Alien Droid
Newbie
Hi
AVG is telling me I have Malware on my tablet!
Android 4.2.2
I
AVG is telling me I have Malware on my tablet!
Android 4.2.2
I
-
After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.
AVG reporting Malware in settings app!
- Thread starter Alien Droid
- Start date
funkylogik
share the love peeps ;)
What tablet is it?
Alien Droid
Newbie
funkylogik
share the love peeps ;)
Nah thats ok, i was just wondering. A lot of these cheap devices come pre-rooted so its probably nothing to worry about.
Dont delete the Settings app. That is basically your settings menu lol.
On a rooted device like that, the only way you can be sure theres no malware is to reflash it but you might have problems finding the factory image to flash.
I dont use any of these antivirus apps because i dont feel that theyre needed but just use common sense. If youre worried, dont use the tab to do online banking etc :thumbup:
Dont delete the Settings app. That is basically your settings menu lol.
On a rooted device like that, the only way you can be sure theres no malware is to reflash it but you might have problems finding the factory image to flash.
I dont use any of these antivirus apps because i dont feel that theyre needed but just use common sense. If youre worried, dont use the tab to do online banking etc :thumbup:
This exact thing happened to me yesterday too.
I'm wondering if it's AVG malfunctioning.
My tablet is a Prestigio 10.1" from Maplins and has had no issues, but suddenly yesterday AVG reports that the settings app is malware. I assume that uninstalling that app would completely mess up the tablet so have ignored the alert, but it's a worry. The tablet is not (so far as I am aware) rooted.
I'm wondering if it's AVG malfunctioning.
My tablet is a Prestigio 10.1" from Maplins and has had no issues, but suddenly yesterday AVG reports that the settings app is malware. I assume that uninstalling that app would completely mess up the tablet so have ignored the alert, but it's a worry. The tablet is not (so far as I am aware) rooted.
Alien Droid
Newbie
Thanx for reply.
Think I might in the end have to wipe it and start from scratch as I've giving to someone as a gift so I can hardly hand it over like it is!
As far as it being pre-rooted I'm not sure about that. The date of the build is Jan 4th so I get the feeling from that it's been done after importing (maybe)!
As far as the Settings app goes, well AVG is not helping much, no details so I can't see if "settings app" has been replaced or not.
If this was windows OS then I know how to sort that but I'm still not that deep into Android which I must change.
But there must be a way I can manually overwrite "settings app" and replace it with a clean version?
Or how can I check the file to see if this might be a false positive?
I agree, the lack of information by AVG is very unhelpful. I cannot believe that the settings app has suddenly become Malware and I have not installed anything for a couple of days. (Last thing was bitstrips). Another possibility is that there is a second App called settings which is being reported here rather than the actual system App but AVG is not at all helpful.
Alien Droid
Newbie
Hi
That's interesting. So maybe this is a false positive from AVG, although I have found on the Net some info about the "settings app" being infected with code that can steal sms messages.
AVG does show apparently if the device is rooted, I guess that works as it also indicates my fone is rooted which I know it is cos I done that when I got it.
Thanks for that info, it's the first I've seen about a malware disguising itself as settings.
I'm pretty sure that I have not given any programs that kind of permission lately and this isn't a phone so there are no sms messages for them to steal. Maybe there will be more info over the next few days. We can't be the only people to gt this alert from AVG.
Alien Droid
Newbie
I would guess if it's malware it will be getting around permissions and not just gethering sms's but other info as well!
I found this on AVG and very strange how the link from this page is dead;
AVG AntiVirus For Android Shows "Threats Found" On A Legitimate Application | AVG Forums
But I also found this which shows this post is a Sticky at the top of the forum which is pretty bad the actual link inside is road to nowhere as it was only posted in 14 Jan 2014 !! I smell a cover-up lol
AVG for Android | AVG Forums
Maybe have to start a post here on this and also try a different security app and see if that picks this Malware up or not, or hopefully is just a false positive!
Alien Droid
Newbie
Still waiting to hear back from AVG but in the mean time I've installed Malwarebytes and it comes up clean on a scan.
Never had a problem with this software on my PC so I would lean towards this is a false positive from AVG but still need them to confirm this one way or the other!
Never had a problem with this software on my PC so I would lean towards this is a false positive from AVG but still need them to confirm this one way or the other!
Alien Droid
Newbie
Just an update on my problem with the AVG antvirus app on my tablet!
I've received a reply this morning via email which confirms that this is indeed a false positive.
