you safe online and provide a way to access geo-blocked content.
Note: All the paid and free programs listed above have been made compatible with Windows 10, and they will all disable Windows Defender once installed.
Best Paid Antivirus for Windows 10
If you’re happy to spend a little, your options for quality coverage improve immeasurably. You could spend a long time scouring various antivirus testing sites like AV-Comparatives, but in truth, there is very little to choose between the market leaders in terms of performance.
If you pay for the premium version, it will detect and eliminate malware that your antivirus missed, as well as removing (and repairing) rootkits, and fixing other things that slipped through your antivirus’ net. It’s also extremely good at removing infections like Search Protect and Trovi.
The premium version also adds ransomware protection, identity and privacy safeguards, and virus protection. It’s easy to make the argument that the app offers the best malware protection on Windows 10.
The premium version costs $39.99 for a one-year subscription.
Our next recommendation is Webroot. The app is extremely lightweight (the program is just 2.1 MB), it uses no more than 3 percent of your computer’s resources, it has no pop-ups, and no add-ons. It’s ideally suited to businesses, heavy gamers, and power users.
The company’s entry-level plan costs $39.99 per year. It will protect you from identity theft and malware. For more features, you will need to upgrade to the Internet Security Plus ($59.99 per year) or Internet Security Complete ($79.99) plans. They include features such as 25GB of online storage and password protection.
Kaspersky is more of a resource-hog than many of its competitors, but the flipside is that it is typically the number one app on AV-TEST for malware detection and removal.
In the most recent June 2018 results, it was one of just three apps that scored 6/6 in all three categories.
Noteworthy features include a password manager, online shopping and banking protection, and ransomware protection. Unfortunately, Kaspersky has a reputation problem after being maligned by the US Department of Homeland Security.
Kaspersky costs $39.95 to $79.95 depending on which plan you choose.
It’s essential that you use some form of security software on Windows 10. Whether you choose the free native offering, a free third-party alternative, or a paid app depends on which features are important to you (and the size of your wallet!).
The future of antivirus protection is exciting. Much like our cars, trains, and boats, the future of antivirus runs on artificial intelligence. AI technology is one of the fastest growing sectors around the world and security researchers are continually evaluating and integrating the technology into their consumer products. Consumer antivirus products with AI or machine learning elements are appearing thick and fast. Does your next antivirus subscription need to include AI, or is it just another security buzzword? Let’s take a look. Traditional Antivirus vs. AI Antivirus The term “artificial intelligence” once conjured fantastical images of futuristic technology, but AI…
The future of antivirus protection is exciting. Much like our cars, trains, and boats, the future of antivirus runs on artificial intelligence. AI technology is one of the fastest growing sectors around the world and security researchers are continually evaluating and integrating the technology into their consumer products.
Consumer antivirus products with AI or machine learning elements are appearing thick and fast. Does your next antivirus subscription need to include AI, or is it just another security buzzword? Let’s take a look.
Traditional Antivirus vs. AI Antivirus
The term “artificial intelligence” once conjured fantastical images of futuristic technology, but AI is now a reality. To understand what AI antivirus is, you need to understand how traditional antivirus works.
A traditional antivirus uses file and data signatures, and pattern analysis to compare potential malicious activity to previous instances. That is, the antivirus knows what the malicious file looks like, and can move swiftly to stop those files from infecting your system, should you pick one up. That’s a very basic explanation. You can read more about how it works and what scans to use right here.
As the threat landscape shifts, so must the antivirus detection mechanisms.
AI antivirus (or in some cases, machine learning—more on this distinction in a moment) works differently. There are a few different approaches, but AI antivirus learns about specific threats within its network environment and executes defensive activities without prompt.
AI and machine learning antivirus leverage sophisticated mathematical algorithms combined with the data from other deployments to understand what the baseline of security is for a given system. As well as this, they learn how to react to files that step outside that window of normal functionality.
Machine Learning vs. Artificial Intelligence
Another important distinction in the future of antivirus is between machine learning algorithms and artificial intelligence. The two words are sometimes used interchangeably but are not the same thing.
