Despite popular beliefs, Android itself is a pretty locked-down, safe ecosystem if you know what you’re doing. Yes, Google’s popular mobile operating system is weaker to exploits than other smartphone OSes, namely iOS, but with that security risk comes a greater sense of freedom when using your devices. You don’t have to get your apps from the Play Store, and the apps you do grab from there typically have to go through less content control than what we’ve seen from similar applications on the iOS side. Typically, apps approved by Google or Amazon, the creator of the second-largest app store on Android, are good to go in terms of viruses and unwanted malware (though some apps may be unoptimized and run poorly on your phone).
Of course, every now and then, you may have reason to believe that your phone has been infected with a virus. It’s unlikely, with the culprit more likely being a rogue application, but it’s always better to err on the side of caution. There are a multitude of applications and utilities on Android that promise to remove viruses and other dangerous apps from your phone, but not all of them are created equal—in fact, some of those apps are just as bad as the viruses they intend to cure.
So, let’s start right from the beginning. In order to remove and protect your Android phone from viruses, it’s important to understand exactly what others mean by “virus,” how viruses work on Android, and what the apps intended to remove viruses from your phone actually do. Without further ado, it’s time to dive into the world of “viruses” on Android.
The Basics of “Viruses” and Malware on Android
The word “virus” gets thrown around a lot in the world of personal technology and computers. In the late 1990s through the late 2000s, the word was typically used to refer to Windows PCs as havens for viruses, spyware, malware, trojans, and all other sorts of dangerous and illicit programs that would end up on computers without the user’s permission. Windows XP is infamous for its weak security, and indeed, attacks still occur on Windows XP-based platforms in 2017: WannaCry was a massive ransomware attack that hit businesses in May of 2017 and caused Microsoft to push an emergency update  out for the nearly-sixteen year old operating system.
Apple, the company behind the Mac, iPod, and iPhone, often took advantage of the weaknesses in security of its closest competitor. The Get a Mac ad campaign of the 2000s were infamous for their attacks on Windows platforms known for their bugs and openness for viruses. And indeed, while Macs can and do get their fair share of viruses and malware, attacks happen at far lower rates than on competing platforms due to increased security on MacOS as a platform, and because MacOS has a far lower adoption rate than Windows. In the eyes of hackers and rogue developers, a bigger audience means a bigger target.
It’s been a long time since Windows was as dangerous as it was in the 2000s. Updates starting with Windows 7, and especially in Windows 8, 8.1, and 10, all brought additional security. Apple continued to crack down on dangerous software, keeping the iPhone and other iOS devices locked behind a walled garden, and making it difficult to install unsigned software on a Mac without diving deep inside the settings menu. But what about Android?
The reason to spell out the story of viruses on Apple and Microsoft products is simple: in many ways, the product history is nearly identical. Android, upon release, was infamous for its poor security when compared to Apple and the iPhone. With Android, Google preached openness above all, but as is typical when something is entirely unprotected from outside threats, some of those dangerous elements crept their way into the operating system, feasting and praying on users who were new to the smartphone market. And Apple, not one to sit on their laurels, used the topic in advertisements for the iPhone and iOS as a whole. As with most platforms, it’s the same story every time, repeated over and over again.
But there is a difference here: unlike on Windows, Android doesn’t really get viruses anymore. That doesn’t mean the dangers of Android are entirely eliminated—indeed, we’ll talk more about what kinds of software to look out for below—but the traditional “virus” as we’ve come to know it doesn’t exist on Android. Despite the fears of dangerous, “hacked” applications, Android, like iOS, operates in a sandboxed environment that prevents applications and code from modifying and spreading itself throughout your phone and onto the phones of others. On top of that, Google has stepped up their security measures a lot in the intervening years since launching Android 4.0 in 2011, and their efforts are notable; for instance, Google has committed to pushing out
Despite this, when you hear someone say their phone has been “infected with a virus,” or you’ve come to think there’s something wrong with your phone and its virus-related, they (or you) aren’t actually far off from the truth. Android has been known to have a serious malware problem, and malware can very easily be confused with a virus. Malware (‘mal’ coming from the Latin word for ‘bad’ or ‘badly’ and ‘ware’ coming from ‘software’) is a piece of software or an application that is designed to damage or disable parts of your computer or phone. And these things exist in various forms: spyware, adware, and ransomware are all variations on malware. They can track you, push unlimited, invasive ads in your face, and even disable parts of your phone or computer until you pay a specific fee to “unlock” your computer.
