The new Malware detection is based on the Yara project.

Yara works on the basis of rules that describe any pattern of data, in our case patterns that may indicate malware. MOBILedit Forensic applies these rules and searches the file to see if it accomplish any of these rules, and returns a list of results. This means that it contains the data patterns described.

During analysis, we scan all files that are on the phone.

We created a rules database based on the same malware database we used in the old version and from various other sources on the Internet as some malware search teams.

We distribute our rules in the form of a package and the user can choose whether or not to use this package of our rules.

Infected files will be shown in the final report with additional info about the APK files, however, they will not be affected (or even removed) in any way, since the main goal is to keep the connected device in the very same state.

The potentially harmful file will not be executed, therefore cannot harm your PC or mobile device.

We do recommend turning off your PC anti-virus program since it might delete potentially harmful files so they will not be discovered and shown in the final report.