1. Are you ready for the Galaxy S20? Here is everything we know so far!

Malware? + Check APK before installing?

Discussion in 'Android Lounge' started by muddlemand, Jun 30, 2020.

  1. muddlemand

    muddlemand Member
    Thread Starter

    Two questions here, but I hope they fit into one thread as they both turned up during the same attempt to do something...

    I've downloaded an APK from GitHub, not quite the first time I've done this, but I'd very much like to scan this one for viruses/malware before installing. It's the first time I haven't been following a recommendation from someone I'm sure knew what they were talking about.

    Question 1: I installed a load of antivirus apps etc from the Play Store, thinking that if I used them all one after another I couldn't miss something if it was there! Malwarebytes, Avast, Norton, etc etc. But they only seem to scan things once they're running or at least installed - not the APK file sitting in my downloads folder. This is my first question, how to be sure it's ok *before* I risk installing it. This is the question I care about!

    ETA: I've found that AVG lets you scan individual files without paying for premium. But I've got myself into an over-cautious state now, after all this scanning! Can I be sure the app will be safe when installed, just because the APK passed as clean before it's been touched?

    Question 2: So far I've run full scans with four of the apps. Three were happy, but TAPI's Antivirus & Security found a virus in two apps: WebShell.11000023 - in Trend Micro's Mobile Security (with an install date of 2020-10-30), and in App Manager (with an install date of 2020-54-19); I'm not sure if the install dates refer to the the virus being installed or the two apps' installation. The advice is to uninstall immediately.

    It seems odd that Malwarebytes, Avast etc didn't spot this. Is TAPI dodgy? I thought its reviews look genuine and its rating is 4.7. Should I really uninstall those two? I've used App Manager for years and I understand that other antivirus can appear insecure without really being...

    #1 muddlemand, Jun 30, 2020
    Last edited: Jun 30, 2020
  2. Davdi

    Davdi Android Expert

    You can be too paranoid - These are most likely false positives. I wouldn't trust TAPI's app. Anyway, there's no such thing as a virus on Android. Sure there are lots of other forms of malware. There's Spyware, trojans scareware (Fake Anti-Virus and 'security' apps that say they've found all sorts of problems, which they'll clear IF you spend x amount for the 'full (Read ' filled with spyware and other nasties'). TAPI seems legit (it's in the play store). I wouldn't be too happy about the memory optimisation aspect though - Android likes to make use of all available memory, and it can often be counter productive to aggressively remove 'unused processes'
    MoodyBlues, MrJavi and Dannydet like this.
  3. muddlemand

    muddlemand Member
    Thread Starter

    Yes, that's what I was thinking - I know about those fake security apps :) and since posting, i've scanned with more apps - a total of eight. Most were very familiar names such as Avast and AVG. And I ignored the optimisation, junk removal, "boost" features. I've uninstalled them all again, too.

    It's only this one APK - does passing the scan before it's been installed, while it's just a single file, definitely mean that it will still be ok after it's installed, when it's an ".exe" file (the android equivalent obviously)? It's nothing dodgy, just not a well-known app, not on Play Store, and I know it's no longer supported; they're still around for questions but don't update it any more.
    MrJavi likes this.

Share This Page