Machine Learning (ML): ML refers to a broad spectrum of the current applications of AI technologies focusing on the idea that machines with data access and the correct programming can learn for themselves. Broadly speaking, machine learning is a means to an end for achieving AI.
Machine learning and AI are deeply intertwined, and you can see how the terms see occasional misuse. The difference in meaning with regards to antivirus is an important distinction. Most (if not all) of the latest antivirus suites implement some form of machine learning, but some algorithms are more advanced than others.
Machine learning in antivirus technologies isn’t new. It is getting more intelligent, and is easier to use as a marketing tool now that the wider public is more aware of ML and AI.
How Security Companies Use AI in Antivirus
There are a few antivirus solutions that use advanced algorithms to protect your system, but the use of true AI is still rare. Still, there are several antivirus tools with excellent AI and ML implementations that show how the security industry is evolving to protect you from the latest threats.
Cylance is a well-known name in machine learning and artificial intelligence cybersecurity. The enterprise-grade CylancePROTECT uses AI-techniques to protect a huge number of businesses, and they count several Fortune 100 organizations among their clientele. Cylance Smart Antivirus is their first foray into consumer antivirus products, bringing that enterprise-level AI protection into your home.
Cylance Smart Antivirus relies entirely on AI and ML to distinguish malware from legitimate data. The result is an antivirus that doesn’t bog your system down by constantly scanning and analyzing files. (Or informing you of its status every 15-minutes.) Rather, Cylance Smart Antivirus waits until the moment of execution and immediately kills the threat—without human intervention.
“Consumers deserve security software that is fast, easy to use, and effective,” said Christopher Bray, senior vice president, Cylance Consumer. “The consumer antivirus market is long overdue for a ground-breaking solution built on robust technology that allows them to control their security environment.”
Thanks for the shout out @sawaba I can vouch that the primary reason we launched Cylance Smart Antivirus is because our customers have told us they’ve grown frustrated with everything on the market now.
Smart Antivirus does, however, have some downsides. Unlike other antivirus suites with active monitoring, Cylance Smart Antivirus allows you to visit potentially malicious sites. I assume this is confidence that the product will stop malicious downloads, but it doesn’t protect against phishing attacks or similar threats.
A single Cylance Smart Antivirus license costs $29 per year, while a $69 household pack lets you install on five different systems.
Deep Instinct uses deep learning (a machine learning technique) to detect “any file before it is accessed or executed” on your system. The Deep Instinct D-Client makes use of static file analysis in conjunction with a threat prediction model that allows it to eliminate malware and other system threats autonomously.
Deep Instinct’s D-Client uses vast quantities of raw data to continue improving its detection algorithms. Deep Instinct is one of the only companies with private deep learning infrastructure dedicated to improving their detection accuracy, too.
For most people, Avast is a familiar name in security. Avast Free Antivirus is the most popular antivirus on the market, and its history of protections goes back decades. Avast Free Antivirus has been “using AI and machine learning for years” to protect users from evolving threats. In 2012, the Avast Research Lab announced three powerful backend tools for their products.
The “Malware Similarity Search” allows almost instantaneous categorization of huge samples of incoming malware. Avast Free Antivirus quickly analyzes similarities between existing malware files using both static and dynamic analysis.
“Evo-Gen” is similar “but a bit subtler in nature.” Evo-Gen is a genetic algorithm that works to find short and generic descriptions of malware in massive datasets.
“MDE” is a database that works on top of the indexed data, allowing heavy parallel access.
These three machine learning technologies collectively evolved as the foundation for Avast’s CyberCapture.
CyberCapture is a core feature of the Avast security suite, specifically targeting unknown malware and zero-days. When an unknown suspicious file enters a system, CyberCapture activates and immediately isolates the host system. The suspect file automatically uploads to an Avast cloud server for data analysis. Afterwards, the user receives a positive or negative notification regarding the status of the file. All the while, your data is feeding back into the algorithms to define further and enhance yours and others’ system security.