The email looks to be a bog standard generic reply and doesn't clearly state much at all, not even the file name in question, so I hope they also reply to my post on the AVG website as this false detection must have affected many people and in my case not only wasted a lot of my time but also prevented me from handing the tablet over which i had purchased someone as a gift.
very annoying indeed.
To add to the annoyance of all this I've updated AVG this morning and it still hasn't replaced the version for the tablet from several days ago unlike the PC version which gets updated once a day.
It's still warning about Malware in Settings app!
I'm sticking with Malwarebytes and at the moment at least it and AVG seem to be happy working along side each other.
Message from AVG Support below;
I've received a reply this morning via email which confirms that this is indeed a false positive.
The email looks to be a bog standard generic reply and doesn't clearly state much at all, not even the file name in question, so I hope they also reply to my post on the AVG website as this false detection must have affected many people and in my case not only wasted a lot of my time but also prevented me from handing the tablet over which i had purchased someone as a gift.
very annoying indeed.
To add to the annoyance of all this I've updated AVG this morning and it still hasn't replaced the version for the tablet from several days ago unlike the PC version which gets updated once a day.
It's still warning about Malware in Settings app!
I'm sticking with Malwarebytes and at the moment at least it and AVG seem to be happy working along side each other.
Message from AVG Support below;
funkylogik
share the love peeps ;)
This is why i just dont use anti virus apps.
Im not suggesting that other people dont use them but in my opinion theyre pointless :thumbup:
Im not suggesting that other people dont use them but in my opinion theyre pointless :thumbup:
Alien Droid
Newbie
I guess it depends what you use your Android device for at the end of the day. I don't use Android with business side of things so I don't really need to worry, but when handing a gift over I felt a bit resposible to try and make sure it had some future protection as I wont be in control of what it's used for etc.
But I don't totally disagree with you
Well I'm not sure that is the case, only a matter of time as they say! But I have read something recently which looks like it needs patching so to speak!
To add an update to my update this morning AVG finally updated. The version number is still lagging behind my phone which I have no idea why as yet, but it has done a database update as that number changed.
I ran a scan after the update and an app scan, guess what, AVG still reporting Malware in "Settings" app.
So make of that what you will. All I can say about the AVG app for tabs right now is....... ((PANTS))....
Alien Droid
Newbie
Another update on my update ((yawn))
Well I've been in touch with AVG support who kindly spoke to me but I was reminded there is no telephone support for Android!
Anyway there was another AVG update today so I just updated that on my Tab with the hope this latest would include the fix for the false positive that AVG support alluded to in their email to me saying;
Well this was at least 2 updates ago and I'm still getting warning "Settings" app is infected with Malware.
I also noticed a very different number that I assume is the database version but this software doesn't clearly state what some of these numbers are exactly!
Under the main screen mine states Version 3.4.1 - 412128012
But under the Help menu it states; 3.4.1.185460
So one number has changed, the other remains the same!!
The previous version under the main screen was; 3.4.1 - 409808016
That's a huge big number difference so I have no idea why that might be.
In any case unfortunately this last update has made no difference.
AVG emailed and awaiting a reply.
I've requested a Support Ticket number although I do have a reference number which may be the same thing, for this and for the problem to be responded to online as email is not the best way to do this IMO as this must be affecting more people so this info should all be in the public domain (I feel like a teacher telling his student to bring their homework in on time lol) :banghead:
Well I've been in touch with AVG support who kindly spoke to me but I was reminded there is no telephone support for Android!
Anyway there was another AVG update today so I just updated that on my Tab with the hope this latest would include the fix for the false positive that AVG support alluded to in their email to me saying;
((WRONG))....
Well this was at least 2 updates ago and I'm still getting warning "Settings" app is infected with Malware.
I also noticed a very different number that I assume is the database version but this software doesn't clearly state what some of these numbers are exactly!
Under the main screen mine states Version 3.4.1 - 412128012
But under the Help menu it states; 3.4.1.185460
So one number has changed, the other remains the same!!
The previous version under the main screen was; 3.4.1 - 409808016
That's a huge big number difference so I have no idea why that might be.
In any case unfortunately this last update has made no difference.
AVG emailed and awaiting a reply.