So, malware (again, often referred to as a virus, even if they are slightly different variants of software) does exist for Android—even if its existence on the platform has been a little blown out of proportion. What exactly can you do to protect yourself, and what can you do to remove dangerous applications from your device?
What to do about Malware on Android
First things first: remember that anyone anywhere can be infected with malware. It occurs from downloading and installing an app, either through the Play Store or (more often) from third-party sources online. Start noticing what exactly is happening with your device. Are you receiving pop-up advertisements or notices, or unwanted notifications for apps not installed on your device? These are all typical examples of what would be classified as “malware.” Things that aren’t malware: laggy apps and apps that ask for more permissions than seemingly necessary. These types of software can be apps, but more likely than not, they spawn from a poorly-developed or optimized application.
Once you have an idea of what’s going on on your device, we want to try to get it off your phone as quickly as possible. Think back to your most recently installed apps, and keep these questions in mind:
- Did you download and install an app from an unknown source online?
- Did you download and install a pirated or modded application?
- Did you download any unknown or strange apps from the Play Store?
As you work through this, we recommend uninstalling any recently-downloaded applications running on your device. If you only download your apps through the Play Store, you can head into the “My Apps” section to sort your device’s apps by alphabetical or “recently used” orders. Uninstall the app you think may be the culprit behind your software troubles. If you downloaded any third-party apps online, uninstall most or all of them. Once you’re done uninstalling software, reboot your phone. Even if it seems like the effects of malware have vanished, still reboot your phone to relaunch your system. See if you receive any further pop-ups, notifications, or spam messages. If you are still finding it difficult to use your device, continue uninstalling apps until the malware seems to disappear, then continue onto the next step.
The next thing we’ll want to do is perform a quick antimalware scan on your phone. Largely speaking, anti-malware and antivirus software on Android is unnecessary; Android can mostly take care of itself, with anti-malware software only serving to slow your device down with extra bloat and system resources. That said, if you have reason to believe you’ve been the victim of a malware attack, it’s still a good idea to install one of these applications to scan your system and make sure everything is in order. So, we have some recommended antivirus and anti-malware apps to look at, as well as some scanning apps you should avoid installing on your system.
- Malwarebytes Anti-Malware : This is one of our favorite anti-malware apps on Android, and for good reason. It comes from a trusted background, with Malwarebytes software also being available on Windows and MacOS, and positive reception from sources like PC World and CNET. The app is laser-focused on one thing: providing a solid anti-malware system that protects your phone or tablet from infected and unsafe applications. Instead of pretending to look for viruses, Malwarebytes simply scans your phone for malware, spyware, and Trojan software, eliminating it from your device upon contact.
- Kaspersky , Norton , McAfee  and AVG  Antivirus software: These applications come from trusted companies and backgrounds, but we don’t quite have the same level of confidence in these apps as we do in Malwarebytes. For one, all four continue to push the notion that Android itself is open to viruses, which is simply untrue. Second, all four apps offer unnecessary in-app purchases up to $89, with AVG also including ads inside the app. These applications might help find and remove malware and “viruses” from your phone, and they won’t necessarily harm your phone. But they also taken up resources on your phone, and will try to get you to buy into a subscription plan for “full” protection, so it’s difficult to fully recommend any of these apps.
