5 Replies Latest reply on Aug 27, 2013 10:52 AM by roustabout

    Malware on HD+?

      On my first HD+ using App Killer downloaded from B&N Store, I found an app named with Chinese characters and labeled Version 4.0.4-1.0.0 It was not possible to kill or uninstall this app. I contacted B&N and was directed to do a factory reset. This seemed to do the trick. However, the unit was replaced because of other strange behavior. The replacement had the same mysterious app, but a factory reset did not get rid of the app. Have others seen this?
        • Re: Malware on HD+?
          • Re: Malware on HD+?, update

            Stopped by BN store yesterday and mentioned this potential malware app to the sales person. He in stalled App Killer and this app does not appear on the store unit.  I ordered the device when it was announced. It was replaced when I called to report the problem and the replacement contained the "malware?" app as well. I am now wondering now if this was part of the firmware on early releases.


            I have an extended warranty. I suppose I could ask for another replacement...

            • Re: Malware on HD+?
              There are some apps for dealing with other languages built into android. Pinyinis just one, but they are hidden system apps just like windoze
              • HD+ malware: how to remove "nook Demo",

                AVG for nook reports that my HD+ has malware, "Nook Demo."

                Avg can't uninstall.

                Advice, anyone?


                  • Re: HD+ malware: how to remove "nook Demo",

                    Probably a false positive.  I don't have a nook nearby to check, but my memory is that that's the demo mode stuff baked into the system by BN for the kiosk-style display at a store.


                    Antivirus detection rates are low and false positive rates are high (relative to what would make the products useful) and the situation is much, much worse in Android than in the other OSes I've used. 


                    I just saw the app referenced as a false positive on the Mcafee and Sophos forums, with the (giggle) suggestion that users submit samples to the companies for re-analysis.


                    Given the size of the universe of apps that are harmless and the smaller but still quite enormous universe of malicious apps, when I see forum posters suggest "ooh, send a sample to the vendor" about a single instance, I want to hit my head against a wall. 


                    It is the job of the AV vendor to do the automated scanning, to have many code samples available, and to vet all the results carefully before incorporating them into their software.  They don't do much of that, which is why every now and again a signature matches an OS file, the product quarantines the file, and anyone running that particular pattern release on that day gets to attempt to fix their system.