I've requested a Support Ticket number although I do have a reference number which may be the same thing, for this and for the problem to be responded to online as email is not the best way to do this IMO as this must be affecting more people so this info should all be in the public domain (I feel like a teacher telling his student to bring their homework in on time lol) :banghead:
funkylogik
share the love peeps ;)
lol.
slightly off topic but how do companies like AVG make money on AV apps? Does it have ads?
slightly off topic but how do companies like AVG make money on AV apps? Does it have ads?
Alien Droid
Newbie
Gold star for you lol Yes it has adds scrolling away at the bottom left of the screen. Most from google.play but not all I think looking at the way they're displayed. Maybe I can stick a bit of black take across the bottom of the screen if they get too annoying
funkylogik
share the love peeps ;)
Lol ah right. So they have a real vested interest in people's fear/paranoia
Anyone heard of a case where one of these apps has caught something dangerous?
Anyone heard of a case where one of these apps has caught something dangerous?
Alien Droid
Newbie
Well there's always a first time!!!Lol ah right. So they have a real vested interest in people's fear/paranoia
Anyone heard of a case where one of these apps has caught something dangerous?
I'm getting a bit lost with AVG. It's taken a week to get a reply on the forum and get the feeling they would like to see the back of me (BUT I'M HERE TO STAY)
If you look at play.google it clearly has 2 free apps. One is very clearly stated as "FREE Tablet AntiVirus Security"
But the link from the AVG website I just followed takes you to a different version even though you follow the Tablet link!
So would have been nice of the AVG peeps would have picked up on me saying what version I was using and maybe come to the conclusion WTF is this guy using! Well they didn't IMO.
So with my detective hat on I can now see the mobile version is the one they were referring to, not the Tablet Version which I clearly stated in my post and emails! Doh..
Anyway the bad news is (cos I can't think of any good news as far as AVG goes right this minute) is that the mobile version is also reporting a Malware infection in "Settings" app
So do I believe what I was told in an email by AVG Support that the AVG app was wrong. Remember that guy thought I was probably using the mobile app which I've just installed.
Confused, I am lol
I notice the Tablet app hasn't been upgraded since Jan even if it's getting database updates.
So does all this rambling mean I might actually have Malware?? Well Malwarebytes says NO. So I'll stick with that for now, but and suggestion on how I can manually check this out.
I'm not up to top speed on Android stuff but I can boot a windows Server even if it's on fire. But I could do with some tips on how to check some basic stuff. Can I copy off this "Settings" app and compare it with an original virgin download/biuld and see if it's been messed about with by anyone, maybe who sold me the tablet etc.
Thanx one and all for your thoughts...
Alien Droid
Newbie
Well just a quick update.
I still have the Malware warning. I'm now using the other app on play.google 3.6 - 419798005 - 7219 - 3706
I've been sent a tool from AVG Support to install that produces a file which I've emailed off to them.
it produces a rather encrypted text file I I've asked then to let me know how I can read the file! Every text reader I've used it just looks like junk!
They have said it only collects running apps, so not sure why it isn't a plain text file.
Any info on how to view the file would be appreciated?
Name of file is AVG_CS_Utility.apk
I still have the Malware warning. I'm now using the other app on play.google 3.6 - 419798005 - 7219 - 3706
I've been sent a tool from AVG Support to install that produces a file which I've emailed off to them.
it produces a rather encrypted text file I I've asked then to let me know how I can read the file! Every text reader I've used it just looks like junk!
They have said it only collects running apps, so not sure why it isn't a plain text file.
Any info on how to view the file would be appreciated?
Name of file is AVG_CS_Utility.apk
Alien Droid
Newbie
@ Auntiepjl
Did you sort this Malware warning out yet?
An update would be helpful as I'm still trying to get an answer from AVG but it's like I'm travelling at the speed of light going on how long it's taking them to reply to emails! Actually that should be the other way around but you get the idea!
Thanx.
Alien Droid
Newbie
Resolved. This was a false positive.
As of last Wed 26 March the db update on that day fixed the problem as indicated by AVG and conformed my yours truly.
There is not even a hint of an apology for the time this took or my time wasted dealing with it.
I do appreciate there efforts they made but I really don't think a little basic testing on the core OS files before release wouldn't be too much to ask.
After all this was caused by an AVG update, not an update by the OS on my droid device! Although the message I received seemed to be pointing at Android code being as much to blame as coder rehash code!
If it was some far flung distant file from a galaxy far far away I could understand that, so in IMO this should have been spotted before release or fixed much quicker after they were told about it.
Anyway, at least the tablet doesn't have Malware, even though that took AVG almost 3 weeks to sort out.
