Why you can trust ZDNET : ZDNET independently tests and researches products to bring you our best recommendations and advice. When you buy through our links, we may earn a commission. Our process

'ZDNET Recommends': What exactly does it mean?

ZDNET's recommendations are based on many hours of testing, research, and comparison shopping. We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. And we pore over customer reviews to find out what matters to real people who already own and use the products and services we’re assessing.

When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions. This helps support our work, but does not affect what we cover or how, and it does not affect the price you pay. Neither ZDNET nor the author are compensated for these independent reviews. Indeed, we follow strict guidelines that ensure our editorial content is never influenced by advertisers.

ZDNET's editorial team writes on behalf of you, our reader. Our goal is to deliver the most accurate information and the most knowledgeable advice possible in order to help you make smarter buying decisions on tech gear and a wide array of products and services. Our editors thoroughly review and fact-check every article to ensure that our content meets the highest standards. If we have made an error or published misleading information, we will correct or clarify the article. If you see inaccuracies in our content, please report the mistake via this form.


How to manually scan for malicious apps on Android

If you're concerned you might have unwittingly installed a malicious app on your Android device, you can manually scan for it without installing third-party software.
Written by Jack Wallen, Contributing Writer
The Oukitel C50 Android phone.
Jack Wallen/ZDNET

Android has had problems in the past with malicious applications getting onto the Google Play Store. When that happens, users could unknowingly install those apps and create big problems. Malware, ransomware, trojans… you name it and it's possible.

No vetting process is perfect, but those rogue apps often only exist within the Play Store for a short time. That doesn't mean everyone is safe. You might be the only person to have installed a malicious app, but that's still one individual too many.

Also: The best VPN services (and how to choose the right one for you)

Fortunately, your Android device can run manual scans for malicious apps. I've used this feature quite often. The only time the feature found anything malicious was when I ran a test scan after intentionally installing a questionable app from outside the Play Store. It worked and then removed the app. 

I don't suggest attempting such a test. The phone I used wasn't associated with my personal Google account and had been factory-restored. Still, the good news is the feature works, and you should manually use it regularly.

Let me show you how.

How to run a manual scan on Android 

What you'll need: The only thing you'll need is an updated Android device associated with a valid Google account. 

Also: How to add vertical tabs to Chrome browser (there's a free extension for that)

That's it. Let's get to the scan.

1. Unlock your device

The first thing to do is unlock your Android device.

2. Open the Google Play Store

On your Android device, open the Google Play Store app. Once opened, tap your profile icon at the top right of the window and then tap Play Protect from the popup.

The Google Play Store profile menu.

You can also access the app/device manager from this page.

Screenshot by Jack Wallen/ZDNET

3. Run the scan

In the Play Protect window, you'll most likely see "No harmful apps found," and the time when the last scan was run. When Play Protect finds something that it believes to be malicious, based on the severity of what the app can do, it will either disable or remove the app.

Also: The best antivirus software and apps right now

To start, tap Scan. The scan will go through every app you have installed. Unless you have many hundreds of apps, the process should take less than a minute. With over 150 apps on my device (including system apps), the scan took about 20 seconds. If Play Protect finds anything malicious on your device, it will resolve the problem automatically.

The Play Protect page in Android 14.

My Pixel 8 Pro was last scanned at 2:20 AM.

Screenshot by Jack Wallen/ZDNET

Chances are slim you will ever run across a malicious app on your Android device, so long as you are careful about what you install from the Play Store and never install apps outside the official app store. Even so, I find relief knowing I can kick off a scan whenever I want and that Play Protect is very good at what it does.

Editorial standards