Outside of these apps, we don’t recommend too much, though similar apps like Avast  and Bitdefender  are options that you can check out if need be. Malwarebytes should satisfy most needs to remove malware from any of your devices, and the others can be useful tools if you still aren’t sure about what your device is doing in the background. As with most unneeded apps, we don’t recommend leaving any of these installed on your phone if you aren’t using them actively.
Apps to Avoid
We highlighted some of the apps that are “safe” to use to remove malware from a device, even if some of those apps have problems of their own. But you should also be aware of some of the apps we don’t recommend to users, for various reasons.
- Clean Master and Security Master: These apps both spawn from Cheetah Mobile, a Chinese mega-developer that has been known to include unwanted apps, pop-up messages, and notifications in their apps. For example, in 2014, Clean Master asked Android users to uninstall Chrome and install Cheetah Browser to “speed up browsing.” In 2015, after purchasing popular gallery app QuickPic, users flooded the developer with negative reviews, and it became clear Cheetah Mobile had uploaded multiple versions of the same application to the Play Store under the guise of “battery boosters” or “Trojan Blockers.” Overall, it’s recommended to stay away from Cheetah Mobile—these two “antivirus” apps included.
- Any application that promises to “speed up your RAM,” “boost your battery,” or “enhance your phone” that also happens to include an antivirus. Just like with Clean Master and Security Master above—two apps notable for doing everything we just mentioned—these types of apps will flood you with notifications and adware, and often act like malware themselves. Stay away.
Once you’ve used Malwarebytes to flush your phone out, you can uninstall the app—you don’t need it, and it’ll prevent the app from draining your battery in the background without your knowledge. A fresh reboot will go a long way in making your phone feel smooth again, and we also recommend to disable app installations from unknown sources on your device. You can do this by heading into your settings menu, tapping “Security,” and unchecking the menu that allows for unknown source installs.
Because malware can often be connected to adware or Trojan software, you should ensure your security in every way possible. Begin by changing the passwords to the accounts synced on your phone—a password manager like LastPass, available for free on the Play Store, can come in handy here, and can often lead to a much better and safer experience on your phone. Also check your bank account information, and contact your bank if you begin to notice any strange purchases or payments from your account.
And of course, if you’ve tried all of the above without success, you can always do the safest thing imaginable: a full factory reset. No one likes to reset their phone entirely, but occasionally, it can be a necessary evil. If your phone is still malware-ridden, repairing it to the traditional, factory-shipped state will wipe your phone completely, leaving nothing left behind. To do it, just head into your settings menu, scroll all the way to the bottom of your display, and tap “Backup and Reset.” Find the option for “Factory data reset,” and follow the on-screen instructions to wipe your phone entirely. We also recommend wiping your phone’s SD card, if it contains one.
Look, there’s no reason to be ashamed if malware happens to appear on your phone. While it’s a major inconvenience—and indeed, a real pain in the butt—the good news is Android’s already-existing security measures make it easy to keep your phone safe and secure. Even if a malware-infected application was downloaded to your phone, it’s nothing to stress about—just remove and uninstall the app from your phone, and things should return back to normal. Overall, “antivirus” apps are typically unnecessary at best and adware scams at worst, but there are a few trustworthy names that you can use to check up on your device’s overall health.
Once your device has returned to normal, the most important step is to ensure your device’s future safety. Installing apps from unknown sources online can be dangerous, though sites like APKMirror and APKPure offer free, legal applications from alternative sources. Stay away from pirated and “cracked” apps, as the majority of Android malware is hidden and transferred through those types of application downloads. And above all, retain your privacy and security by checking your bank account, using a password manager, and making sure your phone’s software is up-to-date with the latest Android security patches.
Overall, managing your security on Android is quite similar to managing your security on a PC—the included security measures and software are more than enough, and anything else is overkill. Browse and download safely and smartly, and you’ll have no problems using your phone without an ounce of malware.