I also don't think AVG should refuse voice support calls for this software, they provide this for other free apps, so why not this one.
But a proper help desk ticket system is a must for reporting problems.
email support is a close to a joke in this situation, standard forum is fine, but having my post moved very quickly into the Virus Removal, Tools for Removing
As this was a false positive and looked like that from the start it's probably not best hiding that fact away in that section better it be seen in the busier part of their site.
AVG needs a proper help desk where a standard format gets all the question they need get filled in from the very start, this delayed this issue by a few days via email support!
Time was wasted because AVG don't have a clear support desk approach.
The correct software wasn't established, the naming of these tablet and mobile apps needs clearer naming structure as there are 2 and the fact I was using a different one to start with wasn't picked up even though I gave the full version number.
These are not complaints, they are simple things that just need fixing!
As of last Wed 26 March the db update on that day fixed the problem as indicated by AVG and conformed my yours truly.
There is not even a hint of an apology for the time this took or my time wasted dealing with it.
I do appreciate there efforts they made but I really don't think a little basic testing on the core OS files before release wouldn't be too much to ask.
After all this was caused by an AVG update, not an update by the OS on my droid device! Although the message I received seemed to be pointing at Android code being as much to blame as coder rehash code!
If it was some far flung distant file from a galaxy far far away I could understand that, so in IMO this should have been spotted before release or fixed much quicker after they were told about it.
Anyway, at least the tablet doesn't have Malware, even though that took AVG almost 3 weeks to sort out.
I also don't think AVG should refuse voice support calls for this software, they provide this for other free apps, so why not this one.
But a proper help desk ticket system is a must for reporting problems.
email support is a close to a joke in this situation, standard forum is fine, but having my post moved very quickly into the Virus Removal, Tools for Removing
As this was a false positive and looked like that from the start it's probably not best hiding that fact away in that section better it be seen in the busier part of their site.
AVG needs a proper help desk where a standard format gets all the question they need get filled in from the very start, this delayed this issue by a few days via email support!
Time was wasted because AVG don't have a clear support desk approach.
The correct software wasn't established, the naming of these tablet and mobile apps needs clearer naming structure as there are 2 and the fact I was using a different one to start with wasn't picked up even though I gave the full version number.
These are not complaints, they are simple things that just need fixing!
Alien Droid
Newbie
Well I have used AVG for years mainly in businesses that just happened to already have it installed.
But like most software, it has its ups and downs.
Would be interested to know what version of AVG you were using on your laptop before you sent it on its way to the Recycle bin in the sky lol ?
I stop mine from doing anything I don't like by blocking every little box or window opening with my firewall. An old banger of a firewall I must say but it does the trick.
Funny I got an email yesterday from AVG email support saying the false positive had been fixed! Only problem with this email is I already new that a week ago.
That sort of backs up what I said about email support from them at least.
The thing is with the problem I had is that my OS version isn't just fresh off the shelf, I mean we're talking about 15 months-ish ago in real terms, but even if it's not a stock ROM then why after all this time does it raise a flag. It maybe the case that a small change can indicate a false positive, but if they false flag anything because it's not a verified version then you can expect many more false positives in future.
It would help and make a lot more sense for AVG at least to indicate that in the warning that it isn't actually a 100% Malware detection, but possibly a non verified .apk in the ROM.
If it can be ignored then they would be able to do this!
Well I currently have it telling me I have a clean machine, so I'll never again worry about a virus or malware
But like most software, it has its ups and downs.
Would be interested to know what version of AVG you were using on your laptop before you sent it on its way to the Recycle bin in the sky lol ?
I stop mine from doing anything I don't like by blocking every little box or window opening with my firewall. An old banger of a firewall I must say but it does the trick.
Funny I got an email yesterday from AVG email support saying the false positive had been fixed! Only problem with this email is I already new that a week ago.
That sort of backs up what I said about email support from them at least.
The thing is with the problem I had is that my OS version isn't just fresh off the shelf, I mean we're talking about 15 months-ish ago in real terms, but even if it's not a stock ROM then why after all this time does it raise a flag. It maybe the case that a small change can indicate a false positive, but if they false flag anything because it's not a verified version then you can expect many more false positives in future.
It would help and make a lot more sense for AVG at least to indicate that in the warning that it isn't actually a 100% Malware detection, but possibly a non verified .apk in the ROM.
If it can be ignored then they would be able to do this!
Well I currently have it telling me I have a clean machine, so I'll never again worry about a virus or malware