The Windows Defender Security Center for enterprise and business solutions will receive a phenomenal boost as Microsoft turns to artificial intelligence to bulk out its security. The 2017 WannaCry ransomworm ripped through Windows systems after hackers released a CIA trove of zero-day vulnerabilities into the wild.
Microsoft is creating a 400 million computer-strong machine learning network to build its next generation of security tools. The new AI-backed security features will start with its enterprise customers, but eventually filter down to Windows 10 systems for regular consumers. Windows Defender is constantly improving in other ways, too, and is now one of the top enterprise and consumer security solutions. The below image illustrates a snapshot of how Windows Defender machine learning protections works.
Want a prime example of how machine learning antivirus springs into action? Randy Treit, a senior security researcher for Windows Defender Research, writes up the Bad Rabbit ransomware detection example. It’s worth a read (it’s short!).
Antivirus: More Advanced Than You Realized
Is your antivirus suite more advanced than you realized? Machine learning and artificial intelligence are undoubtedly making larger inroads with security products. But their current prominence is more buzzword than effective deployment.
Try not to worry too much about whether your antivirus has AI or is implementing machine learning techniques. In the meantime, here’s a comparison of the best free antivirus products for you to check out. AI or not, it is important to protect your system at all times.
Desktops aren’t the only devices that pick up viruses. While it’s not a common occurrence, Android devices can indeed suffer from malware. If you do get a virus, you could perform a factory reset to get rid of it, but that means you’d lose all your data. Your photos, saved games, text messages, and everything else will be gone if you didn’t back them up. Obviously, a factory reset should be your last option. So what can you do to remove a phone virus without a factory reset? Let’s find out. Does My Android Phone Have a Virus? Many times,…
Desktops aren’t the only devices that pick up viruses. While it’s not a common occurrence, Android devices can indeed suffer from malware.
If you do get a virus, you could perform a factory reset to get rid of it, but that means you’d lose all your data. Your photos, saved games, text messages, and everything else will be gone if you didn’t back them up. Obviously, a factory reset should be your last option.
So what can you do to remove a phone virus without a factory reset? Let’s find out.
Does My Android Phone Have a Virus?
Many times, when people think they have an Android virus, it’s actually something more docile.
Suppose your Android phone crashes every time it starts up. Or maybe you can’t download apps from the Play Store. These are not necessarily caused by a virus. So don’t panic! Check our list of common Android problems and how to fix them.
If none of those tips fix your issue, ask yourself a few questions:
Did the problem start happening after you downloaded some app or file?
Have you recently sideloaded an app from a third-party source (outside the Play Store)?
Did you tap on an ad that downloaded a file or app you didn’t want?
Does the problem occur only when you run a particular app?
If the answer to any of the above is yes, there’s a chance you have malware on your system. Thankfully, you might be able to fix it without a factory reset.
How to Stay Safe From Android Viruses
Google Play Protect is now part of all Android devices. It’s a built-in security measure that scans the apps on your device and checks for harmful ones. No matter where you install apps from, Play Protect looks through them. This means you essentially already have an antivirus built into your phone.
If you only install apps from Google Play, the chances of you picking up a phone virus are slim to none. Google scans all apps added to Google Play for malicious behavior and removes offenders. While some slip through the cracks, you’re very unlikely to install a virus app from the Play Store.
Installing from other sources is entirely different. Downloading apps from random websites, especially “cracked” apps (paid offerings illegally provided for free), is a great way to pick up malware. If you chose to sideload apps, make certain that you trust the location you download them from.
However, this doesn’t mean every app on Google Play is beneficial. Scam apps might take your money for nothing, and many free apps abuse phone permissions to steal your data. But those are separate concerns from Android viruses.
The Play Store is home to dozens of Android virus removal apps. However, most of them are bloated and want you to pay for features you don’t need. However, there are a few worth using.
If you think you’re infected with Android malware, it’s not a bad idea to install one of the below apps and scan. You don’t need to keep it around afterwards if you follow the common sense tips above.
One of the most trusted names in desktop security, Malwarebytes also provides an Android app. The free version scans your phone for malware and removes any threats it finds. It also has an audit feature for app permissions, so you can keep track of what each has access to. And it doesn’t have ads either.
The Premium version for $12/year adds real-time detection and other features most people don’t need. For a no-nonsense virus scanner and remover app for Android, it’s your best bet.
Bitdefender is another solid virus removal app, mainly because it’s lightweight. Cloud scanning means there’s little impact on your device, and the app doesn’t bog down its core offering with a bunch of annoying extras.
You’ll still see ads to upgrade to the full version, but if you can ignore them, this is a fine app for a quick Android virus scan.
These are only two of the many Android virus scanning apps, but you can ignore nearly all other ones. Offerings from major companies like Avast, Norton, Avira, and similar are all loaded with garbage and are heavy on your system.
Many pack in RAM boosters and cleaning tools, which do more harm than good. And a lot of the functionality they tout is already built into Android. Browsers like Chrome already detect and block dangerous websites. Google’s Find My Phone feature can locate your lost phone. And you can manage app permissions on your own.
Security companies try to scare you into downloading their free apps for “safety,” then nag you to upgrade to the paid version with a bunch of features you don’t need. Know that you should never pay for an Android antivirus app!
Manual Malware Removal in Android Safe Mode
Hopefully, an antivirus scan should find and remove the malware on your Android device. But if that doesn’t get the job done, then it’s onto a manual step.
Much like Windows has a safe mode, so does Android. And if your system has a virus, you’ll need to utilize it. Safe mode loads the OS without running any third-party apps and disables them. This means that you can find out if an app is causing an issue and remove it safely.
To enter into safe mode if you can boot your phone normally:
Press and hold the Power button till you see the power menu.
Tap and hold Power off until you get a prompt to Reboot to safe mode.
Wait for your phone to reboot. In the bottom-left corner, you’ll see a Safe mode watermark.
If your phone won’t boot normally because of the infection, try these steps to boot a powered-off phone into safe mode:
Press and hold the Power, Volume up, and Volume down buttons.
Once you see your phone’s logo appear, let go of Power but continue holding the Volume buttons.
You’ll see a Safe mode watermark in the bottom-left once your device boots up.
Due to hardware manufacturer differences, this may not work for every device. Try a quick Google search for your phone to find its safe mode combination if neither of these do the trick.
Once you have entered Safe Mode, go to Settings > Apps > Downloaded. On Android Oreo or newer, go to Settings > Apps & notifications > See all X apps instead.
Here, go through the list of your apps and try to location the malicious app. It might not stick out, but think back to when the problem on your phone started. Remove any apps you installed around that time, and check if an app you didn’t download is in the list.
To uninstall an app, tap its name and choose Uninstall on its info page to remove it. If that gets rid of it, reboot your phone normally (without entering Safe mode), and the phone virus should be gone.
If you can’t uninstall an app through this menu, it likely has Device Administrator access. To remove that access, follow these steps:
Go to Settings > Security > Device Administrators (Settings > Security & location > Device admin apps on Oreo and newer).
Locate the app and tap the checkbox next to it.
Tap Deactivate when prompted.
Now you can go back to the list of apps and uninstall it as described above.
Android Phone Virus Aftermath: Cleaning Up
After uninstalling malicious apps, you might also want to clean up your Android device while you’re at it. Clearing the cache and history, cleaning up the startup processes, and other basic steps can assist in making sure your device is good to go.
Unfortunately, Android cleaning apps are typically full of junk, ads, and placebos. Follow our guide to cleaning your Android phone to make it easy. If you want a one-tap solution, CCleaner is a good app for removing unnecessary files without any fuss. It’s unfortunately added some bloat recently, but it still works well enough.
Once you’ve cleaned up your phone, we recommend you back up your Android data if you haven’t already. This will make it much easier to recover from future issues when they arise.
Kick Android Viruses to the Curb!
Unfortunately, if you’re sure you have malware on your device but none of the above solutions fix it, you’ll likely have to factory reset your phone. If you experience issues in safe mode, your problem may lie with the OS or hardware, not a virus.
A reset means you will lose precious data, but that’s better than using a compromised phone. For the best security, make sure you also know how to upgrade your Android phone!